lux-reisen.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:02:49:6d:75:14:5a:21:3c:8d:62:37:81:6a:9a:17:ec:26 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=lux-reisen.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:02:49:6d:75:14:5a:21:3c:8d:62:37:81:6a:9a:17:ec:26Serial Number (int): 262115024507826876730648687308815195434022
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: be:73:15:9a:c9:c4:13:33:76:b2:4f:6d:a4:48:2d:2e:38:8d:95:d8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): a9:46:e8:ac:89:b7:99:8d:af:e9:78:e3:81:be:24:02:2c:2c:f8:b6
Fingerprint (sha256): 01:f3:e5:b4:20:01:cb:9a:8c:59:a0:ac:e5:e3:46:77:70:fb:c9:ef:71:cd:ab:cf:0a:6d:64:82:97:4e:25:b9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate lux-reisen.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lux-reisen.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lux-reisen.de
www.lux-reisen.de
www.lux-reisen.de
Other certificates including the domain name lux-reisen.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for lux-reisen.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZzCCBU+gAwIBAgISAwJJbXUUWiE8jWI3gWqaF+wmMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjQxMjU5MzRaFw0x OTEyMjMxMjU5MzRaMBgxFjAUBgNVBAMTDWx1eC1yZWlzZW4uZGUwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDp29tWEuimHz3a7RHZ29clLlWyQbuXqFJJ y72G2sAbVjMxdq1w//k0Yw3lW29PKn+gPIiVtoAPyZ5GLXi8Tv7xvz+mELM2Zqkq jNAk3aO7okGJfr+ae3m02pb+pQy63mrc7pJ2RBbxxLsQydYRvddWfR8Q2PFTZm9v sVnC6aiaOvSiI0yKVspclBFJH8DHihn3L0NTu8GeekXHvGyleagANsGck7ReKmIA WGCK+/pshbko3hliud5ug5mU0dSIbthW5Qd8Xr6lCfp7AqLphv8vC0dieVAFOVBv l+dP5MfOsdLzbEvqJ9azknVeGkcUvxPU9ScFB7aGxapCyvic/3UjRRGbOSb2t/8Z jpyFqElfY3Pyr5pTPb1ztVffbJ+vfgjZU7sMgWXDlp9se1pYp0J0kRrmfAZoMPgR qmK40MvmPdYlv8XMwlFgvC7qdhD3S/0WRdK9X1dGoB7B6erWdOE1Lal7GK29y8Tr +CmigSnzmDHAlGhtlUpd/6DViiOjQ5xxucHz745Zvi5fZmw8BOBB1CrsWi8VgMGV SbD2lWwDujHN5RnG4CGULR//pr1Qemk5pzsHkuVFodRhduGFG/j06NUSdtw9HTw5 6PTZbLIQMt2WpvZAJsWBB9IOtimeyj3b6b6MDgXw8r0IbMd3q9QOTC64AzJqebFJ +9gw7qkR6QIDAQABo4ICdzCCAnMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS+cxWa ycQTM3ayT22kSC0uOI2V2DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCsGA1UdEQQkMCKCDWx1eC1yZWlzZW4uZGWCEXd3 dy5sdXgtcmVpc2VuLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB BgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWm OLHHaFRL2I0AAAFtY5H78wAABAMASDBGAiEAkQ6HztIO6sjjBjIvHRokBH5SdrdB LqM39Pj7ybi6DBgCIQDqq815kqhENTDeLXdm1sMJkmFHzdkDXmT8/1DOEQknVAB3 AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABbWOR/c4AAAQDAEgw RgIhAPzcGGFGikOzKeBigdVoEvtUPVqgjQXKgACS26D1NkPUAiEAyblDrpaiKY8Y dCX5vXEFveHok6YcwYv3WavX6wLDKGkwDQYJKoZIhvcNAQELBQADggEBAD8CTjF+ Q8svhVBVwxXjpcviVIl/U8f3xlqkI1HBud3e7giudJJ80qx482m5Onz6JaCHams8 u2QOBc5EgNGZOoUrheC6kM/iY5E63Aj1+eUfc6dlarK75pdOTZz1xy8uqleQC5XX +RFJ2fhwfKdCc1jWlVUoMTUskImWR4dkETghc7NsSSkG/Xbsj2Tqt2prTdC0vNJ/ eZu0hrJ21iPK6MmM875hngPxP0dzBK7sS68GTosy9fK8hbXtBSJS4j4+2N6+5ZN3 m0Pti0ZN+3t8sctAgno1lpuD1YjQ/0sia/kUTP1SLnv2lFB+k1vxdDtAcRB3/VCY /ZHnnJs0MiNpEm4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6dvbVhLoph892u0R2dvX JS5VskG7l6hSScu9htrAG1YzMXatcP/5NGMN5VtvTyp/oDyIlbaAD8meRi14vE7+ 8b8/phCzNmapKozQJN2ju6JBiX6/mnt5tNqW/qUMut5q3O6SdkQW8cS7EMnWEb3X Vn0fENjxU2Zvb7FZwumomjr0oiNMilbKXJQRSR/Ax4oZ9y9DU7vBnnpFx7xspXmo ADbBnJO0XipiAFhgivv6bIW5KN4ZYrneboOZlNHUiG7YVuUHfF6+pQn6ewKi6Yb/ LwtHYnlQBTlQb5fnT+THzrHS82xL6ifWs5J1XhpHFL8T1PUnBQe2hsWqQsr4nP91 I0URmzkm9rf/GY6chahJX2Nz8q+aUz29c7VX32yfr34I2VO7DIFlw5afbHtaWKdC dJEa5nwGaDD4EapiuNDL5j3WJb/FzMJRYLwu6nYQ90v9FkXSvV9XRqAewenq1nTh NS2pexitvcvE6/gpooEp85gxwJRobZVKXf+g1Yojo0OccbnB8++OWb4uX2ZsPATg QdQq7FovFYDBlUmw9pVsA7oxzeUZxuAhlC0f/6a9UHppOac7B5LlRaHUYXbhhRv4 9OjVEnbcPR08Oej02WyyEDLdlqb2QCbFgQfSDrYpnso92+m+jA4F8PK9CGzHd6vU DkwuuAMyanmxSfvYMO6pEekCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 262115024507826876730648687308815195434022 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-24 12:59:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-23 12:59:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lux-reisen.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 954060729634011941221318777733146859144857047241378098543402120472127364040151288055420021769346824298497208210675026543182904003641918696704458118523132282707924500029748774880792002331948751944250256915809920535681182495197423561127957392695349025301788717438518315812781502120226739491800879106686703856947308238433248364511429621736539106446422512567902948190429755581820136852293996388716512384080894380001281315832584496922854411780906444595906823438786216706701122212654012405464776409945020190202168365905963621211842923473735962193638825248546811572123998862798910912485512836187281535231974466357594814399208371293139715535198286437732573678586732632257085057528149344842328581149314013491242505543392819339278425896732293692729169518558733730413329812490972134876030933607408822331109565337253049167204538640189462643307212240495535936656184210118651234477903033712737732525676836415773666917668487045013074924539345288958064057294810892257143579252060439767204199541552435164351570120518484194338749708572859615633043215332053202263727428483786986297267028817026267635626579618402373102049974353462016295506481199371178988431827211850549555589888492120543857262863774894253726102541416879881807342432343918612429786386921 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) be73159ac9c4133376b24f6da4482d2e388d95d8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lux-reisen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lux-reisen.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f200770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d6391fbf30000040300483046022100910e87ced20eeac8e306322f1d1a24047e5276b7412ea337f4f8fbc9b8ba0c18022100eaabcd7992a8443530de2d7766d6c309926147cdd9035e64fcff50ce11092754007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d6391fdce0000040300483046022100fcdc1861468a43b329e06281d56812fb543d5aa08d05ca800092dba0f53643d4022100c9b943ae96a2298f187425f9bd7105bde1e893a61cc18bf759abd7eb02c32869 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003f024e317e43cb2f855055c315e3a5cbe254897f53c7f7c65aa42351c1b9dddeee08ae74927cd2ac78f369b93a7cfa25a0876a6b3cbb640e05ce4480d1993a852b85e0ba90cfe263913adc08f5f9e51f73a7656ab2bbe6974e4d9cf5c72f2eaa57900b95d7f91149d9f8707ca7427358d695552831352c90899647876411382173b36c492906fd76ec8f64eab76a6b4dd0b4bcd27f799bb486b276d623cae8c98cf3be619e03f13f477304aeec4baf064e8b32f5f2bc85b5ed052252e23e3ed8debee593779b43ed8b464dfb7b7cb1cb40827a35969b83d588d0ff4b226bf9144cfd522e7bf694507e935bf1743b40711077fd5098fd91e79c9b34322369126e