issuer=C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
219 views
Skip to first unread message
Ferdinand Vroom
Mar 17, 2022, 3:09:50 PM3/17/22
to crt.sh
Example of:
issuer=C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
issued certificate. This certificate isn't in the log yet.
echo | openssl s_client -showcerts -verify_depth 2 -connect online-alpha.vtb.ru:443
CONNECTED(00000198)
depth=1 C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = RU, ST = St. Petersburg, L = St. Petersburg, O = VTB Bank (PJSC), OU = IT Department, CN = online-alpha.vtb.ru
verify return:1
---
Certificate chain
0 s:C = RU, ST = St. Petersburg, L = St. Petersburg, O = VTB Bank (PJSC), OU = IT Department, CN = online-alpha.vtb.ru
i:C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 4 14:59:21 2022 GMT; NotAfter: Mar 4 14:59:21 2023 GMT
-----BEGIN CERTIFICATE-----
MIIGfTCCBGWgAwIBAgIDERAEMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNVBAYTAlJV
MT8wPQYDVQQKDDZUaGUgTWluaXN0cnkgb2YgRGlnaXRhbCBEZXZlbG9wbWVudCBh
bmQgQ29tbXVuaWNhdGlvbnMxHzAdBgNVBAMMFlJ1c3NpYW4gVHJ1c3RlZCBTdWIg
Q0EwHhcNMjIwMzA0MTQ1OTIxWhcNMjMwMzA0MTQ1OTIxWjCBjzELMAkGA1UEBhMC
UlUxFzAVBgNVBAgTDlN0LiBQZXRlcnNidXJnMRcwFQYDVQQHEw5TdC4gUGV0ZXJz
YnVyZzEYMBYGA1UEChMPVlRCIEJhbmsgKFBKU0MpMRYwFAYDVQQLEw1JVCBEZXBh
cnRtZW50MRwwGgYDVQQDExNvbmxpbmUtYWxwaGEudnRiLnJ1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDOK99zY4vwINe8e/ReecM05zh/HeeJqlIT+
2xWXJuum2MerARuIXglwFC7RzrUZKOqrm/7VXr02X120TDiRYsncNzbC/COlK+JW
4ou0QqGj8+9FknprNcdtsOVlHDMwBKO1OOtz9cBeDBo6tQUkby6pwQHUhPMnHQoQ
yJ6SdwtZfZ8E4jkp+wXqCXdtKzeJAfuyZ0O7bdy7sqnV7UeNDNbwtEFtUtJE5Bqw
IKXgL8L/u4e+SpJg2SS/GE2MeVVR+y/rzC2MJs5MpQwDch9lZzshSAYIa22JXSQb
sEuJZ0L2yLsvUNo3udlMLJ3xTVDbmxIC7IsYsIoc63Kn2+7C0QIDAQABo4IB/zCC
AfswHQYDVR0OBBYEFMCAWwE4HUNpBN+TfJeM0LhneCQEMB8GA1UdIwQYMBaAFNHh
cQ0LLYFObopKj0wjs0xeq2kLMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMIHEBggrBgEFBQcBAQSBtzCBtDA6BggrBgEFBQcwAoYu
aHR0cDovL3Jvc3RlbGVjb20ucnUvY2RwL3N1YmNhX3NzbF9yc2EyMDIyLmNydDA6
BggrBgEFBQcwAoYuaHR0cDovL2NvbXBhbnkucnQucnUvY2RwL3N1YmNhX3NzbF9y
c2EyMDIyLmNydDA6BggrBgEFBQcwAoYuaHR0cDovL3JlZXN0ci1wa2kucnUvY2Rw
L3N1YmNhX3NzbF9yc2EyMDIyLmNydDCBpAYDVR0fBIGcMIGZMIGWoIGToIGQhi5o
dHRwOi8vcm9zdGVsZWNvbS5ydS9jZHAvc3ViY2Ffc3NsX3JzYTIwMjIuY3Jshi5o
dHRwOi8vY29tcGFueS5ydC5ydS9jZHAvc3ViY2Ffc3NsX3JzYTIwMjIuY3Jshi5o
dHRwOi8vcmVlc3RyLXBraS5ydS9jZHAvc3ViY2Ffc3NsX3JzYTIwMjIuY3JsMB4G
A1UdEQQXMBWCE29ubGluZS1hbHBoYS52dGIucnUwDQYJKoZIhvcNAQELBQADggIB
AC2vO+1k4mhFFhuSZ6BCvV+fwJ27OBbutuGiofV4MVPLcN5tj3Dv0uKfbimc5CGT
UEg5kjxNRE2ivH8ahezT47jSB7CrGNV03ePl2mmY0l3GCQAnxEVZ35Ltd8NfXio6
6edCRwxDoBm3qazxPpcjNhsZ7TV2w6kZ00CdcF+CpEhplN5TnhUlQDzXfJaBnvGm
bekkAZw9YKyTrZ7/8yaEHPGVkzZ/OD+wUkPNdB317sy+OcEud93vejK5Fh+WE3Gt
aL4WTK5qrvl2/zzhPdsO23AY3Uum4d+7wMIOzbjdFxCA1hGn3v7gSqw5FHjt93Gz
HYzgZepoE5cPYUeRF3ZXwACEnia7DGutWIDLiwzJpCZj6Ty1I+hP4ehNKiapfIE6
MpkswtMfx4J/79iILswxC064eqikY+z7VNyhijvfeINa0LhCt2YmLMksyPO8yIpx
Xr0hXBCDeas4taS2BAcWFtpcBNe7idZJueczeiaUVsUNJkc79T9w379HUU3VscV6
YC6MZ6VScSABSzBoXJwh8auNf2P2YXMgmfUwLQk2hqjJmlGVHbmv7gsGE4p9Q3lX
WCdOzvUwVJzzd/o+1RtqWDBP2J/bEysj+UA3VVXVWS76wT2orYeLUqzap7OI9NuP
z4oqVOqQD51YWeIJTRdiP0T/dTJldhJTbMMIjlnB+8lN
-----END CERTIFICATE-----
1 s:C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
i:C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Root CA
a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 2 11:25:19 2022 GMT; NotAfter: Mar 6 11:25:19 2027 GMT
-----BEGIN CERTIFICATE-----
MIIHQjCCBSqgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UEBhMCUlUx
PzA9BgNVBAoMNlRoZSBNaW5pc3RyeSBvZiBEaWdpdGFsIERldmVsb3BtZW50IGFu
ZCBDb21tdW5pY2F0aW9uczEgMB4GA1UEAwwXUnVzc2lhbiBUcnVzdGVkIFJvb3Qg
Q0EwHhcNMjIwMzAyMTEyNTE5WhcNMjcwMzA2MTEyNTE5WjBvMQswCQYDVQQGEwJS
VTE/MD0GA1UECgw2VGhlIE1pbmlzdHJ5IG9mIERpZ2l0YWwgRGV2ZWxvcG1lbnQg
YW5kIENvbW11bmljYXRpb25zMR8wHQYDVQQDDBZSdXNzaWFuIFRydXN0ZWQgU3Vi
IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9YPqBKOk19NFymrE
wehzrhBEgT2atLezpduB24mQ7CiOa/HVpFCDRZzdxqlh8drku408/tTmWzlNH/br
HuQhZ/miWKOf35lpKzjyBd6TPM23uAfJvEOQ2/dnKGGJbsUo1/udKSvxQwVHpVv3
S80OlluKfhWPDEXQpgyFqIzPoxIQTLZ0deirZwMVHarZ5u8HqHetRuAtmO2ZDGQn
vVOJYAjls+Hiueq7Lj7Oce7CQsTwVZeP+XQx28PAaEZ3y6sQEt6rL06ddpSdoTMp
BnCqTbxW+eWMyjkIn6t9GBtUV45yB1EkHNnj2Ex4GwCiN9T84QQjKSr+8f0psGrZ
vPbCbQAwNFJjisLixnjlGPLKa5vOmNwIh/LAyUW5DjpkCx004LPDuqPpFsKXNKpa
L2Dm6uc0x4Jo5m+gUTVORB6hOSzWnWDj2GWfomLzzyjG81DRGFBpco/O93zecsIN
3SL2Ysjpq1zdoS01CMYxie//9zWvYwzI25/OZigtnpCIrcd2j1Y6dMUFQAzAtHE+
qsXflSL8HIS+IJEFIQobLlYhHkoE3avgNx5jlu+OLYe0dF0Ykx1PGNjbwqvTX37R
Cn32NMjlotW2QcGEZhDKj+3urZizp5xdTPZitA+aEjZM/Ni71VOdiOP0igbw6asZ
2fxdozZ1TnSSYNYvNATwthNmZysCAwEAAaOCAeUwggHhMBIGA1UdEwEB/wQIMAYB
Af8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTR4XENCy2BTm6KSo9MI7NM
XqtpCzAfBgNVHSMEGDAWgBTh0YHlzlpfBKrS6badZrHF+qwshzCBxwYIKwYBBQUH
AQEEgbowgbcwOwYIKwYBBQUHMAKGL2h0dHA6Ly9yb3N0ZWxlY29tLnJ1L2NkcC9y
b290Y2Ffc3NsX3JzYTIwMjIuY3J0MDsGCCsGAQUFBzAChi9odHRwOi8vY29tcGFu
eS5ydC5ydS9jZHAvcm9vdGNhX3NzbF9yc2EyMDIyLmNydDA7BggrBgEFBQcwAoYv
aHR0cDovL3JlZXN0ci1wa2kucnUvY2RwL3Jvb3RjYV9zc2xfcnNhMjAyMi5jcnQw
gbAGA1UdHwSBqDCBpTA1oDOgMYYvaHR0cDovL3Jvc3RlbGVjb20ucnUvY2RwL3Jv
b3RjYV9zc2xfcnNhMjAyMi5jcmwwNaAzoDGGL2h0dHA6Ly9jb21wYW55LnJ0LnJ1
L2NkcC9yb290Y2Ffc3NsX3JzYTIwMjIuY3JsMDWgM6Axhi9odHRwOi8vcmVlc3Ry
LXBraS5ydS9jZHAvcm9vdGNhX3NzbF9yc2EyMDIyLmNybDANBgkqhkiG9w0BAQsF
AAOCAgEARBVzZls79AdiSCpar15dA5Hr/rrT4WbrOfzlpI+xrLeRPrUG6eUWIW4v
Sui1yx3iqGLCjPcKb+HOTwoRMbI6ytP/ndp3TlYua2advYBEhSvjs+4vDZNwXr/D
anbwIWdurZmViQRBDFebpkvnIvru/RpWud/5r624Wp8voZMRtj/cm6aI9LtvBfT9
cfzhOaexI/99c14dyiuk1+6QhdwKaCRTc1mdfNQmnfWNRbfWhWBlK3h4GGE9JK33
Gk8ZS8DMrkdAh0xby4xAQ/mSWAfWrBmfzlOqGyoB1U47WTOeqNbWkkoAP2ys94+s
Jg4NTkiDVtXRF6nr6fYi0bSOvOFg0IQrMXO2Y8gyg9ARdPJwKtvWX8VPADCYMiWH
h4n8bZokIrImVKLDQKHY4jCsND2HHdJfnrdL2YJw1qFskNO4cSNmZydw0Wkgjv9k
F+KxqrDKlB8MZu2Hclph6v/CZ0fQ9YuE8/lsHZ0Qc2HyiSMnvjgK5fDc3TD4fa8F
E8gMNurM+kV8PT8LNIM+4Zs+LKEV8nqRWBaxkIVJGekkVKO8xDBOG/aN62AZKHOe
GcyIdu7yNMMRihGVZCYr8rYiJoKiOzDqOkPkLOPdhtVlgnhowzHDxMHND/E2WA5p
ZHuNM/m0TXt2wTTPL7JH2YC0gPz/BvvSzjksgzU5rLbRyUKQkgU=
-----END CERTIFICATE-----
---
Server certificate
subject=C = RU, ST = St. Petersburg, L = St. Petersburg, O = VTB Bank (PJSC), OU = IT Department, CN = online-alpha.vtb.ru
issuer=C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 4043 bytes and written 451 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 92C894E2E60D09C67B901CB44D55B04285E17D6A23E8004358AF3F991EE5005F
Session-ID-ctx:
Master-Key: 084CA49C3821CFA73463E83DCCDE3DEB4CF0BA51795E6368C7BE8EC8CB8AD9E66B04F2C8D74A43AF570005F1AE4B75B5
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1647544075
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Extended master secret: yes
---
DONE
echo | openssl s_client -showcerts -verify_depth 2 -connect online-alpha.vtb.ru:443
CONNECTED(00000198)
depth=1 C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = RU, ST = St. Petersburg, L = St. Petersburg, O = VTB Bank (PJSC), OU = IT Department, CN = online-alpha.vtb.ru
verify return:1
---
Certificate chain
0 s:C = RU, ST = St. Petersburg, L = St. Petersburg, O = VTB Bank (PJSC), OU = IT Department, CN = online-alpha.vtb.ru
i:C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 4 14:59:21 2022 GMT; NotAfter: Mar 4 14:59:21 2023 GMT
-----BEGIN CERTIFICATE-----
MIIGfTCCBGWgAwIBAgIDERAEMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNVBAYTAlJV
MT8wPQYDVQQKDDZUaGUgTWluaXN0cnkgb2YgRGlnaXRhbCBEZXZlbG9wbWVudCBh
bmQgQ29tbXVuaWNhdGlvbnMxHzAdBgNVBAMMFlJ1c3NpYW4gVHJ1c3RlZCBTdWIg
Q0EwHhcNMjIwMzA0MTQ1OTIxWhcNMjMwMzA0MTQ1OTIxWjCBjzELMAkGA1UEBhMC
UlUxFzAVBgNVBAgTDlN0LiBQZXRlcnNidXJnMRcwFQYDVQQHEw5TdC4gUGV0ZXJz
YnVyZzEYMBYGA1UEChMPVlRCIEJhbmsgKFBKU0MpMRYwFAYDVQQLEw1JVCBEZXBh
cnRtZW50MRwwGgYDVQQDExNvbmxpbmUtYWxwaGEudnRiLnJ1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDOK99zY4vwINe8e/ReecM05zh/HeeJqlIT+
2xWXJuum2MerARuIXglwFC7RzrUZKOqrm/7VXr02X120TDiRYsncNzbC/COlK+JW
4ou0QqGj8+9FknprNcdtsOVlHDMwBKO1OOtz9cBeDBo6tQUkby6pwQHUhPMnHQoQ
yJ6SdwtZfZ8E4jkp+wXqCXdtKzeJAfuyZ0O7bdy7sqnV7UeNDNbwtEFtUtJE5Bqw
IKXgL8L/u4e+SpJg2SS/GE2MeVVR+y/rzC2MJs5MpQwDch9lZzshSAYIa22JXSQb
sEuJZ0L2yLsvUNo3udlMLJ3xTVDbmxIC7IsYsIoc63Kn2+7C0QIDAQABo4IB/zCC
AfswHQYDVR0OBBYEFMCAWwE4HUNpBN+TfJeM0LhneCQEMB8GA1UdIwQYMBaAFNHh
cQ0LLYFObopKj0wjs0xeq2kLMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMIHEBggrBgEFBQcBAQSBtzCBtDA6BggrBgEFBQcwAoYu
aHR0cDovL3Jvc3RlbGVjb20ucnUvY2RwL3N1YmNhX3NzbF9yc2EyMDIyLmNydDA6
BggrBgEFBQcwAoYuaHR0cDovL2NvbXBhbnkucnQucnUvY2RwL3N1YmNhX3NzbF9y
c2EyMDIyLmNydDA6BggrBgEFBQcwAoYuaHR0cDovL3JlZXN0ci1wa2kucnUvY2Rw
L3N1YmNhX3NzbF9yc2EyMDIyLmNydDCBpAYDVR0fBIGcMIGZMIGWoIGToIGQhi5o
dHRwOi8vcm9zdGVsZWNvbS5ydS9jZHAvc3ViY2Ffc3NsX3JzYTIwMjIuY3Jshi5o
dHRwOi8vY29tcGFueS5ydC5ydS9jZHAvc3ViY2Ffc3NsX3JzYTIwMjIuY3Jshi5o
dHRwOi8vcmVlc3RyLXBraS5ydS9jZHAvc3ViY2Ffc3NsX3JzYTIwMjIuY3JsMB4G
A1UdEQQXMBWCE29ubGluZS1hbHBoYS52dGIucnUwDQYJKoZIhvcNAQELBQADggIB
AC2vO+1k4mhFFhuSZ6BCvV+fwJ27OBbutuGiofV4MVPLcN5tj3Dv0uKfbimc5CGT
UEg5kjxNRE2ivH8ahezT47jSB7CrGNV03ePl2mmY0l3GCQAnxEVZ35Ltd8NfXio6
6edCRwxDoBm3qazxPpcjNhsZ7TV2w6kZ00CdcF+CpEhplN5TnhUlQDzXfJaBnvGm
bekkAZw9YKyTrZ7/8yaEHPGVkzZ/OD+wUkPNdB317sy+OcEud93vejK5Fh+WE3Gt
aL4WTK5qrvl2/zzhPdsO23AY3Uum4d+7wMIOzbjdFxCA1hGn3v7gSqw5FHjt93Gz
HYzgZepoE5cPYUeRF3ZXwACEnia7DGutWIDLiwzJpCZj6Ty1I+hP4ehNKiapfIE6
MpkswtMfx4J/79iILswxC064eqikY+z7VNyhijvfeINa0LhCt2YmLMksyPO8yIpx
Xr0hXBCDeas4taS2BAcWFtpcBNe7idZJueczeiaUVsUNJkc79T9w379HUU3VscV6
YC6MZ6VScSABSzBoXJwh8auNf2P2YXMgmfUwLQk2hqjJmlGVHbmv7gsGE4p9Q3lX
WCdOzvUwVJzzd/o+1RtqWDBP2J/bEysj+UA3VVXVWS76wT2orYeLUqzap7OI9NuP
z4oqVOqQD51YWeIJTRdiP0T/dTJldhJTbMMIjlnB+8lN
-----END CERTIFICATE-----
1 s:C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
i:C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Root CA
a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 2 11:25:19 2022 GMT; NotAfter: Mar 6 11:25:19 2027 GMT
-----BEGIN CERTIFICATE-----
MIIHQjCCBSqgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UEBhMCUlUx
PzA9BgNVBAoMNlRoZSBNaW5pc3RyeSBvZiBEaWdpdGFsIERldmVsb3BtZW50IGFu
ZCBDb21tdW5pY2F0aW9uczEgMB4GA1UEAwwXUnVzc2lhbiBUcnVzdGVkIFJvb3Qg
Q0EwHhcNMjIwMzAyMTEyNTE5WhcNMjcwMzA2MTEyNTE5WjBvMQswCQYDVQQGEwJS
VTE/MD0GA1UECgw2VGhlIE1pbmlzdHJ5IG9mIERpZ2l0YWwgRGV2ZWxvcG1lbnQg
YW5kIENvbW11bmljYXRpb25zMR8wHQYDVQQDDBZSdXNzaWFuIFRydXN0ZWQgU3Vi
IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9YPqBKOk19NFymrE
wehzrhBEgT2atLezpduB24mQ7CiOa/HVpFCDRZzdxqlh8drku408/tTmWzlNH/br
HuQhZ/miWKOf35lpKzjyBd6TPM23uAfJvEOQ2/dnKGGJbsUo1/udKSvxQwVHpVv3
S80OlluKfhWPDEXQpgyFqIzPoxIQTLZ0deirZwMVHarZ5u8HqHetRuAtmO2ZDGQn
vVOJYAjls+Hiueq7Lj7Oce7CQsTwVZeP+XQx28PAaEZ3y6sQEt6rL06ddpSdoTMp
BnCqTbxW+eWMyjkIn6t9GBtUV45yB1EkHNnj2Ex4GwCiN9T84QQjKSr+8f0psGrZ
vPbCbQAwNFJjisLixnjlGPLKa5vOmNwIh/LAyUW5DjpkCx004LPDuqPpFsKXNKpa
L2Dm6uc0x4Jo5m+gUTVORB6hOSzWnWDj2GWfomLzzyjG81DRGFBpco/O93zecsIN
3SL2Ysjpq1zdoS01CMYxie//9zWvYwzI25/OZigtnpCIrcd2j1Y6dMUFQAzAtHE+
qsXflSL8HIS+IJEFIQobLlYhHkoE3avgNx5jlu+OLYe0dF0Ykx1PGNjbwqvTX37R
Cn32NMjlotW2QcGEZhDKj+3urZizp5xdTPZitA+aEjZM/Ni71VOdiOP0igbw6asZ
2fxdozZ1TnSSYNYvNATwthNmZysCAwEAAaOCAeUwggHhMBIGA1UdEwEB/wQIMAYB
Af8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTR4XENCy2BTm6KSo9MI7NM
XqtpCzAfBgNVHSMEGDAWgBTh0YHlzlpfBKrS6badZrHF+qwshzCBxwYIKwYBBQUH
AQEEgbowgbcwOwYIKwYBBQUHMAKGL2h0dHA6Ly9yb3N0ZWxlY29tLnJ1L2NkcC9y
b290Y2Ffc3NsX3JzYTIwMjIuY3J0MDsGCCsGAQUFBzAChi9odHRwOi8vY29tcGFu
eS5ydC5ydS9jZHAvcm9vdGNhX3NzbF9yc2EyMDIyLmNydDA7BggrBgEFBQcwAoYv
aHR0cDovL3JlZXN0ci1wa2kucnUvY2RwL3Jvb3RjYV9zc2xfcnNhMjAyMi5jcnQw
gbAGA1UdHwSBqDCBpTA1oDOgMYYvaHR0cDovL3Jvc3RlbGVjb20ucnUvY2RwL3Jv
b3RjYV9zc2xfcnNhMjAyMi5jcmwwNaAzoDGGL2h0dHA6Ly9jb21wYW55LnJ0LnJ1
L2NkcC9yb290Y2Ffc3NsX3JzYTIwMjIuY3JsMDWgM6Axhi9odHRwOi8vcmVlc3Ry
LXBraS5ydS9jZHAvcm9vdGNhX3NzbF9yc2EyMDIyLmNybDANBgkqhkiG9w0BAQsF
AAOCAgEARBVzZls79AdiSCpar15dA5Hr/rrT4WbrOfzlpI+xrLeRPrUG6eUWIW4v
Sui1yx3iqGLCjPcKb+HOTwoRMbI6ytP/ndp3TlYua2advYBEhSvjs+4vDZNwXr/D
anbwIWdurZmViQRBDFebpkvnIvru/RpWud/5r624Wp8voZMRtj/cm6aI9LtvBfT9
cfzhOaexI/99c14dyiuk1+6QhdwKaCRTc1mdfNQmnfWNRbfWhWBlK3h4GGE9JK33
Gk8ZS8DMrkdAh0xby4xAQ/mSWAfWrBmfzlOqGyoB1U47WTOeqNbWkkoAP2ys94+s
Jg4NTkiDVtXRF6nr6fYi0bSOvOFg0IQrMXO2Y8gyg9ARdPJwKtvWX8VPADCYMiWH
h4n8bZokIrImVKLDQKHY4jCsND2HHdJfnrdL2YJw1qFskNO4cSNmZydw0Wkgjv9k
F+KxqrDKlB8MZu2Hclph6v/CZ0fQ9YuE8/lsHZ0Qc2HyiSMnvjgK5fDc3TD4fa8F
E8gMNurM+kV8PT8LNIM+4Zs+LKEV8nqRWBaxkIVJGekkVKO8xDBOG/aN62AZKHOe
GcyIdu7yNMMRihGVZCYr8rYiJoKiOzDqOkPkLOPdhtVlgnhowzHDxMHND/E2WA5p
ZHuNM/m0TXt2wTTPL7JH2YC0gPz/BvvSzjksgzU5rLbRyUKQkgU=
-----END CERTIFICATE-----
---
Server certificate
subject=C = RU, ST = St. Petersburg, L = St. Petersburg, O = VTB Bank (PJSC), OU = IT Department, CN = online-alpha.vtb.ru
issuer=C = RU, O = The Ministry of Digital Development and Communications, CN = Russian Trusted Sub CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 4043 bytes and written 451 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 92C894E2E60D09C67B901CB44D55B04285E17D6A23E8004358AF3F991EE5005F
Session-ID-ctx:
Master-Key: 084CA49C3821CFA73463E83DCCDE3DEB4CF0BA51795E6368C7BE8EC8CB8AD9E66B04F2C8D74A43AF570005F1AE4B75B5
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1647544075
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Extended master secret: yes
---
DONE
r...@sectigo.com
Mar 17, 2022, 3:43:12 PM3/17/22
to crt.sh
Hi Ferdinand. I was looking at this same certificate yesterday. :-)
> This certificate isn't in the log yet.
I manually added the "Russian Trusted Root CA" certificate to the crt.sh database recently (https://crt.sh/?id=6316640888).
The Sectigo Dodo log, which is monitored by crt.sh but which is not a qualified log in Chrome or Safari, will soon accept this root (update prepared in https://github.com/sectigo/CTLogs-AcceptedRoots/pull/34; currently awaiting deployment).
Reply all
Reply to author
Forward
0 new messages