diff --git a/routes/get.go b/routes/get.go
index dc80de3..5332926 100644
--- a/routes/get.go
+++ b/routes/get.go
@@ -3,10 +3,12 @@ package routes
 import (
 	"crypto/sha1"
 	"crypto/tls"
+	"crypto/x509"
 	"encoding/hex"
 	"fmt"
-	"github.com/gin-gonic/gin"
 	"net/http"
+
+	"github.com/gin-gonic/gin"
 )
 
 // GetCertificateInfo handler
@@ -21,6 +23,22 @@ func GetCertificateInfo(c *gin.Context) {
 		})
 		return
 	}
+	cipherSuite := tls.CipherSuiteName(resp.ConnectionState().CipherSuite)
+	ver := resp.ConnectionState().Version
+	var tlsVersion string
+	if ver == tls.VersionSSL30 {
+		tlsVersion = "SSLv3"
+	} else if ver == tls.VersionTLS10 {
+		tlsVersion = "TLSv1"
+	} else if ver == tls.VersionTLS11 {
+		tlsVersion = "TLSv1.1"
+	} else if ver == tls.VersionTLS12 {
+		tlsVersion = "TLSv1.2"
+	} else if ver == tls.VersionTLS13 {
+		tlsVersion = "TLSv1.3"
+	} else {
+		tlsVersion = "unknown"
+	}
 	certificate := resp.ConnectionState().PeerCertificates[0]
 
 	var validationType string
@@ -34,28 +52,78 @@ func GetCertificateInfo(c *gin.Context) {
 		}
 	}
 
-	extendedKeyUsages := []string{}
+	keyUsages := []int{}
+	keyUsagesText := []string{}
+	extendedKeyUsages := []int{}
+	extendedKeyUsagesText := []string{}
 	for _, value := range certificate.ExtKeyUsage {
 		switch value {
 		case 0:
-			extendedKeyUsages = append(extendedKeyUsages, "All/Any Usages")
+			// All Usages
+			extendedKeyUsages = append(extendedKeyUsages, 0)
+			extendedKeyUsagesText = append(extendedKeyUsagesText, "Any/All Usages")
 			break
 		case 1:
-			extendedKeyUsages = append(extendedKeyUsages, "TLS Web Server Authentication")
+			// TLS Web Server Authentication
+			extendedKeyUsages = append(extendedKeyUsages, 1)
+			extendedKeyUsagesText = append(extendedKeyUsagesText, "TLS Web Server Authentication")
 			break
 		case 2:
-			extendedKeyUsages = append(extendedKeyUsages, "TLS Web Client Authentication")
+			// TLS Web Client Authentication
+			extendedKeyUsages = append(extendedKeyUsages, 2)
+			extendedKeyUsagesText = append(extendedKeyUsagesText, "TLS Web Client Authentication")
 			break
 		case 3:
-			extendedKeyUsages = append(extendedKeyUsages, "Code Signing")
+			// Code Signing
+			extendedKeyUsages = append(extendedKeyUsages, 3)
+			extendedKeyUsagesText = append(extendedKeyUsagesText, "Code Signing")
 			break
 		case 4:
-			extendedKeyUsages = append(extendedKeyUsages, "E-mail Protection (S/MIME)")
+			// Email Protection
+			extendedKeyUsages = append(extendedKeyUsages, 4)
+			extendedKeyUsagesText = append(extendedKeyUsagesText, "Email Protection (S/MIME)")
 		default:
 			break
 		}
 	}
 
+	if certificate.KeyUsage & x509.KeyUsageCRLSign != 0 {
+		keyUsages = append(keyUsages, 0)
+		keyUsagesText = append(keyUsagesText, "CRL Signing")
+	}
+	if certificate.KeyUsage & x509.KeyUsageCertSign != 0 {
+		keyUsages = append(keyUsages, 1)
+		keyUsagesText = append(keyUsagesText, "Certificate Signing")
+	}
+	if certificate.KeyUsage & x509.KeyUsageContentCommitment != 0 {
+		keyUsages = append(keyUsages, 3)
+		keyUsagesText = append(keyUsagesText, "Content Commitment")
+	}
+	if certificate.KeyUsage & x509.KeyUsageDataEncipherment != 0 {
+		keyUsages = append(keyUsages, 4)
+		keyUsagesText = append(keyUsagesText, "Data Encipherment")
+	}
+	if certificate.KeyUsage & x509.KeyUsageDecipherOnly != 0 {
+		keyUsages = append(keyUsages, 5)
+		keyUsagesText = append(keyUsagesText, "Decipher Only")
+	}
+	if certificate.KeyUsage & x509.KeyUsageDigitalSignature != 0 {
+		keyUsages = append(keyUsages, 5)
+		keyUsagesText = append(keyUsagesText, "Digital Signature")
+	}
+	if certificate.KeyUsage & x509.KeyUsageEncipherOnly != 0 {
+		keyUsages = append(keyUsages, 6)
+		keyUsagesText = append(keyUsagesText, "Encipher Only")
+	}
+	if certificate.KeyUsage & x509.KeyUsageKeyAgreement != 0 {
+		keyUsages = append(keyUsages, 7)
+		keyUsagesText = append(keyUsagesText, "Key Agreement")
+	}
+	if certificate.KeyUsage & x509.KeyUsageKeyEncipherment != 0 {
+		keyUsages = append(keyUsages, 8)
+		keyUsagesText = append(keyUsagesText, "Key Encipherment")
+	}
+
 	sum := sha1.Sum(certificate.Raw)
 
 	c.JSON(http.StatusOK, gin.H{
@@ -79,8 +147,15 @@ func GetCertificateInfo(c *gin.Context) {
 		"publicKeyAlgorithm": certificate.PublicKeyAlgorithm.String(),
 		"serialNumber":       certificate.SerialNumber.Int64(),
 		"notAfter":           certificate.NotAfter,
+		"keyUsage": keyUsages,
+		"keyUsageAsText": keyUsagesText,
 		"extendedKeyUsage":   extendedKeyUsages,
+		"extendedKeyUsageAsText": extendedKeyUsagesText,
 		"san":                certificate.DNSNames,
 		"fingerprint":        hex.EncodeToString(sum[:]),
+		"connection": gin.H{
+			"tlsVersion": tlsVersion,
+			"cipherSuite": cipherSuite,
+		},
 	})
 }