sofi.tchibo.com
- Tchibo GmbH -
Issued by Thawte SSL CA
About this certificate
This digital certificate with serial number 4c:1c:5a:09:c7:f2:f0:5b:eb:a2:fd:81:cb:4b:09:d1 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Tchibo GmbH
Organization:
Tchibo GmbH
State / Province:
Hamburg
Locality: Hamburg
Country: DE
Locality: Hamburg
Country: DE
Thawte, Inc.
Organization:
Thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:1c:5a:09:c7:f2:f0:5b:eb:a2:fd:81:cb:4b:09:d1Serial Number (int): 101168538183491584859388804711009946065
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId:
Fingerprint (sha1): 54:67:91:49:b3:28:42:cf:84:1f:64:93:d4:7a:22:56:6f:6f:6e:cc
Fingerprint (sha256): ef:31:0f:c1:8c:dd:2c:9a:51:55:27:4e:a9:f7:2a:2f:d5:2e:61:88:b1:f5:97:37:21:8a:76:34:4c:de:dd:72
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl
Check the revocation status for certificate sofi.tchibo.com
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sofi.tchibo.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Extended Key Usages
Server Authentication
Client Authentication
Extensions
4 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name tchibo.com
(limited to 100 certificates)
soc-med-agg.tchibo.com
brand.tchibo.com
recruitingtest.tchibo.com
blog-qs.tchibo.com
ssl.tchibo.com
deapp287.tchibo.tchiboroot.net
recruiting.tchibo.com
*.ship.tchibo.com
portal.tchibo.com
access.tchibo.com
access.tchibo.com
soc-med-agg.tchibo.com
jobs.tchibo.com
sip.tchibo.com
deapp287.tchibo.tchiboroot.net
soc-med-agg.tchibo.com
www.bestand.tchibo.com
soc-med-agg.tchibo.com
cloudbox.tchibo.com
deapp287.tchibo.tchiboroot.net
www.bestand.tchibo.com
blog-dev.tchibo.com
*.tchibo.com
*.login.tchibo.com
portal.tchibo.com
soc-med-agg.tchibo.com
portal.tchibo.com
*.tchibo.com
blog.tchibo.com
portal.tchibo.com
access.tchibo.com
*.tchibo.com
sip.tchibo.com
recruiting.tchibo.com
*.tchibo.com
blog.tchibo.com
jobs.tchibo.com
blog-dev.tchibo.com
www.tchibo.com
*.tchibo.com
jobs.tchibo.com
*.tchibo.com
blog-qs.tchibo.com
soc-med-agg.tchibo.com
*.login.tchibo.com
soc-med-agg.tchibo.com
*.login.tchibo.com
sofi.tchibo.com
*.tchibo.com
brand.tchibo.com
recruitingtest.tchibo.com
blog-qs.tchibo.com
ssl.tchibo.com
deapp287.tchibo.tchiboroot.net
recruiting.tchibo.com
*.ship.tchibo.com
portal.tchibo.com
access.tchibo.com
access.tchibo.com
soc-med-agg.tchibo.com
jobs.tchibo.com
sip.tchibo.com
deapp287.tchibo.tchiboroot.net
soc-med-agg.tchibo.com
www.bestand.tchibo.com
soc-med-agg.tchibo.com
cloudbox.tchibo.com
deapp287.tchibo.tchiboroot.net
www.bestand.tchibo.com
blog-dev.tchibo.com
*.tchibo.com
*.login.tchibo.com
portal.tchibo.com
soc-med-agg.tchibo.com
portal.tchibo.com
*.tchibo.com
blog.tchibo.com
portal.tchibo.com
access.tchibo.com
*.tchibo.com
sip.tchibo.com
recruiting.tchibo.com
*.tchibo.com
blog.tchibo.com
jobs.tchibo.com
blog-dev.tchibo.com
www.tchibo.com
*.tchibo.com
jobs.tchibo.com
*.tchibo.com
blog-qs.tchibo.com
soc-med-agg.tchibo.com
*.login.tchibo.com
soc-med-agg.tchibo.com
*.login.tchibo.com
sofi.tchibo.com
*.tchibo.com
Certificate
The complete raw certificate details for sofi.tchibo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIDyDCCArCgAwIBAgIQTBxaCcfy8Fvrov2By0sJ0TANBgkqhkiG9w0BAQUFADA8 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U aGF3dGUgU1NMIENBMB4XDTEwMTExOTAwMDAwMFoXDTEzMDExNzIzNTk1OVowYTEL MAkGA1UEBhMCREUxEDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcUB0hhbWJ1cmcx FDASBgNVBAoUC1RjaGlibyBHbWJIMRgwFgYDVQQDFA9zb2ZpLnRjaGliby5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD0IgUgcve+0yLK5aRpJBg V9HquFUphyeBXCKh73LI8vWtTdEiX3H2qzQ7Z9WqH8a14uI9UjEM0OXOfE4HtZjO 804f+86BGpIjckBFPo+Uz994Z30rZOPHQQVhn3LbAKHbIVIybg5Hr7sqYHR/Fi2f wYiKoRm9ApoVqU/uhPSSytOMW/xhaFZ8a99jQGHW/JuoKFid8FZQ6Z0hQ395hY/h KwC/So8GQGGiTXT/ccXt95TTCgp0H/MLWMCjs6vja+6fX1DCNV7f5KxwODytulkR eXEH5/rWB3d7rVXjqeJPPcvCkUW2JfDsItDhUhtYRTfQawZtBWUf0GJzlCuqgwX1 AgMBAAGjgaAwgZ0wDAYDVR0TAQH/BAIwADA6BgNVHR8EMzAxMC+gLaArhilodHRw Oi8vc3ZyLW92LWNybC50aGF3dGUuY29tL1RoYXd0ZU9WLmNybDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAB hhZodHRwOi8vb2NzcC50aGF3dGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQBl1ULJ 3UFa9bHg8vKvLnYJHWvayMM26MQVX12RCD0xBe/jjaYH9S29mOfUCmDtPAmKc40k 1qplQjpR9E/9T0G0oWIJzFxQmt0HAhpCHySxjIyG4S7tcrBiKBsKCg52X/yvB6Wh 5MRvz1wxP0sZbqmzSW5WJdoM4gDv3H44nH8Es601WHf/3MoX9nAJTG4sJLnj10kG gX/LLswqE/VqTwUG/JoyCykUo/hB4c5h2EBXNnYhGDVVVXJSY5hLld9SnKjcqSYX bkeOFONGet8BANXhnDwh0eLXPNKnFGG0761yzalN9Jfsn+CQsWVxeyOK/APUIxGL W8BSuq6sLHC973Em -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9CIFIHL3vtMiyuWkaSQ YFfR6rhVKYcngVwioe9yyPL1rU3RIl9x9qs0O2fVqh/GteLiPVIxDNDlznxOB7WY zvNOH/vOgRqSI3JART6PlM/feGd9K2Tjx0EFYZ9y2wCh2yFSMm4OR6+7KmB0fxYt n8GIiqEZvQKaFalP7oT0ksrTjFv8YWhWfGvfY0Bh1vybqChYnfBWUOmdIUN/eYWP 4SsAv0qPBkBhok10/3HF7feU0woKdB/zC1jAo7Or42vun19QwjVe3+SscDg8rbpZ EXlxB+f61gd3e61V46niTz3LwpFFtiXw7CLQ4VIbWEU30GsGbQVlH9Bic5QrqoMF 9QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 101168538183491584859388804711009946065 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-11-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-01-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hamburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Hamburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Tchibo GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'sofi.tchibo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24719300214607857840145445038778958090954574104525154084825381792607120271786968878269411115661232246682585645250841604322544493969859858727454446485908914187973364138308778172421672745512493901183467741942058639592195829812083878623037915398868852189821429134400331740848480984397450412533228402059409823154886717634827208656500985615085247136374760860053435061246064364119539409782381569376250196160624840996812375018059067704470000679754669655617086498203296476175076814386669931812344806221831058838626572541204762713914440059966166499664604666344247637384350319365849951885472269078046691577503620279547252114933 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0065d542c9dd415af5b1e0f2f2af2e76091d6bdac8c336e8c4155f5d91083d3105efe38da607f52dbd98e7d40a60ed3c098a738d24d6aa65423a51f44ffd4f41b4a16209cc5c509add07021a421f24b18c8c86e12eed72b062281b0a0a0e765ffcaf07a5a1e4c46fcf5c313f4b196ea9b3496e5625da0ce200efdc7e389c7f04b3ad355877ffdcca17f670094c6e2c24b9e3d74906817fcb2ecc2a13f56a4f0506fc9a320b2914a3f841e1ce61d8405736762118355555725263984b95df529ca8dca926176e478e14e3467adf0100d5e19c3c21d1e2d73cd2a71461b4efad72cda94df497ec9fe090b165717b238afc03d423118b5bc052baaeac2c70bdef7126