DV SSL/TLS Certificate for dybit.de

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the dybit.de DV SSL/TLS Certificate

This certificate with serial number 06:26:55:89:cc:6c:3c:b2:ac:fa:e5:dc:dc:40:9b:44:66:9d for dybit.de was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for dybit.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:26:55:89:cc:6c:3c:b2:ac:fa:e5:dc:dc:40:9b:44:66:9d
Serial Number (int): 535718145404055464414675335856888658290333
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: d6:18:b7:57:f1:e4:92:56:b8:6b:b5:d1:56:34:07:5d:42:ca:08:01
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): eb:00:3b:3f:fe:c2:a9:c0:5a:38:be:89:77:65:b9:82:85:ec:59:b1
Fingerprint (SHA-256): 1e:be:04:b2:f4:fb:5f:a2:ce:8f:b3:4f:b7:fa:25:2f:16:b2:d7:a8:f6:3e:72:82:e7:13:cf:a0:ca:ee:6a:cf

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/30.crl

Check the revocation status for certificate dybit.de
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for dybit.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for dybit.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISBiZVicxsPLKs+uXc3ECbRGadMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjE5MDYyNjQ3WhcNMjUwOTE3MDYyNjQ2WjATMREwDwYDVQQD
EwhkeWJpdC5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO+d2iSQ
U/njgEQI0A3R3rzFs854UeqppB0vtRhi+CJsKNcP9UWGNonRAPqocUj7uzzgR+4E
NOvSgvjrR4MSGq6Sljf9R4QeE/4ixHLSZKdO9Rm5E8EJfRxi13frpRR4UPOsAyZx
y8Ieo2Cwp8Jdy5EZi7AqycII/77nDbwf8j3K0HtTi0bdLZtwOFppBZBxMIGyR5CN
EF3CmGQM2asP7RIvCQV49i8j+sIEWm1RDIGPFQdGEB9u3TjgVJshVuB3Gfu1Wtsn
G4yPDUG/5MraxPJqgDqSGhWR75MhL+m6zZa8UIiJ2XNwn/vOwthQOHExZNjKcmp9
KHqnUUzyl2ND4u8CAwEAAaOCAiowggImMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
1hi3V/Hkkla4a7XRVjQHXULKCAEwHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXELbBe
ki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmku
bGVuY3Iub3JnLzAlBgNVHREEHjAcgghkeWJpdC5kZYIQd2VibWFpbC5keWJpdC5k
ZTATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8v
cjExLmMubGVuY3Iub3JnLzMwLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2
AO08S9boBsKkogBX28sk4jgB31Ev7cSGxXAPIN23Pj/gAAABl4cT5dkAAAQDAEcw
RQIhALMrTo4FsV2uKOX6E3+xApyhYdQnxihEY+Eg8nN54d9LAiBnH8xW3TpXChW8
ro+vL+f25D4+q3JfBV5adbNsp/ghaQB2AMz7D2qFcQll/pWbU87psnwi6YVcDZeN
tql+VMD+TA2wAAABl4cT5fAAAAQDAEcwRQIgIUeiibSVJ4XbNi3beNz2Ai8WYWMZ
GdapRNQvrJTCmPICIQCrFcY09qUst47MhWje5MumAN739CkCvvNze1IME3xokzAN
BgkqhkiG9w0BAQsFAAOCAQEAcEb99k+6oZrjUQl4lY4bwllwo4AC2+aGvIRJgxH9
LiwLmSPrr5DZOPaw4OCW/Jm+wIFiPW5kcxY4CIZBMDgUmKiWoOhfQ6GhmOWHcNpB
/2Ff2kbQ/YQORu0T7VZ3RdRxSQ6Z7MzIf5h1EraFdD/MsdJVIWGQmLJcfwG2evHC
bvr6W2HHSn/g9E+1v4225Sb/CSQg3KqJHKwGa9OaE6oQ7a0cmRJ0VzqR1Tc1iBdc
ewU09wCVBvzGL+giRvA0Uaj3gnGvDc42k+9hL9UncjNaMaxPp+uuozKTAJoqCMPm
2h5t+x3wFM7wnrWaYP0RIuC5k1hMZr0sedyejqQp1FWn4w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA753aJJBT+eOARAjQDdHe
vMWzznhR6qmkHS+1GGL4Imwo1w/1RYY2idEA+qhxSPu7POBH7gQ069KC+OtHgxIa
rpKWN/1HhB4T/iLEctJkp071GbkTwQl9HGLXd+ulFHhQ86wDJnHLwh6jYLCnwl3L
kRmLsCrJwgj/vucNvB/yPcrQe1OLRt0tm3A4WmkFkHEwgbJHkI0QXcKYZAzZqw/t
Ei8JBXj2LyP6wgRabVEMgY8VB0YQH27dOOBUmyFW4HcZ+7Va2ycbjI8NQb/kytrE
8mqAOpIaFZHvkyEv6brNlrxQiInZc3Cf+87C2FA4cTFk2Mpyan0oeqdRTPKXY0Pi
7wIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 535718145404055464414675335856888658290333
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-19 06:26:47 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-17 06:26:46 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dybit.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30248794668595027047780166398784063978814235317717972952144215055586238383256687758211801396501517701895581040608829354535377662031424701968745852791388313741154217907517030311128461173927134454212371213343735191152034179916233555716279197737222117422937068597377299826338570570454001926191160668278523835234450058156052757336293260560432717266822957485103184875609022835777825289707665856634525773456527309243346470480892739984295423925470932843653539290371631625187739908487299258866681208349622121377218725262979805962220884292564423641425711236596524392368505370238382553138123637726180247976692562983596704654063
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d618b757f1e49256b86bb5d15634075d42ca0801
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dybit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.dybit.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/30.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe0000001978713e5d90000040300473045022100b32b4e8e05b15dae28e5fa137fb1029ca161d427c6284463e120f27379e1df4b0220671fcc56dd3a570a15bcae8faf2fe7f6e43e3eab725f055e5a75b36ca7f82169007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001978713e5f0000004030047304502202147a289b4952785db362ddb78dcf6022f1661631919d6a944d42fac94c298f2022100ab15c634f6a52cb78ecc8568dee4cba600def7f42902bef3737b520c137c6893
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007046fdf64fbaa19ae3510978958e1bc25970a38002dbe686bc84498311fd2e2c0b9923ebaf90d938f6b0e0e096fc99bec081623d6e6473163808864130381498a896a0e85f43a1a198e58770da41ff615fda46d0fd840e46ed13ed567745d471490e99ecccc87f987512b685743fccb1d25521619098b25c7f01b67af1c26efafa5b61c74a7fe0f44fb5bf8db6e526ff092420dcaa891cac066bd39a13aa10edad1c991274573a91d5373588175c7b0534f7009506fcc62fe82246f03451a8f78271af0dce3693ef612fd52772335a31ac4fa7ebaea33293009a2a08c3e6da1e6dfb1df014cef09eb59a60fd1122e0b993584c66bd2c79dc9e8ea429d455a7e3