canmove-app.ekol.lu.se

Issued by R3

About this certificate

This digital certificate with serial number 04:24:95:a6:a1:94:1c:90:34:cb:38:87:9d:94:b5:59:db:36 was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=canmove-app.ekol.lu.se

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:24:95:a6:a1:94:1c:90:34:cb:38:87:9d:94:b5:59:db:36
Serial Number (int): 360898229106047794672560989133758732557110
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: d6:a7:75:19:74:b0:5e:e9:63:24:ca:47:7e:e4:b4:67:7d:9b:b7:a3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 89:0e:0c:5d:dc:64:a5:e9:4c:fa:45:6e:14:2d:cb:46:e3:fa:7f:f7
Fingerprint (sha256): 00:8e:1b:13:e1:52:f6:30:cb:89:78:57:18:9f:49:1b:17:ff:09:ed:96:18:5d:b3:33:0f:95:13:eb:f7:c9:0c

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate canmove-app.ekol.lu.se

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for canmove-app.ekol.lu.se

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

canmove-app.ekol.lu.se

Other certificates including the domain name lu.se

(limited to 100 certificates)
stf03.nuclear.lu.se
www.lu.se
connect.lu.se
www.lu.se
adm.rwi.lu.se
canmove-app.ekol.lu.se
moodle.nateko.lu.se
grytan.lunarc.lu.se
idpv4.lu.se
af.lu.se
lweb1122.sol.lu.se
www.lu.se
helpdesk.mhm.lu.se
rehab.adm.lu.se
lulock.luopen.lu.se
www.researchmagazine.lu.se
www.gerdahallen.lu.se
edit.info.lu.se
*.lu.se
cloud.nano.lu.se
intern.shop.lu.se
graduateland.com
jamf.esss.lu.se
crcservice.med.lu.se
www.lu.se
webmailtest.lu.se
desktop.lu.se
grub.lucas.lu.se
moodlealfa.omv.lu.se
hta-lundic.ht.lu.se
casa4.bmc.lu.se
ladoklpwlw-lnu.srv.lu.se
forvaltplan.ht.lu.se
*.gis.lu.se
workfolders.nateko.lu.se
imi-rhapsody.crc.med.lu.se
stf02.nuclear.lu.se
uportalhb-test.ldc.lu.se
www.venturelab.lu.se
www.lu.se
llasso393.srv.lu.se
monastica.ht.lu.se
ler486.srv.lu.se
lovisa.lub.lu.se
alarik.lunarc.lu.se
gernet.gerdahallen.lu.se
www.af.lu.se
grandbox.nateko.lu.se
intranet.rwi.lu.se
ipa1.lunarc.lu.se
libanswers.lub.lu.se
duo.maxlab.lu.se
jira.esss.lu.se
extern.shop.lu.se
passport.lu.se
*.gis.lu.se
intranet.rwi.lu.se
workfolders.lu.se
www.lu.se
lu.se
www.oikos.ekol.lu.se
canvas.education.lu.se
brown.crc.med.lu.se
git.ldc.lu.se
print.ehl.lu.se
ladokping-bth.srv.lu.se
jira.esss.lu.se
www.fokusforskning.lu.se
hta-lundic.ht.lu.se
extern.shop.lu.se
w-v-hdf5view-0.maxiv.lu.se
wfm423n2.srv.lu.se
kosmos.lth.se
idpv3.lu.se
gernet.gerdahallen.lu.se
kosmos.lth.se
www.gerdahallen.lu.se
whd.mhm.lu.se
dagfjarilar.lu.se
www.fokusforskning.lu.se
labguru-app.bmc.lu.se
www.jur.lu.se
venturelab.lu.se
connect.lu.se
Intranet.nateko.lu.se
citrix.med.lu.se
graduateland.com
cas.lu.se
ojstest.lub.lu.se
www.gerdahallen.lu.se
casa4.bmc.lu.se
www.gerdahallen.lu.se
exchange.lusem.lu.se
webmail.lu.se
lubas-uplan.lu.se
lms.liveatlund.lu.se
srv-ad-3.maxiv.lu.se
primweb.adm.lu.se
linteg558.srv.lu.se
connect.lu.se

Certificate

The complete raw certificate details for canmove-app.ekol.lu.se in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISBCSVpqGUHJA0yziHnZS1Wds2MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMDIyMjU0NTdaFw0yNDA1MzEyMjU0NTZaMCExHzAdBgNVBAMT
FmNhbm1vdmUtYXBwLmVrb2wubHUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC0d8Q90v3PsuS8FHqYMRZ1d9v1cUGx9sW3YFz1x6V/KuMxpOB6Grtd
KNmsfARAb24FyP8NT85DTGgBzEJ+sMqtQY6n9BoBwjiu2/QzZ43zaV9vJFJwWQoc
KBVI7UgfHYTogN0zXD4hkgcfpyOuy4rPz3bKCp78CrflKI0Rn8XlIsTnZY8LQH3B
1aSaxe3sTNCp9pMtxhXH6+kzRG6zN81ROiq8KchuMb+D2CMnaBIDPHFtN4A46FJZ
PZZAGZ0dO9nEJrLhQNqK46fM+2g8arIqYiElPrAMxSFWOnoP3OxRMNFnidwKCKKx
nXjXTDwtFXNwRxTphr4fGbd5/0jZakNfAgMBAAGjggIXMIICEzAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwHQYDVR0OBBYEFNandRl0sF7pYyTKR37ktGd9m7ejMB8GA1UdIwQYMBaAFBQu
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
ZW5jci5vcmcvMCEGA1UdEQQaMBiCFmNhbm1vdmUtYXBwLmVrb2wubHUuc2UwEwYD
VR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgA7U3d1
Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY4Bl5/bAAAEAwBHMEUCIF0/
lshHdSGP2F42OFR22wdkiOTxVNlJPZChf5YQJjzuAiEA5wA/bmbtFm7gr/KzdNYe
z8YRGKL0Nce3Injg/G7sTo8AdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+Zn
TFo6dAAAAY4Bl6HlAAAEAwBGMEQCIGaIDKI+vgeqQ8OxzpvEe1niDRujFSiIXkqf
v+gORDZqAiBL9QRjONBeAUOPFVr+YAsa/RENIEwvhZSG7wk5TW34zzANBgkqhkiG
9w0BAQsFAAOCAQEApleohaaael+qdNApf9kNebOPYPgo/dcDqqNYlBuS0p+uuXg7
Fpu7Ne6KTzixvPJgPW3M8fRXW8Qxel9lf643pgQf+7WqoWTQDRWKXn/WA7wRLJV5
kyo5xCrt7XG5EsY+QGRW46npL4DZnuv5Uu2lNJZxIm6HTfrNLmNO01T6s00r7AP7
7asPQUYUkR7KfpdpJEWd51unN3zYUezeanv1K38sb2EL6gcWB1ffHEm+mLQ2lfzp
VdmUVgYRwRIfzTn3VAPdUH9stW4UXE+caX/tTc6VB4B0DWMVhxRJT02RPRqUdcO8
GHogHJgqX8EgrytrORlR34qLC5s1LoeZW9+v6w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHfEPdL9z7LkvBR6mDEW
dXfb9XFBsfbFt2Bc9celfyrjMaTgehq7XSjZrHwEQG9uBcj/DU/OQ0xoAcxCfrDK
rUGOp/QaAcI4rtv0M2eN82lfbyRScFkKHCgVSO1IHx2E6IDdM1w+IZIHH6cjrsuK
z892ygqe/Aq35SiNEZ/F5SLE52WPC0B9wdWkmsXt7EzQqfaTLcYVx+vpM0RuszfN
UToqvCnIbjG/g9gjJ2gSAzxxbTeAOOhSWT2WQBmdHTvZxCay4UDaiuOnzPtoPGqy
KmIhJT6wDMUhVjp6D9zsUTDRZ4ncCgiisZ1410w8LRVzcEcU6Ya+Hxm3ef9I2WpD
XwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 360898229106047794672560989133758732557110
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-02 22:54:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-31 22:54:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canmove-app.ekol.lu.se'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22781953989912607181850024863546733244839727165537253355869882760304169706851719960006528938416930538361335663416687603223575922001788033011244107149805330831361238871411548870480638390712502426639996593539229059861929815503728279880259211196050452266333330640039471781988310073274940226202597647917109881348572583257353214830378354148192269538274563507271017298354103291334331053272780592879084422397881790653147599711026911267214439599285236591824990409067385414326031527742421990899951235395980086897223792092486833346114467787376884475674407463912320798044174584163242219656137339414650726228755915145564218082143
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d6a7751974b05ee96324ca477ee4b4677d9bb7a3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canmove-app.ekol.lu.se'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e01979fdb000004030047304502205d3f96c84775218fd85e36385476db076488e4f154d9493d90a17f9610263cee022100e7003f6e66ed166ee0aff2b374d61ecfc61118a2f435c7b72278e0fc6eec4e8f00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e0197a1e50000040300463044022066880ca23ebe07aa43c3b1ce9bc47b59e20d1ba31528885e4a9fbfe80e44366a02204bf5046338d05e01438f155afe600b1afd110d204c2f859486ef09394d6df8cf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a657a885a69a7a5faa74d0297fd90d79b38f60f828fdd703aaa358941b92d29faeb9783b169bbb35ee8a4f38b1bcf2603d6dccf1f4575bc4317a5f657fae37a6041ffbb5aaa164d00d158a5e7fd603bc112c9579932a39c42aeded71b912c63e406456e3a9e92f80d99eebf952eda5349671226e874dfacd2e634ed354fab34d2bec03fbedab0f414614911eca7e976924459de75ba7377cd851ecde6a7bf52b7f2c6f610bea07160757df1c49be98b43695fce955d994560611c1121fcd39f75403dd507f6cb56e145c4f9c697fed4dce950780740d63158714494f4d913d1a9475c3bc187a201c982a5fc120af2b6b391951df8a8b0b9b352e87995bdfafeb