www.karstenbrand.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:89:ce:99:88:14:f8:7d:a7:42:c9:a0:b9:a0:47:5e:f6:df was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.karstenbrand.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:89:ce:99:88:14:f8:7d:a7:42:c9:a0:b9:a0:47:5e:f6:dfSerial Number (int): 308230160212069531467742195525085512529631
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 8a:dc:d2:13:7c:a1:9e:98:19:3d:55:19:87:1c:3c:92:e1:0f:ec:32
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e3:42:c3:25:8d:a0:a1:f5:2e:33:7e:1c:6e:78:17:75:9a:3a:a1:29
Fingerprint (sha256): 17:12:9c:9a:a7:de:db:e1:9b:54:d5:c0:09:da:33:db:d6:0e:c5:7d:9a:b4:6b:1d:3f:3e:b0:cc:2e:3a:40:6b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.karstenbrand.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.karstenbrand.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.karstenbrand.de
Other certificates including the domain name karstenbrand.de
(limited to 100 certificates)
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
www.karstenbrand.de
Certificate
The complete raw certificate details for www.karstenbrand.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgISA4nOmYgU+H2nQsmguaBHXvbfMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMTkxNDQwMjdaFw0x OTA1MjAxNDQwMjdaMB4xHDAaBgNVBAMTE3d3dy5rYXJzdGVuYnJhbmQuZGUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCruox/7dt+62YYsFjipmYjCgWA 7QyvLHW0l/+sJJG8KYLKmctqHp8lqunDlj3J5FcO1x3/pOQoBBkaBeZcGFE+jGrt xZJY6VbF71a9HBCB6pZwMvnMLYGW11++NAUSOvOXxu6KSda7PFwtu2/g/lHLzB1o kZoqJHbWw5PCvXuCu3NYhSVfN+T4aU4MwtbutJw5ytEZ7sYt7kuRKBHAMrJGwdSk EMer9YsvB0HOY7OdyoK0GCnFVzGfBvQR4wKx8y1COt8EZYO+WQoTKWaI223+6nnG bbMkGFSGqDHjD46L2K0ujceigdyFat1kfCiF7J21K3Q38b8uczMWNuygHFJnAgMB AAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIrc0hN8oZ6YGT1VGYcc PJLhD+wyMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF BwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy eXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy eXB0Lm9yZy8wHgYDVR0RBBcwFYITd3d3LmthcnN0ZW5icmFuZC5kZTBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2 AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABaQZqXosAAAQDAEcw RQIhAIWykgg9JEh1aqziG5JvAZWGQDyGvyQnlhG+x1N94cRuAiB8v3qrveqHc3Dq bJLy3guUNHBXYWiB3e9Gpg8zy3mRwgB1ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLc pMMM9OVFR/R4AAABaQZqXtcAAAQDAEYwRAIgKyqpvNy+HD6VyWalVoZhIOUk1hKY U0ASmFOBh4+5234CIBcPFenXZUBg4GxUh2tekRlNkvgkuee0fkyszYoN5tfxMA0G CSqGSIb3DQEBCwUAA4IBAQBRKrdlaW0ZkMXQb/wiqVSnMn9nxB7JdBVROx4YiVqW BEhRxeFjOXBT3Ct+RZnrc+kK/jAN02/f7LoMllBfK7i2Dfn0y8ZXJERvacNOIf1w AFJmYLpECy3kJvqlKsrYID7IDjttawOTo6mFdiIvciPnlBlxN0F5noWZU5IaUST3 EYrt/g4W8WKGIf/JLIN+kmNrfiUtyMDKG0CMu0jPtY9Sk5Ke1rnaswcPj1Sptxg7 aihaVvkFLGSguvtU3ih12Ug3avoD8bUJUElCwB/hYaCRM+DlCzJaGkH1hR/ZD4oZ KvOT146EMi9VmIJVaOrPKCLHbnbR/rS4Amwqe5m3Bjwr -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7qMf+3bfutmGLBY4qZm IwoFgO0Mryx1tJf/rCSRvCmCypnLah6fJarpw5Y9yeRXDtcd/6TkKAQZGgXmXBhR Poxq7cWSWOlWxe9WvRwQgeqWcDL5zC2BltdfvjQFEjrzl8buiknWuzxcLbtv4P5R y8wdaJGaKiR21sOTwr17grtzWIUlXzfk+GlODMLW7rScOcrRGe7GLe5LkSgRwDKy RsHUpBDHq/WLLwdBzmOzncqCtBgpxVcxnwb0EeMCsfMtQjrfBGWDvlkKEylmiNtt /up5xm2zJBhUhqgx4w+Oi9itLo3HooHchWrdZHwoheydtSt0N/G/LnMzFjbsoBxS ZwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308230160212069531467742195525085512529631 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-19 14:40:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-20 14:40:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.karstenbrand.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21678740804349901980822074444718719036383054900066733706858418389077443798136499241776385676387408786864445051299063960136765797601719137941466894169720778191415339694416165205598148346999849396854127017161669255308545413729392964800572725557807257430023633082853498745002337381390915901103196095949341645458337038414558000670633673541895387323029617906109412356357074035829488873636563411567404411494363620244130570624530664878035429266696405187185198662250015043094777433736533921781329914989063060595521294779601200287693275101919524661041886239059246256726884332310681738241744903193929086939130211030571524313703 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8adcd2137ca19e98193d5519871c3c92e10fec32 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.karstenbrand.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000169066a5e8b000004030047304502210085b292083d2448756aace21b926f019586403c86bf24279611bec7537de1c46e02207cbf7aabbdea877370ea6c92f2de0b94347057616881ddef46a60f33cb7991c2007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000169066a5ed7000004030046304402202b2aa9bcdcbe1c3e95c966a556866120e524d61298534012985381878fb9db7e0220170f15e9d7654060e06c54876b5e91194d92f824b9e7b47e4caccd8a0de6d7f1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00512ab765696d1990c5d06ffc22a954a7327f67c41ec97415513b1e18895a96044851c5e163397053dc2b7e4599eb73e90afe300dd36fdfecba0c96505f2bb8b60df9f4cbc65724446f69c34e21fd7000526660ba440b2de426faa52acad8203ec80e3b6d6b0393a3a98576222f7223e79419713741799e859953921a5124f7118aedfe0e16f1628621ffc92c837e92636b7e252dc8c0ca1b408cbb48cfb58f5293929ed6b9dab3070f8f54a9b7183b6a285a56f9052c64a0bafb54de2875d948376afa03f1b509504942c01fe161a09133e0e50b325a1a41f5851fd90f8a192af393d78e84322f5598825568eacf2822c76e76d1feb4b8026c2a7b99b7063c2b