SSL証明書(.crt)の詳細をopensslコマンドで確認する
コマンド
code:bash
openssl x509 -in certificate.crt -text
例
google.com:443の例。
code:openssl x509 -in certificate.crt -textの結果
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
cb:fd:0b:25:61:65:6e:a2:02:00:00:00:00:5c:67:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1
Validity
Not Before: Mar 3 09:45:25 2020 GMT
Not After : May 26 09:45:25 2020 GMT
Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:e8:0a:94:b5:11:8a:57:d4:58:ad:b9:f4:c1:9e:
81:30:a2:27:27:71:a8:18:0f:cf:4c:2c:38:5e:5a:
6e:74:67:53:2c:9a:ab:32:5d:d0:3e:1d:4d:59:17:
a7:97:98:c7:42:1b:50:b1:df:21:19:2f:40:2b:13:
49:71:68:2b:24
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
54:9C:78:18:A1:7E:C6:FE:6C:C6:34:01:80:A1:47:37:05:3A:B4:6C
X509v3 Authority Key Identifier:
keyid:98:D1:F8:6E:10:EB:CF:9B:EC:60:9F:18:90:1B:A0:EB:7D:09:FD:2B
Authority Information Access:
X509v3 Subject Alternative Name:
DNS:*.google.com, DNS:*.android.com, DNS:*.appengine.google.com, DNS:*.cloud.google.com, DNS:*.crowdsource.google.com, DNS:*.g.co, DNS:*.gcp.gvt2.com, DNS:*.gcpcdn.gvt1.com, DNS:*.ggpht.cn, DNS:*.gkecnapps.cn, DNS:*.google-analytics.com, DNS:*.google.ca, DNS:*.google.cl, DNS:*.google.co.in, DNS:*.google.co.jp, DNS:*.google.co.uk, DNS:*.google.com.ar, DNS:*.google.com.au, DNS:*.google.com.br, DNS:*.google.com.co, DNS:*.google.com.mx, DNS:*.google.com.tr, DNS:*.google.com.vn, DNS:*.google.de, DNS:*.google.es, DNS:*.google.fr, DNS:*.google.hu, DNS:*.google.it, DNS:*.google.nl, DNS:*.google.pl, DNS:*.google.pt, DNS:*.googleadapis.com, DNS:*.googleapis.cn, DNS:*.googlecnapps.cn, DNS:*.googlecommerce.com, DNS:*.googlevideo.com, DNS:*.gstatic.cn, DNS:*.gstatic.com, DNS:*.gstaticcnapps.cn, DNS:*.gvt1.com, DNS:*.gvt2.com, DNS:*.metric.gstatic.com, DNS:*.urchin.com, DNS:*.url.google.com, DNS:*.wear.gkecnapps.cn, DNS:*.youtube-nocookie.com, DNS:*.youtube.com, DNS:*.youtubeeducation.com, DNS:*.youtubekids.com, DNS:*.yt.be, DNS:*.ytimg.com, DNS:android.clients.google.com, DNS:android.com, DNS:developer.android.google.cn, DNS:developers.android.google.cn, DNS:g.co, DNS:ggpht.cn, DNS:gkecnapps.cn, DNS:goo.gl, DNS:google-analytics.com, DNS:google.com, DNS:googlecnapps.cn, DNS:googlecommerce.com, DNS:source.android.google.cn, DNS:urchin.com, DNS:www.goo.gl, DNS:youtu.be, DNS:youtube.com, DNS:youtubeeducation.com, DNS:youtubekids.com, DNS:yt.be
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.2
Policy: 1.3.6.1.4.1.11129.2.5.3
X509v3 CRL Distribution Points:
Full Name:
1.3.6.1.4.1.11129.2.4.2:
......v......... N.f.+..% gk..p..IS-...^...p..'-.....G0E. ;.<@..P......E...A.....O..w\,c.
.!...r.....x0.q..1AE)wh..6........A.v.^.s..V...6H}.I.2z.........u..qEX...p..'d.....G0E.!..L..d/.....tO...g.h....$r..L./... MHIN.st.W.(+...a......*....HA...
Signature Algorithm: sha256WithRSAEncryption
2e:80:51:93:c5:0e:05:21:f9:32:bf:91:45:46:d4:f4:e4:1f:
09:a9:29:82:b3:0d:3e:30:a4:d8:fc:a3:6d:46:65:3c:2d:9d:
38:3c:58:cd:e7:b2:47:d0:fe:f4:73:0f:36:1c:43:4d:54:24:
07:87:39:3e:d6:5c:0a:32:97:ad:d2:15:6c:ae:da:b2:a7:86:
5d:74:e0:5d:d3:34:fd:18:96:74:64:3c:a1:53:0e:37:31:12:
07:63:61:20:e2:9d:85:26:72:aa:60:48:02:17:b8:15:2f:f5:
d6:db:67:95:9f:32:a7:88:1e:48:d9:a8:39:c4:c1:8a:3f:9d:
da:b0:00:0f:b2:fc:3d:c0:3c:42:c3:68:a5:4f:19:c2:a2:30:
2c:9f:d1:5e:e0:42:d9:8b:65:11:61:41:00:cc:91:45:38:09:
d4:11:db:46:8a:24:06:af:50:4f:f2:67:55:90:b8:75:0e:8f:
94:d1:a5:cd:bf:81:45:99:07:cd:b7:39:b9:cb:41:db:da:99:
ff:a9:f8:52:b9:91:fa:72:63:a0:bc:f2:21:79:b3:02:7a:6e:
b8:34:bb:1d:5b:24:75:12:12:f0:73:27:c5:40:6b:b0:f4:64:
47:27:e6:fd:b4:08:47:a0:98:ab:5f:06:da:46:e6:16:7e:6b:
80:81:e8:07
-----BEGIN CERTIFICATE-----
MIIJRDCCCCygAwIBAgIRAMv9CyVhZW6iAgAAAABcZ1wwDQYJKoZIhvcNAQELBQAw
QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET
MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDAzMDMwOTQ1MjVaFw0yMDA1MjYwOTQ1
MjVaMGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRUwEwYDVQQDDAwq
Lmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAToCpS1EYpX1Fit
ufTBnoEwoicncagYD89MLDheWm50Z1MsmqsyXdA+HU1ZF6eXmMdCG1Cx3yEZL0Ar
E0lxaCsko4IG2jCCBtYwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
BwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFSceBihfsb+bMY0AYChRzcFOrRs
MB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGQGCCsGAQUFBwEBBFgw
VjAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AucGtpLmdvb2cvZ3RzMW8xMCsGCCsG
AQUFBzAChh9odHRwOi8vcGtpLmdvb2cvZ3NyMi9HVFMxTzEuY3J0MIIEnQYDVR0R
BIIElDCCBJCCDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lkLmNvbYIWKi5hcHBlbmdp
bmUuZ29vZ2xlLmNvbYISKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNl
Lmdvb2dsZS5jb22CBiouZy5jb4IOKi5nY3AuZ3Z0Mi5jb22CESouZ2NwY2RuLmd2
dDEuY29tggoqLmdncGh0LmNugg4qLmdrZWNuYXBwcy5jboIWKi5nb29nbGUtYW5h
bHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2dsZS5j
by5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2dsZS5j
b20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdvb2ds
ZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUuY29tLnRygg8qLmdv
b2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5lc4ILKi5nb29nbGUu
ZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyouZ29v
Z2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdvb2ds
ZWFwaXMuY26CESouZ29vZ2xlY25hcHBzLmNughQqLmdvb2dsZWNvbW1lcmNlLmNv
bYIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboINKi5nc3RhdGljLmNv
bYISKi5nc3RhdGljY25hcHBzLmNuggoqLmd2dDEuY29tggoqLmd2dDIuY29tghQq
Lm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29tghAqLnVybC5nb29nbGUu
Y29tghMqLndlYXIuZ2tlY25hcHBzLmNughYqLnlvdXR1YmUtbm9jb29raWUuY29t
gg0qLnlvdXR1YmUuY29tghYqLnlvdXR1YmVlZHVjYXRpb24uY29tghEqLnlvdXR1
YmVraWRzLmNvbYIHKi55dC5iZYILKi55dGltZy5jb22CGmFuZHJvaWQuY2xpZW50
cy5nb29nbGUuY29tggthbmRyb2lkLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29v
Z2xlLmNughxkZXZlbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNuggRnLmNvgghnZ3Bo
dC5jboIMZ2tlY25hcHBzLmNuggZnb28uZ2yCFGdvb2dsZS1hbmFseXRpY3MuY29t
ggpnb29nbGUuY29tgg9nb29nbGVjbmFwcHMuY26CEmdvb2dsZWNvbW1lcmNlLmNv
bYIYc291cmNlLmFuZHJvaWQuZ29vZ2xlLmNuggp1cmNoaW4uY29tggp3d3cuZ29v
Lmdsggh5b3V0dS5iZYILeW91dHViZS5jb22CFHlvdXR1YmVlZHVjYXRpb24uY29t
gg95b3V0dWJla2lkcy5jb22CBXl0LmJlMCEGA1UdIAQaMBgwCAYGZ4EMAQICMAwG
CisGAQQB1nkCBQMwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL2NybC5wa2kuZ29v
Zy9HVFMxTzEuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAsh4FzIuizYog
Todm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwoAAnLQAABAMARzBFAiA7CTxAnrZQ
3eilAYaWRbDn4UGKCOOYvk/S6HdcLGPIDQIhAP6IcgfhrhvmeDCTcR/eMUFFKXdo
6Yg2xta+hZ3g0aZBAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgA
AAFwoAAnZAAABAMARzBFAiEAoUztHWQvsxXLr7d0T77rzGe0aIW3os8kcuToTKQv
zZICIE1ISU7+c3SgVwwoK4D6CGGqwZGJk7Iq0A4QC0hBx5mVMA0GCSqGSIb3DQEB
CwUAA4IBAQAugFGTxQ4FIfkyv5FFRtT05B8JqSmCsw0+MKTY/KNtRmU8LZ04PFjN
57JH0P70cw82HENNVCQHhzk+1lwKMpet0hVsrtqyp4ZddOBd0zT9GJZ0ZDyhUw43
MRIHY2Eg4p2FJnKqYEgCF7gVL/XW22eVnzKniB5I2ag5xMGKP53asAAPsvw9wDxC
w2ilTxnCojAsn9Fe4ELZi2URYUEAzJFFOAnUEdtGiiQGr1BP8mdVkLh1Do+U0aXN
v4FFmQfNtzm5y0Hb2pn/qfhSuZH6cmOgvPIhebMCem64NLsdWyR1EhLwcyfFQGuw
9GRHJ+b9tAhHoJirXwbaRuYWfmuAgegH
-----END CERTIFICATE-----