benjaminlindner.de

Issued by R3

About this certificate

This digital certificate with serial number 03:47:5f:9b:94:96:58:46:ef:cc:20:35:92:b7:b4:57:e7:7a was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=benjaminlindner.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:47:5f:9b:94:96:58:46:ef:cc:20:35:92:b7:b4:57:e7:7a
Serial Number (int): 285623990325988176907649150425608620599162
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 83:3c:cb:df:7e:0d:91:a4:4e:a1:1c:28:2b:1c:3d:f9:67:eb:f4:1d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 32:56:5f:93:2d:0a:c8:9d:92:aa:84:dd:8d:5f:7f:f0:0c:5e:d5:97
Fingerprint (sha256): 13:79:f8:44:9d:aa:c3:a2:c2:da:24:2a:28:2a:b0:66:e2:a3:dd:3b:33:02:d9:15:95:53:91:00:6c:50:c5:c1

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate benjaminlindner.de

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for benjaminlindner.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

benjaminlindner.de
blog.benjaminlindner.de
www.benjaminlindner.de

Other certificates including the domain name benjaminlindner.de

(limited to 100 certificates)

Certificate

The complete raw certificate details for benjaminlindner.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISA0dfm5SWWEbvzCA1kre0V+d6MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMDMwMjAxMTBaFw0yNDAzMDIwMjAxMDlaMB0xGzAZBgNVBAMT
EmJlbmphbWlubGluZG5lci5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBAMckipo/SQI7yzbHAggjvfI6Vd3d6T3c2nJQwMKJoTosgQaS3pMVWMBqIRyc
Q2jfTRrbbBd5VL+uHf/DOPBu5iY+/EjZfEAY9FUmnjbl24AL4SqmSHXQb/7OiQX3
YOSGpBq/3l9QjY1SHbJNHvpmGQL6SLEDgSiRxXJesrvoByhFujdajnsr0pZVQQ/B
Crzo8+zutYQFonul3TE4BCDE8T7iiIpcxwPFQ/p5NbvYgNYGRoJxQrjIZGhDQI3z
rvLDB8EUQ4YdUnEB/dn1VCBLtO2dcwlHKa2psYM35V+/ZeWy1aT5wSSG+4eEvj4n
GBK6+E7zgX4PsAlOcLQdY+ii4DZS6ArnwSRg5sq7GWElqFRqdJ/FBoVQYsPU04Y9
GzEjJNTLcryz/uFOQH0eHb+IdVXoMwscIcc318RzgD4PPmmInVISnJKYLSoFr8VC
bI1ee2/Lw61Ct6t7gb8RAL6cwpVvIGOxhuxPD9z8gXBZi6FWsNq3A1nDcYOq6mEe
fGgVjZrxIFc4InglAqQbsU5iA76Wf3gYFpIi7WcBPqxzxpAqm+8If2pGI0xvHvZs
oLgvJQVppIRp0WfE2pddytyEAN+w2M7rXoq9cC1uxEQqO/qQGyVwUuGYtsvQbRQq
HiVx2cTRLOBRYhPlL/H2xWlyJQXmwyvKZAVhky/r1HqgwI6rAgMBAAGjggFSMIIB
TjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIM8y99+DZGkTqEcKCscPfln6/QdMB8G
A1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAh
BggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZo
dHRwOi8vcjMuaS5sZW5jci5vcmcvME4GA1UdEQRHMEWCEmJlbmphbWlubGluZG5l
ci5kZYIXYmxvZy5iZW5qYW1pbmxpbmRuZXIuZGWCFnd3dy5iZW5qYW1pbmxpbmRu
ZXIuZGUwEwYDVR0gBAwwCjAIBgZngQwBAgEwEwYKKwYBBAHWeQIEAwEB/wQCBQAw
DQYJKoZIhvcNAQELBQADggEBAJcSMtX6lSGj6rhYPy4yExn5MHO3EOgR2kabNEgl
d2GoYbZiz4ZlGT4sBgshZqSYwgqwp2cHQ/2CCXeMa2o2JWm/VEXB0YTMJnhnjwp6
sUvbNVUhehpkfjZIimeO6t6B52JDv9dIyhwbxJxvv0+I6J6UYIttTzggzTQu5eqU
C+nl5hJ+CSCJqb2/37IIERUOVHA7gQy4KfFO3a5ZeUFcBOlrxFMcP0mnEkotYT6Q
Cl6Rh7+XfZzKe5UpSp00RnMv/lNGGAs6isutuMAQi84w5C78D/fDXBCknfIChQdV
NIilu5q1hQ/i5Q2XXbsZPpTf3DBJt2AAgE4liebI+d0pp70=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxySKmj9JAjvLNscCCCO9
8jpV3d3pPdzaclDAwomhOiyBBpLekxVYwGohHJxDaN9NGttsF3lUv64d/8M48G7m
Jj78SNl8QBj0VSaeNuXbgAvhKqZIddBv/s6JBfdg5IakGr/eX1CNjVIdsk0e+mYZ
AvpIsQOBKJHFcl6yu+gHKEW6N1qOeyvSllVBD8EKvOjz7O61hAWie6XdMTgEIMTx
PuKIilzHA8VD+nk1u9iA1gZGgnFCuMhkaENAjfOu8sMHwRRDhh1ScQH92fVUIEu0
7Z1zCUcpramxgzflX79l5bLVpPnBJIb7h4S+PicYErr4TvOBfg+wCU5wtB1j6KLg
NlLoCufBJGDmyrsZYSWoVGp0n8UGhVBiw9TThj0bMSMk1MtyvLP+4U5AfR4dv4h1
VegzCxwhxzfXxHOAPg8+aYidUhKckpgtKgWvxUJsjV57b8vDrUK3q3uBvxEAvpzC
lW8gY7GG7E8P3PyBcFmLoVaw2rcDWcNxg6rqYR58aBWNmvEgVzgieCUCpBuxTmID
vpZ/eBgWkiLtZwE+rHPGkCqb7wh/akYjTG8e9myguC8lBWmkhGnRZ8Tal13K3IQA
37DYzuteir1wLW7ERCo7+pAbJXBS4Zi2y9BtFCoeJXHZxNEs4FFiE+Uv8fbFaXIl
BebDK8pkBWGTL+vUeqDAjqsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 285623990325988176907649150425608620599162
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-03 02:01:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-02 02:01:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'benjaminlindner.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 812431497549809515979014759061238918987855071118083073445959797714497166946566108062680273215333530168925552495422777360269864044753923977436057542019590480097219360849883839282639924481059687960930719093714628126081363150355578024055706121055812547022670937825419696849788280316492645142761078797794798179681885410677917261602292643818297523929413412797654290433539283651787332207878552960444002439766140543848210107133719699858798151075070058257343298840209906229073813394699743170656639004074410435539245517113567117097863789138443472482500970964582853298898618453784903236096458308892219795354961724306977696324526925330773305295409046448819366219286441002084913120535590476033467628879759221286038103481809168173750260758218725417901646491571361067306029859224105958486216531160582568438023930804310441753466900242722288013150836931568604566607241779583235405083197444153069143668128038349738072572976156379305748042749131666207220969529673039112450436623083053673864693595824073028701267264413223979646441389716878417663490021571022814616620965604120856186760286451428888526481114187113208581981308606066703396550539764287961454670490793334848969590115483609168246579199506377070183930761602750373442334985200030538791160680107
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							833ccbdf7e0d91a44ea11c282b1c3df967ebf41d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benjaminlindner.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.benjaminlindner.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.benjaminlindner.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00971232d5fa9521a3eab8583f2e321319f93073b710e811da469b3448257761a861b662cf8665193e2c060b2166a498c20ab0a7670743fd8209778c6b6a362569bf5445c1d184cc2678678f0a7ab14bdb3555217a1a647e36488a678eeade81e76243bfd748ca1c1bc49c6fbf4f88e89e94608b6d4f3820cd342ee5ea940be9e5e6127e092089a9bdbfdfb20811150e54703b810cb829f14eddae5979415c04e96bc4531c3f49a7124a2d613e900a5e9187bf977d9cca7b95294a9d3446732ffe5346180b3a8acbadb8c0108bce30e42efc0ff7c35c10a49df2028507553488a5bb9ab5850fe2e50d975dbb193e94dfdc3049b76000804e2589e6c8f9dd29a7bd