DV SSL/TLS Certificate for w.baelz.de

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the w.baelz.de DV SSL/TLS Certificate

This certificate with serial number 05:8d:ab:ff:74:57:fa:55:86:b3:3c:9a:74:0b:1f:23:8f:fc for w.baelz.de was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for w.baelz.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:8d:ab:ff:74:57:fa:55:86:b3:3c:9a:74:0b:1f:23:8f:fc
Serial Number (int): 483769867777361542386355356327701310050300
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 82:72:67:ee:93:b1:80:2f:f7:f1:05:01:ed:c2:e6:b8:45:6d:cb:7c
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 0d:ac:c1:87:b8:78:71:06:c1:6d:79:08:c8:0d:08:85:d7:ee:4a:c7
Fingerprint (SHA-256): 15:08:7e:4b:a1:ca:a5:f9:cc:d5:e8:30:cc:e5:96:64:b4:65:e9:1b:95:a2:93:82:81:90:a2:6b:ff:d4:41:91

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/125.crl

Check the revocation status for certificate w.baelz.de
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for w.baelz.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

w.baelz.de

X.509 Certificate

The complete raw X.509 certificate details for w.baelz.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgISBY2r/3RX+lWGszyadAsfI4/8MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTE5MDg0NjQzWhcNMjUwODE3MDg0NjQyWjAVMRMwEQYDVQQD
Ewp3LmJhZWx6LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dF6
3ZctCs+kCSNbVCpOTmo6pXD2g9sURxaP9GwjgGGhCT9m1iAA7xctD/bKKG1km1mD
a5m7uFOZSn7OvfaHXAWHCmUo2R/S0vA68MzbKoCXG7S4oXwQ00gIv5XFWT2syggm
qbBUcWazzVDGBhiFkxJfvy/u+7Dr9xX2GsXKAdOWlxW+lBK08oPu30A7chE/D0PP
DcX7GgDXksoZbOKMohDU/YRWhGy3ZVmF6jeJmcxJppmHTT82EMhe15WvpK9MQh/O
6QEj0581I/4Spht+4verxidr0YBHPOe1FaWJwj5RW4DN5kkPsg0gCuisXOIgYEay
xsMnzlXdfEsC7j5UxwIDAQABo4ICGzCCAhcwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBSCcmfuk7GAL/fxBQHtwua4RW3LfDAfBgNVHSMEGDAWgBS7vMNHpeS8qcbDpHIM
EI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTAu
aS5sZW5jci5vcmcvMBUGA1UdEQQOMAyCCncuYmFlbHouZGUwEwYDVR0gBAwwCjAI
BgZngQwBAgEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3IxMC5jLmxlbmNyLm9y
Zy8xMjUuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcADeHyMCvTDcFAYhIJ
6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGW5+7d6QAABAMASDBGAiEA2Dgs8/W+PK5Z
XaelydBnxua75gcMwJXKNBCN0Pw5L40CIQCKku/YxZar+6yloU3767TpZocuMg9+
m9R18IyU634GtQB1ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAAB
lufu5a8AAAQDAEYwRAIgV7PlZAwXYn4/jBvubmJ8GYB0fqRAztJ6UDfQp1VEC3cC
IHgEjal7F0FAEvSenHsapJkLPOGp3oxSw56sxoLNoKIwMA0GCSqGSIb3DQEBCwUA
A4IBAQB35EAajta+9rtb4C+3QENIBIreH5yUr40ae1SN9g0R2MU3oB1dtNFRf9nJ
F7kIgjf9X2Kia6R5mmRT2kqP0YTgXUUgLH8n8Pjyf6q+JhSvFQkThKXpkmp9cAh0
klwKxZBFmBxqgt91BN3DONRUKLCcVS+xBG7tdXVT4hcCVXpX8RPG4qCfOiZUQOhq
LxVVAsjXijITaT0AhNPW6SOEZAe0X8Pqybx8dsKIODarQm1pAQ1wxioEdqaLgmj5
GfDSdGIt2bamBGNTthhbK7mP+f0Op/1TIr8AsI8rIgy8W8JA3cegZkeSRmIwAMhH
GKHiM2rty/IN860tMXonv7BQgAR/
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dF63ZctCs+kCSNbVCpO
Tmo6pXD2g9sURxaP9GwjgGGhCT9m1iAA7xctD/bKKG1km1mDa5m7uFOZSn7OvfaH
XAWHCmUo2R/S0vA68MzbKoCXG7S4oXwQ00gIv5XFWT2syggmqbBUcWazzVDGBhiF
kxJfvy/u+7Dr9xX2GsXKAdOWlxW+lBK08oPu30A7chE/D0PPDcX7GgDXksoZbOKM
ohDU/YRWhGy3ZVmF6jeJmcxJppmHTT82EMhe15WvpK9MQh/O6QEj0581I/4Spht+
4verxidr0YBHPOe1FaWJwj5RW4DN5kkPsg0gCuisXOIgYEayxsMnzlXdfEsC7j5U
xwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 483769867777361542386355356327701310050300
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-19 08:46:43 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-17 08:46:42 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'w.baelz.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29011870247451931299833468217059312415327460727738218625085974588084520097748078920630450459081346794817109991394121987679743597129438713006063014705942996622776658882939425729801085909447217684092918311816172552042362793398809568341047014906221847537723933375719860648426640305756643093689952688093164069725138634725040630150090090209933497565418036086909508830479308456473498249386248812001909059983864061681990088145603636663983488904026632637877407345593063631319931566712944468435781527415452309523573060841951526087545275824797491991078574485120005400816188986853547525606558509978427359368947481750471872238791
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							827267ee93b1802ff7f10501edc2e6b8456dcb7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'w.baelz.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/125.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000196e7eedde90000040300483046022100d8382cf3f5be3cae595da7a5c9d067c6e6bbe6070cc095ca34108dd0fc392f8d0221008a92efd8c596abfbaca5a14dfbebb4e966872e320f7e9bd475f08c94eb7e06b500750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196e7eee5af0000040300463044022057b3e5640c17627e3f8c1bee6e627c1980747ea440ced27a5037d0a755440b77022078048da97b17414012f49e9c7b1aa4990b3ce1a9de8c52c39eacc682cda0a230
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0077e4401a8ed6bef6bb5be02fb7404348048ade1f9c94af8d1a7b548df60d11d8c537a01d5db4d1517fd9c917b9088237fd5f62a26ba4799a6453da4a8fd184e05d45202c7f27f0f8f27faabe2614af15091384a5e9926a7d700874925c0ac59045981c6a82df7504ddc338d45428b09c552fb1046eed757553e21702557a57f113c6e2a09f3a265440e86a2f155502c8d78a3213693d0084d3d6e923846407b45fc3eac9bc7c76c2883836ab426d69010d70c62a0476a68b8268f919f0d274622dd9b6a6046353b6185b2bb98ff9fd0ea7fd5322bf00b08f2b220cbc5bc240ddc7a066479246623000c84718a1e2336aedcbf20df3ad2d317a27bfb05080047f