thunerstern.ch
Issued by R3
About this certificate
This digital certificate with serial number 04:fb:4b:00:28:d5:9a:44:1f:ab:b4:ce:69:a0:0c:d8:10:1e was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=thunerstern.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:fb:4b:00:28:d5:9a:44:1f:ab:b4:ce:69:a0:0c:d8:10:1eSerial Number (int): 433959710752100135415904534478179400159262
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d4:03:64:b3:f3:09:79:91:c8:57:37:22:95:50:0a:ea:95:45:c2:44
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 49:d2:79:ec:bd:f1:91:7d:b8:3e:31:64:b6:a9:cd:9d:5d:38:8c:67
Fingerprint (sha256): ef:17:0d:b7:e1:56:33:29:ae:75:cc:de:18:3b:6f:79:72:8f:93:41:7e:50:27:19:60:c3:ed:46:80:cb:23:18
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate thunerstern.ch
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thunerstern.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thunerstern.ch
thunerstern.ch.quarz.metanet.ch
webmail.thunerstern.ch
www.thunerstern.ch
www.thunerstern.ch.quarz.metanet.ch
thunerstern.ch.quarz.metanet.ch
webmail.thunerstern.ch
www.thunerstern.ch
www.thunerstern.ch.quarz.metanet.ch
Other certificates including the domain name thunerstern.ch
(limited to 100 certificates)
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
thunerstern.ch
www.thunerstern.ch
thunerstern.ch
thunerstern.ch
Certificate
The complete raw certificate details for thunerstern.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgISBPtLACjVmkQfq7TOaaAM2BAeMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA4MjIyMzExMzVaFw0yMzExMjAyMzExMzRaMBkxFzAVBgNVBAMT DnRodW5lcnN0ZXJuLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +r/g9p4PjNvmx4Kx8dJJY/Sp8MDNbVYNrgqwiSPXsZJLbixT4bsLRN87XEt8ouKt PkxmYu7Fw+43XvyDqsTyQ4s8n46G33GwI6C+HvfQzbdj4UP3MC9ujYNzgHJSoboW D917Ci+3LByMB5FkHc51iQSVU2N9h9xnQRtk800d+YZByjk33MwAYjjqeSoK2CQI D5GcdN7WoRyUHg+G38Fwhg6aG2lPhG9B3YVtfp6ejRbFp21/T+gW6/DzUVANvtTF 4JvH2HOp26Yc8zwX441swPfKEje3TgyGjJ+yx/SSMvOTYhtuiHpbti6fH+WJD46a /jRYhj/gNFRU+AnOv4auAwIDAQABo4ICgzCCAn8wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBTUA2Sz8wl5kchXNyKVUArqlUXCRDAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzCBjQYDVR0RBIGFMIGCgg50aHVuZXJzdGVybi5jaIIfdGh1bmVyc3Rlcm4uY2gu cXVhcnoubWV0YW5ldC5jaIIWd2VibWFpbC50aHVuZXJzdGVybi5jaIISd3d3LnRo dW5lcnN0ZXJuLmNogiN3d3cudGh1bmVyc3Rlcm4uY2gucXVhcnoubWV0YW5ldC5j aDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1 ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABih+7fScAAAQDAEYw RAIgJW1AL6lNd4emH4VewPI050eiSoWLEX6CkIU7Pc5DG8MCIHDmSqDENBOOuyCx 8A0vZlgC28CJN71PUhobsd3YQ5IHAHUAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvS K8E6V6NS61IAAAGKH7t9OgAABAMARjBEAiAsbpdHH/bxfz7NynJbOW5KwDqClJi3 p5jLaLILTIRozwIgANFQ1xUgDAf3IPSxCp8DIMrBYM4B/2QWYWEiJtZ3REEwDQYJ KoZIhvcNAQELBQADggEBALmVSdPh31w0bMSWZVoSHJrm2f+W34mORw7slYZaIHGK QiCB2jZtqIlJpolDswG3z35TSLvIXyv6KF5K0YtBUTjIUBfc1f9T57SzP/gTqpYt 5LJss6pbWslmmKsUWfgl9vqg1lni6LPOyYG0MGuhwlOYM7ijmpvsWU/oqdQx1/Cn 0D7XqQC2yWy+YjvWfnnqIu3Ru04XHhTWZyHRlzSuQ+k1VHowu20RZTM8VPklv4Mq mwRNgTnEF2APTe37/sF26cEQW4mYAkPycJNC2nykwV+O71ueN52DgaSrcUepiEMZ o55dGzaVVDmNm0N9X+gJYNEn0HEJ1FRBa7fUXlqSWtA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+r/g9p4PjNvmx4Kx8dJJ Y/Sp8MDNbVYNrgqwiSPXsZJLbixT4bsLRN87XEt8ouKtPkxmYu7Fw+43XvyDqsTy Q4s8n46G33GwI6C+HvfQzbdj4UP3MC9ujYNzgHJSoboWD917Ci+3LByMB5FkHc51 iQSVU2N9h9xnQRtk800d+YZByjk33MwAYjjqeSoK2CQID5GcdN7WoRyUHg+G38Fw hg6aG2lPhG9B3YVtfp6ejRbFp21/T+gW6/DzUVANvtTF4JvH2HOp26Yc8zwX441s wPfKEje3TgyGjJ+yx/SSMvOTYhtuiHpbti6fH+WJD46a/jRYhj/gNFRU+AnOv4au AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 433959710752100135415904534478179400159262 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-22 23:11:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-20 23:11:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thunerstern.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31654195186087371070568094192001799250221222502858437961412309711953530883963232850313247498474569921619642481079953056350791639222386611593985659599553337211492478970828288666791388281626738550290928018026459087819105613111276561271494020414695127099602552245606652466951154246891101592570436367604529644140595020159403676403297852530715352568270094468255204951486547064444168071020621999329684426890173021504410362736804297356648252238367971926814019531099230803755800817440558589490211892840420032092847088466949603600377332069142776548672657546414687892134713759503362685509849330387493259645857340712892462706179 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d40364b3f3097991c857372295500aea9545c244 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thunerstern.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thunerstern.ch.quarz.metanet.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.thunerstern.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thunerstern.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thunerstern.ch.quarz.metanet.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a1fbb7d2700000403004630440220256d402fa94d7787a61f855ec0f234e747a24a858b117e8290853b3dce431bc3022070e64aa0c434138ebb20b1f00d2f665802dbc08937bd4f521a1bb1ddd84392070075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a1fbb7d3a000004030046304402202c6e97471ff6f17f3ecdca725b396e4ac03a829498b7a798cb68b20b4c8468cf022000d150d715200c07f720f4b10a9f0320cac160ce01ff641661612226d6774441 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b99549d3e1df5c346cc496655a121c9ae6d9ff96df898e470eec95865a20718a422081da366da88949a68943b301b7cf7e5348bbc85f2bfa285e4ad18b415138c85017dcd5ff53e7b4b33ff813aa962de4b26cb3aa5b5ac96698ab1459f825f6faa0d659e2e8b3cec981b4306ba1c2539833b8a39a9bec594fe8a9d431d7f0a7d03ed7a900b6c96cbe623bd67e79ea22edd1bb4e171e14d66721d19734ae43e935547a30bb6d1165333c54f925bf832a9b044d8139c417600f4dedfbfec176e9c1105b89980243f2709342da7ca4c15f8eef5b9e379d8381a4ab7147a9884319a39e5d1b369554398d9b437d5fe80960d127d07109d454416bb7d45e5a925ad0