sks-staeger.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:50:15:a6:97:33:5f:c9:ff:34:bd:2a:89:af:62:67:02:86 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=sks-staeger.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:50:15:a6:97:33:5f:c9:ff:34:bd:2a:89:af:62:67:02:86Serial Number (int): 288588225924859948746487783350295616488070
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 1e:71:e4:31:ed:ff:d3:9a:a0:66:b2:ec:61:21:92:26:e9:73:72:94
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 44:67:6a:f7:49:39:46:4d:9a:53:ce:f3:a6:9a:52:84:48:a7:2c:91
Fingerprint (sha256): 03:59:ee:46:b2:c7:73:77:6f:d2:46:e0:c3:75:54:f7:0d:ac:a5:97:91:2b:0d:2a:4e:99:e2:f4:87:46:ba:08
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate sks-staeger.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sks-staeger.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sks-staeger.ch
www.sks-staeger.ch
www.sks-staeger.ch
Other certificates including the domain name sks-staeger.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for sks-staeger.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGNzCCBR+gAwIBAgISA1AVppczX8n/NL0qia9iZwKGMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA0MDYwMjM5MzZaFw0yMzA3MDUwMjM5MzVaMBkxFzAVBgNVBAMT DnNrcy1zdGFlZ2VyLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA uQE9vXUhghEPvATMolVhisImNv8Dv0//BOpMsFdgLpuUEHqhAX9qe0k0+5i5IRZx Rl5B4JhcMpWFscwDGQQ3jpAtaHm4oj75tgbLaQKg8mcvH8tGv3yoUYuoTdj+kDkM HFbOc6Ysu7aqX0lR74wENUXFD8NId86XDjdntwrNpxMqwh2B6nicdQDHRh64oRlz O/DNVUWw1lmihqpGTWOWyX9ZuOiGcPAvMTHWOVDHeqb8SzDQzJotVb90N4sGTCQ5 /Lft5y9Ilzi9nv++x52DS60WzcLKLJHK5ffnmR+mEuh87ZF0WWWZdM5WcTcXmEr+ UP/n49qcXMT0L07cx0sYdAVFodagCd52hJMDeOCzSAYJdnbG9h4TdlcUJC3YHZkH YpJyalDbZz6QjEf8/w9juuF/eQ7jXc00v3ZxRHXsgzyfWH4AEmwyGpN3+O+ifI0x ceW4eHnYN0TvjdJ63BxRkYUcC1EvyI6GIMVsEvdbZr5wIyax/iEyNNlUyeojZCp0 3B9ZW7NifXFgTPAbfy2GHGrpfG/GXVHVN+UAlSWGjDmSI/fcwmBB8L0PX3D0I99D 4HdS3EUe+E3uKaOCp3NZ6xCvt5PnezTo1SoESvGXFLQZBOlQ9Z22Mc241TTmaqrX 8lCtjC5Z82OT8HNyr+yiC7iNfGbV8ULyJOLYm9PeiasCAwEAAaOCAl4wggJaMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUHnHkMe3/05qgZrLsYSGSJulzcpQwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIOc2tzLXN0YWVnZXIuY2iCEnd3 dy5za3Mtc3RhZWdlci5jaDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLf EwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCC AQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AHoyjFTYty22IOo44FIe6YQWcDIThU07 0ivBOlejUutSAAABh1Sl/EQAAAQDAEcwRQIgcQAAd2WqrTBwiyoJ2t0trJNq6nJ6 wXnXMv9uXGvunkgCIQDng+gZUjCJFMta62/5AFOPH5yPoLW4CzRITXUzE1bjqQB3 AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABh1Sl/IIAAAQDAEgw RgIhAPK1++Ck3q3nPBUXS1KKUsB4NRW8GYamiAc/bWyj5ByfAiEArOcJ/3QDIpyJ ON6TP5u0DE40Q1yXtYMdBUsm+Z7WvAAwDQYJKoZIhvcNAQELBQADggEBABualhyF WoBqKCNELenWPF3phbmpidtI1wyTt0/kOVyIPSfjNDPQJ8hIwxtoaPNPSa+TfcRR KqL1wLXlq1gNmAgCaYA/BO5CXa/FpCzgOaT89ZZVVC3Q4ilbCmJKXo09hSjLjDwB l8bUSuViOBY37hB8t8Lcy3EWeyjr0AOohdkF9eBhPBtB35krRwWIWx32VAJa6jPx OUjqslHTLrLpHt3VSFuiMV0pKm9uPAsOVR1DF9hJzx+B4+IL0wccmrk/leGXbAr2 MJIMZiPb7SfPGNNP+Xyl3AX0RYt/ojsPngNRyv54qUkj2uzHS9bTiDlvf2RnjVOe 0TY4V1iraJ6ru4g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuQE9vXUhghEPvATMolVh isImNv8Dv0//BOpMsFdgLpuUEHqhAX9qe0k0+5i5IRZxRl5B4JhcMpWFscwDGQQ3 jpAtaHm4oj75tgbLaQKg8mcvH8tGv3yoUYuoTdj+kDkMHFbOc6Ysu7aqX0lR74wE NUXFD8NId86XDjdntwrNpxMqwh2B6nicdQDHRh64oRlzO/DNVUWw1lmihqpGTWOW yX9ZuOiGcPAvMTHWOVDHeqb8SzDQzJotVb90N4sGTCQ5/Lft5y9Ilzi9nv++x52D S60WzcLKLJHK5ffnmR+mEuh87ZF0WWWZdM5WcTcXmEr+UP/n49qcXMT0L07cx0sY dAVFodagCd52hJMDeOCzSAYJdnbG9h4TdlcUJC3YHZkHYpJyalDbZz6QjEf8/w9j uuF/eQ7jXc00v3ZxRHXsgzyfWH4AEmwyGpN3+O+ifI0xceW4eHnYN0TvjdJ63BxR kYUcC1EvyI6GIMVsEvdbZr5wIyax/iEyNNlUyeojZCp03B9ZW7NifXFgTPAbfy2G HGrpfG/GXVHVN+UAlSWGjDmSI/fcwmBB8L0PX3D0I99D4HdS3EUe+E3uKaOCp3NZ 6xCvt5PnezTo1SoESvGXFLQZBOlQ9Z22Mc241TTmaqrX8lCtjC5Z82OT8HNyr+yi C7iNfGbV8ULyJOLYm9PeiasCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 288588225924859948746487783350295616488070 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-06 02:39:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-05 02:39:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sks-staeger.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 754753932039072194130892481738556527492319855984927761660339241792201034492025576754459341789521229372311032401789896115667662608718778610224278692140132841591369617246127937235499966950845370358338378562172403067859906438710135884690673487023917041544005983526596307768729493403865995386064698208816706314410314004883198019821370133762615908892500882139878909351653729409822215705367661633864883977023229564833270765291230145585111839877424675679568788387277164656674464276387969429208053265761520364341690228330473438001469059884588305453182626023328591235481671343813617041263638496518470686155422307982481355115314926742119846551838771299944020702660235526549988004557828302257479906970768039695378385410938189533114515068476604993416632308310524262127048550137244969244677169551999176293453716938384044739543726769184109355600887951876228315615324187384984737699082840942083066442722933077556240120011408882535842127827350186150632586804207658268264004357203605727169089488922475615837598038907566663511055377746542541892675432545820008435094326565495035137868929628328174236744204588993050509937040386666500409940990904200413566062289529050038434901442288825328147930978679165599884439694282531188289198828611172184508025702827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1e71e431edffd39aa066b2ec61219226e9737294 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sks-staeger.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sks-staeger.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018754a5fc44000004030047304502207100007765aaad30708b2a09dadd2dac936aea727ac179d732ff6e5c6bee9e48022100e783e81952308914cb5aeb6ff900538f1f9c8fa0b5b80b34484d75331356e3a9007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018754a5fc820000040300483046022100f2b5fbe0a4deade73c15174b528a52c0783515bc1986a688073f6d6ca3e41c9f022100ace709ff7403229c8938de933f9bb40c4e34435c97b5831d054b26f99ed6bc00 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001b9a961c855a806a2823442de9d63c5de985b9a989db48d70c93b74fe4395c883d27e33433d027c848c31b6868f34f49af937dc4512aa2f5c0b5e5ab580d98080269803f04ee425dafc5a42ce039a4fcf59655542dd0e2295b0a624a5e8d3d8528cb8c3c0197c6d44ae562381637ee107cb7c2dccb71167b28ebd003a885d905f5e0613c1b41df992b4705885b1df654025aea33f13948eab251d32eb2e91eddd5485ba2315d292a6f6e3c0b0e551d4317d849cf1f81e3e20bd3071c9ab93f95e1976c0af630920c6623dbed27cf18d34ff97ca5dc05f4458b7fa23b0f9e0351cafe78a94923daecc74bd6d388396f7f64678d539ed136385758ab689eabbb88