www.diygeneva.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:77:0c:4b:e1:6c:aa:1e:ce:59:1e:14:93:af:3c:02:ec:d2 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.diygeneva.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:77:0c:4b:e1:6c:aa:1e:ce:59:1e:14:93:af:3c:02:ec:d2Serial Number (int): 301846804189237678261622296426127770709202
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 10:f2:94:99:92:9b:43:77:86:ef:d9:69:98:b8:1a:41:d7:f5:40:6e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 16:a6:13:7e:4e:ac:00:b9:77:d9:b6:60:11:4d:86:48:b9:60:e2:47
Fingerprint (sha256): 20:c5:85:b7:96:69:92:3b:11:7b:76:43:0e:5d:ea:4c:62:42:de:2f:1d:b6:e2:00:c9:33:b2:ab:ac:85:88:11
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.diygeneva.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.diygeneva.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.diygeneva.ch
Other certificates including the domain name diygeneva.ch
(limited to 100 certificates)
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
Certificate
The complete raw certificate details for www.diygeneva.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISA3cMS+Fsqh7OWR4Uk688AuzSMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MjYwMzE2NTdaFw0x OTA5MjQwMzE2NTdaMBsxGTAXBgNVBAMTEHd3dy5kaXlnZW5ldmEuY2gwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxyF+9C9XUj9ulYS3eG7H6eJGpNGai DGyR01rZIga7WhB/a0coppupyiEwR7h44x8k2GHcCmHWQqWcZjPDbJxJYbkxkYed 1YzqHJqjhuFgZqyFU4dKhzx5vmemFZZ5p3qHgQBHS4r3kngmwEKFGMW7lWHX5IJK FxblZZcozYI+bRCvzNuFod6NKrbXCOxoedExMmXdzdNSZiygfg3AqK0HtKOEPraL DT4mfkiiNaMunES7UMWAdnJLze4AKesdPeNBFA1oQhTsI/qNCTmobLdsehE08eVx o+/+bDgpUdVO08I6MmbJGz/BvLLpFNa2v5lUHCQB0gbKHje2we92lrUzAgMBAAGj ggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBDylJmSm0N3hu/ZaZi4GkHX 9UBuMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0 Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0 Lm9yZy8wGwYDVR0RBBQwEoIQd3d3LmRpeWdlbmV2YS5jaDBMBgNVHSAERTBDMAgG BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz LmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AHR+2oMx rTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABa5IAO4kAAAQDAEYwRAIgMWUN efcY9xFeXRRpzGsUUhuR7uEV+p6AYZlsrkq3pqkCIB8cv/SXMSMpC74YrcGlSlkC Yi1CZsQdvksU81Zd+bpYAHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL 2I0AAAFrkgA7pAAABAMARzBFAiAdRezFFtkW8bcUBxNyksA6lD9MD0P92fGh6tul X+EElgIhAIMwjyEPsKRaU3dBAN9w0ryaWefdEI9v7Ou4KC8WqGoVMA0GCSqGSIb3 DQEBCwUAA4IBAQAO1wfIPYMIBEV0UklI2LyOSthXCP6/Gx+QDRsJUM2KsndH4jga F+AJpWfWpNgXaeSXksEL+s/fyqCQ44xXtRFCn7tEmglcoUjX+ZQPBwL/i+KB7DE3 qYGPd+NR7oK5ihELkjKlUxLbvStqqPb52sA5fp+kLp1FPaFDv0b/hI3p0lUjWV2e Qwj3BdfiHqiJOJQ5rNmGW1NdYUTNtza1kytQFWeRmsIYJVVhFN3EDSjf0YWDCEew xRzDNObTkmyZvrV119KbbXTtj6Vioj8+GXhRfe4Q9TILLlfFsHB+ZBlyd0fTzEyT KolcdIvdvgwkyqPp1ygh5bl+30GRyiLlCZO9 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAschfvQvV1I/bpWEt3hux +niRqTRmogxskdNa2SIGu1oQf2tHKKabqcohMEe4eOMfJNhh3Aph1kKlnGYzw2yc SWG5MZGHndWM6hyao4bhYGashVOHSoc8eb5nphWWead6h4EAR0uK95J4JsBChRjF u5Vh1+SCShcW5WWXKM2CPm0Qr8zbhaHejSq21wjsaHnRMTJl3c3TUmYsoH4NwKit B7SjhD62iw0+Jn5IojWjLpxEu1DFgHZyS83uACnrHT3jQRQNaEIU7CP6jQk5qGy3 bHoRNPHlcaPv/mw4KVHVTtPCOjJmyRs/wbyy6RTWtr+ZVBwkAdIGyh43tsHvdpa1 MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 301846804189237678261622296426127770709202 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-26 03:16:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-24 03:16:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.diygeneva.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22442988070352928939483112207050154606647669177634290028944890245562882109495021073943386538352658748914298126364193675191472262348142193865197591829285364090344762849297115014778241860266543809095543866738228164862859061227859641714546319377916770441269308560999418463268344908838554681275168738132391185079726876965768974942505368943384122758731353355734888629077091407890354219352338449045535516689238897059132675169723647096464322761129684277223187741964551096872846307631973870755591718960666099435324953281863322995826831627129190380025211839092060839068419333541229042459415446923585002271969015965982706283827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 10f29499929b437786efd96998b81a41d7f5406e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.diygeneva.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016b92003b890000040300463044022031650d79f718f7115e5d1469cc6b14521b91eee115fa9e8061996cae4ab7a6a902201f1cbff4973123290bbe18adc1a54a5902622d4266c41dbe4b14f3565df9ba5800760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016b92003ba4000004030047304502201d45ecc516d916f1b71407137292c03a943f4c0f43fdd9f1a1eadba55fe1049602210083308f210fb0a45a53774100df70d2bc9a59e7dd108f6fecebb8282f16a86a15 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000ed707c83d8308044574524948d8bc8e4ad85708febf1b1f900d1b0950cd8ab27747e2381a17e009a567d6a4d81769e49792c10bfacfdfcaa090e38c57b511429fbb449a095ca148d7f9940f0702ff8be281ec3137a9818f77e351ee82b98a110b9232a55312dbbd2b6aa8f6f9dac0397e9fa42e9d453da143bf46ff848de9d25523595d9e4308f705d7e21ea889389439acd9865b535d6144cdb736b5932b501567919ac21825556114ddc40d28dfd185830847b0c51cc334e6d3926c99beb575d7d29b6d74ed8fa562a23f3e1978517dee10f5320b2e57c5b0707e6419727747d3cc4c932a895c748bddbe0c24caa3e9d72821e5b97edf4191ca22e50993bd