kok-heijkamp.nl
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:51:b1:d7:e0:e0:58:9a:bc:c8:ae:f9:5f:29:f1:cf:4d:8d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kok-heijkamp.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:51:b1:d7:e0:e0:58:9a:bc:c8:ae:f9:5f:29:f1:cf:4d:8dSerial Number (int): 289136123775989551945965891027531199368589
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 3a:2a:ec:84:97:81:96:51:da:b9:f0:f6:8e:af:6b:d2:5a:08:f2:ff
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b6:e7:b1:f3:3a:56:16:40:71:c4:56:75:50:aa:f4:96:0e:b2:19:12
Fingerprint (sha256): 1c:21:de:2a:9a:a8:11:2e:ed:f0:02:f8:8b:db:86:a1:36:dd:a2:c9:22:16:96:6b:eb:ca:da:57:d7:0f:e8:44
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate kok-heijkamp.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kok-heijkamp.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kok-heijkamp.nl
www.kok-heijkamp.nl
www.kok-heijkamp.nl
Other certificates including the domain name kok-heijkamp.nl
(limited to 100 certificates)
*.kok-heijkamp.nl
kok-heijkamp.nl
kok-heijkamp.nl
links.lua-dev.idap.pro
www.rutaspozoalcon.es
remote.kok-heijkamp.nl
remote.kok-heijkamp.nl
*.kok-heijkamp.nl
www.saas-ai1.tech
inschrijven.kok-heijkamp.nl
remote.kok-heijkamp.nl
kok-heijkamp.nl
*.kok-heijkamp.nl
*.kok-heijkamp.nl
www.appikorn.com
links.lua-dev.idap.pro
kok-heijkamp.nl
inschrijven.kok-heijkamp.nl
*.kok-heijkamp.nl
*.kok-heijkamp.nl
kok-heijkamp.nl
prodeveloper.nl
kok-heijkamp.nl
remote.kok-heijkamp.nl
*.kok-heijkamp.nl
*.kok-heijkamp.nl
kok-heijkamp.nl
*.kok-heijkamp.nl
remote.kok-heijkamp.nl
kok-heijkamp.nl
*.kok-heijkamp.nl
link.kok-heijkamp.nl
civica.xn--adianteappsmxico-mqb.com
jarborist.pl
kok-heijkamp.nl
*.kok-heijkamp.nl
kok-heijkamp.nl
kok-heijkamp.nl
links.lua-dev.idap.pro
www.rutaspozoalcon.es
remote.kok-heijkamp.nl
remote.kok-heijkamp.nl
*.kok-heijkamp.nl
www.saas-ai1.tech
inschrijven.kok-heijkamp.nl
remote.kok-heijkamp.nl
kok-heijkamp.nl
*.kok-heijkamp.nl
*.kok-heijkamp.nl
www.appikorn.com
links.lua-dev.idap.pro
kok-heijkamp.nl
inschrijven.kok-heijkamp.nl
*.kok-heijkamp.nl
*.kok-heijkamp.nl
kok-heijkamp.nl
prodeveloper.nl
kok-heijkamp.nl
remote.kok-heijkamp.nl
*.kok-heijkamp.nl
*.kok-heijkamp.nl
kok-heijkamp.nl
*.kok-heijkamp.nl
remote.kok-heijkamp.nl
kok-heijkamp.nl
*.kok-heijkamp.nl
link.kok-heijkamp.nl
civica.xn--adianteappsmxico-mqb.com
jarborist.pl
kok-heijkamp.nl
*.kok-heijkamp.nl
Certificate
The complete raw certificate details for kok-heijkamp.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISA1Gx1+DgWJq8yK75Xynxz02NMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAxMTcwNjM4MDBaFw0x NzA0MTcwNjM4MDBaMBoxGDAWBgNVBAMTD2tvay1oZWlqa2FtcC5ubDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANpOlJYdikyT2KmbnYfJdtsaQPGI8Guz lL05yLWny+KdC7EWglAYErqHK7h+nJgZC43+Ayd8FHL4I2+d2bPpmc2MybNlNbSX 6gG8aDQb/X4pCc7lACvdMw490mKN0QHRukQ0njKZJa4pVPAatxFQ6+m7SPsd03Bt U4EAcAFZEJkdWLNaanIXXEnzSIZoujrh3GQ5MvktCEDYF6n2qEh5hVOzsmf11jLM ZpSPD2/APUr0SnfAlpghHMlIApwXMKjPdr9VgLshDX768kqjIdZAjJSNbboz4pFO 5+VCkr/s2TJW7LeVwBWUjrfWoyudGx2Pt7Lbys4jV1uxyCclRacmSyUCAwEAAaOC AiUwggIhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUOirshJeBllHaufD2jq9r0loI 8v8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEE ZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu b3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0 Lm9yZy8wLwYDVR0RBCgwJoIPa29rLWhlaWprYW1wLm5sghN3d3cua29rLWhlaWpr YW1wLm5sMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB 1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsG AQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQg dXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3 aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRz ZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAJzCiQRn w3mjsOG7lxPA8P0e41Cx8ouKHGwaEeFYFXAG8vclmlW46QGuR40Xh34LJBKZ+F/q XJgXY3RoR7YSqI2jzrKcJI/ukcLKNFWZxw5eEYIlC6IAp4Zcasr6cMc4U/kykjQs e2LIJbb/aEC3ELJ3U/esigrlrY0vpldPaAE5eZOfPw0DsCEbMjPIBWJ6eLejNUAM MOXxJeewRp0kh4pJhsAUmXOYbTQ3A5tVHbw7ZKqUy8n5mHHzEIfA/+8BYeKBwKbU iwAs7LsXzQ9/ZSCHiASpbw4MQ//Lj8c2qF/u+1BVMwR5PL1XnH3uCb4mkYxCOfqX ILexn4ttOtxpvUo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k6Ulh2KTJPYqZudh8l2 2xpA8Yjwa7OUvTnItafL4p0LsRaCUBgSuocruH6cmBkLjf4DJ3wUcvgjb53Zs+mZ zYzJs2U1tJfqAbxoNBv9fikJzuUAK90zDj3SYo3RAdG6RDSeMpklrilU8Bq3EVDr 6btI+x3TcG1TgQBwAVkQmR1Ys1pqchdcSfNIhmi6OuHcZDky+S0IQNgXqfaoSHmF U7OyZ/XWMsxmlI8Pb8A9SvRKd8CWmCEcyUgCnBcwqM92v1WAuyENfvrySqMh1kCM lI1tujPikU7n5UKSv+zZMlbst5XAFZSOt9ajK50bHY+3stvKziNXW7HIJyVFpyZL JQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 289136123775989551945965891027531199368589 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-17 06:38:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-17 06:38:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kok-heijkamp.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27558699929734503625241640306945462634205287900712324453769085182932171349958068666282388261091201173751301731176380925433963012462600361874198832772246860483682119835464463510998285383435777521248842318039996546534055988250211444425791167159760310479598775822033575091084549275683163890457259168230014167553934122827266918788900437763155711457606912146234578714488480912103598560555371011936087430259883715492087613000158495904921076335904434471570890026039114790927021944408983033300401688403213644917165822505604911534300078402324400326967950594716208451283422974036900828922988548674055244453660551726685732883237 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3a2aec8497819651dab9f0f68eaf6bd25a08f2ff . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kok-heijkamp.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kok-heijkamp.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009cc2890467c379a3b0e1bb9713c0f0fd1ee350b1f28b8a1c6c1a11e158157006f2f7259a55b8e901ae478d17877e0b241299f85fea5c981763746847b612a88da3ceb29c248fee91c2ca345599c70e5e1182250ba200a7865c6acafa70c73853f93292342c7b62c825b6ff6840b710b27753f7ac8a0ae5ad8d2fa6574f68013979939f3f0d03b0211b3233c805627a78b7a335400c30e5f125e7b0469d24878a4986c0149973986d3437039b551dbc3b64aa94cbc9f99871f31087c0ffef0161e281c0a6d48b002cecbb17cd0f7f6520878804a96f0e0c43ffcb8fc736a85feefb50553304793cbd579c7dee09be26918c4239fa9720b7b19f8b6d3adc69bd4a