Note:

Sorry, we are still working on the translation of our website. A lot of information is currently only available in German.

Root Certificates

A Root Certificate is a self-signed certificate, which serves as a trust anchor for a certificate hierarchy and enables the validation of all certificates within the hierarchy.

The Trust Center of Deutsche Telekom Security GmbH operates multiple such Root Certificates, to which you can find more detailed information on this site.

You can read about the systems and applications in which our Root Certificates are integrated as trust anchor under Root Program > Root Compatibility.

Public Root Certificates

T-TeleSec GlobalRoot Class 2

Download Certificate
SHA256   -   RSA   -   2048
Validity period: 2008-10-01 - 2033-10-01
Fingerprint (SHA1): 590d2d7d884f402e617ea562321765cf17d894e9
Certificate revocation list (CRL): http://pki.telesec.de/rl/GlobalRoot_Class_2.crl

Testseiten:     Valid     |     Expired     |     Revoked

 

T-TeleSec GlobalRoot Class 3

Download Certificate
SHA256   -   RSA   -   2048
Validity period: 2008-10-01 - 2033-10-01
Fingerprint (SHA1): 55a6723ecbf2eccdc3237470199d2abe11e381d1
Certificate revocation list (CRL): http://pki.telesec.de/rl/GlobalRoot_Class_3.crl

Testseiten:     Valid     |     Expired     |     Revoked

Qualified Root Certificate

TeleSec qualified Root CA 1

Download Certificate
SHA512   -   ECC   -   P521
Validity period: 2017-04-05 - 2047-04-05
Fingerprint (SHA1): 90c6136c7defefe97cc764f9d2678ead03e55296
Certificate revocation list (CRL): http://pki.telesec.de/rl/TeleSec_qualified_Root_CA_1.crl

Internal Root Certificates

Deutsche Telekom Internal Root CA 1

Download Certificate
SHA1   -   RSA   -   2048
Validity period: 2007-11-15 - 2027-11-15
Fingerprint (SHA1): 15339aa230f5340e7bfcaafd754aa14cedd49858
Certificate revocation list (CRL): http://pki.telesec.de/rl/DT_Internal_Root_CA_1.crl

 

Deutsche Telekom Internal Root CA 2

Download Certificate
SHA256   -   RSA   -   2048
Validity period: 2017-08-03 - 2037-08-03
Fingerprint (SHA1): 12f714bdec4d2e3c2782ce1fcb8afe19b84aed8c
Certificate revocation list (CRL): http://pki.telesec.de/rl/DT_Internal_Root_CA_2.crl

De-Mail Root Certificate

Deutsche Telekom De-Mail Root CA 1

Download Certificate
SHA256   -   RSA   -   2048
Validity period: 2011-09-14 - 2031-09-14
Fingerprint (SHA1): 3e28041c43ee43c02cdcd4d2a311dbbd4d5b1c93
Certificate revocation list (CRL): http://pki.telesec.de/rl/De-Mail_Root_CA_1.crl