thunerstern.ch

Issued by R3

About this certificate

This digital certificate with serial number 04:fb:4b:00:28:d5:9a:44:1f:ab:b4:ce:69:a0:0c:d8:10:1e was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=thunerstern.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:fb:4b:00:28:d5:9a:44:1f:ab:b4:ce:69:a0:0c:d8:10:1e
Serial Number (int): 433959710752100135415904534478179400159262
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: d4:03:64:b3:f3:09:79:91:c8:57:37:22:95:50:0a:ea:95:45:c2:44
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 49:d2:79:ec:bd:f1:91:7d:b8:3e:31:64:b6:a9:cd:9d:5d:38:8c:67
Fingerprint (sha256): ef:17:0d:b7:e1:56:33:29:ae:75:cc:de:18:3b:6f:79:72:8f:93:41:7e:50:27:19:60:c3:ed:46:80:cb:23:18

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate thunerstern.ch

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for thunerstern.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

thunerstern.ch
thunerstern.ch.quarz.metanet.ch
webmail.thunerstern.ch
www.thunerstern.ch
www.thunerstern.ch.quarz.metanet.ch

Other certificates including the domain name thunerstern.ch

(limited to 100 certificates)
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch

Certificate

The complete raw certificate details for thunerstern.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISBPtLACjVmkQfq7TOaaAM2BAeMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA4MjIyMzExMzVaFw0yMzExMjAyMzExMzRaMBkxFzAVBgNVBAMT
DnRodW5lcnN0ZXJuLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+r/g9p4PjNvmx4Kx8dJJY/Sp8MDNbVYNrgqwiSPXsZJLbixT4bsLRN87XEt8ouKt
PkxmYu7Fw+43XvyDqsTyQ4s8n46G33GwI6C+HvfQzbdj4UP3MC9ujYNzgHJSoboW
D917Ci+3LByMB5FkHc51iQSVU2N9h9xnQRtk800d+YZByjk33MwAYjjqeSoK2CQI
D5GcdN7WoRyUHg+G38Fwhg6aG2lPhG9B3YVtfp6ejRbFp21/T+gW6/DzUVANvtTF
4JvH2HOp26Yc8zwX441swPfKEje3TgyGjJ+yx/SSMvOTYhtuiHpbti6fH+WJD46a
/jRYhj/gNFRU+AnOv4auAwIDAQABo4ICgzCCAn8wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBTUA2Sz8wl5kchXNyKVUArqlUXCRDAfBgNVHSMEGDAWgBQULrMXt1hWy65Q
CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y
My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn
LzCBjQYDVR0RBIGFMIGCgg50aHVuZXJzdGVybi5jaIIfdGh1bmVyc3Rlcm4uY2gu
cXVhcnoubWV0YW5ldC5jaIIWd2VibWFpbC50aHVuZXJzdGVybi5jaIISd3d3LnRo
dW5lcnN0ZXJuLmNogiN3d3cudGh1bmVyc3Rlcm4uY2gucXVhcnoubWV0YW5ldC5j
aDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1
ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABih+7fScAAAQDAEYw
RAIgJW1AL6lNd4emH4VewPI050eiSoWLEX6CkIU7Pc5DG8MCIHDmSqDENBOOuyCx
8A0vZlgC28CJN71PUhobsd3YQ5IHAHUAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvS
K8E6V6NS61IAAAGKH7t9OgAABAMARjBEAiAsbpdHH/bxfz7NynJbOW5KwDqClJi3
p5jLaLILTIRozwIgANFQ1xUgDAf3IPSxCp8DIMrBYM4B/2QWYWEiJtZ3REEwDQYJ
KoZIhvcNAQELBQADggEBALmVSdPh31w0bMSWZVoSHJrm2f+W34mORw7slYZaIHGK
QiCB2jZtqIlJpolDswG3z35TSLvIXyv6KF5K0YtBUTjIUBfc1f9T57SzP/gTqpYt
5LJss6pbWslmmKsUWfgl9vqg1lni6LPOyYG0MGuhwlOYM7ijmpvsWU/oqdQx1/Cn
0D7XqQC2yWy+YjvWfnnqIu3Ru04XHhTWZyHRlzSuQ+k1VHowu20RZTM8VPklv4Mq
mwRNgTnEF2APTe37/sF26cEQW4mYAkPycJNC2nykwV+O71ueN52DgaSrcUepiEMZ
o55dGzaVVDmNm0N9X+gJYNEn0HEJ1FRBa7fUXlqSWtA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+r/g9p4PjNvmx4Kx8dJJ
Y/Sp8MDNbVYNrgqwiSPXsZJLbixT4bsLRN87XEt8ouKtPkxmYu7Fw+43XvyDqsTy
Q4s8n46G33GwI6C+HvfQzbdj4UP3MC9ujYNzgHJSoboWD917Ci+3LByMB5FkHc51
iQSVU2N9h9xnQRtk800d+YZByjk33MwAYjjqeSoK2CQID5GcdN7WoRyUHg+G38Fw
hg6aG2lPhG9B3YVtfp6ejRbFp21/T+gW6/DzUVANvtTF4JvH2HOp26Yc8zwX441s
wPfKEje3TgyGjJ+yx/SSMvOTYhtuiHpbti6fH+WJD46a/jRYhj/gNFRU+AnOv4au
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 433959710752100135415904534478179400159262
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-22 23:11:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-20 23:11:34 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thunerstern.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31654195186087371070568094192001799250221222502858437961412309711953530883963232850313247498474569921619642481079953056350791639222386611593985659599553337211492478970828288666791388281626738550290928018026459087819105613111276561271494020414695127099602552245606652466951154246891101592570436367604529644140595020159403676403297852530715352568270094468255204951486547064444168071020621999329684426890173021504410362736804297356648252238367971926814019531099230803755800817440558589490211892840420032092847088466949603600377332069142776548672657546414687892134713759503362685509849330387493259645857340712892462706179
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d40364b3f3097991c857372295500aea9545c244
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thunerstern.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thunerstern.ch.quarz.metanet.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.thunerstern.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thunerstern.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thunerstern.ch.quarz.metanet.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a1fbb7d2700000403004630440220256d402fa94d7787a61f855ec0f234e747a24a858b117e8290853b3dce431bc3022070e64aa0c434138ebb20b1f00d2f665802dbc08937bd4f521a1bb1ddd84392070075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a1fbb7d3a000004030046304402202c6e97471ff6f17f3ecdca725b396e4ac03a829498b7a798cb68b20b4c8468cf022000d150d715200c07f720f4b10a9f0320cac160ce01ff641661612226d6774441
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b99549d3e1df5c346cc496655a121c9ae6d9ff96df898e470eec95865a20718a422081da366da88949a68943b301b7cf7e5348bbc85f2bfa285e4ad18b415138c85017dcd5ff53e7b4b33ff813aa962de4b26cb3aa5b5ac96698ab1459f825f6faa0d659e2e8b3cec981b4306ba1c2539833b8a39a9bec594fe8a9d431d7f0a7d03ed7a900b6c96cbe623bd67e79ea22edd1bb4e171e14d66721d19734ae43e935547a30bb6d1165333c54f925bf832a9b044d8139c417600f4dedfbfec176e9c1105b89980243f2709342da7ca4c15f8eef5b9e379d8381a4ab7147a9884319a39e5d1b369554398d9b437d5fe80960d127d07109d454416bb7d45e5a925ad0