orencia.de
Issued by R3
About this certificate
This digital certificate with serial number 04:bb:59:68:ee:ef:0e:94:19:27:d3:9d:1d:9b:09:57:b5:6f was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=orencia.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:bb:59:68:ee:ef:0e:94:19:27:d3:9d:1d:9b:09:57:b5:6fSerial Number (int): 412200792477908152728867828447318170383727
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 51:47:ec:6a:b9:ed:69:d9:96:6e:c4:b5:8b:42:c0:7e:56:fb:8c:e0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b9:9f:ec:d9:da:27:4a:f1:71:10:8a:eb:72:11:ac:91:64:9d:63:17
Fingerprint (sha256): 13:69:c5:48:e3:ab:7f:3b:b7:4b:6d:05:cc:86:0b:e7:76:76:7e:ca:08:78:50:d2:53:95:ac:8e:46:b9:91:1e
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate orencia.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for orencia.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
orencia.de
Other certificates including the domain name orencia.de
(limited to 100 certificates)
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
www.orencia.de
bms.com
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
www.orencia.de
bms.com
www.orencia.de
www.orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
www.orencia.de
orencia.de
Certificate
The complete raw certificate details for orencia.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4DCCBMigAwIBAgISBLtZaO7vDpQZJ9OdHZsJV7VvMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMDkwNzA4MDZaFw0yNDAyMDcwNzA4MDVaMBUxEzARBgNVBAMT Cm9yZW5jaWEuZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2dAPp iDcJOOMZKQfr91lRnQcXNSlX7hAcQrJEFVE+FaZ9g9EQqBP7MStuD/P7g78nUfb3 zwGrt5rd2AdD54GYQPoIlRGi5UIhLdStvxFd5QRg0tvzZJCr4eXSsD4lVmnVsDVg 6eo2z8G0aIum/KbOY0Aw1i9EXZy6zpQVE8V6GvoCvg4B2hJzy9Tn3MNcBw+pZ9OO zjnk9xVfxPwLy3UiZMRjzk7qojodFTs1tjkw5phoQLfvm4EcDYlaqrKL/s52bfWU iwgM0EMgdwGt6wmfDnHDLD/q17dDI1ZQiDwYGZ35d/wWlVDIkc9e9pjuFPUrjwlY QE4Np266dhpK1fcPv+RzE3IYCjuk0wIqVLaaGdw57e2EfYbRt/R155UHgipo/ZSD EndN3s+4Z6+3BeUdvJYdd+EP3IS2LgFZHdrkjppYjirVAUf993DoMeLeTqYES7Ym xglErYOnXtgRUYQPdNB9kNtrJnxYFuXmYDA85KKsTmmj7lTJXcNH4xOZwdZcxded yfSfcNaHcaKydcDD7KOpQl6vAM+Vah6NQdD8IjdYOeZcYQJUAxqMpsvmfzeIeGgu V/qrheymd5YbrPU1EB7ANGcXXyH+L5uSd9A8dhMPY6+oRm+f8B1R48YmrykBqKb1 RpiGudHMo66duhOdM6ZbjuTpO8iRzX8bjMskiQIDAQABo4ICCzCCAgcwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBRRR+xque1p2ZZuxLWLQsB+VvuM4DAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggpvcmVuY2lhLmRlMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAO1N3dT4tuYBOizBb Bv5AO2fYT8P0x70ADS1yb+H61BcAAAGLsx/JEwAABAMARzBFAiAXuVOipE3gQ+mo dNVeJk9nreRTgwgGmZ4U3eoxrOAPnAIhAKOfspqICOKPYGZZaUcy5asRAHKK/olN Efi1IQvQubfOAHUASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGL sx/JHAAABAMARjBEAiAIBkwUm6qWvLSsS4fuEUL9nw2R6vuWheyEuE94A+iY9wIg I1UHKnQotwY/6Bfj2wyXBN4wbNggknfmrIvsA6HPehcwDQYJKoZIhvcNAQELBQAD ggEBACmtAs976kPEFocAuCcntoI8TY/Hs1KZWitQkNtVtRFwSwxnmr4FkKmldz+i ynS5p0HSGo5RrcMtRp3OdZ7xFKxUbMmZ1aFLndEAUdBcVEJexnzNa2nWTa2rnXw4 Me7Gg7AP2gsXpgAyzED1TPyhLEw1zN6y1VcfLj+3/VB69YpK9LRUZbcRJZqKAIsy ykGlaWgXrqbFalBVnwNsXTcHrpKtrIS2EeJ3YVbpO4/iWgdpw8CVMVzwSUvbzi7B D6pe6zJomnpqoCii8hZiiHTuwjg7PWxsaN/S+oKhG1xI2cwkJWRYelwEYbc7QGtl DLqpt1PtJUMVAYj3szYB0V6s6Vg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtnQD6Yg3CTjjGSkH6/dZ UZ0HFzUpV+4QHEKyRBVRPhWmfYPREKgT+zErbg/z+4O/J1H2988Bq7ea3dgHQ+eB mED6CJURouVCIS3Urb8RXeUEYNLb82SQq+Hl0rA+JVZp1bA1YOnqNs/BtGiLpvym zmNAMNYvRF2cus6UFRPFehr6Ar4OAdoSc8vU59zDXAcPqWfTjs455PcVX8T8C8t1 ImTEY85O6qI6HRU7NbY5MOaYaEC375uBHA2JWqqyi/7Odm31lIsIDNBDIHcBresJ nw5xwyw/6te3QyNWUIg8GBmd+Xf8FpVQyJHPXvaY7hT1K48JWEBODaduunYaStX3 D7/kcxNyGAo7pNMCKlS2mhncOe3thH2G0bf0deeVB4IqaP2UgxJ3Td7PuGevtwXl HbyWHXfhD9yEti4BWR3a5I6aWI4q1QFH/fdw6DHi3k6mBEu2JsYJRK2Dp17YEVGE D3TQfZDbayZ8WBbl5mAwPOSirE5po+5UyV3DR+MTmcHWXMXXncn0n3DWh3GisnXA w+yjqUJerwDPlWoejUHQ/CI3WDnmXGECVAMajKbL5n83iHhoLlf6q4XspneWG6z1 NRAewDRnF18h/i+bknfQPHYTD2OvqEZvn/AdUePGJq8pAaim9UaYhrnRzKOunboT nTOmW47k6TvIkc1/G4zLJIkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 412200792477908152728867828447318170383727 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-09 07:08:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-07 07:08:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'orencia.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 744344052636271953564889319576850383461703821804003639258427975137865848374096228197886817338482975256027291210714144695860588310915966049843368723008816432733035924020876995098448340681023901229734197763261415422559466896290920610157899825776024166668984596517570254036523721491180045093503505064322574114889588652416120010952715283185936497920601870738040131838658486989922343816007640418506025654200818086630087038227879769301505977091541620337045452330384428573340291157342710207624542559610744165331470642227375815238239100148067492226780064134409580565440860764179592885294639592898483912816279750696905313226863420220827180780408659278480783744709370214457527346860243794205447781501233966063616634414081830574892040374732591290469151470636873304758905250324625477038584995046141577563669297030912933837817229323940631001648306088066068618515309462795589046432794539409654416853250105009855264902114612228817031184546607668203068692071403856574347476961206061187712775696370408842733273592241787500604852102840667588986656222432205003377300948308379137238298306244514572378829482722137714310236121737100000058258142541796310070739582960755838524155372472824526963121384583694317826070910272754788949772458342847974390274663561 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5147ec6ab9ed69d9966ec4b58b42c07e56fb8ce0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orencia.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bb31fc9130000040300473045022017b953a2a44de043e9a874d55e264f67ade453830806999e14ddea31ace00f9c022100a39fb29a8808e28f606659694732e5ab1100728afe894d11f8b5210bd0b9b7ce00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bb31fc91c0000040300463044022008064c149baa96bcb4ac4b87ee1142fd9f0d91eafb9685ec84b84f7803e898f702202355072a7428b7063fe817e3db0c9704de306cd8209277e6ac8bec03a1cf7a17 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0029ad02cf7bea43c4168700b82727b6823c4d8fc7b352995a2b5090db55b511704b0c679abe0590a9a5773fa2ca74b9a741d21a8e51adc32d469dce759ef114ac546cc999d5a14b9dd10051d05c54425ec67ccd6b69d64dadab9d7c3831eec683b00fda0b17a60032cc40f54cfca12c4c35ccdeb2d5571f2e3fb7fd507af58a4af4b45465b711259a8a008b32ca41a5696817aea6c56a50559f036c5d3707ae92adac84b611e2776156e93b8fe25a0769c3c095315cf0494bdbce2ec10faa5eeb32689a7a6aa028a2f216628874eec2383b3d6c6c68dfd2fa82a11b5c48d9cc242564587a5c0461b73b406b650cbaa9b753ed2543150188f7b33601d15eace958