cupp.nl
Issued by R3
About this certificate
This digital certificate with serial number 03:7d:f9:39:eb:c0:59:64:06:fb:fd:3a:ca:d5:49:10:d3:2b was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cupp.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:7d:f9:39:eb:c0:59:64:06:fb:fd:3a:ca:d5:49:10:d3:2bSerial Number (int): 304203432173875157562641341032044667392811
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 36:d2:05:d3:45:d6:2b:92:21:d4:56:00:57:3d:e5:ac:3b:bb:6c:7f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 7e:3b:55:9d:ab:42:0a:be:cd:df:d5:41:e2:c1:72:61:3a:20:db:8d
Fingerprint (sha256): 0a:cf:fa:77:b2:fe:94:81:02:cf:f9:f8:84:bf:42:52:ce:23:fe:b5:fe:78:ca:69:d0:77:f1:27:e5:af:e4:29
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate cupp.nl
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cupp.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cupp.nl
mail.cupp.nl
www.cupp.nl
mail.cupp.nl
www.cupp.nl
Other certificates including the domain name cupp.nl
(limited to 100 certificates)
Certificate
The complete raw certificate details for cupp.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgISA335OevAWWQG+/06ytVJENMrMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTAxMzM2MzRaFw0yNDA0MDkxMzM2MzNaMBIxEDAOBgNVBAMT B2N1cHAubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdDxBlRADV n2wjxB6r1KFgcdwc/mr6MO06klZ8Rk3A1SsA20nvDhxnHDp7ypkl9zngTTlUHVI3 gnhbeaW2E2d6A3yiLBlkN5NW34XCAWmAedcTFrfAHwaE35gkfeKh33Qszd4tRdZG hDi8fLLwNuTby4AxhdBfRgChqifGDCPMXGvfi30d3svc5nT+qkxvsR1DTF9Mm1Bf MFhI7D37JAxusswL9kGnDK5VuQYTeXBeOiW3r+LQbU5nfZT5RRiqXhS+GaO9eONr KPdUNhStrfkDm+Oqn3j9ihJgWvGMByCk3TfxLS7uLPUhq+UocJvgWW7SI6ZlySio oJaBHKIjz9+9AgMBAAGjggIlMIICITAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDbS BdNF1iuSIdRWAFc95aw7u2x/MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52L FMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVu Y3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMC0GA1Ud EQQmMCSCB2N1cHAubmyCDG1haWwuY3VwcC5ubIILd3d3LmN1cHAubmwwEwYDVR0g BAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCi4r/WHt4v Lweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAYzzzbcqAAAEAwBHMEUCIAWDyhJH 6qyGJ79yZOXO/mbQJTn1v7b/j33yQNQFd6ONAiEAs5p45AMWZcspSM/DHTrDP01R mlHzaDhM6dd+9Wowy+cAdwB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6 dAAAAYzzzbdnAAAEAwBIMEYCIQDEd347xmI1t3zXssZkRM8TmNKkFOyu/BjC6F1V 68krmQIhAPT+tpvhoCW4CkCSvyJjFxtPVMn18gItxtae4G/cuzDTMA0GCSqGSIb3 DQEBCwUAA4IBAQCHZrl/Rek6N+oDKP4V4sVmULVr5V28iFkX2H/Q1MsPCdIk+prT 7I3a56SbEXWUDzl1UJ9Ty2q8t5ASmXktkXkVzddxhuy6szR7sUqlfFl37KPcFHtc KPyJJ32+L6RVrrjaakCypQpR579b0KIYb3EeOhLM4Vott0j4uBy/J1+UxeW6lHYM 349YC5WG0Fn3qMDUeXHlnZ6zpA8XSbxl4UO1FcgH7iolW96U16W2gL7sLydwKRC0 aM+6auSgCI7lFmVTFXAhZs7ErTKeO53dJ7o0khhufcozpT0BkJ3dlRd0uITMoDCX G6AYAtCe+TAmMUO+vhKS9dyOrrAFuSTHzz2e -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ8QZUQA1Z9sI8Qeq9Sh YHHcHP5q+jDtOpJWfEZNwNUrANtJ7w4cZxw6e8qZJfc54E05VB1SN4J4W3mlthNn egN8oiwZZDeTVt+FwgFpgHnXExa3wB8GhN+YJH3iod90LM3eLUXWRoQ4vHyy8Dbk 28uAMYXQX0YAoaonxgwjzFxr34t9Hd7L3OZ0/qpMb7EdQ0xfTJtQXzBYSOw9+yQM brLMC/ZBpwyuVbkGE3lwXjolt6/i0G1OZ32U+UUYql4UvhmjvXjjayj3VDYUra35 A5vjqp94/YoSYFrxjAcgpN038S0u7iz1IavlKHCb4Flu0iOmZckoqKCWgRyiI8/f vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 304203432173875157562641341032044667392811 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 13:36:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 13:36:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cupp.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19826842237213565548869369350361001164767578711517763951072794795860786597457845764221606497071531556688588581761172373316465610393309952159453089567567782336074998835685440141499585992179043307150216655018940347201181422580957287782381305243751878398856539904582446718686405612916160520968512988964205102495083148967320748898500768041099764352514951237388931170876925480386536354483380373683378204365563408577368105258983851625126883439389224683845029398720321455213465385872265911897384231837790868826790537322411659227543637507209128529807288515684144734493025826583628389663605920741362083230943166493135981240253 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 36d205d345d62b9221d45600573de5ac3bbb6c7f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cupp.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.cupp.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cupp.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cf3cdb72a000004030047304502200583ca1247eaac8627bf7264e5cefe66d02539f5bfb6ff8f7df240d40577a38d022100b39a78e4031665cb2948cfc31d3ac33f4d519a51f368384ce9d77ef56a30cbe700770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cf3cdb7670000040300483046022100c4777e3bc66235b77cd7b2c66444cf1398d2a414ecaefc18c2e85d55ebc92b99022100f4feb69be1a025b80a4092bf2263171b4f54c9f5f2022dc6d69ee06fdcbb30d3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008766b97f45e93a37ea0328fe15e2c56650b56be55dbc885917d87fd0d4cb0f09d224fa9ad3ec8ddae7a49b1175940f3975509f53cb6abcb7901299792d917915cdd77186ecbab3347bb14aa57c5977eca3dc147b5c28fc89277dbe2fa455aeb8da6a40b2a50a51e7bf5bd0a2186f711e3a12cce15a2db748f8b81cbf275f94c5e5ba94760cdf8f580b9586d059f7a8c0d47971e59d9eb3a40f1749bc65e143b515c807ee2a255bde94d7a5b680beec2f27702910b468cfba6ae4a0088ee516655315702166cec4ad329e3b9ddd27ba3492186e7dca33a53d01909ddd951774b884cca030971ba01802d09ef930263143bebe1292f5dc8eaeb005b924c7cf3d9e