pharma.basf.com

Issued by R3

About this certificate

This digital certificate with serial number 03:c8:3f:90:1a:f9:40:ca:66:69:13:6d:53:64:a0:53:47:1d was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=pharma.basf.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:c8:3f:90:1a:f9:40:ca:66:69:13:6d:53:64:a0:53:47:1d
Serial Number (int): 329477820781041025235977136800327500252957
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 71:af:a9:4d:d4:a9:fd:65:b9:43:77:7d:aa:9d:8d:e7:44:11:3e:02
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 9f:2f:87:0e:65:31:5f:cc:9c:fd:f2:84:9a:03:f5:ae:bd:da:4b:77
Fingerprint (sha256): 02:c4:c3:a5:b4:b2:b0:b9:bd:9c:88:98:b6:24:de:37:10:e1:40:6d:d4:43:df:53:d6:02:0e:21:34:7a:4c:0b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate pharma.basf.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for pharma.basf.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pharma.basf.com
www.pharma.basf.com

Other certificates including the domain name basf.com

(limited to 100 certificates)
oase-connect.basf.com
brandplace.agro.basf.com
ssl-vpn.basf.com
qa2.human-centric-processes.basf.com
mdm-selfservice.basf.com
*.master-builders-solutions.basf.com
dev.human-centric-processes.basf.com
enrollmentportal.basf.com
5739407210446848-fe1.pantheonsite.io
pact.basf.com
omega-3.nu
solucionesparapinturas.basf.com
ev-insights.basf.com
www.bodyshopmall.com
support9.cdnetworks.net
together.basf.com
www.newtrition.basf.com
pisar-qual.ap.basf.com
image.audi-hirlevel.hu
wsa.basf.com
nutricaohumana.basf.com
app.footwear.basf.com
prod.37.slot.cdn.salesforce-communities.com
demoplot-temp.basf.com
www.promoshop.glasurit.com
*.master-builders-solutions.basf.com
mypharmaregdocservice-test.nutrition-and-health.basf.com
support9.cdnetworks.net
mosys-test.basf.com
secure.basf.com
amflora.basf.com
qa.cdm.intranet.basf.com
mcyclo.com
development.federation.basf.com
5739407210446848-fe1.pantheonsite.io
5739407210446848-fe1.pantheonsite.io
recreate.basf.com
dashboard.ngba.basf.com
qa-workmanager.global.basf.com
secure0109.hubspot.com
securemail.basf.com
www.cdupdate.brandweb.basf.com
zrm.basf.com
support9.cdnetworks.net
nutricaohumana.basf.com
maglis-qual.basf.com
public.maglis.basf.com
readz.com
support9.cdnetworks.net
www.proveedores.basf.com
digital-cockpit.basf.com
saturn.basf.com
login.symphony.basf.com
qa.members.basf.com
support9.cdnetworks.net
pharma.basf.com
prod.37.slot.cdn.salesforce-communities.com
orders.basf.com
teamplaces.basf.com
cls.basf.com
basotect-designobjects.com
dispersions-pigments.basf.com
projects.basf.com
akamai-san94.exacttarget.com
agriculture-pakistan.basf.com
voffice-na.basf.com
water-infrastructure-experiences.basf.com
connect.basf.com
clouddemocreator.basf.com
fresh-again.basf.com
crystal4-qa.basf.com
bconnected.basf.com
cds3.cvent.com
www.promoshop.glasurit.com
www.engenia-herbicide.basf.us
gastronomy-app.basf.com
image.comunicacion.diariosur.es
support9.cdnetworks.net
mcyclo.com
cds3.cvent.com
master-builders-solutions.basf.pl
support9.cdnetworks.net
water-infrastructure-experiences.basf.com
securecn.scene7.com
gabi-envision.basf.com
thinghiemvui.basf.com
www.basf.com
oase-connect-prod.basf.com
readz.com
www.basf.com
expertnetworkadmin-qual.basf.com
support9.cdnetworks.net
akamai-san94.exacttarget.com
ssl-vpn.basf.com
support9.cdnetworks.net
customer-centricity-solution-qa.basf.com
insights.basf.com
elfis.basf.com
vm-feedback.basf.com
voffice-partners.basf.com

Certificate

The complete raw certificate details for pharma.basf.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISA8g/kBr5QMpmaRNtU2SgU0cdMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMDgxNjA3MThaFw0yNDA0MDcxNjA3MTdaMBoxGDAWBgNVBAMT
D3BoYXJtYS5iYXNmLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOj4Jnk+GtPl3tAh24ORtS0rNzgvlUq7Dz7rIRENpvcRfDZ4iJKTmWWZgEXyypgz
l0MjxIKxblfJO/xUwNDN7TvZ9qF+mv8ti9fSqrTgr8npWiU1q3FewnuxjH76JVrd
m/DSw2kQwUngpe2f2pBgDvPLe6t1DV545tuVYkM28AFrA7FnQwsGmI8aihAvJ1xK
Riboj18a/lWQuTAKGp0DVLvCzz4pm3TpT82Wit4Kpj0TJm8MV7Mnj30Hngh6XcfC
JK9P0ApOX05sO4HPPOydEKOeUYOwUkxV2DKQnjlS+q3P+9Q8C4Mqv9CRxuIXqCZe
TXpLuFLv42UlJHm/6NtH/z0CAwEAAaOCAiUwggIhMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUca+pTdSp/WW5Q3d9qp2N50QRPgIwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wLwYDVR0RBCgwJoIPcGhhcm1hLmJhc2YuY29tghN3d3cucGhhcm1hLmJhc2Yu
Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv
AHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGM6gr/ywAABAMA
RjBEAiB5f/3UWTMwBNk0JVLbthn8LUz4bchpcZrT/zF4oMfpJgIgJDqvt/VKJbS3
TYi+PDud1fqeFT52IWtaTCVmk0ULRqwAdgDuzdBk1dsazsVct520zROiModGfLzs
3sNRSFlGcR+1mwAAAYzqCv/EAAAEAwBHMEUCIBzkT/RNS3E6OYT3IxvVTLbeWu6D
4d/34O8rCyP1MsRdAiEAkvuYmDXgqaAMJXMRdtgzANZipApmG7x1kD9eDD9eEOYw
DQYJKoZIhvcNAQELBQADggEBAK9bckebPHQ0aBeX8l8k6VmkvDpCiePCT+LTQlZk
6MP1hOgGjpUmx8QUbzrB0O75CEbh6RFhekMguEI/CfFuUlY3QenR2TL4qi+tN3dr
O5dgg+yVPXzrtSYVnyAVIZ+YdRLUPjW1c9DN94Y3naCpXavMj1guCL+DwxoVO2kb
AWjj1wdBJ+DWPH6Z8QMDKNQHvSXMzczfdHY0Duh1+u9twNjj93ISR0exAzdMO830
3vUoU/o2w1j/BpHaXn5yBVLP39OubDK3vR/3dQfV6XFw6ht5rQeWa4ekenC3YV7D
BkE2NEoHv8JJ3v8BfHrFTtHUOyp7I2XEI8WpdCPyMQqilug=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PgmeT4a0+Xe0CHbg5G1
LSs3OC+VSrsPPushEQ2m9xF8NniIkpOZZZmARfLKmDOXQyPEgrFuV8k7/FTA0M3t
O9n2oX6a/y2L19KqtOCvyelaJTWrcV7Ce7GMfvolWt2b8NLDaRDBSeCl7Z/akGAO
88t7q3UNXnjm25ViQzbwAWsDsWdDCwaYjxqKEC8nXEpGJuiPXxr+VZC5MAoanQNU
u8LPPimbdOlPzZaK3gqmPRMmbwxXsyePfQeeCHpdx8Ikr0/QCk5fTmw7gc887J0Q
o55Rg7BSTFXYMpCeOVL6rc/71DwLgyq/0JHG4heoJl5Neku4Uu/jZSUkeb/o20f/
PQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 329477820781041025235977136800327500252957
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-08 16:07:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-07 16:07:17 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pharma.basf.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29409654219597320356330846660666469566588137064632405162860520171348487703364707242185682114373912676451603612129013697542906519612748018782000905080512249126095830223103529162810854962344199946111752445687386410621980422446975205103159703686038279531910697111128850870736004052170393039537741880136525404333905615949069262903745714476111612411532503033347202777373066222629731159706746407427550132107571836834408162719274919609832633658107137278251642048027864456304432537126282183298934779973460299181068479032959461226043767706422934502922525850354611412059553922358423952171757545879263066920424962637831680294717
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							71afa94dd4a9fd65b943777daa9d8de744113e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pharma.basf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pharma.basf.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cea0affcb00000403004630440220797ffdd459333004d9342552dbb619fc2d4cf86dc869719ad3ff3178a0c7e9260220243aafb7f54a25b4b74d88be3c3b9dd5fa9e153e76216b5a4c256693450b46ac007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cea0affc4000004030047304502201ce44ff44d4b713a3984f7231bd54cb6de5aee83e1dff7e0ef2b0b23f532c45d02210092fb989835e0a9a00c25731176d83300d662a40a661bbc75903f5e0c3f5e10e6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00af5b72479b3c7434681797f25f24e959a4bc3a4289e3c24fe2d3425664e8c3f584e8068e9526c7c4146f3ac1d0eef90846e1e911617a4320b8423f09f16e52563741e9d1d932f8aa2fad37776b3b976083ec953d7cebb526159f2015219f987512d43e35b573d0cdf786379da0a95dabcc8f582e08bf83c31a153b691b0168e3d7074127e0d63c7e99f1030328d407bd25cccdccdf7476340ee875faef6dc0d8e3f772124747b103374c3bcdf4def52853fa36c358ff0691da5e7e720552cfdfd3ae6c32b7bd1ff77507d5e97170ea1b79ad07966b87a47a70b7615ec3064136344a07bfc249deff017c7ac54ed1d43b2a7b2365c423c5a97423f2310aa296e8