*.invest-in-freedom.com
Issued by EssentialSSL CA
About this certificate
This digital certificate with serial number e2:15:c0:d0:da:6b:4f:9b:c5:50:3f:c9:cb:ea:3e:91 was issued on by COMODO CA Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
Certificate Subject
CN=*.invest-in-freedom.com,OU=Domain Control Validated+OU=EssentialSSL Wildcard
COMODO CA Limited
Organization:
COMODO CA Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): e2:15:c0:d0:da:6b:4f:9b:c5:50:3f:c9:cb:ea:3e:91Serial Number (int): 300518476051119385888330555965859053201
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: db:0d:63:3e:82:3a:8e:80:b2:49:b6:b4:35:2d:c7:85:62:a3:c7:4a
AuthorityKeyId: da:cb:ea:ad:5b:08:5d:cc:ff:fc:26:54:ce:49:e5:55:c6:38:f4:f8
Fingerprint (sha1): 5a:54:e9:93:b0:f2:8b:0b:5c:be:17:8c:c5:3b:4f:6c:d9:6f:fc:40
Fingerprint (sha256): f9:3a:dd:4e:35:a3:be:46:24:51:f2:0c:9e:be:e5:8e:fb:61:a2:ed:01:82:43:48:90:5f:a8:a8:02:06:59:92
Issuing Certificate URL: http://crt.comodoca.com/EssentialSSLCA_2.crt
Revocation information
OCSP Server: http://ocsp.comodoca.comCRL Distribution Point: http://crl.comodoca.com/EssentialSSLCA.crl
Check the revocation status for certificate *.invest-in-freedom.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.invest-in-freedom.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Microsoft Server-Gated Cryptography
Netscape Server-Gated Cryptography
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.invest-in-freedom.com
invest-in-freedom.com
invest-in-freedom.com
Other certificates including the domain name invest-in-freedom.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.invest-in-freedom.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIRAOIVwNDaa0+bxVA/ycvqPpEwDQYJKoZIhvcNAQEFBQAw cjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxGDAWBgNV BAMTD0Vzc2VudGlhbFNTTCBDQTAeFw0xNDA0MDcwMDAwMDBaFw0xNTA0MDcyMzU5 NTlaMGUxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEeMBwGA1UE CxMVRXNzZW50aWFsU1NMIFdpbGRjYXJkMSAwHgYDVQQDFBcqLmludmVzdC1pbi1m cmVlZG9tLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALpfDvcp sB/BZ18WHc5y+J5AJ13PG8SJ6KB+kuQRxclvSmDjNHsxRAQKWqfgGcQXjJLpeZca bUB3Lbulsb/MeOfJRQNulmg9JEYViX9u7dXoU9KX3fmWnyKZ8zCfgnRusxFYSwuZ vwDNDKTbEATdJ06+7zrhbWcZIfCI/6rKIQFoeEHT0d/9zttOhb5ss4DGSQhWvOXY bM0ImyeIyBExXqFJWvp+aamNvtl35UkLws8IlGeamU1Zz9H+rzGdt3JUgcj8IFC9 7mLCESS2L3e80V6tFABE0Sw3mpfckqHWDeZjHp1fsvGJUeLAfv1wNWOJZ/oxI3W0 rgmcQaDmlNIOA58CAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFNrL6q1bCF3M//wm VM5J5VXGOPT4MB0GA1UdDgQWBBTbDWM+gjqOgLJJtrQ1LceFYqPHSjAOBgNVHQ8B Af8EBAMCBaAwDAYDVR0TAQH/BAIwADA0BgNVHSUELTArBggrBgEFBQcDAQYIKwYB BQUHAwIGCisGAQQBgjcKAwMGCWCGSAGG+EIEATBPBgNVHSAESDBGMDoGCysGAQQB sjEBAgIHMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20v Q1BTMAgGBmeBDAECATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmNvbW9k b2NhLmNvbS9Fc3NlbnRpYWxTU0xDQS5jcmwwbgYIKwYBBQUHAQEEYjBgMDgGCCsG AQUFBzAChixodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9Fc3NlbnRpYWxTU0xDQV8y LmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMDkGA1Ud EQQyMDCCFyouaW52ZXN0LWluLWZyZWVkb20uY29tghVpbnZlc3QtaW4tZnJlZWRv bS5jb20wDQYJKoZIhvcNAQEFBQADggEBABY+JgRt/a5YfD21nQ2KKsenxmKD/X6V w7Ieq5pFMCxB9BIjD1alJTtOEsL6uBvshseNR4ysAcFFeMRoN/QWycHoEY7Pgmr0 ou2isnBh2mQtn4O/6RVixdbJVPfWhK3vtDfbwNkEkXnzdUsJ21D5rhX5igKJUQkh IFi/wqdwez9z/N3LZIIP68x89Rf5jtTcfqOG2yzMF91VlUFbv0p6Q/bSCXuVH/FY 7mHMgQ58knCFvlnlTF1ob5NnDNx8NZcYHDSm8KPyUqo6tXT12pj+wWEmyTl0uD38 XAeYSN4W5AaB8zM7OWgnAeGU7qquG2uYcCtddOet3qRYYhv37yYoqZo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul8O9ymwH8FnXxYdznL4 nkAnXc8bxInooH6S5BHFyW9KYOM0ezFEBApap+AZxBeMkul5lxptQHctu6Wxv8x4 58lFA26WaD0kRhWJf27t1ehT0pfd+ZafIpnzMJ+CdG6zEVhLC5m/AM0MpNsQBN0n Tr7vOuFtZxkh8Ij/qsohAWh4QdPR3/3O206FvmyzgMZJCFa85dhszQibJ4jIETFe oUla+n5pqY2+2XflSQvCzwiUZ5qZTVnP0f6vMZ23clSByPwgUL3uYsIRJLYvd7zR Xq0UAETRLDeal9ySodYN5mMenV+y8YlR4sB+/XA1Y4ln+jEjdbSuCZxBoOaU0g4D nwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300518476051119385888330555965859053201 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EssentialSSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-04-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EssentialSSL Wildcard' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.invest-in-freedom.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23527199796831203727327527947333002147294443747169238180912886564561714973487400022054917156842804900630443905369200008706672887277816630921181065676508849424214723210397032388272718590404487980902745888223978169523308517025008432638171762943109871489291101599897912415194436883315677347781736631281764572939832130186240040807676065879985713511984131487077174407549519721480506454047558537775439090723506300117827316219556580839896364363491739372395137285799210789710001282766291587540080546775288787599765212084482184260354555363208920332104734284672303092786628301439759065517141832560044485956192547687658362373023 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName dacbeaad5b085dccfffc2654ce49e555c638f4f8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) db0d633e823a8e80b249b6b4352dc78562a3c74a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.10.3.3 (serverGatedCrypto) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.4.1 (serverGatedCrypto) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/EssentialSSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/EssentialSSLCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.invest-in-freedom.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'invest-in-freedom.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00163e26046dfdae587c3db59d0d8a2ac7a7c66283fd7e95c3b21eab9a45302c41f412230f56a5253b4e12c2fab81bec86c78d478cac01c14578c46837f416c9c1e8118ecf826af4a2eda2b27061da642d9f83bfe91562c5d6c954f7d684adefb437dbc0d9049179f3754b09db50f9ae15f98a02895109212058bfc2a7707b3f73fcddcb64820febcc7cf517f98ed4dc7ea386db2ccc17dd5595415bbf4a7a43f6d2097b951ff158ee61cc810e7c927085be59e54c5d686f93670cdc7c3597181c34a6f0a3f252aa3ab574f5da98fec16126c93974b83dfc5c079848de16e40681f3333b39682701e194eeaaae1b6b98702b5d74e7addea458621bf7ef2628a99a