DV SSL/TLS Certificate for dekorsatz.ch

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the dekorsatz.ch DV SSL/TLS Certificate

This certificate with serial number 06:3a:d0:ab:8f:79:5b:4b:3d:bd:7c:fb:56:0e:fc:d7:40:ea for dekorsatz.ch was issued on by Let's Encrypt.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for dekorsatz.ch provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:3a:d0:ab:8f:79:5b:4b:3d:bd:7c:fb:56:0e:fc:d7:40:ea
Serial Number (int): 542687463087861417801012459772848639525098
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: cd:38:4e:65:db:50:86:e8:66:5e:e2:39:a1:5f:32:e7:c2:fd:9a:5f
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): d9:1c:17:5a:18:29:12:ab:41:20:9a:4d:fa:22:5e:22:42:d2:78:b1
Fingerprint (SHA-256): 6e:47:18:e0:91:c5:16:6b:10:39:d3:79:07:7b:e9:e0:ef:f5:14:ee:b8:39:c0:62:59:92:60:67:3e:ad:1a:3e

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/107.crl

Check the revocation status for certificate dekorsatz.ch
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for dekorsatz.ch

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for dekorsatz.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISBjrQq495W0s9vXz7Vg7810DqMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjI1MDI0MDE3WhcNMjUwOTIzMDI0MDE2WjAXMRUwEwYDVQQD
EwxkZWtvcnNhdHouY2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCp
fjDLUxF/8MDOkGuD6q/OEm/aohCNg2kCwVgUhG/p+WM5D512F79wU5BaWI3DnXUP
n2y3IfNmYs/R1zArzox671BTLFjiMUXfNcqtMGesoxu0cZiVvOc1eVi2qcy3/t/Q
TrX9ibJWVmYHlDcKB7OEfNFatAo4KTS20bL5osZx07yB1reUdrNcmo9AKIjSe1yB
hiAti8Qpp7XunlIiaqhWkZ0yal+5eL9/VzSvCgCGbqDV5x0Q9qHhnyJT4k/D5qE2
Kj4yHcsmUxAdoRZnsZGR9UCV9G02nnOfxx7T/zPF2dlpZC0TntoTRdYSOJLfkzDn
VKLTWMDcZzPVqG+UoUmWZwwVbfOlSs4hNO9xZ0OXTMwW6XCbTJ1n3T4ooj50F5qk
OChLhDezqVTRuu0Oewc1XNs1fS5ZwG8Q8Uvnf4u1d4I9gWIvsE6l1Mq6alc7lXtV
hvmPQdppRmC5C80z5YWhKJHLpLKMWZHJZtphio4qAoXxyD7y1na2My9324hHuy/0
t/ODoBN+HiOlU8VZgS5JquekpcmdyTNrYerbIf/FFV00aAmHXKG6rbGg872sRI7P
ZPQhD0kaWXnYXN2I/zcIXP+KRCbrfpwHo7msEumipYO5+d/w/ZlWLYBE2Dhcie2L
1KEeaAy4czCAuacEZE1s3MXiz+qUP3VPOKjFAagHdwIDAQABo4ICTjCCAkowDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBTNOE5l21CG6GZe4jmhXzLnwv2aXzAfBgNVHSME
GDAWgBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
BQUHMAKGF2h0dHA6Ly9yMTAuaS5sZW5jci5vcmcvMEkGA1UdEQRCMECCDGRlY29y
c2F0ei5jaIIMZGVrb3JzYXR6LmNoghB3d3cuZGVjb3JzYXR6LmNoghB3d3cuZGVr
b3JzYXR6LmNoMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAioCCG
Hmh0dHA6Ly9yMTAuYy5sZW5jci5vcmcvMTA3LmNybDCCAQMGCisGAQQB1nkCBAIE
gfQEgfEA7wB1ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABl6Uq
sD8AAAQDAEYwRAIgRlr+/OxbPKrVaByhSskB/ik2eeD8YL2eidBRE6P3yH0CIBfZ
DMtOPKtsKfdjPfhPOKK6QYUM4OdpfmlT/XXd1r/YAHYAzPsPaoVxCWX+lZtTzumy
fCLphVwNl422qX5UwP5MDbAAAAGXpSq4BwAABAMARzBFAiEA6p5k8zF+9a+2CwMF
OT+CbBo2FhQpd4MCC4/9r7fvnNYCIB+w1N3DvAYi8Mkj/UQrLBtHrkm0vkKbSLzh
20/STlPkMA0GCSqGSIb3DQEBCwUAA4IBAQCDIlfRngS6xdkMveeiDKObKpgbTm2n
Hef+UpeXqleyenBnnWCN4F4JsqdtDc4L1pCS8OdjA0emfo40LapWlf+d+eQcK/Je
lgzxWQjuqFzyZOWAeUvfZJqj9ay+adJEj4EN4SPgwJ1x4HhhdtXiFWpzE0MbtGQc
md08KgylRVR57ZOBT3KNknZo9L+EkOBo1niajkucHVa6jjyjrJpkhRJk2D4C/fR+
N5t1S3iOSXNjb5yzr8SqFqRs90NqNz+BGDe9llmBatGmsniROOmoak1Tbe6dE72v
r4m10KUM62WGUQ8HjBnhhH2mBt4exNzVxJ7BCLH6Oj2ZpzoJAtGuMX0c
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqX4wy1MRf/DAzpBrg+qv
zhJv2qIQjYNpAsFYFIRv6fljOQ+ddhe/cFOQWliNw511D59styHzZmLP0dcwK86M
eu9QUyxY4jFF3zXKrTBnrKMbtHGYlbznNXlYtqnMt/7f0E61/YmyVlZmB5Q3Cgez
hHzRWrQKOCk0ttGy+aLGcdO8gda3lHazXJqPQCiI0ntcgYYgLYvEKae17p5SImqo
VpGdMmpfuXi/f1c0rwoAhm6g1ecdEPah4Z8iU+JPw+ahNio+Mh3LJlMQHaEWZ7GR
kfVAlfRtNp5zn8ce0/8zxdnZaWQtE57aE0XWEjiS35Mw51Si01jA3Gcz1ahvlKFJ
lmcMFW3zpUrOITTvcWdDl0zMFulwm0ydZ90+KKI+dBeapDgoS4Q3s6lU0brtDnsH
NVzbNX0uWcBvEPFL53+LtXeCPYFiL7BOpdTKumpXO5V7VYb5j0HaaUZguQvNM+WF
oSiRy6SyjFmRyWbaYYqOKgKF8cg+8tZ2tjMvd9uIR7sv9Lfzg6ATfh4jpVPFWYEu
SarnpKXJnckza2Hq2yH/xRVdNGgJh1yhuq2xoPO9rESOz2T0IQ9JGll52FzdiP83
CFz/ikQm636cB6O5rBLpoqWDufnf8P2ZVi2ARNg4XInti9ShHmgMuHMwgLmnBGRN
bNzF4s/qlD91TzioxQGoB3cCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 542687463087861417801012459772848639525098
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-25 02:40:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-23 02:40:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dekorsatz.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 691470834772235873194213032243404082673610030519255091649080714980452214096424171538396174217553066092628158428498410143595910147486725770957102765123669964970797214113673791071500642660648483147848395901818976510297276046646938909107899998983304809457063484931362852325317914138833024835087732400788043794796677170792511699748384667118340662951979986198749299931431417426027674259372900234687235498507196323948096548230614548584870018782904949541941438325093472525940913783754307476709962275269810247713061393311838922589477134224341848422839430465278251921370392524202232145366029794535931210947992595683426559756630757040233785537960511923858237683377834768137242300715510208195965318615024660276955724644049000057187036806499353445366091218599277062726328152726855241968225849326155544579160390445135724942288705945807482493963895508475136280059081173848050846650882337693918424366419305967187146082722791890816385402342304974568647308738763284971395636457823564662500535706065378206872269546586992979129869618253098019491711358379731044057197152793581087589010258096490442856881408042660284027658016108606293294331451811271023030178357295649661443853157785551346832039929657648134438771647830093050183434075783636010476075747191
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cd384e65db5086e8665ee239a15f32e7c2fd9a5f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'decorsatz.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dekorsatz.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.decorsatz.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dekorsatz.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/107.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000197a52ab03f00000403004630440220465afefcec5b3caad5681ca14ac901fe293679e0fc60bd9e89d05113a3f7c87d022017d90ccb4e3cab6c29f7633df84f38a2ba41850ce0e7697e6953fd75ddd6bfd8007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197a52ab8070000040300473045022100ea9e64f3317ef5afb60b0305393f826c1a361614297783020b8ffdafb7ef9cd602201fb0d4ddc3bc0622f0c923fd442b2c1b47ae49b4be429b48bce1db4fd24e53e4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00832257d19e04bac5d90cbde7a20ca39b2a981b4e6da71de7fe529797aa57b27a70679d608de05e09b2a76d0dce0bd69092f0e7630347a67e8e342daa5695ff9df9e41c2bf25e960cf15908eea85cf264e580794bdf649aa3f5acbe69d2448f810de123e0c09d71e0786176d5e2156a7313431bb4641c99dd3c2a0ca5455479ed93814f728d927668f4bf8490e068d6789a8e4b9c1d56ba8e3ca3ac9a64851264d83e02fdf47e379b754b788e4973636f9cb3afc4aa16a46cf7436a373f811837bd9659816ad1a6b2789138e9a86a4d536dee9d13bdafaf89b5d0a50ceb6586510f078c19e1847da606de1ec4dcd5c49ec108b1fa3a3d99a73a0902d1ae317d1c