www.fr-saint-germain.fr

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:db:57:26:13:84:c7:5c:df:5a:ee:84:a0:00:3d:60:32:88 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

www.fr-saint-germain.fr

Let's Encrypt

Organization: Let's Encrypt
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:db:57:26:13:84:c7:5c:df:5a:ee:84:a0:00:3d:60:32:88
Serial Number (int): 335974536689765775156902855424731590439560
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: b8:82:fc:35:56:27:ed:c9:c0:cb:57:72:4d:66:39:85:1e:23:35:00
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 26:be:01:9a:65:ba:9d:f3:e5:d6:8b:83:f6:b1:6b:ab:c1:5d:df:15
Fingerprint (sha256): 00:18:d1:41:bd:95:fa:6b:91:cb:44:a5:99:f9:79:a9:7c:02:b2:26:9b:68:fc:4d:ed:cf:9f:c7:42:f6:f9:f4

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate www.fr-saint-germain.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.fr-saint-germain.fr


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

fr-saint-germain.fr
www.fr-saint-germain.fr

Certificate

The complete raw certificate details for www.fr-saint-germain.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISA9tXJhOEx1zfWu6EoAA9YDKIMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjEyMjEwNzMzMDBaFw0x
NzAzMjEwNzMzMDBaMCIxIDAeBgNVBAMTF3d3dy5mci1zYWludC1nZXJtYWluLmZy
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxsrwX2E+z+MksXySYrYq
InX0irHKeyFbfx8Li47H/b6cb0pTZ2gHZzsp4SFrk6Jh2V8A+qZffs7osi/nwsj4
+Hjnr7s1EUrNu2tmxoqkMRP2YABgpmFkGIyZTTuLQuFavulawXfeCLcurZmJNtGf
s5Inv5e9Egand5lBhIYp/xdNITCvo0cd/Fht/PYy/1t1ONAgElKz3d+5AdnoTtGp
QEQRAEXT1CLJ7pGk0ie2Th17va527Bcv9kYEfNo2SRDf0Vdoql3/Y1Y08T0oVP1g
wemcFqkRlqQ5ksO7zYwtxJKdLAalGtib4/qDYonIQnCdPoOuuV2l1mvm3pDjkzea
lru6b/1yRN6otCsOzEOuz1A6/XYfI86vPsfAZNbfOSEX29qVYGhuOjTAOhZ1OlIR
/jAGNUa7q8mdWXBj2hziaIw8iB7B2xdWXbHukeTXuiTSgoJOVfGc8mtWW9EgOELW
NkSjIIM+pYXzn34zO3g8MJtGp3Z4eMLRD5EJccxKwXGHR3WBwIj2myFakVi/PqYb
J1gpJVmvXiz1Dd0sWWbF1vUEmAuU31Qmnvlbw4IfElV8gerR2yAzoBVwO5Sz0oiJ
4adytx+n8ceHiCUcAxW1b/hfNsNM9p84Y9t6yIVDjIHAcDQWIJ2iHOnj5OmWtbHB
WV0LR9H2t0V/JBCUS/v7qjECAwEAAaOCAi0wggIpMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUuIL8NVYn7cnAy1dyTWY5hR4jNQAwHwYDVR0jBBgwFoAUqEpqYwR93brm
0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8v
b2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDov
L2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wNwYDVR0RBDAwLoITZnItc2Fp
bnQtZ2VybWFpbi5mcoIXd3d3LmZyLXNhaW50LWdlcm1haW4uZnIwgf4GA1UdIASB
9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo
dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz
IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg
UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj
YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv
c2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAjW2Xx/VVqutGoDBeyHkNel4uhqwz
r+1BfOz20LsPS3YVAcZ9slvl3W25nsS3GGXd6anMEzsvKatNaglgtreIFKiCh0xU
7VaK5Dz8SFa3uqze6QYwKC3ADPUfGxjUSpqm9fWkh0xj4ZOiQyrjpCAxaSJQlTh+
/C9gA2fFVATa+qTsK4UNELZFtcnt0LXZiHzRs0Kw1ue+gTkPM9fvLiHU128q0i9/
5gQifCKTQ2S+1F/JrCqEbX05v5fo/qc9rIrGbfi/HRQuClMnY9AJV3btn385Op7M
EMQqQomIt2O9ER35OB+I2A1B9VhY1lvLLzMXMgQhlPBdqqHJJOQbvwYiag==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxsrwX2E+z+MksXySYrYq
InX0irHKeyFbfx8Li47H/b6cb0pTZ2gHZzsp4SFrk6Jh2V8A+qZffs7osi/nwsj4
+Hjnr7s1EUrNu2tmxoqkMRP2YABgpmFkGIyZTTuLQuFavulawXfeCLcurZmJNtGf
s5Inv5e9Egand5lBhIYp/xdNITCvo0cd/Fht/PYy/1t1ONAgElKz3d+5AdnoTtGp
QEQRAEXT1CLJ7pGk0ie2Th17va527Bcv9kYEfNo2SRDf0Vdoql3/Y1Y08T0oVP1g
wemcFqkRlqQ5ksO7zYwtxJKdLAalGtib4/qDYonIQnCdPoOuuV2l1mvm3pDjkzea
lru6b/1yRN6otCsOzEOuz1A6/XYfI86vPsfAZNbfOSEX29qVYGhuOjTAOhZ1OlIR
/jAGNUa7q8mdWXBj2hziaIw8iB7B2xdWXbHukeTXuiTSgoJOVfGc8mtWW9EgOELW
NkSjIIM+pYXzn34zO3g8MJtGp3Z4eMLRD5EJccxKwXGHR3WBwIj2myFakVi/PqYb
J1gpJVmvXiz1Dd0sWWbF1vUEmAuU31Qmnvlbw4IfElV8gerR2yAzoBVwO5Sz0oiJ
4adytx+n8ceHiCUcAxW1b/hfNsNM9p84Y9t6yIVDjIHAcDQWIJ2iHOnj5OmWtbHB
WV0LR9H2t0V/JBCUS/v7qjECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 335974536689765775156902855424731590439560
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-21 07:33:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-21 07:33:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.fr-saint-germain.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 811003582911310379747010558404102700802523148338153354197547924283685014685344732184507568109495665584243753988103259379641780962246989224789259281508753616048629506121418308773254019843406938592503249541645011379669689655974432973362643004898836722291591409901228275404514196621570182654278300828934146980163365139523603907265011472678360063432778151189681857954979013219202379406257240446676068668712190704533098516990268463645575532769865979088563158693019939810427437066365855791798235628613695983784352486221875873041007192919950775494595551967869962461038716155726653053334297881933065463792537307560419417622572982509583891876153212065623676270170570739816348332101360858079721859500912059862469962901155317474971665109684222892179999387686915136563908521008606260522519386572429574388429047882589496931217007165531691277059048771342745810895040878559732407793492336562855161031220632185789019621184686330551921503793765182899386183003617880856991560545370377580724655380098206097438608168166591890427045577401642051617328622659840268670590813895519532551143324803680328116160967049088462098196756850050019710956327551721027259551170724046953580533404460666641433981927660165862345041800719561313461488662504917991061863508529
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b882fc355627edc9c0cb57724d6639851e233500
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr-saint-germain.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fr-saint-germain.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008d6d97c7f555aaeb46a0305ec8790d7a5e2e86ac33afed417cecf6d0bb0f4b761501c67db25be5dd6db99ec4b71865dde9a9cc133b2f29ab4d6a0960b6b78814a882874c54ed568ae43cfc4856b7baacdee90630282dc00cf51f1b18d44a9aa6f5f5a4874c63e193a2432ae3a4203169225095387efc2f600367c55404dafaa4ec2b850d10b645b5c9edd0b5d9887cd1b342b0d6e7be81390f33d7ef2e21d4d76f2ad22f7fe604227c22934364bed45fc9ac2a846d7d39bf97e8fea73dac8ac66df8bf1d142e0a532763d0095776ed9f7f393a9ecc10c42a428988b763bd111df9381f88d80d41f55858d65bcb2f331732042194f05daaa1c924e41bbf06226a