Overview
API Concepts Manage API Key
Internet Data
DNSIQ® WHOISIQ™ SSL Certificates Blacklist Lookup Host Attributes
Attack Analytics
Newly Observed Domains Newly Observed Hosts Malware Phishing Scam Content
Digital Footprint
Global Inventory API Global Inventory Schema
Coming Soon
Enrich
PassiveTotal
Getting Started Actions Artifact Articles Data Card Enrichment Services Monitor Project SSL Certificates Tag Artifact Trackers Host Attributes Cookies Components Passive DNS Whois Bulk Enrichment
Additional Resources
Workspace Management API
RiskIQ.com

SSL Certificates

 

What It Looks Like

Get SSL Certificates History

Retrieves the SSL certificate history for a given certificate SHA-1 hash or IP address.

Curl Example

$ curl -u $USERNAME:$KEY 'https://api.riskiq.net/pt/v2/ssl-certificate/history?query=240461b20dbb24a61b0a986821c2ad01bd3a8522'
$ curl -u $USERNAME:$KEY 'https://api.riskiq.net/pt/v2/ssl-certificate/history?query=194.42.46.143'

Response

{
    "results": [
        {
            "sha1": "240461b20dbb24a61b0a986821c2ad01bd3a8522",
            "firstSeen": "2015-02-09",
            "ipAddresses": [
                "194.42.46.143",
                "194.42.46.243"
            ],
            "lastSeen": "2017-01-09"
        },
        ...
    ],
    "success": true
}
			

Get SSL Certificates

Retrieves an SSL certificate by its SHA-1 hash.

Curl Example

$ curl -u $USERNAME:$KEY 'https://api.riskiq.net/pt/v2/ssl-certificate?query=240461b20dbb24a61b0a986821c2ad01bd3a8522'

Response

{
    "issuerCountry": "US",
    "subjectCommonName": "securefx.hannover-re.com",
    "subjectSurname": null,
    "subjectOrganizationUnitName": "IT",
    "subjectGivenName": null,
    "success": true,
    "fingerprint": "24:04:61:b2:0d:bb:24:a6:1b:0a:98:68:21:c2:ad:01:bd:3a:85:22",
    "issuerStateOrProvinceName": null,
    "issuerCommonName": "Symantec Class 3 EV SSL CA - G3",
    "issuerGivenName": null,
    "subjectLocalityName": "Hannover",
    "subjectOrganizationName": "Hannover Rueck SE",
    "issueDate": "Feb  4 00:00:00 2015 GMT",
    "subjectEmailAddress": null,
    "subjectProvince": "Niedersachsen",
    "subjectStateOrProvinceName": "Niedersachsen",
    "issuerEmailAddress": null,
    "subjectSerialNumber": null,
    "issuerProvince": null,
    "issuerOrganizationUnitName": "Symantec Trust Network",
    "serialNumber": "82940326346474168202516519612504129226",
    "issuerSurname": null,
    "issuerStreetAddress": null,
    "issuerLocalityName": null,
    "expirationDate": "Feb  4 23:59:59 2017 GMT",
    "issuerOrganizationName": "Symantec Corporation",
    "sha1": "240461b20dbb24a61b0a986821c2ad01bd3a8522",
    "subjectStreetAddress": "Karl-Wiechert-Allee 50",
    "sslVersion": "3",
    "issuerSerialNumber": null,
    "subjectCountry": "DE"
}
			

Search SSL Certificates by Keyword

Retrieves SSL certificates for a given keyword.

Curl Example

$ curl -u $USERNAME:$KEY 'https://api.riskiq.net/pt/v2/ssl-certificate/search/keyword?query=sinkhole'
            

Response

{
    "queryValue": "sinkhole",
    "results": [
        {
            "matchType": "sha1",
            "fieldMatch": "certificate",
            "focusPoint": "ff5288f55f58c52ed654b8eb815b6d40973e0f17"
        },
        ...
    ],
    "success": true
}
			

Search SSL Certificates

Retrieves SSL certificates for a given field value.

Curl Example

$ curl -u $USERNAME:$KEY 'https://api.riskiq.net/pt/v2/ssl-certificate/search?query=Symantec Class 3 EV SSL CA - G3&field=issuerCommonName'
            

Response

{
    "queryValue": "Symantec Class 3 EV SSL CA - G3",
    "results": [
        {
            "issuerCountry": "US",
            "subjectCommonName": "phonehome.apple.com",
            "subjectOrganizationName": "Apple Inc.",
            "subjectOrganizationUnitName": null,
            "subjectGivenName": null,
            "subjectSurname": null,
            "fingerprint": "ce:6e:04:6b:36:66:3a:18:c6:e3:f9:66:24:26:34:64:3c:23:b2:f2",
            "issuerStateOrProvinceName": null,
            "issuerCommonName": "Symantec Class 3 EV SSL CA - G3",
            "subjectLocalityName": "Cupertino",
            "issueDate": "Feb 21 00:00:00 2017 GMT",
            "subjectEmailAddress": null,
            "subjectProvince": "California",
            "subjectStateOrProvinceName": "California",
            "issuerEmailAddress": null,
            "subjectSerialNumber": null,
            "issuerProvince": null,
            "issuerOrganizationUnitName": "Symantec Trust Network",
            "serialNumber": "56348713647461512210340582309978795867",
            "issuerSurname": null,
            "issuerStreetAddress": null,
            "issuerLocalityName": null,
            "subjectStreetAddress": "1 Infinite Loop",
            "issuerSerialNumber": null,
            "issuerOrganizationName": "Symantec Corporation",
            "sslVersion": "3",
            "sha1": "ce6e046b36663a18c6e3f966242634643c23b2f2",
            "expirationDate": "Mar  1 23:59:59 2019 GMT",
            "issuerGivenName": null,
            "subjectCountry": "US"
        },
        ...
    ],
    "success": true
}