itzaber.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:3a:96:7e:02:53:52:94:4d:fd:1a:e7:2b:85:26:33:ae:d1 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

itzaber.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:3a:96:7e:02:53:52:94:4d:fd:1a:e7:2b:85:26:33:ae:d1
Serial Number (int): 281273273552633397346069309766758690959057
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 4b:fb:b3:60:8d:2f:6b:44:f7:98:6e:f0:45:8e:22:a4:b2:9d:3a:87
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 75:91:1f:6d:ad:db:49:69:ea:f0:98:fe:15:5e:4d:e0:5b:ba:6e:8c
Fingerprint (sha256): 00:0d:58:eb:88:34:57:8f:3d:11:0d:0c:73:1c:2a:8c:77:c9:77:4a:b0:88:5e:7b:ca:14:57:5d:1f:04:e4:32

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate itzaber.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for itzaber.ch


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

itzaber.ch
www.itzaber.ch

Certificate

The complete raw certificate details for itzaber.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAzqWfgJTUpRN/RrnK4UmM67RMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA0MTQxNjM0NDVaFw0x
ODA3MTMxNjM0NDVaMBUxEzARBgNVBAMTCml0emFiZXIuY2gwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDr5TQeG4Zuw6W18G12tH+g1kKQNZLq31sCRFyJ
j0d2/eFrxt6zP9DqoQuvQGPXnRP0OfLqmARuruRRt1Q1jmhP5MpMJPbsDwINdCOS
cFhEisPYueR899pHEaziA+FE9pdVum/lE+rUrRisNttOYpr8uCo7ldqszPV7sQIs
Ofw12RQOe9DErd5qkrFuRrx/GsB/fNaLsIrqqXMPnRcXrTB/WRl7Mtbe3YdBPWD2
RfGlyggPK63AtU5iH4NVxHDR0/bcQVCdIaYMAoJNv/L4IY0y5x6aJYaE7eLoSLfo
peOKY7C3JoS9N+JbGhDk7Hci/VwZ83CAx5NsFXul5djsGMZNAgMBAAGjggMhMIID
HTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEv7s2CNL2tE95hu8EWOIqSynTqHMB8G
A1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAu
BggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAv
BggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w
JQYDVR0RBB4wHIIKaXR6YWJlci5jaIIOd3d3Lml0emFiZXIuY2gwgf4GA1UdIASB
9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo
dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz
IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg
UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj
YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv
c2l0b3J5LzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ANt0r+7LKeyx/so+cW0s
5bmquzb3hHGDx12dTze2H79kAAABYsU5PeAAAAQDAEYwRAIgKP2KnWf/8uHtsjPi
HErRhaN8ooLCD0nmPmnIEKyn/xwCIA+hti8+b88OG9fCt5yhFMGCL5gOB5pia3tl
c8MOJkcxAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFixTk+
BAAABAMARzBFAiB0ht7EYCuUkoAVjkOyuQ7TWJXurm8xYN0UdGusCsLHBQIhAIZ5
tZPi4wTL1KZxeKKOK+erjaA07lr2yBdH9fbpSrnAMA0GCSqGSIb3DQEBCwUAA4IB
AQAOObs5Bvk2AAsLZ+mWPZa08zeP3vTrH1iOw0scAVJ/J7HzLXoRh1YrhIVngMq7
qOlCILWc7Ri20lDFGBQHBjVVRVvEKzqTff6lFKTvFpabB7B3qLU5ONeYpDEELvDn
UMjLjK3NU0LZYs18/Tp1pxcyGcpQ1HvAR2IFgC4t/ZUjRIq8pgH4fjargbeL+bF3
5jY1KHTOrSSrz+svbXREOUAWis9hcsWx7CzM2kaPA0+CtwYfd2L8P7lPVX5FppME
zHiYKN60OsnV4EzCll1sTcIogVSEwXfSxvedwD9tjcG/jSOMTdWwyhkgji7fI7wT
j2RsVWXsPwayZXstAM3hgTzR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+U0HhuGbsOltfBtdrR/
oNZCkDWS6t9bAkRciY9Hdv3ha8besz/Q6qELr0Bj150T9Dny6pgEbq7kUbdUNY5o
T+TKTCT27A8CDXQjknBYRIrD2LnkfPfaRxGs4gPhRPaXVbpv5RPq1K0YrDbbTmKa
/LgqO5XarMz1e7ECLDn8NdkUDnvQxK3eapKxbka8fxrAf3zWi7CK6qlzD50XF60w
f1kZezLW3t2HQT1g9kXxpcoIDyutwLVOYh+DVcRw0dP23EFQnSGmDAKCTb/y+CGN
MucemiWGhO3i6Ei36KXjimOwtyaEvTfiWxoQ5Ox3Iv1cGfNwgMeTbBV7peXY7BjG
TQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 281273273552633397346069309766758690959057
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-14 16:34:45 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-13 16:34:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'itzaber.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29779026166974336561903442332860924961527237544687697392909545835463642089506210397644902337178360261976844060979159357676783346214373178629531021192377868407755193572851444256580407366042347056081540625040999946231900562148910226266544710747598984099077760375614778066706253795460056642946785258463714840840002673353161134031078316927980002622198967782522680665528982129785516462163634196304288223037738061603884119061437514269346839337778482541986599962881496986134831599619473978355263508319342913491350686529473561216568491556963019742804643028419957551581848708213748611955314552393251088840073947847917162776141
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4bfbb3608d2f6b44f7986ef0458e22a4b29d3a87
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itzaber.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.itzaber.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000162c5393de00000040300463044022028fd8a9d67fff2e1edb233e21c4ad185a37ca282c20f49e63e69c810aca7ff1c02200fa1b62f3e6fcf0e1bd7c2b79ca114c1822f980e079a626b7b6573c30e264731007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000162c5393e04000004030047304502207486dec4602b949280158e43b2b90ed35895eeae6f3160dd14746bac0ac2c7050221008679b593e2e304cbd4a67178a28e2be7ab8da034ee5af6c81747f5f6e94ab9c0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000e39bb3906f936000b0b67e9963d96b4f3378fdef4eb1f588ec34b1c01527f27b1f32d7a1187562b84856780cabba8e94220b59ced18b6d250c5181407063555455bc42b3a937dfea514a4ef16969b07b077a8b53938d798a431042ef0e750c8cb8cadcd5342d962cd7cfd3a75a7173219ca50d47bc0476205802e2dfd9523448abca601f87e36ab81b78bf9b177e636352874cead24abcfeb2f6d74443940168acf6172c5b1ec2cccda468f034f82b7061f7762fc3fb94f557e45a69304cc789828deb43ac9d5e04cc2965d6c4dc228815484c177d2c6f79dc03f6d8dc1bf8d238c4dd5b0ca19208e2edf23bc138f646c5565ec3f06b2657b2d00cde1813cd1