www.aim-design.nl
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:5a:c7:35:45:0e:92:52:0e:5a:b1:cc:89:d6:a3:c2:a8:c6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.aim-design.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5a:c7:35:45:0e:92:52:0e:5a:b1:cc:89:d6:a3:c2:a8:c6Serial Number (int): 292227063781700643194449817149458278951110
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 34:a1:dc:9a:33:f9:3f:3a:25:63:27:fe:a9:d0:4f:58:12:be:97:5e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 44:0e:c2:5f:96:73:2f:86:d6:c8:23:5a:8e:53:52:9b:b7:ae:09:05
Fingerprint (sha256): 0b:c9:b2:3d:44:c3:d1:bc:8c:99:55:1e:36:eb:d7:ac:29:6e:96:b3:91:93:b1:e1:6a:61:f0:96:ac:c6:72:f8
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate www.aim-design.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.aim-design.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.aim-design.nl
Other certificates including the domain name aim-design.nl
(limited to 100 certificates)
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
aim-design.nl
aim-design.nl
www.aim-design.nl
www.aim-design.nl
aim-design.nl
www.aim-design.nl
aim-design.nl
aim-design.nl
aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
www.aim-design.nl
aim-design.nl
aim-design.nl
www.aim-design.nl
www.aim-design.nl
aim-design.nl
www.aim-design.nl
aim-design.nl
aim-design.nl
aim-design.nl
Certificate
The complete raw certificate details for www.aim-design.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBjCCBO6gAwIBAgISA1rHNUUOklIOWrHMidajwqjGMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA3MTgyMTAwMDBaFw0x NjEwMTYyMTAwMDBaMBwxGjAYBgNVBAMTEXd3dy5haW0tZGVzaWduLm5sMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoOOGAD2fG3RBEDxoyXhZunvG15w7 Bqxy0eh6lF87x1tCSDHD/tU4bOcOprTiOXIdKqAOKdvGzHCnjWbbf65wTycYTe3O 8en2xUopf/VlvN4UMwSKgs7RwIpfek+pVhafvLZb4g06a+Gpk+AC4KlX0rBj9qsr 50OD1NurzaYIHdvFKo5+XBZxNBX2SVp0XdrwHhcbYVjqLtdQJixppfvUzCzE5ajA q1s/YSD37iiR3NGHLx2DnAg+kWSs5rGhP7gxOGZ8Fbsrs0oGXRmJWVxfT6mOmz+E liydMs0D8Bw/KvAIs3PxD8AUKGhyIeB1CSJDUOA7rOSqUbusPG17Ehznn8d64MCR wX1/5sASZu70jkvk5OB7mYvR5mL4vasYReHGgPODo2EQFgagOqwb8TA7oPFLR4Qm 0XMhF2IRAIWbWqUZmA6ztQ9Na1yetIur6pmoQDtCTAs9VK3UR+rjUBZnyGau2OjB n6hmnCSWORiOToLXbYCtLEIK3MDqBIIs4knoRzAzLuGzSvPTDCNgXE7lZ9hemmfv ZQmbF/h4W9+h9VaNDoa2XENphl4TA09Wi1905k3q28Wru02W4P5rdtcY6tGGmq1A 5cwkwYVV1R1szgADqm0h44cW5XvJD8LmSpiXE+oEEiEKozCUA9wFL3YcRO92jEhs H55DyViW/c0MrhsCAwEAAaOCAhIwggIOMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU NKHcmjP5PzolYyf+qdBPWBK+l14wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl 7/Oo7KEwcAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5p bnQteDMubGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHAYDVR0RBBUwE4IRd3d3LmFpbS1kZXNp Z24ubmwwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHW MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYB BQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1 cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdp dGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNl bmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEACbtLkvmV fjyfsGEGtKE4pF7FASm2bRNcUFMwknoK6etK0By2XlB2N0pE5VVGkLvYZodeo0sr hpFADBP1mTmuH2Fv6XRPyZk6KmQRT4SiBrNVWTrDvNj8t8yG2aCvHvDrm/GJazUq t9vyLKBXE5siV0rI6GpVzPiQUjeCkhZ5C2DEsIJeRBb0RDrtnqlpVNEkIkRtAPix I1nT3qu4ejeyUAlBQPe8U6gf1ao2NFRPo6ynGReMwsUImMphLcaWv6bKSmu5Q0i0 PhIsp5NpJd6xnor/u4n64nsDLpTJtDNf1vC6etNEIe9NqiwvPZDmzY0P7GiQUHIV q7TlNUDo6kQV4w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoOOGAD2fG3RBEDxoyXhZ unvG15w7Bqxy0eh6lF87x1tCSDHD/tU4bOcOprTiOXIdKqAOKdvGzHCnjWbbf65w TycYTe3O8en2xUopf/VlvN4UMwSKgs7RwIpfek+pVhafvLZb4g06a+Gpk+AC4KlX 0rBj9qsr50OD1NurzaYIHdvFKo5+XBZxNBX2SVp0XdrwHhcbYVjqLtdQJixppfvU zCzE5ajAq1s/YSD37iiR3NGHLx2DnAg+kWSs5rGhP7gxOGZ8Fbsrs0oGXRmJWVxf T6mOmz+EliydMs0D8Bw/KvAIs3PxD8AUKGhyIeB1CSJDUOA7rOSqUbusPG17Ehzn n8d64MCRwX1/5sASZu70jkvk5OB7mYvR5mL4vasYReHGgPODo2EQFgagOqwb8TA7 oPFLR4Qm0XMhF2IRAIWbWqUZmA6ztQ9Na1yetIur6pmoQDtCTAs9VK3UR+rjUBZn yGau2OjBn6hmnCSWORiOToLXbYCtLEIK3MDqBIIs4knoRzAzLuGzSvPTDCNgXE7l Z9hemmfvZQmbF/h4W9+h9VaNDoa2XENphl4TA09Wi1905k3q28Wru02W4P5rdtcY 6tGGmq1A5cwkwYVV1R1szgADqm0h44cW5XvJD8LmSpiXE+oEEiEKozCUA9wFL3Yc RO92jEhsH55DyViW/c0MrhsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 292227063781700643194449817149458278951110 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-07-18 21:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-16 21:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aim-design.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 656368889387582283708673812289736858887058715415975470135281241230120654205949166581440377564732468019722324008992709693429063102216723733007328403698824043187879735210986575686582885325703279998022428388641365875392751685470538377266849962828464247136728572983622028390617560453606345875012869822575194941761180419887294452169778101140044767738648785343023308837250118675107439480106589452496601781318264417415931442556984036876702190995332411924601971631053416422666709777789575802467216315300272668961536336396573307761435486360838532442432344921809002165160918357613544604662902708652360618101886497921556033332423541449597770490238741345840331077006946768202811788375059166539679193113281070424033029843515837772882248209737979622866215918803640529947703814018998565153305830012456083900914861342072398556308342807884209539036083763849892484763688973181846302108631338511213699016640703997899739551926108409085003276823109954178741613762086203413640416595641944752940436002323931953553489268622499276195030869141699802907465239150459583788361527948833310553517747259026169118883858323725834798413548409466218844812064745077226700395695336656012452895086734101930240497064715846611142615497034322256598896131291628031249973292571 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 34a1dc9a33f93f3a256327fea9d04f5812be975e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aim-design.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0009bb4b92f9957e3c9fb06106b4a138a45ec50129b66d135c505330927a0ae9eb4ad01cb65e5076374a44e5554690bbd866875ea34b2b8691400c13f59939ae1f616fe9744fc9993a2a64114f84a206b355593ac3bcd8fcb7cc86d9a0af1ef0eb9bf1896b352ab7dbf22ca057139b22574ac8e86a55ccf8905237829216790b60c4b0825e4416f4443aed9ea96954d12422446d00f8b12359d3deabb87a37b250094140f7bc53a81fd5aa3634544fa3aca719178cc2c50898ca612dc696bfa6ca4a6bb94348b43e122ca7936925deb19e8affbb89fae27b032e94c9b4335fd6f0ba7ad34421ef4daa2c2f3d90e6cd8d0fec6890507215abb4e53540e8ea4415e3