DV SSL/TLS Certificate for hetzlos.de

Certificate is witin its validity period

Issued by DigiCert Inc (Encryption Everywhere DV TLS CA - G2)

About the hetzlos.de DV SSL/TLS Certificate

This certificate with serial number 0c:e7:74:e8:c7:88:1f:8e:71:1d:04:65:c2:d1:44:f2 for hetzlos.de was issued on by DigiCert Inc.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for hetzlos.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Organizational unit: www.digicert.com
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 0c:e7:74:e8:c7:88:1f:8e:71:1d:04:65:c2:d1:44:f2
Serial Number (int): 17152527725940342446996290364226225394
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: b8:9c:98:12:63:a3:f3:82:29:ca:c1:ad:21:6c:44:b4:6c:e0:1b:be
Authority Key Identifier: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6

Fingerprint (SHA-1): 5d:27:c1:17:e5:9a:b0:35:96:10:4b:b4:dd:93:cf:69:8f:3f:4a:1f
Fingerprint (SHA-256): aa:53:5e:fb:92:c0:02:d6:0e:31:34:16:b3:51:56:64:1c:75:24:13:ae:a3:f9:2c:ae:2d:8d:50:d9:c2:fa:3f

Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt

Revocation Information

OCSP Server: http://ocsp.digicert.com

Check the revocation status for certificate hetzlos.de
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for hetzlos.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

hetzlos.de

X.509 Certificate

The complete raw X.509 certificate details for hetzlos.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIQDOd06MeIH45xHQRlwtFE8jANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzIwHhcNMjUwNjI1MDAwMDAwWhcNMjYwNjI0MjM1OTU5WjAV
MRMwEQYDVQQDEwpoZXR6bG9zLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Gh4MvFTAkZBW6aTC68x9SnqZSP1uwQaKxMfd4qhfEWPXkfOnEvvg+1A
cPvqM/+7teo1/ohmtxjH457rZWEcz7n2nTF1M8ICWPdc17aKWYw+imM5iKgO97dz
ekr1pjgLg01s/zQJtliqivJ21sZ856Yx6wa121LhyUe67T+ZhLAJFtWxm0N+Bbkn
kfTOd3FvZmzbCL0wR8M0WxSbvZ4iTsZ+wD4GK+YJYqvwHmN3f+crIzETqFZ/WbbP
7OnEhKZ6rFmvVYnSQE0y/O4WGhLxkzYncweTRipYtXK0iCmONKK1j1zwoA9fCeRf
sqo6YO2iCegz+Z6ULGYGKYt0/AUrTwIDAQABo4IC3TCCAtkwHwYDVR0jBBgwFoAU
eN+RkF/u3qz2xXXr1UxVU+8kSrYwHQYDVR0OBBYEFLicmBJjo/OCKcrBrSFsRLRs
4Bu+MBUGA1UdEQQOMAyCCmhldHpsb3MuZGUwPgYDVR0gBDcwNTAzBgZngQwBAgEw
KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYAGCCsG
AQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t
MEoGCCsGAQUFBzAChj5odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRW5jcnlw
dGlvbkV2ZXJ5d2hlcmVEVlRMU0NBLUcyLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYK
KwYBBAHWeQIEAgSCAW4EggFqAWgAdgAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0h
qSWsYcVOIQAAAZek4DyvAAAEAwBHMEUCIBY5K+hjjjohC47qunE6WBfMmtSwozUH
MAFOVuuYQs44AiEAikSrlYi7edsG0R555LGr0+807Ef8HJqI8tqr81KABQ4AdwBk
EcRspBLsp4kcogIuALyrTygH1B41J6vq/tUDyX3N8AAAAZek4DztAAAEAwBIMEYC
IQDS9Tl0AUp+YYnWj291NvUuQkQxUQqkA7V/AtZyPOyTYgIhAOqiHfVgPb0pN2ym
xslcrZhkQXdbz2wE//73LUtYHl/jAHUASZybad4dfOz8Nt7Nh2SmuFuvCoeAGdFV
Uvvp6ynd+MMAAAGXpOA9AAAABAMARjBEAiB5+3MgcMFzFwY1dtSpmF1CenyfYfox
nvt74EcBcBAy/gIgQkjtkzao3cS5lt7ibkjJiFmIXSROSJVLgr1A6kdR6IowDQYJ
KoZIhvcNAQELBQADggEBANnCOuTLHTxd6qXuBsEHpoF48AzIxj6aZBACeUv8y0eb
tVVAiO6gSDF5M5q25+pTcNk05lWafdrtRWtj9sDx28QTcqAMWNhiDT90pCA/jVpx
2jEpGi5weNjkeL/GDN05ETqF7HSzz/VL7/sLZEd7NlzetGhlNJGMhsVFKRuOdT0F
tFG8oxnIeLmkvT+Pj34LBfTwG8dNooFg2iHS0yPsZm12bz7hvnl0KS0Tm9yF+RLn
lGbNoIMyD+wRJbqEW3kRPtoUXDDp0yQDp0CySUb1JkeIIoFDijGlqXRMj7f/MDQ2
khbvpa6l2uIORzEyzGJm2c731Fm34mfdg6zuvBnRbMQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gh4MvFTAkZBW6aTC68x
9SnqZSP1uwQaKxMfd4qhfEWPXkfOnEvvg+1AcPvqM/+7teo1/ohmtxjH457rZWEc
z7n2nTF1M8ICWPdc17aKWYw+imM5iKgO97dzekr1pjgLg01s/zQJtliqivJ21sZ8
56Yx6wa121LhyUe67T+ZhLAJFtWxm0N+BbknkfTOd3FvZmzbCL0wR8M0WxSbvZ4i
TsZ+wD4GK+YJYqvwHmN3f+crIzETqFZ/WbbP7OnEhKZ6rFmvVYnSQE0y/O4WGhLx
kzYncweTRipYtXK0iCmONKK1j1zwoA9fCeRfsqo6YO2iCegz+Z6ULGYGKYt0/AUr
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17152527725940342446996290364226225394
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-06-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hetzlos.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26309083276885208773156590668571163120482309661580618064589242157152448915912883104700691344011174899212853189594844801515802195041870114379584922149311480728426457125826867893920169313205025396358279439726214978189668456447899574443078488011066613016200328990063663136117487564331800519515704168288559639263778400787257994783643645199375174671051152517299488346042473369084722720536180065421093085337200535812423711800297895279050350851084008721950764697797030308240903608553499325401131743011453907802616049831109310822463326406451059093740443125013432909894381406824536195720365236028474282721694963197428667591503
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b89c981263a3f38229cac1ad216c44b46ce01bbe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hetzlos.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e2100000197a4e03caf0000040300473045022016392be8638e3a210b8eeaba713a5817cc9ad4b0a3350730014e56eb9842ce380221008a44ab9588bb79db06d11e79e4b1abd3ef34ec47fc1c9a88f2daabf35280050e0077006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000197a4e03ced0000040300483046022100d2f53974014a7e6189d68f6f7536f52e424431510aa403b57f02d6723cec9362022100eaa21df5603dbd29376ca6c6c95cad986441775bcf6c04fffef72d4b581e5fe3007500499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c300000197a4e03d000000040300463044022079fb732070c17317063576d4a9985d427a7c9f61fa319efb7be04701701032fe02204248ed9336a8ddc4b996dee26e48c98859885d244e48954b82bd40ea4751e88a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00d9c23ae4cb1d3c5deaa5ee06c107a68178f00cc8c63e9a641002794bfccb479bb5554088eea0483179339ab6e7ea5370d934e6559a7ddaed456b63f6c0f1dbc41372a00c58d8620d3f74a4203f8d5a71da31291a2e7078d8e478bfc60cdd39113a85ec74b3cff54beffb0b64477b365cdeb4686534918c86c545291b8e753d05b451bca319c878b9a4bd3f8f8f7e0b05f4f01bc74da28160da21d2d323ec666d766f3ee1be7974292d139bdc85f912e79466cda083320fec1125ba845b79113eda145c30e9d32403a740b24946f52647882281438a31a5a9744c8fb7ff3034369216efa5aea5dae20e473132cc6266d9cef7d459b7e267dd83aceebc19d16cc4