SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | close Yes (expired 1268 days ago) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
DNS Information
| Resolves To: | 170.246.255.242 |
| Reverse IP lookup: | No records found |
| Nameserver: | alpha2.planalto.gov.br. |
| Nameserver: | alpha.planalto.gov.br. |
General Information
| Common Name: | brasil.gov.br |
| SANs: | DNS:brasil.gov.brDNS:www.brasil.gov.br Total number of SANs: 2 |
| Signature Algorithm: | sha384WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 3adf774393d7a528104f54b768dad6da |
| Not Before: | Aug 07, 2020 00:00:00 GMT |
| Not After: | Nov 05, 2020 23:59:59 GMT |
| Number of certs: | 2 |
| Revocation Status: | This check is not applicable to expired certificates |
| OCSP Stapling: | Not Supported |
| Server: | BigIP |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: brasil.gov.br
Decode this certificate for verbose information → launch| Subject Common Name | brasil.gov.br |
| Issuer Common Name | ZeroSSL RSA Domain Secure Site CA |
| Issuer Organization | ZeroSSL |
| Not Before: | Aug 07, 2020 00:00:00 GMT |
| Not After: | Nov 05, 2020 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 3adf774393d7a528104f54b768dad6da |
| SHA1 Fingerprint: | 1F:FD:55:D4:2A:AB:91:60:A6:DC:1E:B2:4A:0E:14:D7:4D:BC:AD:D2 |
| MD5 Fingerprint: | E6:0F:FF:5D:D4:57:87:9D:9A:35:45:10:0E:6A:EA:60 |
Certificate # 2 - Common Name: ZeroSSL RSA Domain Secure Site CA
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | ZeroSSL RSA Domain Secure Site CA |
| Subject Organization | ZeroSSL |
| Issuer Common Name | USERTrust RSA Certification Authority |
| Issuer Organization | The USERTRUST Network |
| Not Before: | Jan 30, 2020 00:00:00 GMT |
| Not After: | Jan 29, 2030 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 6c55abdbd00792c79d070cd8119ed6bf |
| SHA1 Fingerprint: | C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 |
| MD5 Fingerprint: | 58:AA:23:10:7C:8D:5A:ED:EA:BD:0D:5E:32:57:85:92 |
OpenSSL Handshake
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
verify return:1
depth=0 CN = brasil.gov.br
verify error:num=10:certificate has expired
notAfter=Nov 5 23:59:59 2020 GMT
verify return:1
depth=0 CN = brasil.gov.br
notAfter=Nov 5 23:59:59 2020 GMT
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:CN = brasil.gov.br
i:C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
-----BEGIN CERTIFICATE-----
MIIGfDCCBGSgAwIBAgIQOt93Q5PXpSgQT1S3aNrW2jANBgkqhkiG9w0BAQwFADBL
MQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NT
TCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIwMDgwNzAwMDAwMFoXDTIw
MTEwNTIzNTk1OVowGDEWMBQGA1UEAxMNYnJhc2lsLmdvdi5icjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANHcEQt8uSLjS5fr+IfiHz+Q+Jv509KiGK49
tahbk6CluOEqsN9ZtHxlKkMa3h3/ioZndonznHvE6/2/UrhgD0R36ZBoMwblLwMf
rJBmht2CKT8TdDaWwtudeWvqxr+DbGkJTIBYyN4oXWQHaTWzSeyMzEXHSXrOjyge
RF+Ed+hvcQlaJjBh+ke7jYW+NqSuVss3+UYbY7W/M/ShJD5yRvnnkjCodbb5JVvz
CJ100OeQEUuq9s6qAIO/53e83i1A0LvPZFwR4Z8twEWr2F4Uuz/gvzQQJJw+6COR
n1I1QGAJQQu/OgQRuG+KIZqt1GN2Bh0fMtolczjbCzjxnszXccUCAwEAAaOCAo0w
ggKJMB8GA1UdIwQYMBaAFMjZeGii2Rlo1T1y3l8KPty1hoamMB0GA1UdDgQWBBTl
MounuzHKi+oR3fLrm4P0hdhpCzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0Bgsr
BgEEAbIxAQICTjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQ
UzAIBgZngQwBAgEwgYgGCCsGAQUFBwEBBHwwejBLBggrBgEFBQcwAoY/aHR0cDov
L3plcm9zc2wuY3J0LnNlY3RpZ28uY29tL1plcm9TU0xSU0FEb21haW5TZWN1cmVT
aXRlQ0EuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vemVyb3NzbC5vY3NwLnNlY3Rp
Z28uY29tMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAB7dcG+V9aP/xsMYdIxXH
uuZXfFeUt2ruvGE6GmnTohwAAAFzyfQKRgAABAMARzBFAiEA8Ye2gE03IDcUp5ZS
9ayaxvS9I7AfjC7qvfvbq5mWwoICIGenIYBfA+MeBiQGk8QczeSbIeApVYM2N1uC
Cw+fGgr1AHcA5xLysDd+GmL7jskMYYTx6ns3y1YdESZb8+DzS/JBVG4AAAFzyfQK
cAAABAMASDBGAiEAkeZEdua9WM7UOLrlF8bQkvS7NvDG4BaTAsVYqWfoqYgCIQCE
nJ7TspbEAAx1qKttxnW70lyZIuF2ALN9U7bv9gnPJzArBgNVHREEJDAigg1icmFz
aWwuZ292LmJyghF3d3cuYnJhc2lsLmdvdi5icjANBgkqhkiG9w0BAQwFAAOCAgEA
IohHtkN4zsu/+uC5+1QgscLpnzlE7nULjDIgl6VAg3VemB1HQuGJNNN21ANRuDhc
J8TECuMApQ4Gh0LHLHfQ2SRojlQjgjXYSDaRR4j10wB6TbYK+caUHnnqrAFAxn0E
x73WIXDyZwVb4d4TvQnU/6PXK198MeAfQoRaveL7YYyWDudkYF/3SdxFHGQvX+wj
DA6qKo+xBEYhFCBz3HgvnrSgmcmBhshwBPtvrQD7c28YuKWfnG30Em1wZuvzGhZl
WxdTRd5Hm3hiBTGZvhddfnI0sEnrlGKbCKjRsdNrz4wVlOobhFQ0Ig/SxZekSVI1
aOfCzn7gx6rI5EnTPsYVizLtBFIGwlYdr+5Ui1juw4tDy+lytk2wrwszp+vz6JyU
64cZFt5Jye9hlyY9/u/GshUr12aSXC9GF2o1qtEQJClWK4AH2y24EyHysWKftifl
Q7yVes5mZUdNW55cbsJKAtHXoUtVeqc0bTifUa/1w/YF47vaEgPS6zj+T3IXYNNA
JOq3pBsyBBuKLig/8nzVtKZpxyTxPNAsP8XiVyO/POi02soWxUvlap1xyjGvXZMJ
O54BubJSCTakKrrGEyO9OFpYOKlfD3FWVxzOaRULUfCxw/loJgpQo/y/kXgSjGIV
T9HB7uUwFooiYejH0RNlT1vnDum4jiokuAP+RXw0WNY=
-----END CERTIFICATE-----
1 s:C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
+LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = brasil.gov.br
issuer=C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3929 bytes and written 450 bytes
Verification error: certificate has expired
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: FF528954A2A6CCC9863B663EAB0E15712CD10275DA6F6AC8D803CDAABBDEA5C0
Session-ID-ctx:
Master-Key: 070A76BFA1917B2D918B1BB83F5B15BE11848570481535632C143C41A776247A34BF1B79E3D457C6AD73F32F19EAFA6A
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1714158652
Timeout : 7200 (sec)
Verify return code: 10 (certificate has expired)
Extended master secret: yes
---
DONE