DV SSL/TLS Certificate for czastka.de

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the czastka.de DV SSL/TLS Certificate

This certificate with serial number 06:14:1d:a8:a5:1c:d3:e2:02:29:45:e2:74:f5:10:eb:45:ff for czastka.de was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for czastka.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:14:1d:a8:a5:1c:d3:e2:02:29:45:e2:74:f5:10:eb:45:ff
Serial Number (int): 529518786195611793277805336000263516538367
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: fd:c5:5f:d9:55:1a:38:56:65:81:9d:67:74:c7:19:a6:d2:17:75:b3
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): ab:84:95:b4:6b:59:b5:61:21:64:08:bf:57:4e:ab:aa:4f:28:4b:47
Fingerprint (SHA-256): 1b:b5:a9:10:81:89:58:e3:3e:fe:88:2e:53:db:9c:48:09:53:2b:21:31:a4:f0:be:20:2f:49:87:9e:39:54:68

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/128.crl

Check the revocation status for certificate czastka.de
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for czastka.de

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for czastka.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISBhQdqKUc0+ICKUXidPUQ60X/MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTI2MTQ1MTE0WhcNMjUwODI0MTQ1MTEzWjAVMRMwEQYDVQQD
EwpjemFzdGthLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApU3M
6QxtSaiPYAQVIaEZbz/m2FQOp+mChotXW6FhYDXKsEu4XYEqJN02MV+NRQKPAW9q
DtFj8mKe7/JGRY7h35kfRNe8j6om+CdwP3akhI3fFrjzJ1K3oUzB1cRMaLVAzVnx
d5Py4kSCT8dkXs9mVwjAXni8ipylCRcXyzAda24A7nydS1+sFdu6G6Z9PVJQd4nk
0iKkha7Aa+EomQd+B7cU51HQGQi7TJfCXGViDaM3sCPjIl1YxboziE38pmElxdS5
pg9ExEhKgrlkGapguO7SuCsJX/7U+Os2aGyKn6ukht3p2SohaOdE3iSIHmPhZCPh
MNmhxWs7CFv3+aAmUdfrUvVRjG8WwA+cTdrF3AjhjicaJaJFRswWB4Oklx9YG8YN
VZzlh0G81gLvRtiZmUxVmofsWV3v605vtK0ZYq5v9VXdWR31k+NqmAd6aRfdzBSP
r0nVfnsAgLDRhSz4Uyi0gnXXkF2cPJsDevH7pEx9I4dtPk11Zc0A25CnokjSaHiH
RRmg88S8ibVw7K69J3p/+zIV2dCjPRrZP29vhGqv9Zw+Hkd5vtpo4ZhVFCwORc6n
0CknxFgof8RBJosJbLptZzoLL88u6YR86VRM8ohnOLVNG+mKA7qI/OJCqOcFs5Dq
7id0QCZxRKkRwdAX4ZrraFTrajxZHTIFrdlPZiECAwEAAaOCAiswggInMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU/cVf2VUaOFZlgZ1ndMcZptIXdbMwHwYDVR0jBBgw
FoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUF
BzAChhdodHRwOi8vcjEwLmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggpjemFzdGth
LmRlgg53d3cuY3phc3RrYS5kZTATBgNVHSAEDDAKMAgGBmeBDAECATAvBgNVHR8E
KDAmMCSgIqAghh5odHRwOi8vcjEwLmMubGVuY3Iub3JnLzEyOC5jcmwwggEEBgor
BgEEAdZ5AgQCBIH1BIHyAPAAdgCkQsUGSWBhVI8P1Oqc+3otJkVNh6l/L99FWfYn
TzqEVAAAAZcNSRsyAAAEAwBHMEUCIDCF5c5l9U3jyrBCjvhxb5Dthi328E9SRwbG
ft0EBqBiAiEAwl/3R+/58Dgz3SPEbQhTryOEkGLh4Fg360/99TYDL4QAdgAaBP9J
0FQdQK/2oMO/8djEZy9O7O4jQGiYaxdALtyJfQAAAZcNSRvKAAAEAwBHMEUCIEdH
J3E+QJXAobMLqRkt8xJbxLF+GF9AqINGK7YhaswTAiEA0Hc5k7cbm+L/e2P9ML+F
THF3V/c9pGK8RqmzSwobodIwDQYJKoZIhvcNAQELBQADggEBAEOLJwkhxSHxhS6l
2eOOchMmTUf3LS2hz/Wh1Q8tmtcXXN1LYFG/I2s3+0LHV01LIFIBJ/u4mbvLgynE
8xvrEJh1cvNXA98UhTfMOnWF7DniEqCPgOZxLU6JDZ8D9wiY0W2mJrOYPi/ZhNnL
TWaPX5rNs9jAOjHGet6FrTmQfxBlPes3NX5G9jQvtQhwwlOtanSvF0WD953cwbpM
X52JkQk5CL+4GQUEiti5BfV+3KMDvwaS3ihU0zA3jDai2Ub/Uy32jVsYSTvsUVlT
K0TL55ngH4cFhQt0RcyQtXydGFfVbrWyiD7qQPUO7oaQYl4cPHfxUJiIWHaTgVHx
4KlfKuI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApU3M6QxtSaiPYAQVIaEZ
bz/m2FQOp+mChotXW6FhYDXKsEu4XYEqJN02MV+NRQKPAW9qDtFj8mKe7/JGRY7h
35kfRNe8j6om+CdwP3akhI3fFrjzJ1K3oUzB1cRMaLVAzVnxd5Py4kSCT8dkXs9m
VwjAXni8ipylCRcXyzAda24A7nydS1+sFdu6G6Z9PVJQd4nk0iKkha7Aa+EomQd+
B7cU51HQGQi7TJfCXGViDaM3sCPjIl1YxboziE38pmElxdS5pg9ExEhKgrlkGapg
uO7SuCsJX/7U+Os2aGyKn6ukht3p2SohaOdE3iSIHmPhZCPhMNmhxWs7CFv3+aAm
UdfrUvVRjG8WwA+cTdrF3AjhjicaJaJFRswWB4Oklx9YG8YNVZzlh0G81gLvRtiZ
mUxVmofsWV3v605vtK0ZYq5v9VXdWR31k+NqmAd6aRfdzBSPr0nVfnsAgLDRhSz4
Uyi0gnXXkF2cPJsDevH7pEx9I4dtPk11Zc0A25CnokjSaHiHRRmg88S8ibVw7K69
J3p/+zIV2dCjPRrZP29vhGqv9Zw+Hkd5vtpo4ZhVFCwORc6n0CknxFgof8RBJosJ
bLptZzoLL88u6YR86VRM8ohnOLVNG+mKA7qI/OJCqOcFs5Dq7id0QCZxRKkRwdAX
4ZrraFTrajxZHTIFrdlPZiECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 529518786195611793277805336000263516538367
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-26 14:51:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-24 14:51:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'czastka.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 674381107422445330593187215501810048825893828971701945760300712726449304347813615632398840727475502676917660855170429036375355984004931736609039894537733291835335606925128574665196142355053019667277466356042779051529203382698887620307031398658424494043121508655098943264567659433076315072596047946167626628514648533115630347917422763892150196548431669969750384421887218845641973220462414711961570779396907358904700246420779712881917030788404617378726120936255488297366750343379728305333946063123680874459192476530906258466315290931932513443736091951976007928836368578210241604904871283965745801015083193199219856164774906115487890605631760620702779307337890982229592597220220865222418424149510997114439372084960975593932497300513626524910502855024705336370695955157857049309435050822050572741921624179356585695981572938641303991378864779504169494868134111005867724367230663781228775990595827246302917926397582810111668677784872235067724554850597467179059519750117621593435946455745879774090268062242252138652891176482813908725606236287431454361369091656944396326615041592001021383756415805753107974969088411733639267949117661174895551147230509673854835142396676746769715069485578832800040858435368922039454756495675493359025157793313
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fdc55fd9551a385665819d6774c719a6d21775b3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'czastka.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.czastka.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/128.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a8454000001970d491b32000004030047304502203085e5ce65f54de3cab0428ef8716f90ed862df6f04f524706c67edd0406a062022100c25ff747eff9f03833dd23c46d0853af23849062e1e05837eb4ffdf536032f840076001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d000001970d491bca00000403004730450220474727713e4095c0a1b30ba9192df3125bc4b17e185f40a883462bb6216acc13022100d0773993b71b9be2ff7b63fd30bf854c717757f73da462bc46a9b34b0a1ba1d2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00438b270921c521f1852ea5d9e38e7213264d47f72d2da1cff5a1d50f2d9ad7175cdd4b6051bf236b37fb42c7574d4b20520127fbb899bbcb8329c4f31beb10987572f35703df148537cc3a7585ec39e212a08f80e6712d4e890d9f03f70898d16da626b3983e2fd984d9cb4d668f5f9acdb3d8c03a31c67ade85ad39907f10653deb37357e46f6342fb50870c253ad6a74af174583f79ddcc1ba4c5f9d8991093908bfb81905048ad8b905f57edca303bf0692de2854d330378c36a2d946ff532df68d5b18493bec5159532b44cbe799e01f8705850b7445cc90b57c9d1857d56eb5b2883eea40f50eee8690625e1c3c77f15098885876938151f1e0a95f2ae2