DV SSL/TLS Certificate for ambright.de

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the ambright.de DV SSL/TLS Certificate

This certificate with serial number 06:fc:96:d8:42:46:8c:b5:15:a2:fe:16:f0:79:fc:0e:16:f3 for ambright.de was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for ambright.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:fc:96:d8:42:46:8c:b5:15:a2:fe:16:f0:79:fc:0e:16:f3
Serial Number (int): 608625379134355705612350599669764806547187
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 40:4b:84:79:07:18:fd:cd:1f:7d:dc:69:cf:c0:03:13:96:cc:00:e7
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): e2:b5:db:fa:08:9b:71:40:e9:9e:27:b6:c5:8d:12:f0:ba:7b:93:33
Fingerprint (SHA-256): 87:16:4d:4f:e3:f2:53:81:38:fb:3e:57:0c:ec:fd:a1:ac:ed:9c:d3:a4:1f:01:65:13:ff:4b:0c:da:49:3b:74

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/116.crl

Check the revocation status for certificate ambright.de
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ambright.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for ambright.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISBvyW2EJGjLUVov4W8Hn8DhbzMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjIwMDUzNTU0WhcNMjUwOTE4MDUzNTUzWjAWMRQwEgYDVQQD
EwthbWJyaWdodC5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALlK
tkreL4/0/R4YPJGhsnOJYZgvnqKuR17Y6dGZILEhmLc1plflF9OGP1Kgc1nRu4nN
VbsNNnMMdKntbIh5J1P9mozhMbLZzdVab0tmmXgj3+oFfvEqGZh/Bm6QKBaa1D0M
CBW7VO7kSy8u5afSBeUzicacBd0VH3jXkWUZ969xlVo/sHQHzoVJ69hxwc6Krw88
1GzsQVIRmCMask04U64LPz6ws8ysXdl7WUX0sHpaViC159eDHWg5f6RVhxde0J/H
FJ9Sb7VCATP0TxJzHmkkuk7vyb+91gXA8Dr3Zp7xkbpwcBK46N36z7klqsjfAFbI
lp7VpJ71FEhsHiEGjW0CAwEAAaOCAi0wggIpMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUQEuEeQcY/c0ffdxpz8ADE5bMAOcwHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXE
LbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEx
LmkubGVuY3Iub3JnLzAnBgNVHREEIDAeggthbWJyaWdodC5kZYIPd3d3LmFtYnJp
Z2h0LmRlMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAioCCGHmh0
dHA6Ly9yMTEuYy5sZW5jci5vcmcvMTE2LmNybDCCAQQGCisGAQQB1nkCBAIEgfUE
gfIA8AB2AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABl4wLrJUA
AAQDAEcwRQIgHC0TZ77q1xjd1Rm0nIEcTp/S9nb7/op6Sa+R1heVfp8CIQCAez5i
pHP/eKLR9Yd1kLDDhO5GOq3++tbt6fC1BAtq+wB2AMz7D2qFcQll/pWbU87psnwi
6YVcDZeNtql+VMD+TA2wAAABl4wLtKAAAAQDAEcwRQIhAOuFP0B33cP2fOJY3sag
EBru6PBeZQiA9bTJzDLPAA13AiBXMu8qil9/OfYbcNdYvzuTWeU1cuuWlBhjW0jG
KYSaVjANBgkqhkiG9w0BAQsFAAOCAQEAZaBbSftsGHgz2p3VSY7Jw4dnnPfeG+LF
UzsH+Evm5WGjoIZnhXigq+OBau1MEQ/D/6C3RB8RapzuGfG72mMye5r2+uNYLdqq
2u1KZUXpi/uFgjnTIhwRY6E+fTvo99jpJHasGJ1jcfrjlRjyHSATqkDTuIU01iTl
5n0VaBkSFLzmHLE0VnHpKMTD7zrykTbL2JdDLs+9BUcP5rJkCiBLjW44QFOEqpov
QCj+jes1zOTwsnp+KB8RxTE10sjTmjt+UXna7XMut2DtwaMUKMuUiS3ECw60kiPE
OLzMmqfvFm/SrJAST/onDT/laRjIEgq4y6BGSwOze7bHf798rp5lbg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUq2St4vj/T9Hhg8kaGy
c4lhmC+eoq5HXtjp0ZkgsSGYtzWmV+UX04Y/UqBzWdG7ic1Vuw02cwx0qe1siHkn
U/2ajOExstnN1VpvS2aZeCPf6gV+8SoZmH8GbpAoFprUPQwIFbtU7uRLLy7lp9IF
5TOJxpwF3RUfeNeRZRn3r3GVWj+wdAfOhUnr2HHBzoqvDzzUbOxBUhGYIxqyTThT
rgs/PrCzzKxd2XtZRfSwelpWILXn14MdaDl/pFWHF17Qn8cUn1JvtUIBM/RPEnMe
aSS6Tu/Jv73WBcDwOvdmnvGRunBwErjo3frPuSWqyN8AVsiWntWknvUUSGweIQaN
bQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 608625379134355705612350599669764806547187
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-20 05:35:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-18 05:35:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ambright.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23390928318432833005042787105166563413260364670389614167601005940759058822673422257186804333697537603099358907726019485262748280701786036437187368432950668653571743454736644216456373443565208066605496001831942978245062087202469192706990743991294687488398089331761985148865349540922199274418884441280579916637395317705401324306667947641567101631652123513409177790830966619282084223025101362157758841125945212567107186730455564710001139783974824741833869407692092335469659628448670076122233163993998562428051747298423492218553044187644234652501903965642684237462287593917867576264632450272547832721458058698552179592557
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							404b84790718fdcd1f7ddc69cfc0031396cc00e7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ambright.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ambright.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/116.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b8000001978c0bac95000004030047304502201c2d1367beead718ddd519b49c811c4e9fd2f676fbfe8a7a49af91d617957e9f022100807b3e62a473ff78a2d1f5877590b0c384ee463aadfefad6ede9f0b5040b6afb007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001978c0bb4a00000040300473045022100eb853f4077ddc3f67ce258dec6a0101aeee8f05e650880f5b4c9cc32cf000d7702205732ef2a8a5f7f39f61b70d758bf3b9359e53572eb969418635b48c629849a56
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0065a05b49fb6c187833da9dd5498ec9c387679cf7de1be2c5533b07f84be6e561a3a086678578a0abe3816aed4c110fc3ffa0b7441f116a9cee19f1bbda63327b9af6fae3582ddaaadaed4a6545e98bfb858239d3221c1163a13e7d3be8f7d8e92476ac189d6371fae39518f21d2013aa40d3b88534d624e5e67d1568191214bce61cb1345671e928c4c3ef3af29136cbd897432ecfbd05470fe6b2640a204b8d6e38405384aa9a2f4028fe8deb35cce4f0b27a7e281f11c53135d2c8d39a3b7e5179daed732eb760edc1a31428cb94892dc40b0eb49223c438bccc9aa7ef166fd2ac90124ffa270d3fe56918c8120ab8cba0464b03b37bb6c77fbf7cae9e656e