ra1.cmaonline.org.uk
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 04:ba:6d:d0:62:6b:a8:7c:45:16:8f:40:57:3e:63:07 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ra1.cmaonline.org.uk
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ba:6d:d0:62:6b:a8:7c:45:16:8f:40:57:3e:63:07Serial Number (int): 6284906491391424104714623507599614727
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: af:de:25:67:97:67:46:bf:84:8b:96:d9:b6:52:d9:23:29:cf:a3:78
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): e8:22:a3:f1:b8:0f:30:86:9f:cb:f7:6b:da:dc:15:58:c1:3e:9e:31
Fingerprint (sha256): f5:a2:21:95:88:a4:ce:a8:72:27:61:67:84:9c:ed:49:ea:55:7b:e6:f4:06:62:de:95:2d:c9:54:10:63:03:e9
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate ra1.cmaonline.org.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ra1.cmaonline.org.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ra1.cmaonline.org.uk
Other certificates including the domain name cmaonline.org.uk
(limited to 100 certificates)
sts.cma.gov.uk
transfer.cmaonline.org.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
transfer.cmaonline.org.uk
cpdhub.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
ra1.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
sts.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
transfer.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sts.cma.gov.uk
ra1.cmaonline.org.uk
vpn.cmaonline.org.uk
transfer.cmaonline.org.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
transfer.cmaonline.org.uk
cpdhub.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
ra1.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
sts.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
transfer.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sts.cma.gov.uk
ra1.cmaonline.org.uk
vpn.cmaonline.org.uk
Certificate
The complete raw certificate details for ra1.cmaonline.org.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEwjCCA6qgAwIBAgIQBLpt0GJrqHxFFo9AVz5jBzANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0xOTAxMDMwMDAwMDBaFw0yMTAxMjYxMjAwMDBaMB8xHTAbBgNVBAMTFHJhMS5j bWFvbmxpbmUub3JnLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA sux4QsLlY25w2zG8AuWj1/V8Ij0GcLLlS/6NRMMo4WPsAXsleZmBUKVQxrFZr/os VaJ6ViK/SZCRoZbpdGlXeqLGD44XrWbK/J/Mxm5XH/+Faqa4wtkFmxxGo+HA2N+y yMhVyVVp0DXiy+ytPTB2h3jYPQU4QVSFybN57I+WGGCe5eyVHYNVQj11MDw35REH wdu39rf+mA+btfkVF1tD3JdDH7LLrtSxnoKX96KmXAdv6sN03tlfaZO7hrUUUKI8 ccBQTQHLq5oE+iQTDu0lQfhi87CJGDl0YIbk3D94Ew35hgYX34WsEKe8yqQujJdc RuXV6rJvgAvWa/1Q5wyx+QIDAQABo4IBuTCCAbUwHwYDVR0jBBgwFoAUkFj/sJx1 qFFUd7Ht8qNDFjiebMUwHQYDVR0OBBYEFK/eJWeXZ0a/hIuW2bZS2SMpz6N4MB8G A1UdEQQYMBaCFHJhMS5jbWFvbmxpbmUub3JnLnVrMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0fBDcwNTAzoDGgL4Yt aHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3JsMEwG A1UdIARFMEMwNwYJYIZIAYb9bAECMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3 LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAmBggr BgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPQYIKwYBBQUHMAKG MWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJTQUNBMjAxOC5j cnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsF AAOCAQEABbXrYUqtLMx1TaFR9mJP71BBMY1X+aApv9abSlM1H4o/kz5JM8lEnSeg o6aAX08o8wdgAJOtl38Ea3vRIodcjlskis4ecDefT+eQdS3iVRjnbYEkPxonZ0eZ j1IYA98ZdzmuutnfBh9UHByewFkX9apZj5aGHPhnAP5x7cA36d+406lT/KgUqhOK 6fQZ7rzdK5u6jDb1yR8t6AGG9vty1iIGi116Bzteq7voURTxH4Nxkbnds8Zm6w6k 91WdbkBPi0VwxQPZROhhPXkapsWXjF9Wutvh4g/e06Ty3lCidpwl1QiAh/I57+6v /i0uKqcZVYGia7cr5nG9POmXiGPrZQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsux4QsLlY25w2zG8AuWj 1/V8Ij0GcLLlS/6NRMMo4WPsAXsleZmBUKVQxrFZr/osVaJ6ViK/SZCRoZbpdGlX eqLGD44XrWbK/J/Mxm5XH/+Faqa4wtkFmxxGo+HA2N+yyMhVyVVp0DXiy+ytPTB2 h3jYPQU4QVSFybN57I+WGGCe5eyVHYNVQj11MDw35REHwdu39rf+mA+btfkVF1tD 3JdDH7LLrtSxnoKX96KmXAdv6sN03tlfaZO7hrUUUKI8ccBQTQHLq5oE+iQTDu0l Qfhi87CJGDl0YIbk3D94Ew35hgYX34WsEKe8yqQujJdcRuXV6rJvgAvWa/1Q5wyx +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6284906491391424104714623507599614727 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-26 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ra1.cmaonline.org.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22587025872927178704388922033640656834471739171363974878312417074563119541336556395518382371591713020999228514500838330238506489961560446844113649270742676591168243550147160127450521123339268090800714360185845344158784512006833262202338769625879750125542174883256667281516771135872154873419434835326726264073171812537940713551527146769112461553791882135638429786856241930102153229856006761295309352867596446563299756946584860354655348760345037672266479782754019726070641736051439849920002211862233176492732379976669138635014250950625084803764945153023467660873027999583027504512347855214205131639360272035120268751353 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) afde2567976746bf848b96d9b652d92329cfa378 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ra1.cmaonline.org.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0005b5eb614aad2ccc754da151f6624fef5041318d57f9a029bfd69b4a53351f8a3f933e4933c9449d27a0a3a6805f4f28f307600093ad977f046b7bd122875c8e5b248ace1e70379f4fe790752de25518e76d81243f1a276747998f521803df197739aebad9df061f541c1c9ec05917f5aa598f96861cf86700fe71edc037e9dfb8d3a953fca814aa138ae9f419eebcdd2b9bba8c36f5c91f2de80186f6fb72d622068b5d7a073b5eabbbe85114f11f837191b9ddb3c666eb0ea4f7559d6e404f8b4570c503d944e8613d791aa6c5978c5f56badbe1e20fded3a4f2de50a2769c25d5088087f239efeeaffe2d2e2aa7195581a26bb72be671bd3ce9978863eb65