cqweb.thalessaic.com.cn

Issued by SHECA

About this certificate


This digital certificate with serial number 57:b8:f6:d1:21:e4:10:2e:2a:12:2b:fb:02:a5:a9:f8 was issued on by UniTrust .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • ERROR: Certificate contains a CRL with an non-preferred scheme ([ldap])
  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

TST

Organization: TST
Country: CN

UniTrust

Organization: UniTrust
Country: CN

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 57:b8:f6:d1:21:e4:10:2e:2a:12:2b:fb:02:a5:a9:f8
Serial Number (int): 116603224297195269838873683524436994552
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 79:60:0a:83:21:d9:2d:4a:70:eb:1a:8f:e8:a1:71:e9:2f:7e:dd:bd
AuthorityKeyId: f5:00:c7:8d:52:58:c4:96:69:22:85:4d:5e:7e:23:f1:6b:c2:b0:71

Fingerprint (sha1): 7d:1a:19:5c:40:b7:7e:c9:bb:13:65:64:fa:2d:7d:73:32:b0:b2:14
Fingerprint (sha256): 3d:68:6f:cc:f1:1c:b9:12:db:2c:d4:a4:2f:c5:13:d3:4d:b5:d5:8c:bd:b5:4f:3d:75:9d:d5:80:5e:7b:53:d4

Issuing Certificate URL: http://ldap2.sheca.com/root/shecaglobalsub.der

Revocation information

OCSP Server: http://ocsp3.sheca.com/Global/global.ocsp
CRL Distribution Point: ldap://ldap2.sheca.com:10389/cn=CRL7984.crl,ou=RA12050100,ou=CA12,ou=crl,o=UniTrust Global?certificateRevocationList?base?objectClass=cRLDistributionPoint
CRL Distribution Point: http://ldap2.sheca.com/CA12/RA12050100/CRL7984.crl

Check the revocation status for the current certificate on cqweb.thalessaic.com.cn
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: cqweb.thalessaic.com.cn

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgIQV7j20SHkEC4qEiv7AqWp+DANBgkqhkiG9w0BAQUFADAw MQswCQYDVQQGEwJDTjERMA8GA1UEChMIVW5pVHJ1c3QxDjAMBgNVBAMTBVNIRUNB MB4XDTE1MDQwMTE2MDAwMFoXDTE2MTAwMTE2MDAwMFowPTELMAkGA1UEBhMCQ04x DDAKBgNVBAoTA1RTVDEgMB4GA1UEAxMXY3F3ZWIudGhhbGVzc2FpYy5jb20uY24w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCedEsekX+LflGUlrBB2VYr Ip6cEnGw0jBTSOA2UYIk3dN3KhuFakLGkQGBTXVjMvSDdYov6xSPRr5VbU55bxkW rdJkqkZlyCFLolSUjU/6HIQTRoYbwhWdq1LwzYw59r3FNqguFbVRsrITqwm9VNRW DozflamFkkH1oK3/UTZ5FtznfHy0/0RQ/WsMLzLiZJbnA0y1JMTw4xWzWy/myXGX qEJabCTFUVkHBtJZGdb+Izg18Z8LaKVtt3Z2jtDIHEKanWeMdES/hINyTIjqhdFg kM0ORyHXN/qM/pJdT5eO5p4XcqhdOGBzSTL+ph8eYE5fapwsm2LaOd1stdrj3ZRd AgMBAAGjggJWMIICUjAfBgNVHSMEGDAWgBT1AMeNUljElmkihU1efiPxa8KwcTAd BgNVHQ4EFgQUeWAKgyHZLUpw6xqP6KFx6S9+3b0wCwYDVR0PBAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBDBgNVHSAEPDA6MDgGCiqBHIbvOgEB AgIwKjAoBggrBgEFBQcCARYcaHR0cDovL3d3dy5zaGVjYS5jb20vcG9saWN5LzAi BgNVHREEGzAZghdjcXdlYi50aGFsZXNzYWljLmNvbS5jbjAJBgNVHRMEAjAAMIHr BgNVHR8EgeMwgeAwgaOggaCggZ2GgZpsZGFwOi8vbGRhcDIuc2hlY2EuY29tOjEw Mzg5L2NuPUNSTDc5ODQuY3JsLG91PVJBMTIwNTAxMDAsb3U9Q0ExMixvdT1jcmws bz1VbmlUcnVzdCBHbG9iYWw/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNl P29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MDigNqA0hjJodHRwOi8v bGRhcDIuc2hlY2EuY29tL0NBMTIvUkExMjA1MDEwMC9DUkw3OTg0LmNybDCBgQYI KwYBBQUHAQEEdTBzMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcDMuc2hlY2EuY29t L0dsb2JhbC9nbG9iYWwub2NzcDA6BggrBgEFBQcwAoYuaHR0cDovL2xkYXAyLnNo ZWNhLmNvbS9yb290L3NoZWNhZ2xvYmFsc3ViLmRlcjANBgkqhkiG9w0BAQUFAAOC AQEADXn4D7M2f5tNugaocc2Ds5Bkt0nh1G9lC82RCC83COZRrB+i7SuHSqj5ZK/J BGPfrxoZq0pH+Sg3eLvnAu4K26UP54vRsmxtwiib1Bcl8nSTSN/IMnnbvk1IlTPQ BARcZ4IJMB9+OsYLkVoaBTang7RpWZhvjH4p2qzlBL1fI1YtI5Kv1H2CEd++e8Od PTT70qxwLk/0Jo6jFUg5TTooXCHF5ZNOVvAC1NHGaUhxzttSg5kw0w25Hvis1+tA fWyr/n4PAclUGrYfr3ZRUpvqOFuHNYRhO+//GLI7dxcS2WOeRtANqAa0LWJqlXqI mUw1v5rABhIDrgUlg2Oh0dXeXg== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnRLHpF/i35RlJawQdlW KyKenBJxsNIwU0jgNlGCJN3TdyobhWpCxpEBgU11YzL0g3WKL+sUj0a+VW1OeW8Z Fq3SZKpGZcghS6JUlI1P+hyEE0aGG8IVnatS8M2MOfa9xTaoLhW1UbKyE6sJvVTU Vg6M35WphZJB9aCt/1E2eRbc53x8tP9EUP1rDC8y4mSW5wNMtSTE8OMVs1sv5slx l6hCWmwkxVFZBwbSWRnW/iM4NfGfC2ilbbd2do7QyBxCmp1njHREv4SDckyI6oXR YJDNDkch1zf6jP6SXU+XjuaeF3KoXThgc0ky/qYfHmBOX2qcLJti2jndbLXa492U XQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 116603224297195269838873683524436994552 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UniTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SHECA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-01 16:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-01 16:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TST' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cqweb.thalessaic.com.cn' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20002998614858223677607020605449546640995882943204815370531148075055336473045796816738630783425807264851382006533474296717810912712049233723930749607236141823823417562077472607520087370540269716647098563063052804015410240621671273556620145712492341390632504781365187578718259808227345052850920729993371798361853209317500172567766451840010484951252237258248210744591981873780821529946945008413758860530748915999954530489669413522230382771068021651776807385977038206646839541787915070554048319536713215500864270653768998617701423993864219427078843276964578790536323578073303159442427865068980987161447348452490924102749 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f500c78d5258c4966922854d5e7e23f16bc2b071 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 79600a8321d92d4a70eb1a8fe8a171e92f7eddbd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.156.112570.1.1.2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.sheca.com/policy/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cqweb.thalessaic.com.cn' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (227 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://ldap2.sheca.com:10389/cn=CRL7984.crl,ou=RA12050100,ou=CA12,ou=crl,o=UniTrust Global?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ldap2.sheca.com/CA12/RA12050100/CRL7984.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (117 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp3.sheca.com/Global/global.ocsp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ldap2.sheca.com/root/shecaglobalsub.der' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000d79f80fb3367f9b4dba06a871cd83b39064b749e1d46f650bcd91082f3708e651ac1fa2ed2b874aa8f964afc90463dfaf1a19ab4a47f9283778bbe702ee0adba50fe78bd1b26c6dc2289bd41725f2749348dfc83279dbbe4d489533d004045c678209301f7e3ac60b915a1a0536a783b46959986f8c7e29daace504bd5f23562d2392afd47d8211dfbe7bc39d3d34fbd2ac702e4ff4268ea31548394d3a285c21c5e5934e56f002d4d1c6694871cedb52839930d30db91ef8acd7eb407d6cabfe7e0f01c9541ab61faf7651529bea385b873584613befff18b23b771712d9639e46d00da806b42d626a957a88994c35bf9ac0061203ae05258363a1d1d5de5e