Revocation Tracker

CABlint recent error summary since 2022-06-20

Some of these may be false-positives. You should review closely before taking action.

# of affected certificates	CA	CCADB Owner	Severity	Description
38261	C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 05	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
38055	C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
25358	C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 02	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
25250	C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 01	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
16344	C=US, ST=Arizona, L=Scottsdale, O="GoDaddy.com, Inc.", OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2	GoDaddy	W	BR certificates should be 397 days in validity or less
15019	C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01	DigiCert	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
15015	C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 02	DigiCert	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
6477	C=US, O="Cloudflare, Inc.", CN=Cloudflare Inc ECC CA-3	DigiCert	W	Unknown Extension: 1.3.6.1.4.1.11129.2.1.22
676	C=US, ST=Arizona, L=Scottsdale, O="Starfield Technologies, Inc.", OU=http://certs.starfieldtech.com/repository/, CN=Starfield Secure Certificate Authority - G2	GoDaddy	W	BR certificates should be 397 days in validity or less
207	C=US, O=Google Trust Services LLC, CN=GTS CA 2A1	Google Trust Services LLC	W	Unknown Extension: 1.3.6.1.4.1.11129.2.1.22
29	C=US, ST=Arizona, L=Scottsdale, O="GoDaddy.com, Inc.", OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2	GoDaddy	W	EV certificates should be 397 days in validity or less
17	C=US, O=Microsoft Corporation, CN=Microsoft Azure ECC TLS Issuing CA 02	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
12	C=US, O=Microsoft Corporation, CN=Microsoft Azure ECC TLS Issuing CA 01	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
11	C=CN, O=China Financial Certification Authority, CN=CFCA OV OCA	China Financial Certification Authority (CFCA)	W	Extension should be critical for KeyUsage
9	C=DE, O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V., OU=DFN-PKI, CN=DFN-Verein Global Issuing CA	Deutsche Telekom Security GmbH	W	Microsoft extension 1.3.6.1.4.1.311.20.2 treated as opaque extension
7	C=US, ST=Texas, L=Houston, O=SSL Corp, CN=SSL.com SSL Intermediate CA ECC R2	SSL.com	W	Unknown Extension: 1.3.6.1.4.1.44363.44
7	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	DigiCert	W	Unknown Extension: 1.3.6.1.4.1.44363.44
4	C=US, ST=Arizona, L=Scottsdale, O="Starfield Technologies, Inc.", OU=http://certs.starfieldtech.com/repository/, CN=Starfield Secure Certificate Authority - G2	GoDaddy	W	EV certificates should be 397 days in validity or less
3	C=US, O=Microsoft Corporation, CN=Microsoft Azure ECC TLS Issuing CA 06	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
3	C=DE, ST=Bayern, L=Muenchen, O=Max-Planck-Gesellschaft, CN=MPG CA - G02	Deutsche Telekom Security GmbH	W	Microsoft extension 1.3.6.1.4.1.311.20.2 treated as opaque extension
2	C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS Issuing EOC CA 01	Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
2	C=US, O=Microsoft Corporation, CN=Microsoft Azure ECC TLS Issuing CA 05	DigiCert / Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
2	C=TW, O=行政院, CN=政府伺服器數位憑證管理中心 - G1	Chunghwa Telecom	W	Name has multiple L attributes
2	C=US, O=Microsoft Corporation, CN=Microsoft ECC TLS Issuing AOC CA 01	Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension
1	C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS Issuing AOC CA 01	Microsoft Corporation	W	Microsoft extension 1.3.6.1.4.1.311.21.10 treated as opaque extension