Issued by Let's Encrypt Authority X3
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
RSA
4096
SHA256 with RSA
Digital Signature
Key Encipherment
Server Authentication
Client Authentication
8 extensions
No
unhandled critical extensions
This is not a CA certificate
-----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgISA01U4iX2gAorG9icmD+Sj4oZMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MDcwMDMwMDBaFw0x NzA4MDUwMDMwMDBaMBwxGjAYBgNVBAMTEWdhcnRlbmFtYmllbnRlLmNoMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2keXq0MTBzxEZQQZS3L8V0RtELRX J1aWnv8ThDZy7tMsINWdSKl/qT1Bydm9ZgFtW/jxKb1gzRE2XnDcDoKlblShWpO+ h2j6KHAE6T1SIF/Wb6h7BOztE/7BFthVB5vOHEAWogqI/Y4kraehBL+OEg5x0EbM 47wWmlKcweyh/rlHiVHNmR/Frq87MfsMp8FpNC8HGhYqlfjF11SCMsiWZol/oHoB aKynGblSKFBdwfGVXHWR9UbnVlm+PA0t4lfO1zm3VO98amzhOFkbH/QTNk1D0SIW 4hAodheUGy1dh8b/1+DnxoeiiEivhZ8WzeWWo86vKUDZYikIPDPv5Tpjm5iBw10f P2pszpolXyDVskce3ZbVIbIPxb12vyqQGX0QwQIPUJUbqcjY1JpQ26ve1ho6bWcw js/JqN0RWb7l3XP73roN47d9PeW9q1sscbMyEVvoIuSgEU3GrHlSDOUnceePTJ6g kNqfz8aLf7QWJij5ooZtNdVwqMDvSqG4t90ctO7+h09BzNR1t5Jp4z5tzHPVc+HT eu1djNmBLcdgKlagcSjDPuOKMW+4EUqElmh4CJ2V9l/OggB+0AZBvBae5RILq2oa faAL4vdVdge9jXF6/lTHgXdNUXWScD7Ri6sVByI+k44rtpl0BsHj/OxatiwpFhRG xuVbtuI5qdApd4cCAwEAAaOCAk8wggJLMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU PShJ23ZWXpkEa9wxDxGAjTbj92cwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl 7/Oo7KEwcAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5p bnQteDMubGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wWQYDVR0RBFIwUIIRZ2FydGVuYW1iaWVu dGUuY2iCD2xlY2h1emEtc2hvcC5jaIIVd3d3LmdhcnRlbmFtYmllbnRlLmNoghN3 d3cubGVjaHV6YS1zaG9wLmNoMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsr BgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlw dC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25s eSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4g YWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQg aHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEL BQADggEBAHJfYGunJGC5XNOoq7kOh0b9zOVBscbs28ixnBAlgrmVTIc/KkQBL/Ho Ync071dEybLrP6toXwDMwnO3ZpqMKY42ggiksBbCvagJQd/Z4swidOXMlo9XOl17 HuD7OChehEhbAtMMtNUgiQYescfkiaBWnuZONhHbKEAKxPHfODdI8+14ZHORY431 uvE5t7qWj7NPUZXqww8oha4MFbXXWOnQivqs4YLB847GH7JIedGrf7TL9bXv/WSG nH7h6xrq/p32ZOsQJUI5cTdBVVlp9Sju2+StJlCALZrFbK3/WIOOJ2RMyS9znmXd KTV3B9dHBG3GHc2+wEpSnD5Ivpsgtbc= -----END CERTIFICATE-----
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2keXq0MTBzxEZQQZS3L8 V0RtELRXJ1aWnv8ThDZy7tMsINWdSKl/qT1Bydm9ZgFtW/jxKb1gzRE2XnDcDoKl blShWpO+h2j6KHAE6T1SIF/Wb6h7BOztE/7BFthVB5vOHEAWogqI/Y4kraehBL+O Eg5x0EbM47wWmlKcweyh/rlHiVHNmR/Frq87MfsMp8FpNC8HGhYqlfjF11SCMsiW Zol/oHoBaKynGblSKFBdwfGVXHWR9UbnVlm+PA0t4lfO1zm3VO98amzhOFkbH/QT Nk1D0SIW4hAodheUGy1dh8b/1+DnxoeiiEivhZ8WzeWWo86vKUDZYikIPDPv5Tpj m5iBw10fP2pszpolXyDVskce3ZbVIbIPxb12vyqQGX0QwQIPUJUbqcjY1JpQ26ve 1ho6bWcwjs/JqN0RWb7l3XP73roN47d9PeW9q1sscbMyEVvoIuSgEU3GrHlSDOUn ceePTJ6gkNqfz8aLf7QWJij5ooZtNdVwqMDvSqG4t90ctO7+h09BzNR1t5Jp4z5t zHPVc+HTeu1djNmBLcdgKlagcSjDPuOKMW+4EUqElmh4CJ2V9l/OggB+0AZBvBae 5RILq2oafaAL4vdVdge9jXF6/lTHgXdNUXWScD7Ri6sVByI+k44rtpl0BsHj/Oxa tiwpFhRGxuVbtuI5qdApd4cCAwEAAQ== -----END PUBLIC KEY-----
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 287651429428907873118631101385418990389785 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-07 00:30:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-05 00:30:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gartenambiente.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 890503312072600925256391499403533320266244195611778845062733917180616654506974624800425815539420111502235821436869889077448046323405400207717058833160181726353357259607545195870559690867996521801963459510536600075590735591793181252134508128435102801184767092086342731067341629910670422133440611384297111935408646353160703508828428315513046191049298662346235070371767890957826519127220332389561188468161413005859106051340696941004889094313614314582952061944635115763107791878153241345604223766378913568659727083001488033556045704107562113314549720052318796615489929871589671786228177729216084535682842136009155919233661219743762057375158402491389393481249138388607460078959345236332952304033700232514664040785043727535355338139103932914097296987399167694980310225894629352327846531771088700901252545932132194950022931815460736062219841716896473272529790694318479245093588508515790003538234216616987967718665409725342881246277321721351249289615331181970452715568897908373358656111497498146343204793219653524932543652433510012128274470911483783281861855778666567966767230134461479748006574926121507428248261140379312218307728153312736046459064826425266157331215346554215178730636679608421208434540743324261305750489891571342262097508231 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3d2849db76565e99046bdc310f11808d36e3f767 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gartenambiente.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lechuza-shop.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gartenambiente.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lechuza-shop.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00725f606ba72460b95cd3a8abb90e8746fdcce541b1c6ecdbc8b19c102582b9954c873f2a44012ff1e8627734ef5744c9b2eb3fab685f00ccc273b7669a8c298e368208a4b016c2bda80941dfd9e2cc2274e5cc968f573a5d7b1ee0fb38285e84485b02d30cb4d52089061eb1c7e489a0569ee64e3611db28400ac4f1df383748f3ed78647391638df5baf139b7ba968fb34f5195eac30f2885ae0c15b5d758e9d08afaace182c1f38ec61fb24879d1ab7fb4cbf5b5effd64869c7ee1eb1aeafe9df664eb10254239713741555969f528eedbe4ad2650802d9ac56cadff58838e27644cc92f739e65dd29357707d747046dc61dcdbec04a529c3e48be9b20b5b7