iberogast.es

Issued by R3

About this certificate

This digital certificate with serial number 04:bf:47:ba:f0:51:bb:86:4f:6b:85:09:40:17:c8:1b:5d:38 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=iberogast.es

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:bf:47:ba:f0:51:bb:86:4f:6b:85:09:40:17:c8:1b:5d:38
Serial Number (int): 413538421638110471720918298010115444006200
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 63:95:fe:74:85:57:ee:3c:9b:c3:b8:6e:d3:56:1f:7c:ba:27:19:72
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 19:01:0d:9d:50:eb:dc:bc:a6:bf:3e:9d:52:9b:19:9a:e2:ef:bb:21
Fingerprint (sha256): 27:e2:40:7e:c2:4f:e6:c2:b6:e0:8e:78:60:c1:7b:b1:56:65:9b:bb:56:6d:ee:5f:94:57:f6:ce:67:19:4d:d0

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate iberogast.es

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for iberogast.es

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

iberogast.es

Other certificates including the domain name iberogast.es

(limited to 100 certificates)
www.iberogast.es
www.iberogast.es
sanssl20.bayer.com
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
iberogast.es
www.iberogast.es
iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
sanssl20.bayer.com
www.iberogast.es
www.iberogast.es
iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
sanssl20.bayer.com
www.iberogast.es
iberogast.es
www.iberogast.es
www.iberogast.es
sanssl20.bayer.com
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
www.iberogast.es
sanssl20.bayer.com
www.iberogast.es
www.iberogast.es
www.iberogast.es
sanssl20.bayer.com
iberogast.es

Certificate

The complete raw certificate details for iberogast.es in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISBL9HuvBRu4ZPa4UJQBfIG104MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMjQxMzMzNDRaFw0yNDAxMjIxMzMzNDNaMBcxFTATBgNVBAMT
DGliZXJvZ2FzdC5lczCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMiH
aDVgcNBK93zlX+uUtLz3L+exLAXZO86A8KZqxQLVgBHklxmXc80cLyCL2ASd42Zv
Pgs/ZZVcEW0G6mAYiLs8W56h3yn+TQXS2BN7aCKdoqun6POL8Jlry9UiAYgc8bas
tXaDk/AU1IgCsH32plQ4qb9coE2+etYMXnUPRzbN/WeRtcL0fXuX4G7Z0+yXS7yO
YjG4gEuqmgLUyRzki8oZ9RRV6gf0VxqdUefwyiv3Te2EMP94i4mB6F4Hf7DImEGG
LYuqqZJFpMidVezucOH3VoFgM0eEyRUU4kdEGrZdIvICM1qokyXufdx2t8Aak5ai
PtxXL/VkPxzdEUlNh+ZWTNm9uDRMSb0BMhyIX2lIF2uN3joemEfd3fOqPfOcqtWO
ABqomvkGAd4nYt9OviBIxFkxAEd6UKfr2cnahVljtyDCLIMiRmn1RuXrGkti2ZCq
7bwFsnFh90JeJ5MftSiJermKUHcxdw49td7txVPkT0bTLJ52Lmo/1elv/U5S9Dlx
1GXXYVD+I9MdIa/Z7bQvuaXu1n32MzX9s0GqytW3Oog3Jd1i1iB4Mrx6Yqn6sCXA
UMjO/hSStIUDCKSkYFCBnJ9o8n7nDJWIv2SLhLnCxzx0bUF48+SY7+1vOc6e4sab
/FvzBLDALI752YV6mFIze6bAMx+x76I2+kaPF2wfAgMBAAGjggINMIICCTAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHQYDVR0OBBYEFGOV/nSFV+48m8O4btNWH3y6JxlyMB8GA1UdIwQY
MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF
BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v
cjMuaS5sZW5jci5vcmcvMBcGA1UdEQQQMA6CDGliZXJvZ2FzdC5lczATBgNVHSAE
DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ANq2v2s/tbYi
n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABi2IbGQ0AAAQDAEYwRAIgYhZjfhmK
xabGDUKKLdt3CpKNRgHBryvA/H5HCq7GZQECIDiJ23p+OasB2ma84LD7v07phnun
yQPIo7YThKACyxVwAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQA
AAGLYhsZJgAABAMARzBFAiEAngXSidKDvMII26JRfh59Z9hb8fwSFMyDQOzq7B1L
n4ACIA56kyO6WU6ggSybPMfMncw4xEJ8lKWZJOm0j/ybom+5MA0GCSqGSIb3DQEB
CwUAA4IBAQAr4bSV778SRXJ0JljP01XRTTVkwJUM8bEnj0YT4Zi1iv+Y5ynr7QZn
46j3dE1EOxn3MHgmWN22mSbxekVC6SPSKhK+DPuxvI1rYKo0/FCtWBmfGaTIPN31
6CZGUtAIAiycMKEyeRGitCB29olLV0ijDo8jPD7nSfzXy/ytBguxRzSSFvilDpzE
diUCcW6K3U46HsrJZRuglOodmKK+iu2r7RWqqMLzfqHBhNIi08vLi/+TRl6I/Let
rmw5bjWYrtfNjLiFt4Z33Xmv585Pk3oXi5ueQxiF2HnecR6RvJswDRVaiu2QRdBb
1XTBDHvpd/TRfA+wtHX4o7+C2f/mMy2b
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyIdoNWBw0Er3fOVf65S0
vPcv57EsBdk7zoDwpmrFAtWAEeSXGZdzzRwvIIvYBJ3jZm8+Cz9llVwRbQbqYBiI
uzxbnqHfKf5NBdLYE3toIp2iq6fo84vwmWvL1SIBiBzxtqy1doOT8BTUiAKwffam
VDipv1ygTb561gxedQ9HNs39Z5G1wvR9e5fgbtnT7JdLvI5iMbiAS6qaAtTJHOSL
yhn1FFXqB/RXGp1R5/DKK/dN7YQw/3iLiYHoXgd/sMiYQYYti6qpkkWkyJ1V7O5w
4fdWgWAzR4TJFRTiR0Qatl0i8gIzWqiTJe593Ha3wBqTlqI+3Fcv9WQ/HN0RSU2H
5lZM2b24NExJvQEyHIhfaUgXa43eOh6YR93d86o985yq1Y4AGqia+QYB3idi306+
IEjEWTEAR3pQp+vZydqFWWO3IMIsgyJGafVG5esaS2LZkKrtvAWycWH3Ql4nkx+1
KIl6uYpQdzF3Dj213u3FU+RPRtMsnnYuaj/V6W/9TlL0OXHUZddhUP4j0x0hr9nt
tC+5pe7WffYzNf2zQarK1bc6iDcl3WLWIHgyvHpiqfqwJcBQyM7+FJK0hQMIpKRg
UIGcn2jyfucMlYi/ZIuEucLHPHRtQXjz5Jjv7W85zp7ixpv8W/MEsMAsjvnZhXqY
UjN7psAzH7Hvojb6Ro8XbB8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 413538421638110471720918298010115444006200
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-24 13:33:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-22 13:33:43 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iberogast.es'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 818086675429451637412640345173627026218439230609010394659642304414011516024330959640527708616490931214788931215405233438619101886733199264908817133948134752499688321825182087690775636132156851009923351507227730162421679920434882273745208437286470948935982490164806287137864992182727837344529004989503305178450966993582502790009961538220234266424835012715274401525495687332188861457666459371024708738263723190790698156471657750263596177019689401869667588620780389549443787505625597826429576720791463137498855710017067170788464251440517550941204727553267534168532121763378516641226265354674636103023610376654687842171989124090437641424707336071427809307057892101387346497782645292478499810308635474676858596472548122658068298069600203064480240810428810971912830434971587207295922586048910871757191688565022376563125759034810926492159277084814596715731390207039259884803051656380066632607601747040564749287700151129911106896561213167848397677141751103312385231391452369891875430809492154471793135342225519423322016952542535586459742651089876387331128296372210817985314591765741464909684057195685557274539172830262890230781250371748090303863590210932572860763708696296271197427934443572516481056533819787727734507165598192999665155664927
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6395fe748557ee3c9bc3b86ed3561f7cba271972
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iberogast.es'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b621b190d000004030046304402206216637e198ac5a6c60d428a2ddb770a928d4601c1af2bc0fc7e470aaec6650102203889db7a7e39ab01da66bce0b0fbbf4ee9867ba7c903c8a3b61384a002cb157000760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b621b192600000403004730450221009e05d289d283bcc208dba2517e1e7d67d85bf1fc1214cc8340eceaec1d4b9f8002200e7a9323ba594ea0812c9b3cc7cc9dcc38c4427c94a59924e9b48ffc9ba26fb9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002be1b495efbf124572742658cfd355d14d3564c0950cf1b1278f4613e198b58aff98e729ebed0667e3a8f7744d443b19f730782658ddb69926f17a4542e923d22a12be0cfbb1bc8d6b60aa34fc50ad58199f19a4c83cddf5e8264652d008022c9c30a1327911a2b42076f6894b5748a30e8f233c3ee749fcd7cbfcad060bb147349216f8a50e9cc4762502716e8add4e3a1ecac9651ba094ea1d98a2be8aedabed15aaa8c2f37ea1c184d222d3cbcb8bff93465e88fcb7adae6c396e3598aed7cd8cb885b78677dd79afe7ce4f937a178b9b9e431885d879de711e91bc9b300d155a8aed9045d05bd574c10c7be977f4d17c0fb0b475f8a3bf82d9ffe6332d9b