km20508-08.keymachine.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:55:56:26:2c:e9:f5:e7:87:97:41:f8:b3:42:40:57:f7:a1 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=km20508-08.keymachine.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:55:56:26:2c:e9:f5:e7:87:97:41:f8:b3:42:40:57:f7:a1Serial Number (int): 290375370809440924578855488828530694289313
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: bf:01:a0:e6:1c:a7:92:ce:85:78:b8:9a:ee:fb:f2:0f:11:5a:f3:d7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 35:0f:99:1e:67:02:74:a3:0c:50:a4:2e:97:3d:6f:36:92:d7:ee:e5
Fingerprint (sha256): 00:17:be:c0:db:ac:15:3b:86:91:7e:c8:b7:ac:d1:3a:7a:b8:ad:34:d4:3b:2b:e9:97:11:0c:2d:e7:9e:50:53
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate km20508-08.keymachine.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for km20508-08.keymachine.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
km20508-08.keymachine.de
Other certificates including the domain name km20508-08.keymachine.de
(limited to 100 certificates)
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
km20508-08.keymachine.de
Certificate
The complete raw certificate details for km20508-08.keymachine.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGFDCCBPygAwIBAgISA1VWJizp9eeHl0H4s0JAV/ehMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MjQxODU1MDBaFw0x NzA4MjIxODU1MDBaMCMxITAfBgNVBAMTGGttMjA1MDgtMDgua2V5bWFjaGluZS5k ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOQ14rphawRjkaoqtKAQ p1myiH+J+kAD+6EmOl7dXMruUyvze9c1lAl9fIgZ+uxqF7q2SGm1PIL+lHbc4wIK WkKS5KJ5TUK+PIJlk0746D/4GmtR5bhfby99Sm5gIBPwLwphPvkH9FWO9jNzQJdw lxeG4MHQ3c0Hx+G3A5x0r4qnUdLCZLuXYNJD/pbfuiPpjpAHcNEAJWUPMnwPo92G 9GKS4rsmnGssHd4x4NRdoQyaqw3oVG2KbfEoR9FE2tiMf0wlvomUgu1e5fy8evXM gl0+MRt5HPCEGc+ZEuZW96HWcEeJ2T9GMaQibuYDjYJ6xnREuUhRcYV6zAZ/Cpy4 iX8e8JSfTsCs5Y6E3fPvHd/pl1vOHgPET0MQ6woSZXYq9Q7c2ZyZtsjV9STIHO9p GhXwWv2tvFFdxNbG1JNeuQalHfXE+zZtyHRIJOnQYWK7uDNaoPhgi57GORZ+kwRq TGgbVZ8ZSsAeUzFA0H1MDVjXMJP2f1sykjCR2WPrmJE1gMhjVclkP17ovJCPBDN2 J5Sim3FrKJZn7NFV/q/8Vp2C3mryA7Pv0iu3lEih9BECvEamc9ojnR3DlbAjI8cJ lDUap5v1chh+tuqXXMmxEWFQdRIibE0kK6HRck9mdIeTYdcFVW4vdonrhp8K2Ics g2UHVHUOQphRiutKXzx3n3GPAgMBAAGjggIZMIICFTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFL8BoOYcp5LOhXi4mu778g8RWvPXMB8GA1UdIwQYMBaAFKhKamMEfd26 5tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDov L29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6 Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCMGA1UdEQQcMBqCGGttMjA1 MDgtMDgua2V5bWFjaGluZS5kZTCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYL KwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9u bHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGlu IGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0 IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEB CwUAA4IBAQCS0BxAfu5mtl72zWX/qBup3dwntiUjw4Q3VgytpnwjRLBsU2fRgrYe 2JshV8Y3z59mCwaRE2e/w7Obli0vDVbduD2ro/o/NT19VIXZz75h3b+WJEmwI650 WbcbmQI/+i38Wv3UBVvFMsbfah6KDdiADJUyEysTG6KHHQ+WdmBlZg/OWbxhgdup 3+NdGBjTMC2Ax40xJs+66xacYxrxP/TZl6e77HNF+rbFyqVOiSC7IaWwXiesiOaK M1gbBxLoexuz/SUGX3KSThmX5KSfUwhQMEpdA4VoQlYHfyv3Hg0VSjBGun+VlckW 1cNQfVEwVc6NvjYKUVzGO206O8MZlMwb -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5DXiumFrBGORqiq0oBCn WbKIf4n6QAP7oSY6Xt1cyu5TK/N71zWUCX18iBn67GoXurZIabU8gv6UdtzjAgpa QpLkonlNQr48gmWTTvjoP/gaa1HluF9vL31KbmAgE/AvCmE++Qf0VY72M3NAl3CX F4bgwdDdzQfH4bcDnHSviqdR0sJku5dg0kP+lt+6I+mOkAdw0QAlZQ8yfA+j3Yb0 YpLiuyacaywd3jHg1F2hDJqrDehUbYpt8ShH0UTa2Ix/TCW+iZSC7V7l/Lx69cyC XT4xG3kc8IQZz5kS5lb3odZwR4nZP0YxpCJu5gONgnrGdES5SFFxhXrMBn8KnLiJ fx7wlJ9OwKzljoTd8+8d3+mXW84eA8RPQxDrChJldir1DtzZnJm2yNX1JMgc72ka FfBa/a28UV3E1sbUk165BqUd9cT7Nm3IdEgk6dBhYru4M1qg+GCLnsY5Fn6TBGpM aBtVnxlKwB5TMUDQfUwNWNcwk/Z/WzKSMJHZY+uYkTWAyGNVyWQ/Xui8kI8EM3Yn lKKbcWsolmfs0VX+r/xWnYLeavIDs+/SK7eUSKH0EQK8RqZz2iOdHcOVsCMjxwmU NRqnm/VyGH626pdcybERYVB1EiJsTSQrodFyT2Z0h5Nh1wVVbi92ieuGnwrYhyyD ZQdUdQ5CmFGK60pfPHefcY8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 290375370809440924578855488828530694289313 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-24 18:55:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-22 18:55:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'km20508-08.keymachine.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 931017575237699321886616459272077662417497980242158016647130689097600612346465574297111524529869682670532286917842008007503200725239744025597927369983080291809106334507191398328561830138477578236744905354943404554280891304953817917255359748466966387308967193976265770545586524853306447557676335367651310429146709853844188842319974341952360496994620273505033995474479862122077028024758070579562100260696066523547394298544625770269006495564144250727962081749829937024955096744131000253640564290396919449259101904605274780354524924893450594382900638171860628154170191097951846874965338637079468565105099794809865298425623821347414877667697666570985272899065015679631510542663093494027962766228486284714507205428706428810273269075885390377450429622931916217417999165165614850249477577336003171334410728172924723132891684392337374942100344352197262739185529352966919399877244111458258657243605989029010231594031771593673829164599963777713871442840416441365174928623967244131340149633950383694900508401391117229029350023815553820272487053801560020840380128107618477907719895250820335652982721155347770076827410569243551818073086969321427529335237741309207039188608045677974436700228211320847122827141579280980514420318544517927337117839759 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bf01a0e61ca792ce8578b89aeefbf20f115af3d7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'km20508-08.keymachine.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0092d01c407eee66b65ef6cd65ffa81ba9dddc27b62523c38437560cada67c2344b06c5367d182b61ed89b2157c637cf9f660b06911367bfc3b39b962d2f0d56ddb83daba3fa3f353d7d5485d9cfbe61ddbf962449b023ae7459b71b99023ffa2dfc5afdd4055bc532c6df6a1e8a0dd8800c9532132b131ba2871d0f96766065660fce59bc6181dba9dfe35d1818d3302d80c78d3126cfbaeb169c631af13ff4d997a7bbec7345fab6c5caa54e8920bb21a5b05e27ac88e68a33581b0712e87b1bb3fd25065f72924e1997e4a49f530850304a5d0385684256077f2bf71e0d154a3046ba7f9595c916d5c3507d513055ce8dbe360a515cc63b6d3a3bc31994cc1b