www.pensioenbij.nl

Issued by R3

About this certificate

This digital certificate with serial number 04:44:f3:97:6b:1a:a2:f8:5e:e1:99:e9:33:12:18:d4:33:e7 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.pensioenbij.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:44:f3:97:6b:1a:a2:f8:5e:e1:99:e9:33:12:18:d4:33:e7
Serial Number (int): 371912133289794372067450592263082989597671
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 79:ef:1a:7b:b3:fb:a5:2c:b3:b1:91:5c:41:44:00:e9:79:4a:e1:3b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 2d:9c:60:4e:0b:98:62:d6:d3:e4:b3:89:20:20:db:f2:e1:23:d2:82
Fingerprint (sha256): 1d:b2:88:d1:3f:dc:ed:96:c4:c0:f0:a6:a5:0f:94:f7:eb:56:a4:7b:b1:4b:59:67:67:d5:ec:5f:69:67:de:fc

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.pensioenbij.nl

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.pensioenbij.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pensioenbij.nl
www.pensioenbij.nl

Other certificates including the domain name pensioenbij.nl

(limited to 100 certificates)
goldentrumpetproduction.co.ke
slowp.app
evaluator.cc
hnbm.pensioenbij.nl
mltechnology.com.my
www.logolikes.com
event-hub-admin.stonehappi.dev
flashmessenger.app
suitebrains.4bs.com.co
bridges.againwewander.com
nm-develop.de
www.exploregalaxybuds.com.au
barodawoollenfelt.com
raetsheren.pensioenbij.nl
www.pensioenbij.nl
www.spunkyfantasyparties.com
olympus-tst.internal.paperbox.ai
vataliyaprajapati.com
app.qas.wohnsinn.com
lighthouseexperiential.com
www.pensioenbij.nl
api.rarimobiliaria.pt
www.norso.app
customers.approv.tech
drink-with.us
soldwithrys.com
www.unisocialapp.com
demo.pensioenbij.nl
www.orator.app
report.myivation.bycopilot.com
www.odipappa.com
www.gemhs.net
console.redoos.com
storybook.polarcode.app
stg.cinemaflash.jp
test.pensioenbij.nl
batalhadepalavras.com
theverysecretproject.com
www.belezio.com
musicmausam.com
konexus.app
staging.givepanel.com
share.dev.mijnmarkt.app
www.benknight.me
comicsflow.com
stg.propo.fm
app.my-helper.ch
hans-test.pensioenbij.nl
kulunkoglupvc.com
k.koopid.ai
player-staging.screenlime.app
www.rudycatwell.com
www.folkia.eu
nem.rnetian.in
blabla.cam
imente.co
stage.stockbot.in
www.pensioenbij.nl
erstwhile.oktuss.com
openmultilinks.com
marlink.pensioenbij.nl
www.rota2025.com.br
www.benknight.me
admin.b2engenharia.com
minimoly.com
www.guarderiapp.com
www.clean-concept-group.com
doc.pensioenbij.nl
polaris.ixir.io
manage.aigens.com
alcisproject.com
hrcreative.co
firenotes.umthing.com
demo.pensioenbij.nl
saopaulo.poderegularizar.com.br
veloapli.vipsport.lv
dev.codeheroes.app
link.staging.urbandecay.beautyadvisors.mx
spanish.luukjonko.nl
www.msgzar.com
www.culturetek.fr
www.taka1156.site
pass.patriciandraade.com.br
bio-techne-test.autolomate.com
www.yannic.ellhotka.at
chennaicyclists.com
www.getseec.app
pro-gress.app
stuffiown.io
kernersville-knvl.cox2m.com
thiele.dev
edc.tasq.me
www.nonzerosum.au
www.outgoing.app
www.waisiqi.com
windowseat.agency
www.brunosbrasil.com.br
www.dubbiebee.com
www.msgzar.com
prod.pensioenbij.nl

Certificate

The complete raw certificate details for www.pensioenbij.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISBETzl2saovhe4ZnpMxIY1DPnMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMDEyMTQ1NDJaFw0yNDAzMzEyMTQ1NDFaMB0xGzAZBgNVBAMT
End3dy5wZW5zaW9lbmJpai5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiYWOvsy7Z3gehwDociMe/SY2NnAZyQThAWlJz1GbYFMFa2gkFi1DELecDU
4cE2Ex9ccBYh0BxTE4w8DIxdFUf4x5QpQY/C47Iptht3jahz6thjkTfSJlBhoQS9
+nYiBqWgPdwHS4+3BiS2F5Iuya7cFiwsw2yUIy2fndRA2pgmPWeHN7ZMpKPuUjHj
hyztOO5wpbWYfcOHlvsuRWyibCT/Y0K25HzUX2uWcyR6DKWJaIbxcQN5Uw6IHG5a
pfCADGYNpKIgtbkJHAA1jzyJp4qMTlf9HigZOmPQVgPp9TINN0A/mpBxM9fXtH5B
SLQFqo73ZTaHh2bK/22DQ+9IrI0CAwEAAaOCAiUwggIhMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUee8ae7P7pSyzsZFcQUQA6XlK4TswHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wLQYDVR0RBCYwJIIOcGVuc2lvZW5iaWoubmyCEnd3dy5wZW5zaW9lbmJp
ai5ubDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA
8QB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjMc0S1MAAAQD
AEcwRQIgQv0gdgjCsvISInPOCiMFFKMhe5+oUcsvI2e+jrxZk24CIQDFSrZWNJ7a
9TBu9habHVUC6QmHwg5wj6p1Xn1Ov93lkgB3AHb/iD8KtvuVUcJhzPWHujS0pM27
KdxoQgqf5mdMWjp0AAABjMc0S80AAAQDAEgwRgIhAOSpuwcSCrnCuTcRXHu4HO2S
Hf00Npe0RjwqdVt1idHBAiEA9YyYIk7r+2xnQR/h6GBzAvTGj1W1owj8XySYDgCZ
/ekwDQYJKoZIhvcNAQELBQADggEBAHww7PtO+zLoLHf1s5aTR6dsha3AUUWAkhGY
tuaLmfbZZBgzvRJcKZZg8JelynuLS9QLfWJ29DDSYRyUKRzA0XX0Hlu3wNQy4m3w
56QXtJ8oeV4eKAyW2zdYSLC00Kz1hrzOiOUdxhwr1x+JubKvsGXzIaKl1r/OgMpD
Xzh7Gm12qkWb1B34Iu882Qry6pLhkTKBJsOhTzCSsfWjvh06BOnQrF68JcRURZvZ
7klQBF20E5TvdqSvocehaEhhJhOv4MWP+npFE7wLvIuK4HwM30nAc+ZOGFtGLM83
78OySuKSjaPsrxM51UOAwoOtu+2jUSg048DHAWKl3qu30EvKodk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJhY6+zLtneB6HAOhyIx
79JjY2cBnJBOEBaUnPUZtgUwVraCQWLUMQt5wNThwTYTH1xwFiHQHFMTjDwMjF0V
R/jHlClBj8Ljsim2G3eNqHPq2GORN9ImUGGhBL36diIGpaA93AdLj7cGJLYXki7J
rtwWLCzDbJQjLZ+d1EDamCY9Z4c3tkyko+5SMeOHLO047nCltZh9w4eW+y5FbKJs
JP9jQrbkfNRfa5ZzJHoMpYlohvFxA3lTDogcblql8IAMZg2koiC1uQkcADWPPImn
ioxOV/0eKBk6Y9BWA+n1Mg03QD+akHEz19e0fkFItAWqjvdlNoeHZsr/bYND70is
jQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 371912133289794372067450592263082989597671
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-01 21:45:42 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-31 21:45:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.pensioenbij.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19263347633048637904692409058500491957070341204876476874983828893421060284081528266002883381108131736172778098833779461216977020764112095699108764643897576175258787597583012761752311375605925721305183168406526961070832150690960029045816785206624063972810366922014338772688300000899628727731593792290148494731204999571886928243242555312269941438653443904869106920591101460150914693266258075324063200561571344232505460652570727187152655534343387663918531899742417430524850684012711339995500442655256218389876579261753188956877546899194731245476235443203379388615826237123766274333248477776287536702101206849220837420173
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							79ef1a7bb3fba52cb3b1915c414400e9794ae13b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pensioenbij.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pensioenbij.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cc7344b530000040300473045022042fd207608c2b2f2122273ce0a230514a3217b9fa851cb2f2367be8ebc59936e022100c54ab656349edaf5306ef6169b1d5502e90987c20e708faa755e7d4ebfdde59200770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cc7344bcd0000040300483046022100e4a9bb07120ab9c2b937115c7bb81ced921dfd343697b4463c2a755b7589d1c1022100f58c98224eebfb6c67411fe1e8607302f4c68f55b5a308fc5f24980e0099fde9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007c30ecfb4efb32e82c77f5b3969347a76c85adc0514580921198b6e68b99f6d9641833bd125c299660f097a5ca7b8b4bd40b7d6276f430d2611c94291cc0d175f41e5bb7c0d432e26df0e7a417b49f28795e1e280c96db375848b0b4d0acf586bcce88e51dc61c2bd71f89b9b2afb065f321a2a5d6bfce80ca435f387b1a6d76aa459bd41df822ef3cd90af2ea92e191328126c3a14f3092b1f5a3be1d3a04e9d0ac5ebc25c454459bd9ee4950045db41394ef76a4afa1c7a16848612613afe0c58ffa7a4513bc0bbc8b8ae07c0cdf49c073e64e185b462ccf37efc3b24ae2928da3ecaf1339d54380c283adbbeda3512834e3c0c70162a5deabb7d04bcaa1d9