webhost.gewis.nl

Issued by R3

About this certificate

This digital certificate with serial number 04:31:67:7b:f3:c1:2a:b4:d1:97:e2:4a:c6:5d:58:50:eb:de was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=webhost.gewis.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:31:67:7b:f3:c1:2a:b4:d1:97:e2:4a:c6:5d:58:50:eb:de
Serial Number (int): 365260533786176203434353671791809649503198
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 01:56:fe:33:ff:ca:19:e3:71:18:13:3a:2c:5f:fb:d9:5c:13:bf:7d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 0a:4d:0f:cc:b0:60:cf:ec:01:7e:47:19:c7:59:d3:62:ef:0e:91:d9
Fingerprint (sha256): 18:63:e5:bd:b0:15:fd:81:ca:6e:08:3e:7f:0d:5c:7c:a9:6a:51:8d:8a:88:b2:46:44:cc:f7:93:de:9f:09:1a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate webhost.gewis.nl

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for webhost.gewis.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gewiswebhost.win.tue.nl
webhost.gewis.nl

Other certificates including the domain name gewis.nl

(limited to 100 certificates)
judge.gewis.nl
webhost.gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
*.gew.is
sni46910.cloudflaressl.com
*.gewis.nl
secure.gewis.nl
gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
webhost.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
gewis.nl
*.gewis.nl
gewis.nl
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
gehack.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
gewis.nl
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
judge.gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gehack.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gehack.nl
sni.cloudflaressl.com
gelimbo.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
status.gewis.nl
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
www.gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
athena.gewis.nl
sni46910.cloudflaressl.com

Certificate

The complete raw certificate details for webhost.gewis.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIETDCCAzSgAwIBAgISBDFne/PBKrTRl+JKxl1YUOveMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjAxMDUxOTM2MDFaFw0yMjA0MDUxOTM2MDBaMBsxGTAXBgNVBAMT
EHdlYmhvc3QuZ2V3aXMubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEzbu1hSGBGQLNSzUJOi7nF4/68qk+Vxg0G2kMH8ExVhffMhFBXKUl+UYNWeB2
HPNW5yHRy1SMBItSVBkbdpBBmpa1lUm1Qn3j528SHIGUTo1efgzr0GtqH/3JN14s
CZboNrj9HPr6SXpw1kTh3DN7wcxLx6ZqB53XAnVzznAggnyi6jg0rmhlzPX1kplw
JpLpVRBRL7/K12sY8ccxO+6nhZ+XhIKLkMQ8pnfr87TMMDX/JxLOpHIvBeOfeumG
kZszzlIpqyDLOyhpBFVRuKD8/3P5782sOqWM9a6nrwkFOebSuqv2EkaVbsU9sK8D
qFaFqLwAwfVEFRB4wh7khz0NAgMBAAGjggFxMIIBbTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFAFW/jP/yhnjcRgTOixf+9lcE799MB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMDQGA1UdEQQtMCuCF2dld2lzd2ViaG9zdC53aW4udHVlLm5sghB3ZWJob3N0
Lmdld2lzLm5sMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgw
JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMBMGCisGAQQB
1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAf62T/uEqliWpHqxbS6+R/
RPj3cWcPFEC893sqKIb5n9/39atdcRWLPAb/xF63fyn3/JYA+WA8a3tNXW+6e1wR
43XGkTI9m799eh49EOgh0F2a3MO/Vn5JjG48rAgHD/r3oFVb85b1Gp/Mze0JmcYM
wuRWjBRYdM3Msffet4Bb9pgl7gLGPcmeOop7+E9lNYl4pNASocVCgU7IEa6Wg0Pd
llYfxA/l7U6u/69vn99eYO8P9OESFtVaQ8+12egVfgnM12gOgDE1Ep+TtYxST1dA
8ro9mWAJpWBRBJb5Ir2KgNJj+Ntp5SQApbhucbq2onml4K7upBz10++ANRn8b91J
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM27tYUhgRkCzUs1CTou
5xeP+vKpPlcYNBtpDB/BMVYX3zIRQVylJflGDVngdhzzVuch0ctUjASLUlQZG3aQ
QZqWtZVJtUJ94+dvEhyBlE6NXn4M69Brah/9yTdeLAmW6Da4/Rz6+kl6cNZE4dwz
e8HMS8emaged1wJ1c85wIIJ8ouo4NK5oZcz19ZKZcCaS6VUQUS+/ytdrGPHHMTvu
p4Wfl4SCi5DEPKZ36/O0zDA1/ycSzqRyLwXjn3rphpGbM85SKasgyzsoaQRVUbig
/P9z+e/NrDqljPWup68JBTnm0rqr9hJGlW7FPbCvA6hWhai8AMH1RBUQeMIe5Ic9
DQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 365260533786176203434353671791809649503198
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-05 19:36:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-05 19:36:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'webhost.gewis.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24844158614389306287256983431022249908100317619585969781633645185303681073852394244987867663417806975154849241466958181135105537189811478709417719890936582284392407219951443306773730176425136439482937594481524055593332670378329082133582452405390616604838380663619032321004513712199868332706108048052770562081180443876324287106697870791224116949678571698977156391485968065535031916680857881466011300119779699153434351642494881656799312848501180183530068320622987935119519289019561518466527374540420912386269184827629643314310843277282793826820220269272441693596714829308713954289871516095483761039733647145333877587213
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0156fe33ffca19e37118133a2c5ffbd95c13bf7d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gewiswebhost.win.tue.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webhost.gewis.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001feb64ffb84aa5896a47ab16d2ebe47f44f8f771670f1440bcf77b2a2886f99fdff7f5ab5d71158b3c06ffc45eb77f29f7fc9600f9603c6b7b4d5d6fba7b5c11e375c691323d9bbf7d7a1e3d10e821d05d9adcc3bf567e498c6e3cac08070ffaf7a0555bf396f51a9fcccded0999c60cc2e4568c145874cdccb1f7deb7805bf69825ee02c63dc99e3a8a7bf84f65358978a4d012a1c542814ec811ae968343dd96561fc40fe5ed4eaeffaf6f9fdf5e60ef0ff4e11216d55a43cfb5d9e8157e09ccd7680e803135129f93b58c524f5740f2ba3d996009a560510496f922bd8a80d263f8db69e52400a5b86e71bab6a279a5e0aeeea41cf5d3ef803519fc6fdd49