swisswatch.co
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:25:4a:aa:9e:d2:59:d9:56:0c:ee:06:d0:49:88:ba:20:84 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=swisswatch.co
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:25:4a:aa:9e:d2:59:d9:56:0c:ee:06:d0:49:88:ba:20:84Serial Number (int): 361138840086556182844030614436819269984388
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 1c:c9:a4:a2:26:60:af:26:a6:99:09:ac:42:99:24:0d:c7:fc:01:7c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 51:dc:d4:82:c4:f0:99:f9:61:9c:89:ee:3d:2f:1e:83:e4:9b:c2:68
Fingerprint (sha256): 17:8a:c8:48:50:52:8c:2a:db:5d:74:54:59:d1:67:b6:2c:9f:d1:4b:e7:44:8d:66:7e:aa:a6:39:d9:30:f0:bb
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate swisswatch.co
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for swisswatch.co
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
swisswatch.co
Other certificates including the domain name swisswatch.co
(limited to 100 certificates)
Certificate
The complete raw certificate details for swisswatch.co in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISBCVKqp7SWdlWDO4G0EmIuiCEMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMjcwMjA2MjhaFw0x OTA1MjgwMjA2MjhaMBgxFjAUBgNVBAMTDXN3aXNzd2F0Y2guY28wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/BkS+Tb7OKOKjBxJEUr1jVEF+eEwEBpIF sxBcyR2de3cjRzaLGyIHY7K191OFiO7Dm+AgC9dO1vOyh1CynTNAFosHcLK+Pp9i 8fXxD7R+q47z2EmRHpssPbbTXkBTfQu6lRmNc9YpnRvPGnryMd+XWsbvGG6UPNPK XTCdlT14VJgMPO7EcRIuENhoaVmvBP6o3IihcYecmtAUnWYq/wPl84nyVcNSUvd7 y0Uuu8DuANCWQx+noYvIm46um6873+hdMlrkplxAxpb2QTV0SE/ZZDknJRKy4HsY NqhZfWisyFdv8PD6vaxg2o1SHAOj7FdKxm/pZ7MC6RkuvZkKfKzGtFhgmcY4ac1V vNhQg3RuRcTkKCCYYZaW6MgoJBpkHK1inWGrXtnpJr7QNaaK33VJRuWz0nKoQx5s vEC2zsGs07UiedikSau6TVEd6W+6zBVPeB60h85chqdmH3W0ybIFu1eLe7I6b5Bc ZopMcpPzlxAW4iZcylXuD1VT/yToNEPR+Ll/VdFGyEw6a25pAHbrzTh/yrVoy/ON k7aRu9V2s0U/8WXy2Zxw3eg2l9XCh2ubfvokA86LtTfZX6Q9NpEOQGIQ7QheA7jp Ex+wuDX38waNQMEM7pST60uwIbGlBtcj6bjw0vTnYkhJwA6x9p4qwEhQ9/5nhSjh fsguzu05XQIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQcyaSi JmCvJqaZCaxCmSQNx/wBfDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXN3aXNzd2F0Y2guY28wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWks6vL1AAAE AwBHMEUCIB6fQFiMqZuQBmhYZ0RS2QpXARGp9oU+yNk6R47lbeUVAiEAuZjakJho M5qkm6IQ+qAeQpT0la/ik9dzEsQMkPVeo30AdgBj8tvN6DvMLM8LcoQnV2szpI1h d4+9daY4scdoVEvYjQAAAWks6vL4AAAEAwBHMEUCIDuxGxjFjCPi7Omv43awtWQt /CZbP0LIGFTwCmxro8XjAiEAm4d6y+vF47jOE1AEE31hUDL/Ss1O0Bg53MDra0a+ +yUwDQYJKoZIhvcNAQELBQADggEBAE4KyCMREUedKGImIcIhIQiB1xA3DeGAmL9O dBZRh0TZeHakLcKVK5lrF6Fdg/OWuDenliWc9pd2NnyMBlrfSQrRn7Vg/Vzh46j5 +Y98QIlvroBVbW/UDTBDz92SM8wRVyLa4bh8hgZ9rdpd2EHGzlGjmpGyeQ0b9PL1 KC+P0jk+S5PUq/lrGT+zYHRyOXVaQCgJ/Agg5kXYxNAOnPx2vLfYR9agEaswQnb4 mbBhFEsPkXi9J+/jdl5H656Ry7+iOCdg0zb84PLRi0WyhsHkzpk8lg9uAIa9vRFU c8J0PooGEU5cEqOndND19A7NpV8ffJe/VvlqlgCAHL2g6XrFkJM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvwZEvk2+zijiowcSRFK9 Y1RBfnhMBAaSBbMQXMkdnXt3I0c2ixsiB2OytfdThYjuw5vgIAvXTtbzsodQsp0z QBaLB3Cyvj6fYvH18Q+0fquO89hJkR6bLD22015AU30LupUZjXPWKZ0bzxp68jHf l1rG7xhulDzTyl0wnZU9eFSYDDzuxHESLhDYaGlZrwT+qNyIoXGHnJrQFJ1mKv8D 5fOJ8lXDUlL3e8tFLrvA7gDQlkMfp6GLyJuOrpuvO9/oXTJa5KZcQMaW9kE1dEhP 2WQ5JyUSsuB7GDaoWX1orMhXb/Dw+r2sYNqNUhwDo+xXSsZv6WezAukZLr2ZCnys xrRYYJnGOGnNVbzYUIN0bkXE5CggmGGWlujIKCQaZBytYp1hq17Z6Sa+0DWmit91 SUbls9JyqEMebLxAts7BrNO1InnYpEmruk1RHelvuswVT3getIfOXIanZh91tMmy BbtXi3uyOm+QXGaKTHKT85cQFuImXMpV7g9VU/8k6DRD0fi5f1XRRshMOmtuaQB2 6804f8q1aMvzjZO2kbvVdrNFP/Fl8tmccN3oNpfVwodrm376JAPOi7U32V+kPTaR DkBiEO0IXgO46RMfsLg19/MGjUDBDO6Uk+tLsCGxpQbXI+m48NL052JIScAOsfae KsBIUPf+Z4Uo4X7ILs7tOV0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 361138840086556182844030614436819269984388 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-27 02:06:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-28 02:06:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'swisswatch.co' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 779311912954149189396694630510501574300802877433976500399305683409046116537328994458582393967577257090629888335749115471807218593486244652468935181035990892598512472674581955613193771543596837039362025170528627307706802097305946635033398121742086650046573781268583847865499067679854529892559356716230615761481431502171763854580183499602294563534672247354899559541427208016192268752569573854885895333940898390835912491573123132919746509130920083876444568485796556981983875070903071286225058240480719278915423040575089424594417792451551746821769822846329839567796498189101755763200762051816515642958630010315928112588154689003003015583355271501563625409795674410805232615509690163286098152041491464094083453613492554313310591373878395734615484263365517790803456991943503067180356194409709579750425492527525225051354533641328268858701384947663746694872687126595084286215832155776418818022658032588834760436943622743815213063548114961707892744194342276441602440586409515817515419224977951661466805469642348301510435439922529221790495049752782548959224806494571636003294128141539442911246717156222383349116105598935111382394453762665824150211735296012857126956444848652014518177484083783659501841459162309818921116093453934821723656239453 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1cc9a4a22660af26a69909ac4299240dc7fc017c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'swisswatch.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001692ceaf2f5000004030047304502201e9f40588ca99b90066858674452d90a570111a9f6853ec8d93a478ee56de515022100b998da909868339aa49ba210faa01e4294f495afe293d77312c40c90f55ea37d00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001692ceaf2f8000004030047304502203bb11b18c58c23e2ece9afe376b0b5642dfc265b3f42c81854f00a6c6ba3c5e30221009b877acbebc5e3b8ce135004137d615032ff4acd4ed01839dcc0eb6b46befb25 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004e0ac8231111479d28622621c221210881d710370de18098bf4e7416518744d97876a42dc2952b996b17a15d83f396b837a796259cf69776367c8c065adf490ad19fb560fd5ce1e3a8f9f98f7c40896fae80556d6fd40d3043cfdd9233cc115722dae1b87c86067dadda5dd841c6ce51a39a91b2790d1bf4f2f5282f8fd2393e4b93d4abf96b193fb360747239755a402809fc0820e645d8c4d00e9cfc76bcb7d847d6a011ab304276f899b061144b0f9178bd27efe3765e47eb9e91cbbfa2382760d336fce0f2d18b45b286c1e4ce993c960f6e0086bdbd115473c2743e8a06114e5c12a3a774d0f5f40ecda55f1f7c97bf56f96a9600801cbda0e97ac59093