CiscoClientCA001.cer: CN=Cisco Client CA 001,O=Cisco Systems (Intermediate Certificate, Expiring 2019-05-14) detail info and audit record

 

Page content

CA Certificate Information and Audit Record

This certificate is intermediate certificate used for the issuance of other certificates.

Download certificate through curl:

curl -sSL "https://www.cisco.com/security/pki/certs/CiscoClientCA001.cer" --output cert.crt

Download certificate through wget:

wget -q "https://www.cisco.com/security/pki/certs/CiscoClientCA001.cer" --output-document=cert.crt

CA Certificate Detail Information

Use openssl x509 to decode DER certificate to get detail information:

openssl x509 -in cert.crt -inform der -text -noout

Use openssl x509 to decode PEM certificate to get detail information:

openssl x509 -in cert.crt -inform pem -text -noout

Decoded detail certificate information:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:49:1d:e5:00:00:00:00:00:02
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: O=Cisco Systems, CN=Cisco Root CA 2048
        Validity
            Not Before: May 14 21:02:10 2004 GMT
            Not After : May 14 21:12:10 2019 GMT
        Subject: O=Cisco Systems, CN=Cisco Client CA 001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cd:21:39:8d:d7:78:15:ec:96:c8:3d:ef:25:
                    07:59:4d:77:d5:e8:ce:fe:66:57:77:0a:ab:a6:11:
                    2b:e1:7c:ac:e4:dd:86:b8:7b:08:56:e0:60:8e:58:
                    50:b8:b3:b1:6c:1e:e8:b9:b8:ef:95:c7:ad:65:54:
                    93:26:be:de:cf:00:f8:39:b8:ee:20:d3:a2:0c:1a:
                    03:6c:0e:21:84:56:1a:72:cf:bc:2d:36:77:49:59:
                    63:bd:45:e3:56:38:21:95:8c:95:1c:f6:6e:02:de:
                    9f:0e:d5:32:af:4d:2a:94:d9:3c:13:cf:d3:f9:6e:
                    4b:70:c0:3c:e9:28:76:d9:ba:d3:11:db:75:27:db:
                    34:d1:5d:a8:73:5d:a2:f6:4e:fb:e9:54:6f:f7:ae:
                    7a:41:fb:cd:b9:57:a0:18:1e:86:c2:b2:6a:c7:c2:
                    e8:ca:5b:75:b1:37:e4:f3:1c:dc:b7:43:d3:0f:35:
                    aa:ab:8d:7b:93:93:25:15:f2:f4:8b:50:2d:a0:1c:
                    c4:15:a8:48:6c:01:96:b9:0a:ac:ad:0c:fc:44:d5:
                    09:36:3d:68:6e:d0:07:6c:fc:76:e5:83:9d:2c:61:
                    3a:f2:12:35:8e:0c:87:72:23:ec:72:aa:a0:28:2d:
                    e0:d6:02:c7:4b:b5:46:36:71:fe:91:1d:61:38:fe:
                    3e:7d
                Exponent: 3 (0x3)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Subject Key Identifier: 
                0D:0D:27:E4:DA:9D:18:65:99:07:BB:26:6F:FB:EE:1B:8F:5F:24:AD
            X509v3 Key Usage: 
                Digital Signature, Certificate Sign, CRL Sign
            1.3.6.1.4.1.311.21.1: 
                ...
            1.3.6.1.4.1.311.20.2: 
                .
.S.u.b.C.A
            X509v3 Authority Key Identifier: 
                keyid:27:F3:C8:15:1E:6E:9A:02:09:16:AD:2B:A0:89:60:5F:DA:7B:2F:AA

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://www.cisco.com/security/pki/crl/crca2048.crl

            Authority Information Access: 
                CA Issuers - URI:http://www.cisco.com/security/pki/certs/crca2048.cer

            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.9.21.1.3.0
                  CPS: http://www.cisco.com/security/pki/policies/index.html

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, E-mail Protection, IPSec End System, IPSec Tunnel, IPSec User, OCSP Signing, 1.3.6.1.4.1.311.10.3.9, 1.3.6.1.4.1.311.20.2.1, 1.3.6.1.4.1.311.21.6
    Signature Algorithm: sha1WithRSAEncryption
         10:de:5d:00:51:4c:69:b6:71:e9:01:23:20:4b:cd:48:9a:c0:
         99:ea:00:6f:74:53:f8:41:b3:97:70:4c:24:ac:19:9e:d5:df:
         c3:46:28:bb:d0:96:84:16:8a:1d:43:30:c4:20:01:e7:4f:e0:
         a0:4a:d2:5b:52:80:a0:8f:76:3d:7b:d5:13:75:2e:8f:a2:46:
         61:e5:ff:03:e0:eb:2f:50:1a:dd:41:16:c8:95:3a:2b:fe:7c:
         b0:ad:87:bd:a3:61:eb:f1:c5:77:d3:1d:dc:31:39:16:0a:b4:
         4e:66:c2:d4:77:a0:b1:cf:0b:22:e6:18:0a:99:5b:d3:e3:00:
         45:a9:d1:aa:2d:f5:79:11:0f:c5:3c:d3:0a:b8:8d:0f:b7:f1:
         ef:d7:5b:ac:9a:1d:5c:0e:55:07:ad:b1:e1:68:e2:87:c7:16:
         46:d7:3a:d6:0b:8d:0b:e9:8c:d7:51:4d:04:26:9c:78:96:0d:
         2f:ab:35:f5:86:88:36:ef:75:e6:3b:6e:ca:5a:2a:e4:ea:a2:
         00:72:67:a9:88:76:4b:71:a3:3f:d7:c3:00:e8:f7:03:27:7b:
         05:ca:ba:cd:8a:92:36:61:a9:f5:57:33:3a:ad:4a:1f:b5:97:
         7c:68:f4:ce:00:34:1e:df:c1:8c:b7:de:d0:88:0f:91:a8:0a:
         89:59:ac:e0

CA Certificate in PEM Format

Use openssl x509 to convert certificate from DER format to PEM format:

openssl x509 -in cert.crt -inform der

Converted PEM format certificate:

-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIKYUkd5QAAAAAAAjANBgkqhkiG9w0BAQUFADA1MRYwFAYD
VQQKEw1DaXNjbyBTeXN0ZW1zMRswGQYDVQQDExJDaXNjbyBSb290IENBIDIwNDgw
HhcNMDQwNTE0MjEwMjEwWhcNMTkwNTE0MjExMjEwWjA2MRYwFAYDVQQKEw1DaXNj
byBTeXN0ZW1zMRwwGgYDVQQDExNDaXNjbyBDbGllbnQgQ0EgMDAxMIIBIDANBgkq
hkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAzs0hOY3XeBXslsg97yUHWU131ejO/mZX
dwqrphEr4Xys5N2GuHsIVuBgjlhQuLOxbB7oubjvlcetZVSTJr7ezwD4ObjuINOi
DBoDbA4hhFYacs+8LTZ3SVljvUXjVjghlYyVHPZuAt6fDtUyr00qlNk8E8/T+W5L
cMA86Sh22brTEdt1J9s00V2oc12i9k776VRv9656QfvNuVegGB6GwrJqx8Loylt1
sTfk8xzct0PTDzWqq417k5MlFfL0i1AtoBzEFahIbAGWuQqsrQz8RNUJNj1obtAH
bPx25YOdLGE68hI1jgyHciPscqqgKC3g1gLHS7VGNnH+kR1hOP4+fQIBA6OCAfEw
ggHtMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFA0NJ+TanRhlmQe7Jm/7
7huPXyStMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEEAwIBADAZBgkrBgEEAYI3
FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBQn88gVHm6aAgkWrSugiWBf2nsv
qjBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vd3d3LmNpc2NvLmNvbS9zZWN1cml0
eS9wa2kvY3JsL2NyY2EyMDQ4LmNybDBQBggrBgEFBQcBAQREMEIwQAYIKwYBBQUH
MAKGNGh0dHA6Ly93d3cuY2lzY28uY29tL3NlY3VyaXR5L3BraS9jZXJ0cy9jcmNh
MjA0OC5jZXIwXAYDVR0gBFUwUzBRBgorBgEEAQkVAQMAMEMwQQYIKwYBBQUHAgEW
NWh0dHA6Ly93d3cuY2lzY28uY29tL3NlY3VyaXR5L3BraS9wb2xpY2llcy9pbmRl
eC5odG1sMGgGA1UdJQRhMF8GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwUG
CCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwkGCisGAQQBgjcKAwkGCisGAQQB
gjcUAgEGCSsGAQQBgjcVBjANBgkqhkiG9w0BAQUFAAOCAQEAEN5dAFFMabZx6QEj
IEvNSJrAmeoAb3RT+EGzl3BMJKwZntXfw0You9CWhBaKHUMwxCAB50/goErSW1KA
oI92PXvVE3Uuj6JGYeX/A+DrL1Aa3UEWyJU6K/58sK2HvaNh6/HFd9Md3DE5Fgq0
TmbC1Hegsc8LIuYYCplb0+MARanRqi31eREPxTzTCriND7fx79dbrJodXA5VB62x
4Wjih8cWRtc61guNC+mM11FNBCaceJYNL6s19YaINu915jtuyloq5OqiAHJnqYh2
S3GjP9fDAOj3Ayd7Bcq6zYqSNmGp9VczOq1KH7WXfGj0zgA0Ht/BjLfe0IgPkagK
iVms4A==
-----END CERTIFICATE-----

Decode PEM Certificate online

Download PEM Certificate

Also see Top 1 Millions Domains CA Certificate List

Page version: e13a7e3f2 2023-05-06