DV SSL/TLS Certificate for annatom.de

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the annatom.de DV SSL/TLS Certificate

This certificate with serial number 06:c4:44:e8:0d:cc:1c:75:9b:97:fe:16:12:75:a7:c9:fc:ec for annatom.de was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for annatom.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:c4:44:e8:0d:cc:1c:75:9b:97:fe:16:12:75:a7:c9:fc:ec
Serial Number (int): 589460651903492650837680203022561759067372
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 60:ad:3e:09:21:ca:8c:1a:0c:81:7d:97:b7:83:39:10:da:50:7a:20
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 6f:4d:f0:85:9a:f4:94:d1:90:94:ce:f4:35:a4:66:5b:77:0e:58:8a
Fingerprint (SHA-256): d0:69:f0:a9:0d:b3:04:18:eb:f2:6b:54:f5:ab:10:ae:45:5e:6f:1d:07:03:7b:f5:22:3a:03:ad:13:e0:2a:d4

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/109.crl

Check the revocation status for certificate annatom.de
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for annatom.de

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for annatom.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISBsRE6A3MHHWbl/4WEnWnyfzsMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjE0MTE1ODMyWhcNMjUwOTEyMTE1ODMxWjAVMRMwEQYDVQQD
Ewphbm5hdG9tLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjcx
iJydtKK9fj7x6lZIWEgWV9v5bIxmGNaGagI94D7dEO7znDM6TbUZrz5b1vtYesY9
ZkFOTwZDXv/G2CdqsTrPwvuen/NabqV+u4sEf5ZPulw5LK55MjnFS6evIoa8GS+7
+w8rfKtvkieeJIveMIhM3nClSVbD0jHB1bxCQ0lNEcuRIAKB5kXsSHoMJh1GOUhu
cPy2q90kuNwbgIgwhJcHMfnxHgUIPqhlOo5KGJaDaAqtcPZCuSMpnRwvUhLkubLx
E4rOHoTxIE2NaKWRSa+7Zs1FRuMKzRHY/pdAzHrdRvFDEpfS4RwCCRFRcLPgAPCM
rJD+xCcfca1P9uzq6+S0FCWXzHwOVZ42eShx905eS1XisNXKLae9Kf+JWQaO0YM7
Z1Hm2nkqHZzWtMsvN1IH57wkLnSEEXzPJ/hMik8nsqx6VnkUqtewQ5N4T2HyUpnX
/KGEUcat7wcG8Fry6SftR+tUWNSomHd5GT5v5yYbDLCMDj5wll4ABWkjEFbhv41U
5IfrAznWxmA6SCAUymMsYaFygRWPDxEYR8BlKbYmtNzH3rgZTYdEl34UFzDUFQuE
+KhxB2p3xKAq0a2zXbJwvWILJ4k/E0pJyhgtmJzsk9Nnqo9nxAdRnyMnvn/oFd5S
8lCB3Clx0G2k9ZRmP/TljPpzTofdXvCNhc7idoUCAwEAAaOCAkEwggI9MA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQUYK0+CSHKjBoMgX2Xt4M5ENpQeiAwHwYDVR0jBBgw
FoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUF
BzAChhdodHRwOi8vcjEwLmkubGVuY3Iub3JnLzA5BgNVHREEMjAwggphbm5hdG9t
LmRlghJ3ZWJtYWlsLmFubmF0b20uZGWCDnd3dy5hbm5hdG9tLmRlMBMGA1UdIAQM
MAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9yMTAuYy5sZW5j
ci5vcmcvMTA5LmNybDCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AN3cyjSV1+EW
BeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABl26D1I8AAAQDAEgwRgIhAI5jEyWx
4ZpJD66pASfGcjJD9YA9Rwcz/KTwonYkgt/NAiEA0gYuMVYbzuRUIO3r+sirYaxr
ynD8C5jU2PtviAunz+wAdwAaBP9J0FQdQK/2oMO/8djEZy9O7O4jQGiYaxdALtyJ
fQAAAZdug9UaAAAEAwBIMEYCIQCnJgZeuDsUdD++lnVVbByTLhEhfkiHe1UAlLYq
xlF2uQIhALuSycbpHpFit5tk7pkD5pB8BFuebwR5z//jPmGdgG53MA0GCSqGSIb3
DQEBCwUAA4IBAQCAx3xt+vCbAbC5YQ+GkieHnI2hSsdUU/+56ma19JUFfLYDh+0Q
MLmJ5bPpmGtNBPP2ZVflxjzhFlzpZZcc7m94oPE3+FGesWs45M6ZPNkN8l+qU5/O
uBMK2FgyW3D3PDgOBYOUh8Rr6FrlP+1JcwelDZUfhK6yvmlMcKV1o8gj6JfPQPg1
SS3hrHc//zyutzUPh3mnRV3Ho5zarRc5ZtkPVZFZC/ipNYRjf6o2WBCkkv8qo3sF
ADIIucC5NC+jaQ9EeVNqmwR2cNtyac/l/ofGMnuNGGMFyAzJjyXsK3ddiqIpN5iL
gF/tnQG9XMj5Tna17whN8TrkAYTkX3IDriPp
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjcxiJydtKK9fj7x6lZI
WEgWV9v5bIxmGNaGagI94D7dEO7znDM6TbUZrz5b1vtYesY9ZkFOTwZDXv/G2Cdq
sTrPwvuen/NabqV+u4sEf5ZPulw5LK55MjnFS6evIoa8GS+7+w8rfKtvkieeJIve
MIhM3nClSVbD0jHB1bxCQ0lNEcuRIAKB5kXsSHoMJh1GOUhucPy2q90kuNwbgIgw
hJcHMfnxHgUIPqhlOo5KGJaDaAqtcPZCuSMpnRwvUhLkubLxE4rOHoTxIE2NaKWR
Sa+7Zs1FRuMKzRHY/pdAzHrdRvFDEpfS4RwCCRFRcLPgAPCMrJD+xCcfca1P9uzq
6+S0FCWXzHwOVZ42eShx905eS1XisNXKLae9Kf+JWQaO0YM7Z1Hm2nkqHZzWtMsv
N1IH57wkLnSEEXzPJ/hMik8nsqx6VnkUqtewQ5N4T2HyUpnX/KGEUcat7wcG8Fry
6SftR+tUWNSomHd5GT5v5yYbDLCMDj5wll4ABWkjEFbhv41U5IfrAznWxmA6SCAU
ymMsYaFygRWPDxEYR8BlKbYmtNzH3rgZTYdEl34UFzDUFQuE+KhxB2p3xKAq0a2z
XbJwvWILJ4k/E0pJyhgtmJzsk9Nnqo9nxAdRnyMnvn/oFd5S8lCB3Clx0G2k9ZRm
P/TljPpzTofdXvCNhc7idoUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 589460651903492650837680203022561759067372
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-14 11:58:32 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-12 11:58:31 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'annatom.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 710737637356031008611696643257501034804353269698975322385325051767769052528455633464095374204867130843798835065690862865846446650947247605086433624578080742808919374700101967926412378972704603777258596998078490349550369182564107342307333572872907087981357002966949582630739154459624057934757834466982399560511576742737872790818333022502049759941542252558454944887902138017792707883889582713589217524363134016222416471461573859736053927996462499243474851840498862055827346340407888192929119253961184795501813362383306530231867781490217787013842503185691122680396011502554293284137976578045889453442769655283154182932107897180933523479262527879534438893778470684362075989988384908379797130472954425353560365714017385820351772266108970557682949528655454210809652515431158694387644472290650733535100588899320122931935611669876437297200870383298378098500819785416266799111542770650089535124734414914538589390587836134927580234323941760656119450397293966519611733881157751888748895310268156885520603074630792529354511433988489644965918996394173164402805593062327159222527604686338618125983374510453345360066429324028025769170136822367620376119556015442504749319826716287155619808264989630054404601745920745296286327872649184163302637467269
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							60ad3e0921ca8c1a0c817d97b7833910da507a20
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annatom.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.annatom.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.annatom.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/109.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a000001976e83d48f00000403004830460221008e631325b1e19a490faea90127c6723243f5803d470733fca4f0a2762482dfcd022100d2062e31561bcee45420edebfac8ab61ac6bca70fc0b98d4d8fb6f880ba7cfec0077001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d000001976e83d51a0000040300483046022100a726065eb83b14743fbe9675556c1c932e11217e48877b550094b62ac65176b9022100bb92c9c6e91e9162b79b64ee9903e6907c045b9e6f0479cfffe33e619d806e77
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0080c77c6dfaf09b01b0b9610f869227879c8da14ac75453ffb9ea66b5f495057cb60387ed1030b989e5b3e9986b4d04f3f66557e5c63ce1165ce965971cee6f78a0f137f8519eb16b38e4ce993cd90df25faa539fceb8130ad858325b70f73c380e05839487c46be85ae53fed497307a50d951f84aeb2be694c70a575a3c823e897cf40f835492de1ac773fff3caeb7350f8779a7455dc7a39cdaad173966d90f5591590bf8a93584637faa365810a492ff2aa37b05003208b9c0b9342fa3690f4479536a9b047670db7269cfe5fe87c6327b8d186305c80cc98f25ec2b775d8aa22937988b805fed9d01bd5cc8f94e76b5ef084df13ae40184e45f7203ae23e9