SectigoECCExtendedValidationSecureServerCA.crt: CN=Sectigo ECC Extended Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Page content

CA Certificate Basic Information

This certificate is intermediate certificate used for the issuance of other certificates.

  • Certificate download URL: http://crt.sectigo.com/SectigoECCExtendedValidationSecureServerCA.crt (DER format)
  • Serial number: 171415251955978859488455238468000417391
  • SHA-1 Fingerprint: 7a164f53af93b80965ff9fdf446d5849b14b3fda
  • SHA-1 Fingerprint: 7a:16:4f:53:af:93:b8:09:65:ff:9f:df:44:6d:58:49:b1:4b:3f:da
  • SHA-256 Fingerprint: 1ffece09682f87024a2a44b2c987b1fccee3b2b5cf021efcf23869224a4ca154
  • SHA-256 Fingerprint: 1f:fe:ce:09:68:2f:87:02:4a:2a:44:b2:c9:87:b1:fc:ce:e3:b2:b5:cf:02:1e:fc:f2:38:69:22:4a:4c:a1:54
  • Signature hash algorithm: sha384
  • Subject: CN=Sectigo ECC Extended Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB
  • Not valid before: 2018-11-02 00:00:00
  • Not valid after: 2030-12-31 23:59:59
  • Issuer:

Download certificate through curl:

curl -sSL http://crt.sectigo.com/SectigoECCExtendedValidationSecureServerCA.crt --output cert.crt

Download certificate through wget:

wget -q http://crt.sectigo.com/SectigoECCExtendedValidationSecureServerCA.crt --output-document=cert.crt

CA Certificate Detail Information

Use openssl x509 to decode certificate to get detail information:

openssl x509 -in cert.crt -inform der -text -noout

Decoded detail certificate information:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            80:f5:60:6d:3a:16:2b:14:3a:dc:12:fb:e8:c2:06:6f
    Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
        Validity
            Not Before: Nov  2 00:00:00 2018 GMT
            Not After : Dec 31 23:59:59 2030 GMT
        Subject: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Extended Validation Secure Server CA
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:03:22:79:09:af:49:c9:7a:bc:6c:ef:a4:ac:b5:
                    56:ca:c6:ed:9b:b7:dd:31:22:79:e2:e1:43:db:7b:
                    74:c7:a2:40:0b:82:23:c5:eb:df:40:9c:d6:cf:84:
                    fa:c9:8f:85:c9:b4:c1:aa:d3:9a:fb:e8:a3:24:59:
                    e4:07:9c:0a:cb
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                keyid:3A:E1:09:86:D4:CF:19:C2:96:76:74:49:76:DC:E0:35:C6:63:63:9A

            X509v3 Subject Key Identifier: 
                EF:C1:2A:95:0C:32:DA:FB:73:30:DC:8A:13:D8:15:4B:F7:13:E8:F8
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: X509v3 Any Policy
                  CPS: https://cps.usertrust.com

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.usertrust.com/USERTrustECCCertificationAuthority.crl

            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/USERTrustECCAddTrustCA.crt
                OCSP - URI:http://ocsp.usertrust.com

    Signature Algorithm: ecdsa-with-SHA384
         30:65:02:31:00:a3:1f:3b:41:0c:bf:74:18:24:57:1e:51:aa:
         9b:41:fb:93:33:f4:e2:17:74:33:1c:1a:90:a8:d6:cc:e9:ac:
         b5:73:45:2c:e3:63:44:56:b4:26:a2:3f:88:a5:09:30:57:02:
         30:26:cb:83:2c:dc:15:6e:c3:8a:1b:58:e5:71:34:5c:22:c2:
         c3:e8:22:b7:43:63:c6:21:41:e8:56:8e:14:89:72:0d:da:93:
         8f:e4:e1:f8:32:7d:d8:92:ef:20:25:43:fe

CA Certificate in PEM Format

Use openssl x509 to convert certificate from DER format to PEM format:

openssl x509 -in cert.crt -inform der

Converted PEM format certificate:

-----BEGIN CERTIFICATE-----
MIIDyTCCA0+gAwIBAgIRAID1YG06FisUOtwS++jCBm8wCgYIKoZIzj0EAwMwgYgx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTEw
MjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgZExCzAJBgNVBAYTAkdCMRswGQYDVQQI
ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT
D1NlY3RpZ28gTGltaXRlZDE5MDcGA1UEAxMwU2VjdGlnbyBFQ0MgRXh0ZW5kZWQg
VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEAyJ5Ca9JyXq8bO+krLVWysbtm7fdMSJ54uFD23t0x6JAC4IjxevfQJzW
z4T6yY+FybTBqtOa++ijJFnkB5wKy6OCAY0wggGJMB8GA1UdIwQYMBaAFDrhCYbU
zxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTvwSqVDDLa+3Mw3IoT2BVL9xPo+DAO
BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0gBDMwMTAvBgRVHSAAMCcwJQYIKwYBBQUH
AgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wUAYDVR0fBEkwRzBFoEOgQYY/
aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRp
b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0
cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0
MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49
BAMDA2gAMGUCMQCjHztBDL90GCRXHlGqm0H7kzP04hd0MxwakKjWzOmstXNFLONj
RFa0JqI/iKUJMFcCMCbLgyzcFW7DihtY5XE0XCLCw+git0NjxiFB6FaOFIlyDdqT
j+Th+DJ92JLvICVD/g==
-----END CERTIFICATE-----

Download PEM Certificate

Also see Top 1 Millions Domains CA Certificate List


Page version: a651bdd 2022-03-26