nii-odca4g7rsa.cer: CN=NII Open Domain CA - G7 RSA,O=SECOM Trust Systems CO.,LTD.,C=JP (Intermediate Certificate, Expiring 2029-05-29) detail info and audit record
Page content
CA Certificate Information and Audit Record
This certificate is intermediate certificate used for the issuance of other certificates.
- Certificate Download URL: http://repo1.secomtrust.net/sppca/nii/odca4/nii-odca4g7rsa.cer (in DER format )
- Serial Number : 46157927341343425315879777794828232951
- SHA-1 Fingerprint : 0430f57b0363a24bae75802161639c612101faa3
- SHA-1 Fingerprint : 04:30:f5:7b:03:63:a2:4b:ae:75:80:21:61:63:9c:61:21:01:fa:a3
- SHA-256 Fingerprint : 603db707a584003bed6f1d43dcd4eae13cd18d798e827de2f3a31f3193fc0dac
- SHA-256 Fingerprint : 60:3d:b7:07:a5:84:00:3b:ed:6f:1d:43:dc:d4:ea:e1:3c:d1:8d:79:8e:82:7d:e2:f3:a3:1f:31:93:fc:0d:ac
- Signature Hash Algorithm : sha256
- Subject
: CN=NII Open Domain CA - G7 RSA,O=SECOM Trust Systems CO.,LTD.,C=JP
- Country Name: JP (Japan)
- Organization: SECOM Trust Systems CO.,LTD.
- Common Name: NII Open Domain CA - G7 RSA
- Not Valid Before: 2020-12-15 08:46:22
- Not Valid After: 2029-05-29 05:00:39
- Issuer (Parent Certificate):
- Issuer Name: OU=Security Communication RootCA2,O=SECOM Trust Systems CO.,LTD.,C=JP
- Issuer Certificate URL: NA
- Audit Record:
- Revocation Status: Not Revoked
- Certificate Policy (CP) URL: https://repo1.secomtrust.net/sppca/cp/ovcp.pdf
- Certificate Practice Statement (CPS) URL: https://repo1.secomtrust.net/spcpp/cps/SECOM-CPS-EN.pdf
- Auditor: KPMG
- Standard Audit URL: Unknown
- Standard Audit Period Start Date: Unknown
- Standard Audit Period End Date: Unknown
- Standard Audit Statement Date: Unknown
- Standard Audit Type: Unknown
- Full CRL Issued By This CA: http://repo1.secomtrust.net/sppca/nii/odca4/fullcrlg7rsa.crl
- Check its issuer’s audit information: OU=Security Communication RootCA2,O=SECOM Trust Systems CO.,LTD.,C=JP .
Download certificate through curl:
curl -sSL "http://repo1.secomtrust.net/sppca/nii/odca4/nii-odca4g7rsa.cer" --output cert.crt
Download certificate through wget:
wget -q "http://repo1.secomtrust.net/sppca/nii/odca4/nii-odca4g7rsa.cer" --output-document=cert.crt
CA Certificate Detail Information
Use openssl x509 to decode DER certificate to get detail information:
openssl x509 -in cert.crt -inform der -text -noout
Use openssl x509 to decode PEM certificate to get detail information:
openssl x509 -in cert.crt -inform pem -text -noout
Decoded detail certificate information:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:b9:b1:85:87:a6:99:43:b5:ec:36:8f:4c:af:68:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
Validity
Not Before: Dec 15 08:46:22 2020 GMT
Not After : May 29 05:00:39 2029 GMT
Subject: C=JP, O=SECOM Trust Systems CO.,LTD., CN=NII Open Domain CA - G7 RSA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:da:27:70:d0:cd:db:ef:92:cc:c8:90:a5:34:
01:e0:af:cb:c6:65:e7:74:37:cd:46:13:5e:0c:f1:
30:b1:f5:1b:83:c8:4c:e9:2d:b4:31:2d:04:4a:23:
f7:3a:45:10:14:7e:20:f0:2b:30:24:1b:26:d0:e6:
7e:a4:e2:e5:f6:f1:81:aa:08:a7:7b:67:6c:0d:df:
01:35:e4:1c:aa:eb:04:9f:f1:7e:f1:79:42:f9:a8:
0f:c2:b0:16:7f:0e:e1:85:aa:b3:56:07:00:99:c4:
ac:e9:22:1b:63:54:29:0d:de:08:2e:7f:99:7d:c5:
46:3b:2c:2c:3c:30:9b:42:b7:cd:32:13:78:5c:5a:
3d:4a:af:a7:79:ff:68:52:38:cb:7c:2c:13:a6:65:
4c:88:59:1a:2e:30:95:f7:fb:f7:0f:63:f8:6c:72:
88:b1:8a:70:27:bc:37:60:29:0c:db:86:0b:90:66:
7b:83:4d:55:e4:1a:03:e3:f4:cf:75:3a:95:fb:87:
4e:4e:61:01:9f:8f:dd:83:b7:c2:63:32:af:ee:2a:
69:fc:e6:80:0f:73:f4:02:64:e0:56:95:2b:03:c0:
e6:30:30:45:20:25:fb:52:11:a3:18:01:0b:63:c8:
35:ef:d1:6d:2a:35:a7:89:9c:2e:67:85:6f:38:39:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2E:E5:51:ED:FC:4A:CF:A3:87:F1:13:90:76:2D:9D:8E:94:A1:E3
X509v3 Authority Key Identifier:
keyid:0A:85:A9:77:65:05:98:7C:40:81:F8:0F:97:2C:38:F1:0A:EC:3C:CF
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 CRL Distribution Points:
Full Name:
URI:http://repository.secomtrust.net/SC-Root2/SCRoot2CRL.crl
X509v3 Certificate Policies:
Policy: 1.2.392.200091.100.901.4
CPS: http://repository.secomtrust.net/SC-Root2/
Authority Information Access:
OCSP - URI:http://scrootca2.ocsp.secomtrust.net
CA Issuers - URI:http://repository.secomtrust.net/SC-Root2/SCRoot2ca.cer
Signature Algorithm: sha256WithRSAEncryption
3b:75:bc:d3:aa:f7:4b:2f:38:b5:8a:03:c9:df:4e:af:ec:20:
0a:1a:4a:d4:03:e8:68:10:26:69:5b:fe:77:a9:e3:95:fe:fc:
73:24:db:2d:fc:d6:0f:2b:b1:61:17:a3:35:59:98:02:5c:21:
cc:01:8c:89:c2:24:b7:aa:b1:9c:50:da:ce:4b:2c:52:c8:ac:
87:21:d0:e2:cd:64:3d:1a:65:b1:fe:37:01:dd:ec:1e:cd:4e:
9e:f9:61:3d:5c:a7:5b:7b:c0:75:dd:1d:d3:94:16:52:33:64:
5e:3e:12:2d:ca:d8:85:d6:7b:42:5a:a2:d2:13:58:a9:71:89:
c6:fc:a1:1d:b3:c1:86:1f:e9:00:f5:48:29:34:dc:20:1b:9a:
c8:78:3b:9d:bd:24:e7:c1:d8:63:34:4f:ba:3a:c3:5a:1a:ee:
41:b2:e3:f3:02:26:cc:df:89:16:fc:0f:86:49:95:80:ed:f5:
9c:b6:d2:7f:59:79:ce:05:ee:99:2c:24:8a:c7:b7:e5:77:18:
51:67:72:8e:be:fb:60:58:2a:c8:19:74:29:12:13:c4:fb:d8:
74:01:12:88:48:cd:5d:41:b7:c3:7c:41:b9:c1:9d:c0:c8:a6:
fa:9b:fa:64:3b:13:84:92:7a:f1:14:02:f0:12:85:e0:9e:d6:
97:7f:4b:87
CA Certificate in PEM Format
Use openssl x509 to convert certificate from DER format to PEM format:
openssl x509 -in cert.crt -inform der
Converted PEM format certificate:
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIQIrmxhYemmUO17DaPTK9o9zANBgkqhkiG9w0BAQsFADBd
MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
DTIwMTIxNTA4NDYyMloXDTI5MDUyOTA1MDAzOVowWjELMAkGA1UEBhMCSlAxJTAj
BgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJDAiBgNVBAMTG05J
SSBPcGVuIERvbWFpbiBDQSAtIEc3IFJTQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOHaJ3DQzdvvkszIkKU0AeCvy8Zl53Q3zUYTXgzxMLH1G4PITOkt
tDEtBEoj9zpFEBR+IPArMCQbJtDmfqTi5fbxgaoIp3tnbA3fATXkHKrrBJ/xfvF5
QvmoD8KwFn8O4YWqs1YHAJnErOkiG2NUKQ3eCC5/mX3FRjssLDwwm0K3zTITeFxa
PUqvp3n/aFI4y3wsE6ZlTIhZGi4wlff79w9j+GxyiLGKcCe8N2ApDNuGC5Bme4NN
VeQaA+P0z3U6lfuHTk5hAZ+P3YO3wmMyr+4qafzmgA9z9AJk4FaVKwPA5jAwRSAl
+1IRoxgBC2PINe/RbSo1p4mcLmeFbzg5v4ECAwEAAaOCAa0wggGpMB0GA1UdDgQW
BBSwLuVR7fxKz6OH8ROQdi2djpSh4zAfBgNVHSMEGDAWgBQKhal3ZQWYfECB+A+X
LDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0fBEIwQDA+oDygOoY4aHR0
cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvU0NSb290MkNS
TC5jcmwwUQYDVR0gBEowSDBGBgoqgwiMmxtkhwUEMDgwNgYIKwYBBQUHAgEWKmh0
dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJvb3QyLzCBhQYIKwYB
BQUHAQEEeTB3MDAGCCsGAQUFBzABhiRodHRwOi8vc2Nyb290Y2EyLm9jc3Auc2Vj
b210cnVzdC5uZXQwQwYIKwYBBQUHMAKGN2h0dHA6Ly9yZXBvc2l0b3J5LnNlY29t
dHJ1c3QubmV0L1NDLVJvb3QyL1NDUm9vdDJjYS5jZXIwDQYJKoZIhvcNAQELBQAD
ggEBADt1vNOq90svOLWKA8nfTq/sIAoaStQD6GgQJmlb/nep45X+/HMk2y381g8r
sWEXozVZmAJcIcwBjInCJLeqsZxQ2s5LLFLIrIch0OLNZD0aZbH+NwHd7B7NTp75
YT1cp1t7wHXdHdOUFlIzZF4+Ei3K2IXWe0JaotITWKlxicb8oR2zwYYf6QD1SCk0
3CAbmsh4O529JOfB2GM0T7o6w1oa7kGy4/MCJszfiRb8D4ZJlYDt9Zy20n9Zec4F
7pksJIrHt+V3GFFnco6++2BYKsgZdCkSE8T72HQBEohIzV1Bt8N8QbnBncDIpvqb
+mQ7E4SSevEUAvASheCe1pd/S4c=
-----END CERTIFICATE-----
Also see Top 1 Millions Domains CA Certificate List