kraakgroepleiden.squat.net

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:b4:90:90:5c:48:b8:d3:e9:d3:47:3c:fb:e2:ec:2d:29:81 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

kraakgroepleiden.squat.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b4:90:90:5c:48:b8:d3:e9:d3:47:3c:fb:e2:ec:2d:29:81
Serial Number (int): 322779842234933632930500348705558936496513
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 51:b6:da:1d:90:6c:62:4c:a9:cf:3d:09:f7:7a:ac:6b:74:32:c9:fa
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 74:63:09:e1:f6:4d:2c:29:f9:16:49:3c:6e:f4:9d:94:4e:71:de:43
Fingerprint (sha256): 00:0c:27:b8:84:76:b1:8b:ab:0e:e3:18:d6:4b:06:2c:ec:0d:0c:97:a9:43:53:a8:6e:e0:e6:c8:61:07:80:c7

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate kraakgroepleiden.squat.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for kraakgroepleiden.squat.net


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

kraakgroepleiden.squat.net
www.kraakgroepleiden.squat.net

Certificate

The complete raw certificate details for kraakgroepleiden.squat.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgISA7SQkFxIuNPp00c8++LsLSmBMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAxMTQyMDMyMjlaFw0x
ODA0MTQyMDMyMjlaMCUxIzAhBgNVBAMTGmtyYWFrZ3JvZXBsZWlkZW4uc3F1YXQu
bmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxZfSwT/mcO/9HmHT
lkb+KjR+5MJyYxvEZb6nQ/8joe+lA+EG6L1Gl88K04oTp0r+dxIVTyOaNSZKoBhF
tiEqCe3UbanhBnVXIrDM/Od4sTrcspSoIw2uehrK3HCCS0z8mWxjkCMfR++OKn7N
+lQwX5JMQIrR2b9OpBFotsCliXZSaJ757XtkvvU0t6qsXghNlLm3WKbwsyu/cvVd
FIppqcxjQQmnmgKoFhX4u389ZtSRXKaMD4Iaa3FYD4xxPstW06lEQF1JW3Hh3mgW
S8KVnEHtmEMRW9QchZZazqYwx4Jz9TpTFDeKKS8RgdwHDMR/Kf4beKUg1Z1ZOod6
WdJts8I8C6fAZdpR6wDltreFouq6d/fWYzc1hibNOKqsaRKlTDee/JBF095Fmu4l
k4+gklIOnnejt/HGAvDtQ86cK6FS6i/ujLVLXkp6uxN/OL9g4IPytPgMZ0p6WWQA
wLYWcKax6K4FS2CP6PThMdK2GUILa4aSLlvsIQ4eR4cF4f6U5EuaPXg/mWarkviF
AhHU0rq4QQChuoITmsDqx29A4ITRvkVt9rgJTnjDUDWC4Wq996GS0T9NKrWl16F3
7N73Ser/sQ6sUqGF5XHIfbnQOaD2v24rIIQfvmlMV88pmkBXcJFU4Czvqm9B+BiR
xEKUyaEV2LV0c1euanMz5yXFEU0CAwEAAaOCAjowggI2MA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUUbbaHZBsYkypzz0J93qsa3QyyfowHwYDVR0jBBgwFoAUqEpqYwR9
3brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRw
Oi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRw
Oi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzBFBgNVHREEPjA8ghprcmFh
a2dyb2VwbGVpZGVuLnNxdWF0Lm5ldIIed3d3LmtyYWFrZ3JvZXBsZWlkZW4uc3F1
YXQubmV0MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB
1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsG
AQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQg
dXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3
aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRz
ZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAEqv+Uhv
XLH9Lp9W03qYsCO718ghAcBD05zpXNZ/8S/ya+GUZtHonu6GOo/NpY9I07Zs+Nf0
SEs00ofdPKCVx4wTqa37y87pXvsvTewksSbcYpZEFzhG4TjkAwFnhPA4XwmDXZy1
ErIwqc1OaqGzUrXOb2MwbyTYgKpoJPeOsfJSBAbGclgLCeNykCv52bUhUoACu8Ud
ME08WjPOodoFzNTvKDip15076lTaa24ZioXbf3IRBc+G0d9RqxX+OeoAxNrqrIfi
e/VC/rchx0mMtGeptpf1jfpESV2tbOMmcHJXyWjArpBkM7wI5mbOwfBXGXz9RoMg
DUd8hU33MAVUDKM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxZfSwT/mcO/9HmHTlkb+
KjR+5MJyYxvEZb6nQ/8joe+lA+EG6L1Gl88K04oTp0r+dxIVTyOaNSZKoBhFtiEq
Ce3UbanhBnVXIrDM/Od4sTrcspSoIw2uehrK3HCCS0z8mWxjkCMfR++OKn7N+lQw
X5JMQIrR2b9OpBFotsCliXZSaJ757XtkvvU0t6qsXghNlLm3WKbwsyu/cvVdFIpp
qcxjQQmnmgKoFhX4u389ZtSRXKaMD4Iaa3FYD4xxPstW06lEQF1JW3Hh3mgWS8KV
nEHtmEMRW9QchZZazqYwx4Jz9TpTFDeKKS8RgdwHDMR/Kf4beKUg1Z1ZOod6WdJt
s8I8C6fAZdpR6wDltreFouq6d/fWYzc1hibNOKqsaRKlTDee/JBF095Fmu4lk4+g
klIOnnejt/HGAvDtQ86cK6FS6i/ujLVLXkp6uxN/OL9g4IPytPgMZ0p6WWQAwLYW
cKax6K4FS2CP6PThMdK2GUILa4aSLlvsIQ4eR4cF4f6U5EuaPXg/mWarkviFAhHU
0rq4QQChuoITmsDqx29A4ITRvkVt9rgJTnjDUDWC4Wq996GS0T9NKrWl16F37N73
Ser/sQ6sUqGF5XHIfbnQOaD2v24rIIQfvmlMV88pmkBXcJFU4Czvqm9B+BiRxEKU
yaEV2LV0c1euanMz5yXFEU0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 322779842234933632930500348705558936496513
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-14 20:32:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-14 20:32:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kraakgroepleiden.squat.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 806109353537334449843960155842167377403770091248595183916390017094889200587969183037394599511388134240299115958339068948041925533751265638087242386630923289590093572599303498043980166234590274661012307582894199818611629347640783388695745881637009595041014821061152549032796744929913102780834661173393147982957019780519884726682489000179525221800637527527068844860776349164991386891442901674758081094941497096412047726435525072929361756977953255487745765523148345511735645838459829407418958857484712888498747205216909533382507974732126062346819880682210226886960654888390798100851942778818713863908577503076565309242973601190247199577588268807098836827183045858641095412453067493004557983721688928263325803609013487730122357879752920305603401156557994295032812277687282522858384050243917063510667180155109495185696044156553874553089948666750298685160207176553553045271034605815611832919940987086646290054003602407856061415755513103916524714419871739893513762169047478587947013252568948042640311687843910326161110508992211283306502445373409865293089395036891715955472803706467105807107034245915612681511217121693519034927160856316716872685801541088103839156980296967734191360459217027992944506102662417833730852225120197097743045693773
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							51b6da1d906c624ca9cf3d09f77aac6b7432c9fa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kraakgroepleiden.squat.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kraakgroepleiden.squat.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004aaff9486f5cb1fd2e9f56d37a98b023bbd7c82101c043d39ce95cd67ff12ff26be19466d1e89eee863a8fcda58f48d3b66cf8d7f4484b34d287dd3ca095c78c13a9adfbcbcee95efb2f4dec24b126dc629644173846e138e403016784f0385f09835d9cb512b230a9cd4e6aa1b352b5ce6f63306f24d880aa6824f78eb1f2520406c672580b09e372902bf9d9b521528002bbc51d304d3c5a33cea1da05ccd4ef2838a9d79d3bea54da6b6e198a85db7f721105cf86d1df51ab15fe39ea00c4daeaac87e27bf542feb721c7498cb467a9b697f58dfa44495dad6ce326707257c968c0ae906433bc08e666cec1f057197cfd4683200d477c854df73005540ca3