picturedesk-new.stern.de

Issued by R3

About this certificate

This digital certificate with serial number 03:00:c7:18:2c:15:d2:83:64:ce:4a:af:3b:19:c0:aa:4a:67 was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=picturedesk-new.stern.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:00:c7:18:2c:15:d2:83:64:ce:4a:af:3b:19:c0:aa:4a:67
Serial Number (int): 261601499675721507705302601719713458965095
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: bf:a6:7d:81:1b:16:73:c2:25:02:51:e8:e7:1a:ba:d8:0d:2b:bb:85
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 98:d2:96:f1:a0:28:f3:68:42:cf:a2:7f:7b:ad:71:da:66:e3:98:87
Fingerprint (sha256): 23:48:d6:3f:c5:0b:40:96:10:52:5a:9d:d2:61:67:15:93:47:06:96:1b:53:fe:de:5b:04:b3:66:74:64:67:00

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate picturedesk-new.stern.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for picturedesk-new.stern.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

picturedesk-new.stern.de

Other certificates including the domain name stern.de

(limited to 100 certificates)
abo.stern.de
commsvc.stern.de
static.stern.de
secure.stern.de
static.stern.de
static.stern.de
www.guj.digital
secure.stern.de
getsomelorem.com
wefind.stern.de
ssl.1.damoh.aws.stern.de
andreyneto.com.br
static.stern.de
serviceportal.dpv.de
quizbattle.stern.de
www.stern.de
stern.de
gutscheine.stern.de
www.stage.stern.de
mobile.stern.de
commsvc.stern.de
wap.stern.de
blog.stern.de
static.stern.de
*.stage.mobile-toolkit.guj.digital
tausendreporter.stern.de
neon.stern.de
www.guj.digital
www.view.stern.de
ssgtm.stern.de
view-s3.stern.de
www.stage.stern.de
*.gws.stern.de
ssl.1.damoh.aws.stern.de
*.aws.stern.de
static.stern.de
blogs.stern.de
krankenkassenvergleich.stern.de
serviceportal.dpv.de
aktion.art-magazin.de
serviceportal.dpv.de
www.guj.digital
serviceportal.dpv.de
*.brigitte.de
jungefotografie.stern.de
static.stern.de
static.stern.de
hheezd.stern.de
lbm.stern.de
newsletter.stern.de
www.guj.digital
www.stage.stern.de
*.coremedia-dev.guj.digital
*.aws.stern.de
insider.stern.de
www.guj.digital
www.stage.stern.de
augenzeuge.stern.de
static.stern.de
view-s3.stern.de
baeume.stern.de
www.guj.digital
secure.stern.de
stern.de
neon.stern.de
*.stern.de
commsvc.stern.de
oc.stern.de
static.stern.de
*.stern.de
www.guj.digital
tausendreporter.stern.de
static.stern.de
abo.stern.de
static.stern.de
static.stern.de
static.stern.de
*.coremedia.guj.digital
gewinnspiele.stern.de
neon.stern.de
stage.serviceportal.dpv.de
ssl.1.damoh.aws.stern.de
commsvc.stern.de
quizbattle.stern.de
secure.stern.de
dev.serviceportal.dpv.de
serviceportal.dpv.de
dev.serviceportal.dpv.de
reisewelten.stern.de
commsvc.stern.de
picturedesk-new.stern.de
commsvc.stern.de
form.ipstar.app
static.stern.de
serviceportal.dpv.de
wetter.stern.de
view.stern.de
*.stern.de
static.stern.de
stern.de

Certificate

The complete raw certificate details for picturedesk-new.stern.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAwDHGCwV0oNkzkqvOxnAqkpnMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MTgyMzMyMjFaFw0yNDA3MTcyMzMyMjBaMCMxITAfBgNVBAMT
GHBpY3R1cmVkZXNrLW5ldy5zdGVybi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALwLaR4GV2ZTnip4mi60CZL7OCAkLHRI4I/Zt0omMUmKYDZcdIR0
gdRQlwIvgPXWWoE7Ih9keyOuC28B7LC+TL1/H+sC3ZF8dZUZUpBbnuuXXiK8XVAO
xcSwRhUU1jQ5taEthdOJL6FngOWHZGnG/xlEWsXkg81yJVcBE6S4Mx4/hT267nKJ
X3Szd3hFwjDawu/H9iTkr3CLqWttW5XQM6+UMG2yQV4dy7Vu/c1ntwxDXNmUYskG
H/IUzlcy/hcfKAXRLNqwlV60G/jw4k78pm85MMupv0NbZDf0vnsR7Kf79zyxVDwh
TvHOlvfMZZmVEekKwGmPjwL8yIAQ9otP91ECAwEAAaOCAhowggIWMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQUv6Z9gRsWc8IlAlHo5xq62A0ru4UwHwYDVR0jBBgwFoAU
FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB
hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p
LmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYcGljdHVyZWRlc2stbmV3LnN0ZXJuLmRl
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA
PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGO88TBfQAABAMARzBF
AiEAl1Shs1K4kBsSYJsAlyMLmuC9PK7zMI21QPVd0Wr+e5kCIFM0tmuA3HVWfYIK
JzUJOBSDgzIJ0x7UXZd4cIUD2Z5DAHYA3+FW66oFr7WcD4ZxjajAMk6uVtlup/Wl
agHRwTu+UlwAAAGO88TB8QAABAMARzBFAiAKpNmW1Nc9ezTwYO9Akpz9RYwWPWjh
YfoV18yVjzFVOgIhAK4cttt8n5sZ967s/2BeXVOOoZUHvywKV8LANgqRMzHyMA0G
CSqGSIb3DQEBCwUAA4IBAQAoDt+qXTUz3E2//m/NEYvoVkK+b3SBWKtz1sCjgIIH
HoB+jqnhg+Mr/4sV3hMlgM8j5OSj7Ty8Zi8nHb79PXSGVurbbPpdfo7q9PETCjiD
82MxWU92Ajg7htD/0zUpMo9CZJCjT9+fvcweqA9/0UbTWy4biGETx8F2NJri5r1J
NRmUIAJ6tO/Wc8Ss9OzSAKrrML/pgTvKQ1i6zr/Jefv7twntt0Jpje1a1fIPVJSS
2REn/Zaq9M1UfdHxDNwUVa2BsFpfz2UxkJ4tx6gDeo9LjM8YAV+5bHSf+jmJcKe/
R2CcDB6cInIXnvJ4hGm0/T9YgMKP1hxzW0WbubAdySZR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAtpHgZXZlOeKniaLrQJ
kvs4ICQsdEjgj9m3SiYxSYpgNlx0hHSB1FCXAi+A9dZagTsiH2R7I64LbwHssL5M
vX8f6wLdkXx1lRlSkFue65deIrxdUA7FxLBGFRTWNDm1oS2F04kvoWeA5Ydkacb/
GURaxeSDzXIlVwETpLgzHj+FPbrucolfdLN3eEXCMNrC78f2JOSvcIupa21bldAz
r5QwbbJBXh3LtW79zWe3DENc2ZRiyQYf8hTOVzL+Fx8oBdEs2rCVXrQb+PDiTvym
bzkwy6m/Q1tkN/S+exHsp/v3PLFUPCFO8c6W98xlmZUR6QrAaY+PAvzIgBD2i0/3
UQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 261601499675721507705302601719713458965095
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-18 23:32:21 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-17 23:32:20 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'picturedesk-new.stern.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23738428117288642445182524106523521559127832482626668227720197481548652068764041906573888610436087320514542043206996256911851691377539318087655424676480276640191322202406132104084156054264134390495866142233301799105852635664164225034305018219088132689023038147041642284493010569360356145348370688935323078244466967789522431040684360535930059570834816068710643038602230044555835699900032365402262613569335077635157058777749210761085416235595099636925226833764851713467410627327665767671508259642571339895997403133171948278997797161629329655151156600807574990837822862834562263292619966117481899147400922166151535916881
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bfa67d811b1673c2250251e8e71abad80d2bbb85
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'picturedesk-new.stern.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ef3c4c17d00000403004730450221009754a1b352b8901b12609b0097230b9ae0bd3caef3308db540f55dd16afe7b9902205334b66b80dc75567d820a273509381483833209d31ed45d9778708503d99e43007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ef3c4c1f1000004030047304502200aa4d996d4d73d7b34f060ef40929cfd458c163d68e161fa15d7cc958f31553a022100ae1cb6db7c9f9b19f7aeecff605e5d538ea19507bf2c0a57c2c0360a913331f2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00280edfaa5d3533dc4dbffe6fcd118be85642be6f748158ab73d6c0a38082071e807e8ea9e183e32bff8b15de132580cf23e4e4a3ed3cbc662f271dbefd3d748656eadb6cfa5d7e8eeaf4f1130a3883f36331594f7602383b86d0ffd33529328f426490a34fdf9fbdcc1ea80f7fd146d35b2e1b886113c7c176349ae2e6bd4935199420027ab4efd673c4acf4ecd200aaeb30bfe9813bca4358bacebfc979fbfbb709edb742698ded5ad5f20f549492d91127fd96aaf4cd547dd1f10cdc1455ad81b05a5fcf6531909e2dc7a8037a8f4b8ccf18015fb96c749ffa398970a7bf47609c0c1e9c2272179ef2788469b4fd3f5880c28fd61c735b459bb9b01dc92651