km20508-08.keymachine.de

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:55:56:26:2c:e9:f5:e7:87:97:41:f8:b3:42:40:57:f7:a1 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

km20508-08.keymachine.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:55:56:26:2c:e9:f5:e7:87:97:41:f8:b3:42:40:57:f7:a1
Serial Number (int): 290375370809440924578855488828530694289313
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: bf:01:a0:e6:1c:a7:92:ce:85:78:b8:9a:ee:fb:f2:0f:11:5a:f3:d7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 35:0f:99:1e:67:02:74:a3:0c:50:a4:2e:97:3d:6f:36:92:d7:ee:e5
Fingerprint (sha256): 00:17:be:c0:db:ac:15:3b:86:91:7e:c8:b7:ac:d1:3a:7a:b8:ad:34:d4:3b:2b:e9:97:11:0c:2d:e7:9e:50:53

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate km20508-08.keymachine.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for km20508-08.keymachine.de


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

km20508-08.keymachine.de

Certificate

The complete raw certificate details for km20508-08.keymachine.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISA1VWJizp9eeHl0H4s0JAV/ehMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MjQxODU1MDBaFw0x
NzA4MjIxODU1MDBaMCMxITAfBgNVBAMTGGttMjA1MDgtMDgua2V5bWFjaGluZS5k
ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOQ14rphawRjkaoqtKAQ
p1myiH+J+kAD+6EmOl7dXMruUyvze9c1lAl9fIgZ+uxqF7q2SGm1PIL+lHbc4wIK
WkKS5KJ5TUK+PIJlk0746D/4GmtR5bhfby99Sm5gIBPwLwphPvkH9FWO9jNzQJdw
lxeG4MHQ3c0Hx+G3A5x0r4qnUdLCZLuXYNJD/pbfuiPpjpAHcNEAJWUPMnwPo92G
9GKS4rsmnGssHd4x4NRdoQyaqw3oVG2KbfEoR9FE2tiMf0wlvomUgu1e5fy8evXM
gl0+MRt5HPCEGc+ZEuZW96HWcEeJ2T9GMaQibuYDjYJ6xnREuUhRcYV6zAZ/Cpy4
iX8e8JSfTsCs5Y6E3fPvHd/pl1vOHgPET0MQ6woSZXYq9Q7c2ZyZtsjV9STIHO9p
GhXwWv2tvFFdxNbG1JNeuQalHfXE+zZtyHRIJOnQYWK7uDNaoPhgi57GORZ+kwRq
TGgbVZ8ZSsAeUzFA0H1MDVjXMJP2f1sykjCR2WPrmJE1gMhjVclkP17ovJCPBDN2
J5Sim3FrKJZn7NFV/q/8Vp2C3mryA7Pv0iu3lEih9BECvEamc9ojnR3DlbAjI8cJ
lDUap5v1chh+tuqXXMmxEWFQdRIibE0kK6HRck9mdIeTYdcFVW4vdonrhp8K2Ics
g2UHVHUOQphRiutKXzx3n3GPAgMBAAGjggIZMIICFTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFL8BoOYcp5LOhXi4mu778g8RWvPXMB8GA1UdIwQYMBaAFKhKamMEfd26
5tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDov
L29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6
Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCMGA1UdEQQcMBqCGGttMjA1
MDgtMDgua2V5bWFjaGluZS5kZTCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYL
KwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5
cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9u
bHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGlu
IGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0
IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEB
CwUAA4IBAQCS0BxAfu5mtl72zWX/qBup3dwntiUjw4Q3VgytpnwjRLBsU2fRgrYe
2JshV8Y3z59mCwaRE2e/w7Obli0vDVbduD2ro/o/NT19VIXZz75h3b+WJEmwI650
WbcbmQI/+i38Wv3UBVvFMsbfah6KDdiADJUyEysTG6KHHQ+WdmBlZg/OWbxhgdup
3+NdGBjTMC2Ax40xJs+66xacYxrxP/TZl6e77HNF+rbFyqVOiSC7IaWwXiesiOaK
M1gbBxLoexuz/SUGX3KSThmX5KSfUwhQMEpdA4VoQlYHfyv3Hg0VSjBGun+VlckW
1cNQfVEwVc6NvjYKUVzGO206O8MZlMwb
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5DXiumFrBGORqiq0oBCn
WbKIf4n6QAP7oSY6Xt1cyu5TK/N71zWUCX18iBn67GoXurZIabU8gv6UdtzjAgpa
QpLkonlNQr48gmWTTvjoP/gaa1HluF9vL31KbmAgE/AvCmE++Qf0VY72M3NAl3CX
F4bgwdDdzQfH4bcDnHSviqdR0sJku5dg0kP+lt+6I+mOkAdw0QAlZQ8yfA+j3Yb0
YpLiuyacaywd3jHg1F2hDJqrDehUbYpt8ShH0UTa2Ix/TCW+iZSC7V7l/Lx69cyC
XT4xG3kc8IQZz5kS5lb3odZwR4nZP0YxpCJu5gONgnrGdES5SFFxhXrMBn8KnLiJ
fx7wlJ9OwKzljoTd8+8d3+mXW84eA8RPQxDrChJldir1DtzZnJm2yNX1JMgc72ka
FfBa/a28UV3E1sbUk165BqUd9cT7Nm3IdEgk6dBhYru4M1qg+GCLnsY5Fn6TBGpM
aBtVnxlKwB5TMUDQfUwNWNcwk/Z/WzKSMJHZY+uYkTWAyGNVyWQ/Xui8kI8EM3Yn
lKKbcWsolmfs0VX+r/xWnYLeavIDs+/SK7eUSKH0EQK8RqZz2iOdHcOVsCMjxwmU
NRqnm/VyGH626pdcybERYVB1EiJsTSQrodFyT2Z0h5Nh1wVVbi92ieuGnwrYhyyD
ZQdUdQ5CmFGK60pfPHefcY8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 290375370809440924578855488828530694289313
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-24 18:55:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-22 18:55:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'km20508-08.keymachine.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 931017575237699321886616459272077662417497980242158016647130689097600612346465574297111524529869682670532286917842008007503200725239744025597927369983080291809106334507191398328561830138477578236744905354943404554280891304953817917255359748466966387308967193976265770545586524853306447557676335367651310429146709853844188842319974341952360496994620273505033995474479862122077028024758070579562100260696066523547394298544625770269006495564144250727962081749829937024955096744131000253640564290396919449259101904605274780354524924893450594382900638171860628154170191097951846874965338637079468565105099794809865298425623821347414877667697666570985272899065015679631510542663093494027962766228486284714507205428706428810273269075885390377450429622931916217417999165165614850249477577336003171334410728172924723132891684392337374942100344352197262739185529352966919399877244111458258657243605989029010231594031771593673829164599963777713871442840416441365174928623967244131340149633950383694900508401391117229029350023815553820272487053801560020840380128107618477907719895250820335652982721155347770076827410569243551818073086969321427529335237741309207039188608045677974436700228211320847122827141579280980514420318544517927337117839759
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bf01a0e61ca792ce8578b89aeefbf20f115af3d7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'km20508-08.keymachine.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0092d01c407eee66b65ef6cd65ffa81ba9dddc27b62523c38437560cada67c2344b06c5367d182b61ed89b2157c637cf9f660b06911367bfc3b39b962d2f0d56ddb83daba3fa3f353d7d5485d9cfbe61ddbf962449b023ae7459b71b99023ffa2dfc5afdd4055bc532c6df6a1e8a0dd8800c9532132b131ba2871d0f96766065660fce59bc6181dba9dfe35d1818d3302d80c78d3126cfbaeb169c631af13ff4d997a7bbec7345fab6c5caa54e8920bb21a5b05e27ac88e68a33581b0712e87b1bb3fd25065f72924e1997e4a49f530850304a5d0385684256077f2bf71e0d154a3046ba7f9595c916d5c3507d513055ce8dbe360a515cc63b6d3a3bc31994cc1b