oersterk.nu
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:f3:54:15:9f:97:d7:7a:06:c4:c2:32:07:e8:d3:4f:99:e7 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=oersterk.nu
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f3:54:15:9f:97:d7:7a:06:c4:c2:32:07:e8:d3:4f:99:e7Serial Number (int): 344137240383882015044470695597131053373927
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 68:3c:08:23:da:44:fb:b8:51:d7:81:40:ee:3f:33:89:99:4f:a6:fe
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ff:40:63:9b:a1:01:cf:e0:37:8c:fb:b0:6e:74:96:14:bf:17:09:25
Fingerprint (sha256): 0a:f6:5f:5d:ad:69:91:6a:6f:93:6a:3d:ce:be:e2:27:40:3d:4c:df:fe:04:e9:b3:b8:6a:cc:37:4d:5e:f0:4b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate oersterk.nu
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oersterk.nu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
backup.oersterk.nu
mail.oersterk.nu
oersterk.nu
www.oersterk.nu
mail.oersterk.nu
oersterk.nu
www.oersterk.nu
Other certificates including the domain name oersterk.nu
(limited to 100 certificates)
Certificate
The complete raw certificate details for oersterk.nu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGhjCCBW6gAwIBAgISA/NUFZ+X13oGxMIyB+jTT5nnMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMTYwMTA5NDJaFw0y MDAyMTQwMTA5NDJaMBYxFDASBgNVBAMTC29lcnN0ZXJrLm51MIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAxGLgjcnY9ayRJB5t1oEs5Tm7uiotppKUpBYW 0awu/fnOYxJOi88TKiGnc+cjsa0Fxb4Vm8Xn10cWqVK7mMPUFxCD1pUXLgZi5evO WkVSpjudk5ntO2d9EAe5KKHP3xNHZnY+mxk1DWwbCHbPezKAWkFfHKM+GzlhFlTn 18O7qf+Xs8AfPbU7jNkj8jsq5fU6MTr4knKyr3fMUJ16lEUArglU6NjOb0zErgd1 qmZSKux/SDmNFY1y+9LS8/EDWOevjDZzWJWm5sK75aHn7iVw7fLnAgl/yHE5uZpx Vep4u6VSos51rH0P5UahlU0zGp/F8uqZwS3cxE64UryaNwqK2ZRFMMHZMay7ZK4f 7+DCUdoyknUKA1rBBwANZVrcrr5/vFFWX3p1caBJ7/wV4C0CJsnitoltgOLQWzIz Fg48v6RVuwCI6E1pFQhO/C638OqflSwPIS0bg5QBI5bwkfgZrW/LDZFhEm3Pju3b ixdLsjG5qjB8IWzwzYW12NcvDfpXMKM2ThGMCgvkj6mRU/K3lzdrLqp2ArzAghHS WBx68LVhj/tdGTpSe+PqgKE9/0MoAkRCw9r0Fg2OO8sTZO17ICFmL+w0y/BnrOhb nS60sG4Lp1Hn0PYL1DKF0BFSj3f2EqNR9bExfNahVaLR8eEStmGwVM1T6fE8vW2y /bdIXccCAwEAAaOCApgwggKUMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUaDwII9pE +7hR14FA7j8ziZlPpv4wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzBNBgNVHREERjBEghJiYWNrdXAub2Vyc3RlcmsubnWC EG1haWwub2Vyc3RlcmsubnWCC29lcnN0ZXJrLm51gg93d3cub2Vyc3RlcmsubnUw TAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcC ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2 BIHzAPEAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAW5x+R9y AAAEAwBHMEUCIQCcx41g3fJCL5uhprywPMpWLroUYpj+QJhfNWcUP3jkXQIgeUMp 8keagXHZlwXqpORzT9UikezGmYLTow5YuAusQWQAdwAHt1wb5X1o//Gwxh0jFce6 5ld8V5S3au68YToaadOiHAAAAW5x+R/6AAAEAwBIMEYCIQDX5Heh916JGMlL4v3z OKwKpnW5bGL1AEzI7Cjay7KZYgIhAP4jc5Y0aaF7+YZAFzNrLCitdLnywnDtEVPx MeFyuqddMA0GCSqGSIb3DQEBCwUAA4IBAQCBTWAIT/Nr+IpNFpzmmnMLQFUn7onX PvkDz+fcO0YaBgv0Wa0zPnujGhcL5uipBJNbYMPYeskkvH5i0ONnTkr6WSfuOZVc nsEwczHPVAfnXVjBgE4G5Ak+Ha6RH9rWoedV6Rve1Rf3MNK1jNSVFohGSrpXlaZm nooTrUpTF/CyQ+p4QxqzUxcBel8pkBP+bRwSNZpDrLZrcAqq1+7KoArx9CGFx1Mv G4jXARmPDuINBYn+SUqguGHIVPtjImm36cz2y5hmNXa2wzAqaXenUeTgPkcu3jyP 6TcklDLSl2pO0Czg2DDmzpNcwvv0B+LED1PIJW4kO9jLZ7NAhFzuxrbY -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxGLgjcnY9ayRJB5t1oEs 5Tm7uiotppKUpBYW0awu/fnOYxJOi88TKiGnc+cjsa0Fxb4Vm8Xn10cWqVK7mMPU FxCD1pUXLgZi5evOWkVSpjudk5ntO2d9EAe5KKHP3xNHZnY+mxk1DWwbCHbPezKA WkFfHKM+GzlhFlTn18O7qf+Xs8AfPbU7jNkj8jsq5fU6MTr4knKyr3fMUJ16lEUA rglU6NjOb0zErgd1qmZSKux/SDmNFY1y+9LS8/EDWOevjDZzWJWm5sK75aHn7iVw 7fLnAgl/yHE5uZpxVep4u6VSos51rH0P5UahlU0zGp/F8uqZwS3cxE64UryaNwqK 2ZRFMMHZMay7ZK4f7+DCUdoyknUKA1rBBwANZVrcrr5/vFFWX3p1caBJ7/wV4C0C JsnitoltgOLQWzIzFg48v6RVuwCI6E1pFQhO/C638OqflSwPIS0bg5QBI5bwkfgZ rW/LDZFhEm3Pju3bixdLsjG5qjB8IWzwzYW12NcvDfpXMKM2ThGMCgvkj6mRU/K3 lzdrLqp2ArzAghHSWBx68LVhj/tdGTpSe+PqgKE9/0MoAkRCw9r0Fg2OO8sTZO17 ICFmL+w0y/BnrOhbnS60sG4Lp1Hn0PYL1DKF0BFSj3f2EqNR9bExfNahVaLR8eES tmGwVM1T6fE8vW2y/bdIXccCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 344137240383882015044470695597131053373927 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-16 01:09:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-14 01:09:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oersterk.nu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 801185954650766269081515154678727513670466260282853316111853352880928853680356895298009646525649686980869796883148202496942633077539157235391221371855372507465993186764075483706936246517357296508593535449350745307806231441142043130832795970639711983669404507413259546970560337370425871858957692503407683059894395887702048641634504552188789811813110293531164723273510739454159525030464107437588941078707467564487993591222982018009516077199662497959066002838162826456001564949201624552414854386220021087549579973449158223138018428796345607031454693749556762798549130819793381830002126675974245582068809847009399064589234781288029449512434705186325401976297045817524807586946642232373467553553813307194222390379932703355068795042386344689513261823473135761719016632342008437963640964137856278235875613411915263240566415685517112116713786815999348694535781187172971037491262439708328924695801816690354788927440199604692460853216874540026431318391886366308499957821910332596646520769208478301439863960981331602657281988347047191463910593879735336282787368268578145000237807602604208190244991256935122894156468682116749259434495161813111179570071053288951060643215395450587590213366811126998028678360574717606322975917014234090812792659399 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 683c0823da44fbb851d78140ee3f3389994fa6fe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'backup.oersterk.nu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.oersterk.nu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oersterk.nu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oersterk.nu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016e71f91f7200000403004730450221009cc78d60ddf2422f9ba1a6bcb03cca562eba146298fe40985f3567143f78e45d0220794329f2479a8171d99705eaa4e4734fd52291ecc69982d3a30e58b80bac416400770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e71f91ffa0000040300483046022100d7e477a1f75e8918c94be2fdf338ac0aa675b96c62f5004cc8ec28dacbb29962022100fe2373963469a17bf9864017336b2c28ad74b9f2c270ed1153f131e172baa75d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00814d60084ff36bf88a4d169ce69a730b405527ee89d73ef903cfe7dc3b461a060bf459ad333e7ba31a170be6e8a904935b60c3d87ac924bc7e62d0e3674e4afa5927ee39955c9ec1307331cf5407e75d58c1804e06e4093e1dae911fdad6a1e755e91bded517f730d2b58cd4951688464aba5795a6669e8a13ad4a5317f0b243ea78431ab35317017a5f299013fe6d1c12359a43acb66b700aaad7eecaa00af1f42185c7532f1b88d701198f0ee20d0589fe494aa0b861c854fb632269b7e9ccf6cb98663576b6c3302a6977a751e4e03e472ede3c8fe937249432d2976a4ed02ce0d830e6ce935cc2fbf407e2c40f53c8256e243bd8cb67b340845ceec6b6d8