afd-nordsachsen.de

Issued by R3

About this certificate

This digital certificate with serial number 04:44:65:9d:81:cd:77:48:a5:2c:c9:8d:cb:8a:1c:fd:5a:d6 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=afd-nordsachsen.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:44:65:9d:81:cd:77:48:a5:2c:c9:8d:cb:8a:1c:fd:5a:d6
Serial Number (int): 371723414528555397298440111229755715312342
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: fd:b6:78:7b:31:5f:9d:9c:3b:ef:5c:ce:88:b7:de:c8:98:1f:77:bd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 05:0e:32:2a:e9:31:35:63:27:c6:1f:27:c0:d5:27:81:ae:fd:af:1c
Fingerprint (sha256): 24:ec:42:76:cf:f3:1d:3a:d3:53:71:58:c0:20:11:b7:8a:b5:ef:70:71:28:ec:d9:fd:a6:5d:74:68:b9:3e:1e

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate afd-nordsachsen.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for afd-nordsachsen.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

afd-nordsachsen.de
www.afd-nordsachsen.de

Other certificates including the domain name afd-nordsachsen.de

(limited to 100 certificates)
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de
afd-nordsachsen.de

Certificate

The complete raw certificate details for afd-nordsachsen.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISBERlnYHNd0ilLMmNy4oc/VrWMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMzEwMTAyMzdaFw0yNDA0MzAwMTAyMzZaMB0xGzAZBgNVBAMT
EmFmZC1ub3Jkc2FjaHNlbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBAO74ZgB2aB+Ppm2n/nm9hfCy3qfm9zE1Atx9tAduNExgzab6qB5VBrRR8DP6
ZaiHuM1THjMDwoiO2iZzTEDqp/FtTx6lnnRw8+jGMZrQM+WAn52w8eX47Gecx3qT
zTj676CReWXgwbPCzIqYY8TiF51R1eB7Z9Oy/InyyUTKaSTuOjpt3RedZm1AYqST
QqGhiq3bzWBNSFIbqMfWlunVIEXd8Kbv+/3sqPSTNAMseySo4BeJc+sn6fr8/GqM
1q+9AGibgVUja4zQ5YNghMGO4+i7aJSAkJYEeqwKRLXZxKLt5QfcvvSFAatFODYs
s5E2+NswRb2l7PJNqQQwFDg9/rqxkO+Qg6uXlLppk2M6r6X650AuuAW8G5K9HdCK
3wtMRFfwiX1ogCN1jVwFnMTyyo4/Lp0cN1altDXeKZ1TC5e1JSmPoheFJG5pqNJ1
NlXnLmkNhJBXPMhF/LutgeaZhriJznHhAhbns5Yg8kk1NcpJ1n6qWIDVBI/QfmQT
kWzoru8EZnye+hK7I7KmGtkWglM1jpYoDk1wx6FODSdeBbWM5bFP3FgpC6D9iEdN
ZfyjrtN+ACna4HsO0l7wAdsHpzJT1Ra9l/svbmaIwRLNr3tWuglO35LJSPFzzBrn
Ld2T3TnYvygRT71tXFUpbyEh5SEj/h9wa310s2KBbCUFNPXhAgMBAAGjggIuMIIC
KjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFP22eHsxX52cO+9czoi33siYH3e9MB8G
A1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAh
BggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZo
dHRwOi8vcjMuaS5sZW5jci5vcmcvMDUGA1UdEQQuMCyCEmFmZC1ub3Jkc2FjaHNl
bi5kZYIWd3d3LmFmZC1ub3Jkc2FjaHNlbi5kZTATBgNVHSAEDDAKMAgGBmeBDAEC
ATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AEiw42vapkc0D+VqAvqdMOscUgHL
Vt0sgdm7v6s52IRzAAABjV1BA0sAAAQDAEgwRgIhAIRoTpfdk6hkPBUonvvDeaC5
8fizlwOvhDhwtYQWZ0sOAiEAo9VbyYWau960CjwyvASa0S2Ly2y16syjUbU0EstT
wdwAdwB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY1dQQPRAAAE
AwBIMEYCIQDY5Yp/kHEvs4QjecqQFFQeAkzXpqJgFDTDlxsvcv6yAQIhAJ7SrW4q
d9KNDvCqNod7+LLvTFkWWRxqKPizuwgyZF4TMA0GCSqGSIb3DQEBCwUAA4IBAQA1
uH7ZbzJQAn4i+E1MHNh3YCwtoILe5comJKk44FabRYyEmGshTgZ8PjzO7F3l2oia
muggJh/XXfYaA7XHj30bev4qkqUTJIwHGJA2kX4YJc6uFhIQeJAc/DE/ucQfIYZC
3AMCYRXwG/fBY/C/Rv8tjpyWKmt+3O1nZ1TDn/j1pDgax6fXd0yuTP7GCMYEMMJ2
u6N8LohUa+lnb77Dpm6ZcupLcUPH7uxA6fV4899ogK1ZPbeZAdoqb0++IFcBIS+E
9W76wV9uCBUlO6j+/lgsJK8dCea0puMpBsw589wRFcZQP7sHHrD3qXJNsYx+45rD
0C5+RhHKfC4KTjNYkDYB
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7vhmAHZoH4+mbaf+eb2F
8LLep+b3MTUC3H20B240TGDNpvqoHlUGtFHwM/plqIe4zVMeMwPCiI7aJnNMQOqn
8W1PHqWedHDz6MYxmtAz5YCfnbDx5fjsZ5zHepPNOPrvoJF5ZeDBs8LMiphjxOIX
nVHV4Htn07L8ifLJRMppJO46Om3dF51mbUBipJNCoaGKrdvNYE1IUhuox9aW6dUg
Rd3wpu/7/eyo9JM0Ayx7JKjgF4lz6yfp+vz8aozWr70AaJuBVSNrjNDlg2CEwY7j
6LtolICQlgR6rApEtdnEou3lB9y+9IUBq0U4NiyzkTb42zBFvaXs8k2pBDAUOD3+
urGQ75CDq5eUummTYzqvpfrnQC64Bbwbkr0d0IrfC0xEV/CJfWiAI3WNXAWcxPLK
jj8unRw3VqW0Nd4pnVMLl7UlKY+iF4Ukbmmo0nU2VecuaQ2EkFc8yEX8u62B5pmG
uInOceECFuezliDySTU1yknWfqpYgNUEj9B+ZBORbOiu7wRmfJ76ErsjsqYa2RaC
UzWOligOTXDHoU4NJ14FtYzlsU/cWCkLoP2IR01l/KOu034AKdrgew7SXvAB2wen
MlPVFr2X+y9uZojBEs2ve1a6CU7fkslI8XPMGuct3ZPdOdi/KBFPvW1cVSlvISHl
ISP+H3BrfXSzYoFsJQU09eECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 371723414528555397298440111229755715312342
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-31 01:02:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-30 01:02:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'afd-nordsachsen.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 974913793035840233691116444276298826932744959298190473586941922371961399957623647274726436983402031087538673478550604558282351578836608924748959412712676484298091869085582912073299751712115843418652252317768110083700514979248405704666974322345324860253998776555694587889142584916225766589376624023815337077473424960293086043677199962926316826425712050041535940870826437370231954660930970237574909319745176572444146059739087363111810092518856015486157851037828443646315901676739668068848943186377667376311556807213397506759003002353049078861351165728801623535902759410878684473727022166392586930362440312810243926413525538989689653189902623309252056058609455298275329704459710619552291622227428114028733019309188883597597986218430077350606325175878523029919086078120413119495255089609324240929902157478302792062466630648266580273065556433628252586744742647872663207339982925087032948838262932179936702852790597866131811186913122566381264306454225919498681886836085707590884044331165625337915050662018267299976549405011990334709396067228797602836309372676340096373498799088051669724587407261660817444490568962047908757665473174079957490956308456339613495557788760235173605799192827518850778202015438458222456835705710658863100622861793
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fdb6787b315f9d9c3bef5cce88b7dec8981f77bd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'afd-nordsachsen.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.afd-nordsachsen.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d5d41034b000004030048304602210084684e97dd93a8643c15289efbc379a0b9f1f8b39703af843870b58416674b0e022100a3d55bc9859abbdeb40a3c32bc049ad12d8bcb6cb5eacca351b53412cb53c1dc00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d5d4103d10000040300483046022100d8e58a7f90712fb3842379ca9014541e024cd7a6a2601434c3971b2f72feb2010221009ed2ad6e2a77d28d0ef0aa36877bf8b2ef4c5916591c6a28f8b3bb0832645e13
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0035b87ed96f3250027e22f84d4c1cd877602c2da082dee5ca2624a938e0569b458c84986b214e067c3e3cceec5de5da889a9ae820261fd75df61a03b5c78f7d1b7afe2a92a513248c07189036917e1825ceae16121078901cfc313fb9c41f218642dc03026115f01bf7c163f0bf46ff2d8e9c962a6b7edced676754c39ff8f5a4381ac7a7d7774cae4cfec608c60430c276bba37c2e88546be9676fbec3a66e9972ea4b7143c7eeec40e9f578f3df6880ad593db79901da2a6f4fbe205701212f84f56efac15f6e0815253ba8fefe582c24af1d09e6b4a6e32906cc39f3dc1115c6503fbb071eb0f7a9724db18c7ee39ac3d02e7e4611ca7c2e0a4e3358903601