cgrx.de
Issued by R3
About this certificate
This digital certificate with serial number 03:4a:22:c1:53:59:38:e1:a1:4c:d8:d4:bf:5f:4c:92:45:93 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cgrx.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:4a:22:c1:53:59:38:e1:a1:4c:d8:d4:bf:5f:4c:92:45:93Serial Number (int): 286563950503089478095008615747288158061971
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 09:ed:4d:fb:53:44:c8:2c:90:6e:68:46:99:33:30:48:6b:03:85:11
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5e:3d:fc:b3:c8:4d:86:1f:4b:9b:bc:98:32:19:69:af:27:d2:d3:f7
Fingerprint (sha256): 05:48:26:98:86:21:a4:f6:e5:dd:d2:36:b2:9e:ec:51:fc:40:b2:ab:65:b0:51:a6:8e:fb:2d:55:bd:53:af:be
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate cgrx.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cgrx.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cgrx.de
www.cgrx.de
www.cgrx.de
Other certificates including the domain name cgrx.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for cgrx.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6TCCBNGgAwIBAgISA0oiwVNZOOGhTNjUv19MkkWTMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMDMwMDAwMTNaFw0yNDAyMDEwMDAwMTJaMBIxEDAOBgNVBAMT B2NncnguZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqU/kYTq34 cBahh6tLhOwcmayS3YKE/SR8g+eo/JWArM3hbqkmwAyk6aXca8MCvxGebHFvLHkY aRVDac8iavsmS6xliAsO2Zcs8iL2gUIe8NtKDnOHIkP4eL/8L6YEI0T1SnWif1gW STwi0UDoPLcEYt+7JEJzBMVUUsHXn9z9G+rcLYqYK4Km6aunInkSMPmH6bBmFqNS MSxuv+ztjAtCgs8vuNVbOXb8hP0w5Nyk5bUktmv91JOpDMDxXJK4YKPkGcQYJqiB pARz9+ga1S3GtwVSKYrcXA+LOTfpbGHgnZ7dHqgIzLg5X8NBTkWL36sNV/pmedvP 96eia1RfGawzcK1nKlrQ6IN36nBzCWPSjX6IBV5XHPbegVGR4L718mCfhVRZ56Xe 07PvwRyvTaWRmUcRnFgICY/N6dIWCaicGKsJJhZjZCuUcIqySi2JKPVi43OL4u9U 7i1RnIL9n2IRwsDE2uvVvyaXflxvqXLrtOkFXRlCDBeXZ0HlRHdPLmkvF05eH1Xd UlcmGelJoogr4wz+f0FxAC5rnsCQf5apJSjnov3x4bXoHalPApwVqj4Ais6CqLqY wdBMr8Pe6XIdLvSpfAtnIR48bAPe4LH0B6rKA730z8W+Lk9rZ9btFctno13UCNpk yEXfPJFA73NT2ZvstSupBxm4E0liqifjHQIDAQABo4ICFzCCAhMwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBQJ7U37U0TILJBuaEaZMzBIawOFETAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzAfBgNVHREEGDAWggdjZ3J4LmRlggt3d3cuY2dyeC5kZTATBgNV HSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ADtTd3U+ LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABi5Kx5KUAAAQDAEgwRgIhAIo0 18M24y6sR9Pz0DaJO1n3+ppFqAUBhaQtRQg0Qs9KAiEAt/eSebrZhIPcUo6dxMwg oWthPH1uEOlLtLoTbSq4UwwAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAYuSseULAAAEAwBHMEUCIQCVkIdjresLUmVigy4sCl3ltYpF9k+QMVfJ oO6VebIUyAIgOEz5nMvDqV7rcPdvl+7SKQyd4xtSgKO/JKC0o8e6dsIwDQYJKoZI hvcNAQELBQADggEBACbouquHXal5JWgFItpoQG/NpDYg1tRmo/kb3N0MHpK0WvPd UVo3Rk1JuJcMtdtwmuAirakmGp3PeOCBtdWD6ZVDprUcHN5KRctuH37tHZ7gWYem 91PKl5wCSRA0HM6K53dCILGBa+Fn2jBg3euzPWNIWcAqTB+lU5Sur8uHRwLbZOir G8fl1895awPGdT6V+Mt61LXkZRVBiNuvQ6Ahl5+ccw5zUjf/WUgvjxKLoP+mQmZz S9UuWcSKCl1kLvucKf+M/7KX0qJTnL7fqzGgUdAmrOsdq+bJCS3xPYNPj5EMU4Dj Y/TYN5bB/0dTW9KqkXReJKWuiFx5kieYruljNAw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqlP5GE6t+HAWoYerS4Ts HJmskt2ChP0kfIPnqPyVgKzN4W6pJsAMpOml3GvDAr8Rnmxxbyx5GGkVQ2nPImr7 JkusZYgLDtmXLPIi9oFCHvDbSg5zhyJD+Hi//C+mBCNE9Up1on9YFkk8ItFA6Dy3 BGLfuyRCcwTFVFLB15/c/Rvq3C2KmCuCpumrpyJ5EjD5h+mwZhajUjEsbr/s7YwL QoLPL7jVWzl2/IT9MOTcpOW1JLZr/dSTqQzA8VySuGCj5BnEGCaogaQEc/foGtUt xrcFUimK3FwPizk36Wxh4J2e3R6oCMy4OV/DQU5Fi9+rDVf6Znnbz/enomtUXxms M3CtZypa0OiDd+pwcwlj0o1+iAVeVxz23oFRkeC+9fJgn4VUWeel3tOz78Ecr02l kZlHEZxYCAmPzenSFgmonBirCSYWY2QrlHCKskotiSj1YuNzi+LvVO4tUZyC/Z9i EcLAxNrr1b8ml35cb6ly67TpBV0ZQgwXl2dB5UR3Ty5pLxdOXh9V3VJXJhnpSaKI K+MM/n9BcQAua57AkH+WqSUo56L98eG16B2pTwKcFao+AIrOgqi6mMHQTK/D3uly HS70qXwLZyEePGwD3uCx9AeqygO99M/Fvi5Pa2fW7RXLZ6Nd1AjaZMhF3zyRQO9z U9mb7LUrqQcZuBNJYqon4x0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 286563950503089478095008615747288158061971 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-03 00:00:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-01 00:00:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cgrx.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 694877694930955416852975723645530209482542621597151230760254616915986931031223560703658055132912193671084686065969641868554727794796494338814702588485523299897309827198565898861108981800884278727236000629526031063936453921019900174978956234812397737887541901808978548715364578858183174249135603717225743201823309710328750185337118045308534665069402356486830461604532304187668976624665489060999541956807821781099371466940833264138747462481918527386979694223582920816476506864194369709523857689097056581207000202559521694670015216983523813599066362157402950571720920547756363047212891668378323198247653937235628524594033913744699229607442672562254141733785679844030282526453560667169177840129230150223643727116835359661117266494519845532589641664564611478766638603013733935167529136961152939526875958852937377547343813749650509432334379957914141559962386908715392745283436724239158933582037922234403687846795781470331127678766547141316405189218085296792361603282389946416308152213941259687406066678448565117629127382586997062835188448412282602599936412142269529247192587745972858979570354853499116212801854415830531681931943304521386182326205685693461955769726580380289844034697154712228286577324425814107171597825163908400256706405149 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 09ed4dfb5344c82c906e6846993330486b038511 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cgrx.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cgrx.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b92b1e4a500000403004830460221008a34d7c336e32eac47d3f3d036893b59f7fa9a45a8050185a42d45083442cf4a022100b7f79279bad98483dc528e9dc4cc20a16b613c7d6e10e94bb4ba136d2ab8530c007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b92b1e50b000004030047304502210095908763adeb0b526562832e2c0a5de5b58a45f64f903157c9a0ee9579b214c80220384cf99ccbc3a95eeb70f76f97eed2290c9de31b5280a3bf24a0b4a3c7ba76c2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0026e8baab875da97925680522da68406fcda43620d6d466a3f91bdcdd0c1e92b45af3dd515a37464d49b8970cb5db709ae022ada9261a9dcf78e081b5d583e99543a6b51c1cde4a45cb6e1f7eed1d9ee05987a6f753ca979c024910341cce8ae7774220b1816be167da3060ddebb33d634859c02a4c1fa55394aeafcb874702db64e8ab1bc7e5d7cf796b03c6753e95f8cb7ad4b5e465154188dbaf43a021979f9c730e735237ff59482f8f128ba0ffa64266734bd52e59c48a0a5d642efb9c29ff8cffb297d2a2539cbedfab31a051d026aceb1dabe6c9092df13d834f8f910c5380e363f4d83796c1ff47535bd2aa91745e24a5ae885c79922798aee963340c