fitness-mesum.de

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:f9:48:66:a2:d2:76:39:0c:5d:9d:03:7e:74:f6:ff:da:49 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

fitness-mesum.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:f9:48:66:a2:d2:76:39:0c:5d:9d:03:7e:74:f6:ff:da:49
Serial Number (int): 346163404490995359955411175322165897583177
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: f6:a3:e7:0b:a2:ee:6e:ec:5d:be:3c:a6:db:c4:ec:fb:3d:89:15:6d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 5d:8f:5a:ea:9b:f1:b6:48:e5:2d:16:6d:cb:23:03:5d:ac:99:bc:c7
Fingerprint (sha256): 00:18:22:4d:4a:f6:04:75:91:53:b4:4d:b2:12:5e:6d:d6:fd:24:5a:12:58:56:f3:05:08:7b:04:e6:11:2d:0d

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate fitness-mesum.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for fitness-mesum.de


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

fitness-mesum.de
www.fitness-mesum.de

Certificate

The complete raw certificate details for fitness-mesum.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISA/lIZqLSdjkMXZ0DfnT2/9pJMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAxMzEwMjIyMDRaFw0x
ODA1MDEwMjIyMDRaMBsxGTAXBgNVBAMTEGZpdG5lc3MtbWVzdW0uZGUwggIiMA0G
CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCdk0Nb3nTJ+jlqh6ZxP7xnx+gPPrWI
vJ4Bn7qJ2SCiLRDaTwmEBRiQYWsgUe9g5REXaiYhLoc2aFeL5gKfxKoKyeiDWKXp
C2glzvlm1MkTr6k+7RsI+Fd7KxNpAP3s+Vth7hMfesLPXY42XJ8YscBDLUbQJhAg
I2hRg/wjrfpM0i0yRAf0LXt4/69aw9oF4IoAHuDFznhkGVnd1WDKQHzsoa5612ba
cbSUJctXIyv6DKA1mBicfbDlSmh+t3E8JF2QyJysJbdSYzWBntueovGfdGuxmWC2
Zx8ihi13wz1boIHNHkmxG0k1aQ9iav+v6RyGj0eagX1P3rPe1439dvYGuOhkVJ+8
cJtYS7rpzi38KJQzVoHnDdWc+daTfQ9b5QtojRANrvbKwwDQPdnXdQMIYZNqmTPg
CTJdg2isWDAKzPgD6PEAaFW1mqKEUHCq+F1oJB+3F0wPReS618gaH1XPQmgFLxXs
KViVVVTIuVdNZIh6FaOHIlvN321SjCy5zcQFE9nAAKPG045SYqmOjHb+f8o7alzg
lub4x0TdeMFMiOkYrKXIlqFeo8FdrjRdirH4IA5TRx1EB/ApcrB4yqK2NgiQ5TEP
MmKCfd+WtIys0v+HDggD4x6mKvLLVYyHf7iywVRikP2gwkl51F9gn9SK+IMIvZnh
lu2786I7xEVBkQIDAQABo4ICJjCCAiIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT2
o+cLou5u7F2+PKbbxOz7PYkVbTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv
86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu
dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu
dC14My5sZXRzZW5jcnlwdC5vcmcvMDEGA1UdEQQqMCiCEGZpdG5lc3MtbWVzdW0u
ZGWCFHd3dy5maXRuZXNzLW1lc3VtLmRlMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIB
MIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRz
ZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBt
YXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9u
bHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91
bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZI
hvcNAQELBQADggEBAGThPL5vrG4y3QaGlKLk6d4lZNAiW3BEiBynY8OavIU1FDre
gVN6/te2lLR3zDQPhagSSFlkh7Q1YPf2pHX/YrOqxI76qbCnqXaq2STffbV5r3Of
L4ICLzb3nS4Oj3a+qnu6Uw0uTeYRDf0O6bMsp3U9qAOCN1X6+xVV5vaPjQtviof2
UJzVhZZynlSNSbCBmkuaIqFl9eViGA6RjUCiKmE0neoNq5L2QsvvKtisEhhZI/xL
Qh3BlvVLTwpVAZD9zmaKPVDzs7UmmKTRjl1CI327uzTL3PvNnldbUkLNFFY6qvGj
L9JHxPMvFnf20/XGxY7UdQWSzMRw+mWHHXms9s4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnZNDW950yfo5aoemcT+8
Z8foDz61iLyeAZ+6idkgoi0Q2k8JhAUYkGFrIFHvYOURF2omIS6HNmhXi+YCn8Sq
Csnog1il6QtoJc75ZtTJE6+pPu0bCPhXeysTaQD97PlbYe4TH3rCz12ONlyfGLHA
Qy1G0CYQICNoUYP8I636TNItMkQH9C17eP+vWsPaBeCKAB7gxc54ZBlZ3dVgykB8
7KGuetdm2nG0lCXLVyMr+gygNZgYnH2w5UpofrdxPCRdkMicrCW3UmM1gZ7bnqLx
n3RrsZlgtmcfIoYtd8M9W6CBzR5JsRtJNWkPYmr/r+kcho9HmoF9T96z3teN/Xb2
BrjoZFSfvHCbWEu66c4t/CiUM1aB5w3VnPnWk30PW+ULaI0QDa72ysMA0D3Z13UD
CGGTapkz4AkyXYNorFgwCsz4A+jxAGhVtZqihFBwqvhdaCQftxdMD0XkutfIGh9V
z0JoBS8V7ClYlVVUyLlXTWSIehWjhyJbzd9tUowsuc3EBRPZwACjxtOOUmKpjox2
/n/KO2pc4Jbm+MdE3XjBTIjpGKylyJahXqPBXa40XYqx+CAOU0cdRAfwKXKweMqi
tjYIkOUxDzJign3flrSMrNL/hw4IA+Mepiryy1WMh3+4ssFUYpD9oMJJedRfYJ/U
iviDCL2Z4Zbtu/OiO8RFQZECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 346163404490995359955411175322165897583177
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-31 02:22:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-01 02:22:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fitness-mesum.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 642850919914423946775397333817190645461335577897089452109173062123266669990651520345942892483803656958187682176138988595496923428376104045792638770204573546453225035874067327841558501630295351761033826083581186762895628207779814566896798886521368650074654766964071804128173104927832332130826118240787874034281578533323429296196384016924785537325552463725218829594438802853819523102411355389129759170873121110592213377094878409444993450513519695923231473843070759363243631903846453596721629543445696517005908564091618084468853135118682276300712706765148583391503279120543673876834849936367762301256711389624467489295085357752672377940898318712975577449582137492791922025230770815880529580703474013884250052720065025246171546612410984067627045661226095872671361751136173408124993570132397551947844096491875924109887171952717631440939190259125767025499590674146696049097215391084514849574915508214451666574227897339762927352804983052003495501798335905594431732797065052830397341936489875730905258324561377909773875613332196041590788730814217985414303755714299616270305850403522704289337159942173624307035177578357271898519629904719009881186635316997938119075574736091002916423692622107399415817411950948677920205293983108587069506929041
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f6a3e70ba2ee6eec5dbe3ca6dbc4ecfb3d89156d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fitness-mesum.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fitness-mesum.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0064e13cbe6fac6e32dd068694a2e4e9de2564d0225b7044881ca763c39abc8535143ade81537afed7b694b477cc340f85a81248596487b43560f7f6a475ff62b3aac48efaa9b0a7a976aad924df7db579af739f2f82022f36f79d2e0e8f76beaa7bba530d2e4de6110dfd0ee9b32ca7753da803823755fafb1555e6f68f8d0b6f8a87f6509cd58596729e548d49b0819a4b9a22a165f5e562180e918d40a22a61349dea0dab92f642cbef2ad8ac12185923fc4b421dc196f54b4f0a550190fdce668a3d50f3b3b52698a4d18e5d42237dbbbb34cbdcfbcd9e575b5242cd14563aaaf1a32fd247c4f32f1677f6d3f5c6c58ed4750592ccc470fa65871d79acf6ce