Key compromise verification

In the ACME client https://github.com/bruncsak/ght-acme.sh I implemented key (both account and CSR) compromise verification via the API of pwnedkeys.com .

5 Likes

Hi @bruncsak

thanks sharing that idea.

I’ve added a check in “check-your-website”.

The SPKI-hash is computed and checked.

SHA256 hex / Subject Public Key Information (SPKI): b19ba65b0461d63ef3fa9c33e8aa43d10749a3fc2c76b44fffd44260c94c24bb
SPKI found in https://v1.pwnedkeys.com/spki-hash: Good: Key isn’t comprimised

Then checked all ~~60.000 certificates.

Some found. But all of these are self signed certificates.

The complete list:

Summary
Issuer Subject SPKI_SHA256_Hash CertificateContent
CN=*.vm, O=Docker Boilerplate CN=*.vm, O=Docker Boilerplate 67a0e09df8c48ae70067e032b2f93c05aaef7d2d1fc09cc5756e0c9b52025cdb MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQwWhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4GY10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk79o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1SNtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakDclLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoqSu0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oYSJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbSt8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPNNNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuywI5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoAaCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55SqvjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Qnn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WNVTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ==
CN=162.218.64.76, OU=IT Department, O=OrgName, L=Leamington, S=Warwickshire, C=UK CN=162.218.64.76, OU=IT Department, O=OrgName, L=Leamington, S=Warwickshire, C=UK 33c690320db89c04060b21462456c9bdbb51091b1c2c31d75c20ea3fc41c2807 MIIDcjCCAloCCQCBXLvVF0dHhzANBgkqhkiG9w0BAQsFADB7MQswCQYDVQQGEwJVSzEVMBMGA1UECAwMV2Fyd2lja3NoaXJlMRMwEQYDVQQHDApMZWFtaW5ndG9uMRAwDgYDVQQKDAdPcmdOYW1lMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRYwFAYDVQQDDA0xNjIuMjE4LjY0Ljc2MB4XDTE5MDkxNjIzNDY0M1oXDTIwMDkxNTIzNDY0M1owezELMAkGA1UEBhMCVUsxFTATBgNVBAgMDFdhcndpY2tzaGlyZTETMBEGA1UEBwwKTGVhbWluZ3RvbjEQMA4GA1UECgwHT3JnTmFtZTEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDEWMBQGA1UEAwwNMTYyLjIxOC42NC43NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMD2ju0tlNpAcz7H1kWVp6M0YNkWQEsue9LVKn4EqnPZDuJ6PNgWowyi3VDRzc9EhEhypMZY+f+l0QvqPWR7S4zu0WW/sAVzrGDS/8j4LxUHKNNT9qaSpsqYsnDecjw52kDAFEc8iDoBqgTiFkn62OwM2wuVJDwTovxnsFPQ1P5dGoo+VqlmcXt3UBEv0jy9J9nEiaGn3Vlochm4fcUlL2baZc/1mLF4WSZOfKN1pz7qMY2rVlyORp9zWF8Uh5IUhwj/u6P9nwGTzeK0EbDLPokvZ5Z+oxw6+IKIs8KKv4YO9sD9XCj1IKAKCrs2dq4N3YPJHmU8FdBe9Sv9+AZqCX8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAUIQ2jdYkUy17b89xkrEnzQe8X3w2fksYAPbHI5hoMTehovdmDtGSITkUA9mUzCycAfU5l64yIUZXwqTNw4Winh3zTJ0SdgUAShHddnxHPM4mgl0IVng1UZ0YCMLv5j+g2nJnghAd7XQz6/MWfMpkqxDAwv/bJQbuU1sPmUGDkehaDNHppHFXsmJnjTLWsfjfLFfFzlZsjhPtfk1Ui62kqwK1KSorlKSyuzS7EdFGCIlgYRFnN1Yk+1L9O7uNPg+UZSaA95533jumlprZFiLvFppNAycDGf7MW8Zr+7G8OnWnQIauRUNETtHnNy9/WtqBH2gbqtDVleP8Eb3Lu6kUnQ==
CN=Alfresco CA, O=Alfresco Software Ltd., L=Maidenhead, S=UK, C=GB CN=Alfresco Repository, OU=Unknown, O=Alfresco Software Ltd., L=Maidenhead, S=UK, C=GB be1b591034caff69c2049e8449459b411fb0d85d4732a88cbe94e33d6da4ed91 MIICYDCCAckCCQD/87za5Xu6IjANBgkqhkiG9w0BAQUFADBmMQswCQYDVQQGEwJHQjELMAkGA1UECAwCVUsxEzARBgNVBAcMCk1haWRlbmhlYWQxHzAdBgNVBAoMFkFsZnJlc2NvIFNvZnR3YXJlIEx0ZC4xFDASBgNVBAMMC0FsZnJlc2NvIENBMCAXDTEyMDgxMDE2MjEwMFoYDzIxMTIwNzE3MTYyMTAwWjCBgDELMAkGA1UEBhMCR0IxCzAJBgNVBAgTAlVLMRMwEQYDVQQHEwpNYWlkZW5oZWFkMR8wHQYDVQQKExZBbGZyZXNjbyBTb2Z0d2FyZSBMdGQuMRAwDgYDVQQLEwdVbmtub3duMRwwGgYDVQQDExNBbGZyZXNjbyBSZXBvc2l0b3J5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCX67H7604bPWaBpmfSrQMlQamw/25gGpH9skaKOIv0gHDXzYRYKRvGusQwHEDpf2IE5PoSPcsbmc7T6fqHsCcUjtE5qTv56i+qTz6FBFoh5VWZjBJGHRs6VLQ8Jk9Emz73cgod9fUR+xqquGQ59SYce0yrnCIuseytGW3irqYKiwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAGAN0/9mLAmCF6LgYFumyoDYZmzqUGDTvaCyIBC56stSe4Z+WuM0/oaTzwxgKfksudPBGAbfBKkH0rNQbLhh4YIUxdsgNHojVSUBK5qzd10xykKH/70uHIE2ZZ3uFnFUvKYPPlOh6doy0bkeZhDgjUK587YT19L/URAGuvd4osgz
CN=example.com CN=example.com 2bf95e73d665fbdcf525f08420573df075ea81759e46b7554a2afa1b68d3bebe MIICqDCCAZACCQCz8T3726LYsjANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDDAtleGFtcGxlLmNvbTAeFw0xMjExMTQxMTE4MjdaFw0yMjExMTIxMTE4MjdaMBYxFDASBgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2SixwPL5c8glneIRz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC+Cup0k+Kd4NMeZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICzdtRa3MXqTmEFfoyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg7Gj95zCH73BQANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0uOSTNRcXY6rws+PxGneec/kRPRgzjC/QHY6n8QIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBbyMqFRDsX8zX1EW5qA8AQ8Jb2XqWrVeSO8blMV3WagJ2airMm3+c/82FCwsd/cZ08UXhA/Kou0gi/F16tV26PiiUdp590Qao3d8H2qxc1rzzULimZPgxH4iA4vRyMHtyZN6h47Fdn7O9xNMPu8siOz8rrzsEdEX5URbOMkDLCZsbTIUWVv2XmqrR0K10d5VuLWeLir+4G6c6jpa244WmqT9ClqceJ12G1Wnmezy7ybiW0l5M2iuIKFEiRP5Hj0J15o1I2pXAbKysAdWRHsJSQOtcgO8Vh9k0wo3tKg4HDp1hbrEzoGzOv92Vjg3lG8X+hzbMJMQURotHkD4Gk57wL
CN=localhost CN=localhost 9ef15a1ce89f8df6b8fed558a36547e5205501e6b21fe5b00790e4716a3bd248 MIIBnzCCAQgCCQC1x1LJh4G1AzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMDkxMTEwMjM0ODQ3WhcNMTkxMTA4MjM0ODQ3WjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMEl0yfj7K0Ng2pt51+adRAj4pCdoGOVjx1BmljVnGOMW3OGkHnMw9ajibh1vB6UfHxu463oJ1wLxgxq+Q8y/rPEehAjBCspKNSq+bMvZhD4p8HNYMRrKFfjZzv3ns1IItw46kgTgDpAl1cMRzVGPXFimu5TnWMOZ3ooyaQ0/xntAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAavHzSWz5umhfb/MnBMa5DL2VNzS+9whmmpsDGEG+uR0kM1W2GQIdVHHJTyFdaHXzgVJBQcWTwhp84nvHSiQTDBSaT6cQNQpvag/TaED/SEQpm0VqDFwpfFYuufBLvVNbLkKxbK2XwUvu0RxoLdBMC/89HqrZ0ppiONuQ+X2MtxE=
CN=NGINXIngressController CN=NGINXIngressController 35e61785dc449d235568dc5919f9f4bca31a234f0768e6c057f1d9e39491d76d MIICvjCCAaYCCQDAOF9tLsaXXDANBgkqhkiG9w0BAQsFADAhMR8wHQYDVQQDDBZOR0lOWEluZ3Jlc3NDb250cm9sbGVyMB4XDTE4MDkxMjE4MDMzNVoXDTIzMDkxMTE4MDMzNVowITEfMB0GA1UEAwwWTkdJTlhJbmdyZXNzQ29udHJvbGxlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/7hHPKEXdLv3riC7BPk13iZKyy9rCOGlYQv2+a3P1tk2+Kv0TayhdBl4krsTq6sfo/YI5ceanL8Xc7SZrBEQboD7dDmk5B8x6KKlGYNHZX4FnTgEOi+e3jmLQqFPRcY3VsOk1EyFA/BgZRUnCGeKFxDR7KPthrkjIunzKTEu2h58NZtKmRqBGt10q3Qc8YOq13agnj/QdcsFXa2g20u+YXd7hgy+fKZN/UI1AD4c6r3YfkVVReGwYqAZuYsvWDJmmF5dptC37Mup0OELULLRjFI96W5r0H5NgOsnMXRMWXXVZb5dqOttJdmKqagnSgRPAZP7c0B1PSajc6c4fQUzMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAjKokQtdOpK+O8bmeOsyrJgIIrrqQUcfNR+coHYUJthkbxHLS3GuAMb9vmyTLOclqx/Zc2OnQ00BB/9SoK0r+EgU6RUkEkVr+SLP757TZ3eb8vgOtGn1/bzs7o3Ai/drY+qB9Ci5KyOsqGLmTKlEiKNbG2GVrMlcKFXAO4a67IgsXsbKMm40WU7pofpimSVfiqRvEybcw7CX81zpQ+S+uxtX+eAgut4xwVR9wb2UvzXnfOGmhV58CwWHBsJkI15xZkeTYwR7GbhALJFTRI7vHoAzkMb3n01B42Z3k7tW5IP1fNZH8U/9lbPshOmEDVdv1yg+UERqm+FJ+6GJ1xRFpfg==
E=GM, CN=RI, OU=AM, O=SO, L=MU, S=MH, C=IN E=GM, CN=RI, OU=AM, O=SO, L=MU, S=MH, C=IN a644634af08347e23f6edc38e0caba12ed6a3fad8bfc135cfdcd8813282d6b9a MIICOTCCAaICCQDmImVqqxDTIjANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJJTjELMAkGA1UECAwCTUgxCzAJBgNVBAcMAk1VMQswCQYDVQQKDAJTTzELMAkGA1UECwwCQU0xCzAJBgNVBAMMAlJJMREwDwYJKoZIhvcNAQkBFgJHTTAeFw0xNzA5MTExNDI5MjJaFw0xODA5MTExNDI5MjJaMGExCzAJBgNVBAYTAklOMQswCQYDVQQIDAJNSDELMAkGA1UEBwwCTVUxCzAJBgNVBAoMAlNPMQswCQYDVQQLDAJBTTELMAkGA1UEAwwCUkkxETAPBgkqhkiG9w0BCQEWAkdNMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRoPVr7GWe65tJjTmt51yxIf2iowq2jecnM3ougdCY+9Nb+eeafrkPwjxp43o0gj1SCQY4rFQ/UahmgOMBjhoDNGHk6P35my7NevhuwqAN5ZlJJXozpaXQNJ3yjo24MzXYdYNNmnHvzBuEp5cY8vNU+raSGm23UCePLuWNhPpi/QIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAAYwNlJbYOxj+Y1yK3b3BB4dhDstJkYf9cNJ1HKplRgNZ9mYFXy9CvkAue7EOzqTX4hpzdvswcrtxDTsVmZY7OdWrR14tJ/vrJIZr3Co11S4gv2EGj/AltGh0+CFM8CrRHiWOm5OGMJ/w7rT681XSsYg8y3adYUGv9Xdxs8OYmVQ
E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US 359dae85fb67e5d8fa9d789c73aa628713f64d7036d6b28bdedf2444373fb229 MIID0jCCAroCCQCLkXZQkoK4zzANBgkqhkiG9w0BAQUFADCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMRAwDgYDVQQKEwdORVRHRUFSMR8wHQYDVQQLExZIb21lIENvbnN1bWVyIFByb2R1Y3RzMRwwGgYDVQQDExN3d3cucm91dGVybG9naW4ubmV0MSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QG5ldGdlYXIuY29tMB4XDTE5MDcwODAwMDgxOVoXDTM5MDcwMzAwMDgxOVowgaoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEQMA4GA1UEChMHTkVUR0VBUjEfMB0GA1UECxMWSG9tZSBDb25zdW1lciBQcm9kdWN0czEcMBoGA1UEAxMTd3d3LnJvdXRlcmxvZ2luLm5ldDEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBuZXRnZWFyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQTn5U6hqV2kODxtOQ+CUfi5RPkj/CKGmW5KrGWf22B62+Rzx88Qwgn2cbcxF4NYZXgxEDLztCEGNPgMvqsbRyJ5YxvGTJvM+dwtxUG0rjHNgHG1s5sTEUp5MR/PjAh83XZX/PLdlhFEByLRsJ4zqLuDzUFRn2nEprUc1l+kd8GmFATfpuxCqyC4S7Bt8V6NBMim1dnrTzRxCCJkfxohVuEApMLyCPHPV2FeMX5cXVWClC5NXK/DYuslsrMOd1K2yf4YNF5T7XHE98jPT/A1HHA27rFOBzcVvmJ9JsCe3+X6rYc89tdsFBxI3VNNLkoq0MERnv4+oxfr6+xVVkIJsECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAfApOv/dE0Oa/jMUnZmBQWLalN0jYlNiAp9tdLEEEHBuyDv1Mec2eo6KWOdDm0F4hJ3k5StXfeSi3Vz9puFuHc+WE809/4k6LgrCVjBiiGnLoHPb21KtvqfKy/UyzwfWDx2am/knWKMWk5V1fTAeShhppvIGZRo7CpJIB+TodgIoZkVSC/BgrCMVSCMm1crIBX3BlyHJnphEVmmWCO+sJx7WFoBmQqlHIwvd2tf1pzHMGyYFxkgaqI/D5GzpZyMm02o5CThSGnmsAPZC3RU8W0BEkhZZaH3k8MCqZB2EtokDWaLnZZmUoFvWrP3JaIvCRMZddL6lX/3su5gA7f/lX9A==
E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US 359dae85fb67e5d8fa9d789c73aa628713f64d7036d6b28bdedf2444373fb229 MIID0jCCAroCCQCnekBcEV/opjANBgkqhkiG9w0BAQsFADCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBKb3NlMRAwDgYDVQQKDAdORVRHRUFSMR8wHQYDVQQLDBZIb21lIENvbnN1bWVyIFByb2R1Y3RzMRwwGgYDVQQDDBN3d3cucm91dGVybG9naW4ubmV0MSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QG5ldGdlYXIuY29tMB4XDTE4MDYyOTA5NDU1OFoXDTM4MDYyNDA5NDU1OFowgaoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEQMA4GA1UECgwHTkVUR0VBUjEfMB0GA1UECwwWSG9tZSBDb25zdW1lciBQcm9kdWN0czEcMBoGA1UEAwwTd3d3LnJvdXRlcmxvZ2luLm5ldDEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBuZXRnZWFyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQTn5U6hqV2kODxtOQ+CUfi5RPkj/CKGmW5KrGWf22B62+Rzx88Qwgn2cbcxF4NYZXgxEDLztCEGNPgMvqsbRyJ5YxvGTJvM+dwtxUG0rjHNgHG1s5sTEUp5MR/PjAh83XZX/PLdlhFEByLRsJ4zqLuDzUFRn2nEprUc1l+kd8GmFATfpuxCqyC4S7Bt8V6NBMim1dnrTzRxCCJkfxohVuEApMLyCPHPV2FeMX5cXVWClC5NXK/DYuslsrMOd1K2yf4YNF5T7XHE98jPT/A1HHA27rFOBzcVvmJ9JsCe3+X6rYc89tdsFBxI3VNNLkoq0MERnv4+oxfr6+xVVkIJsECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYxK3MQW/JLoDN3d5AdvEXbtFQyimr6m+a6cYp+e+NhiC4bzqtbSa/lfFai9GVDVEV2EZj9Geaif+XheNsrb0fh7cLkwN5wV/UcfCaSHk3jFl6cBqGwz2GHzI+m90C5BnLRevHfkzNXtyXg50A0mPEWthxpLlrfa7M2JdO/I5vVeYLy+W7c06z1RtFcwQV1dPja93HFwAyKwYALiMpAeY8kIuccuv7Ac/DCkNkej+S9uVUvfQ6LfxQBuvxF4znvKAQeQTctgDMVQrRzJkIUTCtGJrNGSOlMZBD3RtqzQmEco9/K4nkMY9z4/3tFUu+r/CnStfIjb1Y/ORVMyB75BoZg==
E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US 359dae85fb67e5d8fa9d789c73aa628713f64d7036d6b28bdedf2444373fb229 MIID0jCCAroCCQDaMrJPdEle0jANBgkqhkiG9w0BAQsFADCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBKb3NlMRAwDgYDVQQKDAdORVRHRUFSMR8wHQYDVQQLDBZIb21lIENvbnN1bWVyIFByb2R1Y3RzMRwwGgYDVQQDDBN3d3cucm91dGVybG9naW4ubmV0MSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QG5ldGdlYXIuY29tMB4XDTE4MDkwNjA3MTQwMVoXDTM4MDkwMTA3MTQwMVowgaoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEQMA4GA1UECgwHTkVUR0VBUjEfMB0GA1UECwwWSG9tZSBDb25zdW1lciBQcm9kdWN0czEcMBoGA1UEAwwTd3d3LnJvdXRlcmxvZ2luLm5ldDEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBuZXRnZWFyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQTn5U6hqV2kODxtOQ+CUfi5RPkj/CKGmW5KrGWf22B62+Rzx88Qwgn2cbcxF4NYZXgxEDLztCEGNPgMvqsbRyJ5YxvGTJvM+dwtxUG0rjHNgHG1s5sTEUp5MR/PjAh83XZX/PLdlhFEByLRsJ4zqLuDzUFRn2nEprUc1l+kd8GmFATfpuxCqyC4S7Bt8V6NBMim1dnrTzRxCCJkfxohVuEApMLyCPHPV2FeMX5cXVWClC5NXK/DYuslsrMOd1K2yf4YNF5T7XHE98jPT/A1HHA27rFOBzcVvmJ9JsCe3+X6rYc89tdsFBxI3VNNLkoq0MERnv4+oxfr6+xVVkIJsECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAohH6Uj8yw2cr40ejSexV4Oz33Cz9YOXL7S0qbuKVT25sqyQw+4NO5dOJfzltHNIv7LSVosFiYVk80vAgKL7jbkmaWs6n1CItIGKKnsY5co783k/qCCMJ/fgfk6pKEsRY7IyDlODU1XI1tltwmP21WHOu7oMrqiYYS1rXM+BsAh6xUxH+75sFxBwUHPj2/xxplzWXdEllUbmnAzJTq83pfhNTYNubGLoYmhtzP0w7AnaRRXXTMBZjkVqkDKfiSfryPtXA3CMQ7qYf0A76ruXHpIv704QtXy+EWg512rA+njUQ/Lao8dZwF9z/9CpUnHpICy9oGzKYXTcf4EUGxGVABQ==
E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US E=support@netgear.com, CN=www.routerlogin.net, OU=Home Consumer Products, O=NETGEAR, L=San Jose, S=California, C=US bca436c0193a4194abf82d35ce411eb941e7383ffe12834cf45c15d59ba0c48d MIICzTCCAjYCCQDgj3JqyGVH+jANBgkqhkiG9w0BAQsFADCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBKb3NlMRAwDgYDVQQKDAdORVRHRUFSMR8wHQYDVQQLDBZIb21lIENvbnN1bWVyIFByb2R1Y3RzMRwwGgYDVQQDDBN3d3cucm91dGVybG9naW4ubmV0MSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QG5ldGdlYXIuY29tMB4XDTE5MTAxOTA0MTMzNFoXDTM5MTAxNDA0MTMzNFowgaoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEQMA4GA1UECgwHTkVUR0VBUjEfMB0GA1UECwwWSG9tZSBDb25zdW1lciBQcm9kdWN0czEcMBoGA1UEAwwTd3d3LnJvdXRlcmxvZ2luLm5ldDEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBuZXRnZWFyLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtBAV+biKsUoy/2Nb9qEjuKyfgH2/0O+ioQeWWFlRkMhyjQx4zGHn0heZohnkfizazAPsmVPpbH70iozer6zn1JTTGRVWiJik+he3j5tF50jnwsc/eiiMws8fY/iHIqnAg5E4EV2uNOq8sw7MEXyK5CpXPVT42cHPoXzfvq+r7B0CAwEAATANBgkqhkiG9w0BAQsFAAOBgQCI67gkihvNvkcuIRhHd9PWCBQRQ8i/bOIRDqbLsw4T5GQzXY64JnvaAkbcXNkyHRbNPnHi9Y4he38Ko4yMSMBWCubpJA4yO6OW3bop4gjGKiE2wbyCdWvP9QdN+1/LgGmzVF8HaDiJm4ZLHGPZGzbcffUFuEhBEhhQxhF0Ye/Z9A==
E=support@ubnt.com, CN=UBNT, OU=Technical Support, O=Ubiquiti Networks Inc., L=San Jose, S=CA, C=US E=support@ubnt.com, CN=UBNT, OU=Technical Support, O=Ubiquiti Networks Inc., L=San Jose, S=CA, C=US b529f940f1d00fb7645a77dbdb63fae14de0448ed9ff8b105f324fcd2ec08f12 MIICrTCCAhYCCQC6Ffdh27eytzANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMREwDwYDVQQHEwhTYW4gSm9zZTEfMB0GA1UEChMWVWJpcXVpdGkgTmV0d29ya3MgSW5jLjEaMBgGA1UECxMRVGVjaG5pY2FsIFN1cHBvcnQxDTALBgNVBAMTBFVCTlQxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAdWJudC5jb20wHhcNMTEwNjAyMDgzNTAyWhcNMjAwMTAxMDgzNTAyWjCBmjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMREwDwYDVQQHEwhTYW4gSm9zZTEfMB0GA1UEChMWVWJpcXVpdGkgTmV0d29ya3MgSW5jLjEaMBgGA1UECxMRVGVjaG5pY2FsIFN1cHBvcnQxDTALBgNVBAMTBFVCTlQxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAdWJudC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL4JnxQ69+7lisl2siYXAHsMhRyUjr1/9aGlbQosZMx/eLwR7tzZ5irL4Z7YF6acNaraxcE6pUjcr7yZN1l+iDws07vnYG3jGflOGExMOv1eNW+jULlQwI6L+qDuxJbFuk7t2PEYBTaJVMLcJ+t1dBy+mkzI5c7+R0SWp68QB+sVAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAAFoxgToVbTCVjQORR6oj4rTALtQBzdUha2lePHEnEBz1h9QoGRfCPew2/e6TB48LMGUOKDVsJZ7YJBaFZSnaR98wCYQzLLS0+vAkQLnuHvAcM8PhBnAua/6g0KqBb88bcGdDATKg2ryMqJHzy7GXMATyxnfoiZcs0x/PA/H8Nvo=
E=your@email.com, OU=Unit51, CN=*.domoticz.com, L=Domoticz, O=Domoticz, S=MyState, C=NL E=your@email.com, OU=Unit51, CN=*.domoticz.com, L=Domoticz, O=Domoticz, S=MyState, C=NL 0bed05f7f40c0894fc88cff5853a8b26043b1bb9c7bb098434d43183a9cecfe1 MIIDmjCCAoICCQCY2Jha7lCbUTANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCTkwxEDAOBgNVBAgMB015U3RhdGUxETAPBgNVBAoMCERvbW90aWN6MREwDwYDVQQHDAhEb21vdGljejEXMBUGA1UEAwwOKi5kb21vdGljei5jb20xDzANBgNVBAsMBlVuaXQ1MTEdMBsGCSqGSIb3DQEJARYOeW91ckBlbWFpbC5jb20wHhcNMTUwNTIzMDY0OTAyWhcNMjUwNTIwMDY0OTAyWjCBjjELMAkGA1UEBhMCTkwxEDAOBgNVBAgMB015U3RhdGUxETAPBgNVBAoMCERvbW90aWN6MREwDwYDVQQHDAhEb21vdGljejEXMBUGA1UEAwwOKi5kb21vdGljei5jb20xDzANBgNVBAsMBlVuaXQ1MTEdMBsGCSqGSIb3DQEJARYOeW91ckBlbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrL+40/7GekFRpcQSudfJsZTsNmQ5bGnRxUJK+v620lSBf1CPEj/XqQq6kutbVthoN5viw+kk4X8dQtDmc9eS3LDagaQ4UhNzCq+eAWJruympjSg7hmL6ebpXnpelpgGw8tPpYyXHsWB+Few0qozoAXsT8kWdB+sP5ukr4YIzPY8g1shh2SYPUhsH8cu7V1nNkj8USuSSY+0mbn7UByMybnHIprI+kpWiHrl4/cAo4k+WZuZ/CtLXFCk9loB05UNb7oWuAUB6GlU56G4lVq/qy3uue9WJ6coxPgIMj6H/xXnjzeBEaHErIqVBIpeT9/8nOWpKwlCoZu9Bgs5GW5AzVAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJSgf/g28YLhsxefDoBJ4b8tr+956WkiRpb/7RMyCuJbNuu4CYaPOtm4HfySQN989JryEQyzfoqz8cSit88PVnMeQ2PUNtWE/bHzX+AaCTwZ6Pc46eo7nUedChFg4Srr5cqmAtzNVS2/dz3m/Cce6iJogrvTl45fRO3Oi7U/Y1GWc8Fl980Jku+TARhvS3PM/cp8ek0mW+Dl45MBO0GE5NzsyRcw3SxRICnQfV+r8VignT7tATrYsAXUoFbJ2lTShCYg89YiKp3K/dhSsygdx67d7+pzeoUHtIgfQG+JGa0Tu9T3QrRwNVICBqgPRi/u1WVyTv+I9/FcpxWtlvQySP8=
O=Internet Widgits Pty Ltd, S=Some-State, C=AU O=Internet Widgits Pty Ltd, S=Some-State, C=AU aff6cab2cc6b65be3e89a946fc36c86ff22057e0e42888c281b428e73ca9cb20 MIIDBjCCAe4CCQCSYh3cwLINPjANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE3MDQwNDEzMDAwOVoXDTE5MTIzMTEzMDAwOVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0lDaSruHub+dj5gqZ+o2crSX+B1t6cVq47HTFsn85B1kme3YdSWcc05HiOlp7xBaM3fgIUrQoWCP6nqxlAmNv12aUaT5eHAu2FvN+bGEQDBTU9PSPEBEVHIvd7vPwJVI6Nx2RgDwk8VpUOFM9ZVFulLLW7Uqf0oTVXnTdtAN52myGybHJg11bpcsHlF538fmUPztKb5pD6QKzijHTMRXDM8L8O/trqe+aHGfwTOWO3eM7IgreTBcKVNEBz9lroE6oRkSJPNnvgjmD46C7kVnZwWIs94pbjo139FpiG759WzKQ6bHSO2i67BhuvNWrUGQ2+OklVmcnyFA05qAd+m9MCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAUYicMysU4ERF1dSLiV+ggGCS7RKaU0W8P8cLslDpjYJlmT/9++p1hQgRpY12d9l7lBds7ZErLJkVkLxwu9RiqzEFBsCsIx5TwvvgswU6wgNLQ84hNprXij4u1HL/5z9A/cmT7YEx1Vgb96ghcDAV4UZHtqONaAawLRmlh+GBAs1FelzkfM163EyIRMOrL45/BLgBMyARtFHrReE2FdQF53j1p7dWnichfMM2I7obFmN30RiOvLFJeBqPcL3Ey/jVQvb04CoIwcwx9AXYKYlJWWWUfdZQ46Ox4bk24v18RFkYb53R9qLgh6SOKUY49R+TRbOl2j8qKRGxcwyqyGCPzw==
OU=Apache Haus Distribution Test Certificate, O=Apache Haus Distribution Test Certificate, S=Some-State, C=DE OU=Apache Haus Distribution Test Certificate, O=Apache Haus Distribution Test Certificate, S=Some-State, C=DE 7d161fc1d3eb39b47bd3ce6d43664c2c541c4c875a9e113713541688040f50d8 MIICjTCCAfYCCQCrpXz7JzxQkTANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCREUxEzARBgNVBAgMClNvbWUtU3RhdGUxMjAwBgNVBAoMKUFwYWNoZSBIYXVzIERpc3RyaWJ1dGlvbiBUZXN0IENlcnRpZmljYXRlMTIwMAYDVQQLDClBcGFjaGUgSGF1cyBEaXN0cmlidXRpb24gVGVzdCBDZXJ0aWZpY2F0ZTAeFw0xMjA0MDYwMDIxMzRaFw0yMDA0MDQwMDIxMzRaMIGKMQswCQYDVQQGEwJERTETMBEGA1UECAwKU29tZS1TdGF0ZTEyMDAGA1UECgwpQXBhY2hlIEhhdXMgRGlzdHJpYnV0aW9uIFRlc3QgQ2VydGlmaWNhdGUxMjAwBgNVBAsMKUFwYWNoZSBIYXVzIERpc3RyaWJ1dGlvbiBUZXN0IENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0yqOldkiyKjgsI0wrV/K9o6FqjycKgUaLvSVNGpqW9kkkAxhryy0CnDCekjs0r0qyQYYUUBs1RLXuR8/306REwhWLaiOx+qBNY1bTU0O/1DCrTkiCDfh3/OIDhYEzb+AShLsUIx/aXuRGsv8j10jpS3a+2PDS2TbdCejSUvUbKQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADIYlX4JtKh/q0JCgRY0sb81IEM2yvLf8/MA1+Yqp4bYCgYsOLhcdwvLRsLgGjwzC2ch8NwAAaLz+f9oNs09p4/7kIR4XFm0mwwBSZbhWX3qPGPi1t+PjtT+ZwbH96zWtzxS3GX/hZsOjcVtHWjk03V1ZkCSpyuQdrKO8Pan6j5Z

Some certificates are used by different domains. And Netgear has different certificates with the same key.

No Letsencrypt certificate or a certificate from a known CA found.

PS: Added the list as simple TXT file, tab-delimited.

2020-03-21.Keys-critical.txt (18.6 KB)

3 Likes

Hi
@JuergenAuer,

That is excellent!

1 Like

This warms the cockles of my heart. “Build it and they will come”, indeed.

2 Likes