Certificate for server1.derkluge.de Issued to KeyHelp

Certificate is witin its validity period

Issued by itself (self-signed)

About the server1.derkluge.de Certificate

This certificate with serial number 50:cb:bf:8c:dc:db:34:e0:e8:6e:b0:2b:40:04:c9:a3:58:4d:0a:06 for server1.derkluge.de was issued on by KeyHelp.

This Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this Certificate review for server1.derkluge.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Root and Subordinate CA certificate keyUsage extension MUST be present (BRs: 7.1.2.1, RFC 5280: 4.2.1.3)
  • Root CA Certificate: extendedKeyUsage MUST NOT be present.t (BRs: 7.1.2.1)
  • Root CA certificates MUST have Key Usage Extension Present (BRs: 7.1.2.1)
  • The OU attribute in the Subject is prohibited in Root and TLS CA certificates The organizationalUnitName MUST NOT be included in Root CA certs or TLS Subordinate CA certs. organizationalUnitName is allowed for cross signed certificates, although not recommended. This lint may be configured to signify that the target is a cross signed certificate. (CABF BR §7.1.2.10.2 (CA Certificate Naming))

KeyHelp

Organization: KeyHelp
Organizational unit: KeyHelp Control Panel
State / Province: Thuringia
Locality: Erfurt
Country: DE

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 50:cb:bf:8c:dc:db:34:e0:e8:6e:b0:2b:40:04:c9:a3:58:4d:0a:06
Serial Number (int): 461262999320921558163920399495029162385064397318
Serial Number Length: 159 bits, 20 octets

Subject Key Identifier: 75:01:46:37:67:0e:f9:58:d6:ed:31:7e:7d:8a:1b:0a:38:bf:9f:c9
Authority Key Identifier: 75:01:46:37:67:0e:f9:58:d6:ed:31:7e:7d:8a:1b:0a:38:bf:9f:c9

Fingerprint (SHA-1): dc:02:d8:4c:5d:df:d7:93:10:bf:bc:20:24:71:fe:f4:75:08:12:79
Fingerprint (SHA-256): ed:94:60:0e:bf:43:54:b7:34:1d:0a:66:1f:43:f9:cc:1e:99:98:82:c0:07:71:1a:a7:ce:45:f7:b9:c1:e3:04


Revocation Information


Check the revocation status for certificate server1.derkluge.de
0
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for server1.derkluge.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
None
Extended Key Usages
Server Authentication
Extensions
4
CA Certificate
This is a CA certificate
Maximum Path Length: -1

Subject Alternative Names

This X.509 certificate doesn't contain any subject alternative names.

X.509 Certificate

The complete raw X.509 certificate details for server1.derkluge.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEPDCCAySgAwIBAgIUUMu/jNzbNODobrArQATJo1hNCgYwDQYJKoZIhvcNAQEL
BQAwgaIxCzAJBgNVBAYTAkRFMRIwEAYDVQQIDAlUaHVyaW5naWExDzANBgNVBAcM
BkVyZnVydDEQMA4GA1UECgwHS2V5SGVscDEeMBwGA1UECwwVS2V5SGVscCBDb250
cm9sIFBhbmVsMRwwGgYDVQQDDBNzZXJ2ZXIxLmRlcmtsdWdlLmRlMR4wHAYJKoZI
hvcNAQkBFg9pbmZvQGtleWhlbHAuZGUwHhcNMjUwNDEyMTczODI1WhcNMzUwNDEw
MTczODI1WjCBojELMAkGA1UEBhMCREUxEjAQBgNVBAgMCVRodXJpbmdpYTEPMA0G
A1UEBwwGRXJmdXJ0MRAwDgYDVQQKDAdLZXlIZWxwMR4wHAYDVQQLDBVLZXlIZWxw
IENvbnRyb2wgUGFuZWwxHDAaBgNVBAMME3NlcnZlcjEuZGVya2x1Z2UuZGUxHjAc
BgkqhkiG9w0BCQEWD2luZm9Aa2V5aGVscC5kZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANagEaUUliy9iUPA6MNTFq4AAsjm40IYMYXvxFRK3X3VcXVZ
cnkQQ845PkNUIKQH3kYZwREXUJg35CjdwpSbazov7PNB95GS3FCF40h0c8B+pjD4
KvODBUwbLHkqS2N4AUrLYMWSo0njehKLsFRZjHd5qQ4T663wHjbtPc+5pzlsV2V6
yvOwgKt1HeI1SOE/6zjkWqz8gdSVR8ckKajBJsbmviRu0kcDfSyFOd7QRF1qi93k
T2D7mL8u5Ex5DXHYgymNSlQvNXrYwfjexk5rQSNRpR4z4HeeiL65b7CxYajo2lhp
UIUUO1mpD6pvvSRSl5T+jP92h8TBXFGUMbkOLpkCAwEAAaNoMGYwHQYDVR0OBBYE
FHUBRjdnDvlY1u0xfn2KGwo4v5/JMB8GA1UdIwQYMBaAFHUBRjdnDvlY1u0xfn2K
Gwo4v5/JMA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJ
KoZIhvcNAQELBQADggEBACwcZHiyRFuKcBPDOR2+7B326uFp15MH+pepAU93XjRv
9dVhlLudDFK9E98zWpfW8R/TG5MrbknNe3oBwz+HB8yIKaV9wzn1kVV83S9TVFUd
EZb7NBygek5zmkSSmTGN2HAEYYLBytGeXH5LyCzaMGTtJuKuJQ6Mz6lkTU6BUYH4
BXPnQJ/QQymIIKBqkWyw5GRS/N59NtfwIN6Cy5pISITdwiM3pkE6RnVda48Qib6F
Pp6O65RBORfZYzR0tC/c6cs+VhS59gk0GMHAyl4ef2HoEcz6f/2ftSNYoZZNs2PT
oKoqMqsCJGQWomCHl26nh0knDNrZ1//9yMzpQWfnN2g=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qARpRSWLL2JQ8Dow1MW
rgACyObjQhgxhe/EVErdfdVxdVlyeRBDzjk+Q1QgpAfeRhnBERdQmDfkKN3ClJtr
Oi/s80H3kZLcUIXjSHRzwH6mMPgq84MFTBsseSpLY3gBSstgxZKjSeN6EouwVFmM
d3mpDhPrrfAeNu09z7mnOWxXZXrK87CAq3Ud4jVI4T/rOORarPyB1JVHxyQpqMEm
xua+JG7SRwN9LIU53tBEXWqL3eRPYPuYvy7kTHkNcdiDKY1KVC81etjB+N7GTmtB
I1GlHjPgd56IvrlvsLFhqOjaWGlQhRQ7WakPqm+9JFKXlP6M/3aHxMFcUZQxuQ4u
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 461262999320921558163920399495029162385064397318
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Thuringia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Erfurt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KeyHelp'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KeyHelp Control Panel'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'server1.derkluge.de'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-12 17:38:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2035-04-10 17:38:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Thuringia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Erfurt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KeyHelp'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KeyHelp Control Panel'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'server1.derkluge.de'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27093930191611995735749056352722848343698655634452750299498225640257218094648102994795044425675213269423096421215170864826665386178892515159472228206630486247988380778955173069038320985849359306574545435418358822164490468318676088277675240535898711728587060218209432597697171715623474264322185801618220165103606858388037191760747480446553780898470589213237135115908335909877308049663011275006520441920188640342595714064766504267300618654091912321206212375807410396263591371789966355751347810157076046490170629356241559242754988160796344207722757809997078581261713302012180645834597848988477305706603891554664481435289
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							75014637670ef958d6ed317e7d8a1b0a38bf9fc9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 75014637670ef958d6ed317e7d8a1b0a38bf9fc9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (5 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002c1c6478b2445b8a7013c3391dbeec1df6eae169d79307fa97a9014f775e346ff5d56194bb9d0c52bd13df335a97d6f11fd31b932b6e49cd7b7a01c33f8707cc8829a57dc339f591557cdd2f5354551d1196fb341ca07a4e739a449299318dd870046182c1cad19e5c7e4bc82cda3064ed26e2ae250e8ccfa9644d4e815181f80573e7409fd043298820a06a916cb0e46452fcde7d36d7f020de82cb9a484884ddc22337a6413a46755d6b8f1089be853e9e8eeb94413917d9633474b42fdce9cb3e5614b9f6093418c1c0ca5e1e7f61e811ccfa7ffd9fb52358a1964db363d3a0aa2a32ab02246416a26087976ea78749270cdad9d7fffdc8cce94167e73768