data-2d86fd41e0.geo.de

Issued by R3

About this certificate

This digital certificate with serial number 04:b8:c3:9d:d0:d0:cb:b9:8a:3d:59:39:70:ef:08:4c:71:1f was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=data-2d86fd41e0.geo.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:b8:c3:9d:d0:d0:cb:b9:8a:3d:59:39:70:ef:08:4c:71:1f
Serial Number (int): 411321118125562217550513494916710523498783
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: f0:78:22:6a:d3:4b:18:ba:f2:a1:ef:7a:61:98:e0:82:35:90:4b:34
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 06:e4:6f:2a:b0:5a:b7:17:a1:5e:9a:95:87:5b:9c:25:66:22:69:5e
Fingerprint (sha256): 28:88:39:2d:f0:09:be:85:46:b1:f6:f7:62:c6:6f:a6:81:de:6f:48:ac:0c:1a:8d:34:87:34:92:b8:78:50:2b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate data-2d86fd41e0.geo.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for data-2d86fd41e0.geo.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

data-2d86fd41e0.geo.de

Other certificates including the domain name geo.de

(limited to 100 certificates)
static.stern.de
static.stern.de
static.stern.de
*.live.aws.geo.de
static.stern.de
serviceportal.dpv.de
api.geo.de
www.stage.stern.de
shop.geo.de
*.stage.mobile-toolkit.guj.digital
www.stage.stern.de
static.stern.de
serviceportal.dpv.de
aktion.art-magazin.de
serviceportal.dpv.de
serviceportal.dpv.de
www.guj.digital
shop.geo.de
commsvc.geo.de
www.stage.stern.de
www.stage.stern.de
www.guj.digital
*.int.aws.geo.de
*.shop.geo.de
stage.m.geo.de
static.stern.de
www.guj.digital
static.stern.de
static.stern.de
*.shop.geo.de
static.stern.de
static.stern.de
*.coremedia.guj.digital
stage.serviceportal.dpv.de
shop.geo.de
geo.de
dev.serviceportal.dpv.de
serviceportal.dpv.de
dev.serviceportal.dpv.de
shop.geo.de
serviceportal.dpv.de
static.stern.de
static.stern.de
*.geo.de
commsvc.geo.de
static.stern.de
api.geo.de
data-2d86fd41e0.geo.de
sfbws.guj.de
www.stage.stern.de
*.geo.de
shop.stern.de
api.geo.de
www.guj.digital
static.stern.de
static.stern.de
www.guj.digital
*.live.aws.geo.de
shop.stern.de
serviceportal.dpv.de
geo.de
geo.de
shop.stern.de
*.stage.aws.geo.de
www.stage.stern.de
newsletter.eltern.de
geo.de
static.stern.de
shop.geo.de
geo.de
serviceportal.dpv.de
www.stage.stern.de
shop.geo.de
serviceportal.dpv.de
static.stern.de
static.stern.de
shop.geo.de
int.serviceportal.dpv.de
static.stern.de
api.geo.de
www.stage.stern.de
static.stern.de
www.geo.de
www.stage.stern.de
www.stage.stern.de
static.stern.de
static.stern.de
serviceportal.dpv.de
shop.geo.de
*.geo.de
shop.geo.de
static.stern.de
serviceportal.dpv.de
www.guj.digital
static.stern.de
www.guj.digital
*.aws.geo.de
static.stern.de
newsletter.geo.de
static.stern.de

Certificate

The complete raw certificate details for data-2d86fd41e0.geo.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgISBLjDndDQy7mKPVk5cO8ITHEfMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MjkwMjU1MTVaFw0yNDA3MjgwMjU1MTRaMCExHzAdBgNVBAMT
FmRhdGEtMmQ4NmZkNDFlMC5nZW8uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDKL/eXX6yTAbxy3nFYvLZHc/XSp7TZNUVczUtGw8WRPJmtJwrysA1g
87WCowLW2cS9k48/N3eY8OtYTKPnvqL3kDoLEXIs1ve6mGP9oU89O9VDnKLsO13S
lHjTeBBQqfzA7CiDby6dwsiPMoEVX14E45MYzJgiuk8WX7MWOTAnpa05chSAhf8H
wGrRfx73QhNmpoNQ75O1BkKj5OG07ZUdoHVPJ22g8si4VlAQREULRop5DKSBKH0M
O2InXCxFIg5YF3cLYX0zAzR634hislpa8pGRieQ3/NDKbE38A2dsSSicrjuUtjsk
84V3PzTnPVPMLHDMsJXx1PE+x8T0WS6jAgMBAAGjggIYMIICFDAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwHQYDVR0OBBYEFPB4ImrTSxi68qHvemGY4II1kEs0MB8GA1UdIwQYMBaAFBQu
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
ZW5jci5vcmcvMCEGA1UdEQQaMBiCFmRhdGEtMmQ4NmZkNDFlMC5nZW8uZGUwEwYD
VR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQA/F0tP
1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAY8n/hyeAAAEAwBGMEQCICbB
acFySyW/XFAHCuy8wb8OHAAPlucvLrqe+tOyRm0pAiBvc2TWNGIhUjeq7xAtrawp
B3lRZzOt+91OceqTXZVdmwB3ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/
FrTKAAABjyf+HK4AAAQDAEgwRgIhALLrNcy2Njq2ACoBSQ5sILO8MS/2BBZ6Wo+I
MhCk9eycAiEAqT1m7DmLNUDlyxaW3t7EHJhtaUvIAjyOi37nQiMKJqQwDQYJKoZI
hvcNAQELBQADggEBAKy9h/Z8JKkrmkuYsm7XsgK8k5zy1XGC/71japocUWsUWL6F
+jeJ4XxZCyinAiS08aLeA/5jfCdzhl1p1TqFdrc6Kd7ElexBps4MLZKQ7ozcTUHs
kyltQ4nWdkOnmS0qORHRAE7fVLNz30T16pYQslMkQYyGLflFDxCy6kA6jYQT//9R
bY1BbBgmPG6Y2JNQmqpR70ThHg4whvQK2T782p/NXTC7bzU26XTnbRSWosGspE5X
Z7LA4FD4Im+BUb0YkSDe8HMahipFfWspuqyLEyuYKUO4wIU9BGEeLQDcK0rYyJg2
3JBtByo3zN0D/xCbez6iIFDhFLE7yc/uA+Y+Jv8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi/3l1+skwG8ct5xWLy2
R3P10qe02TVFXM1LRsPFkTyZrScK8rANYPO1gqMC1tnEvZOPPzd3mPDrWEyj576i
95A6CxFyLNb3uphj/aFPPTvVQ5yi7Dtd0pR403gQUKn8wOwog28uncLIjzKBFV9e
BOOTGMyYIrpPFl+zFjkwJ6WtOXIUgIX/B8Bq0X8e90ITZqaDUO+TtQZCo+ThtO2V
HaB1TydtoPLIuFZQEERFC0aKeQykgSh9DDtiJ1wsRSIOWBd3C2F9MwM0et+IYrJa
WvKRkYnkN/zQymxN/ANnbEkonK47lLY7JPOFdz805z1TzCxwzLCV8dTxPsfE9Fku
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 411321118125562217550513494916710523498783
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-29 02:55:15 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-28 02:55:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'data-2d86fd41e0.geo.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25523791088126829564860038495372754657732781302722648401987487455508061373430066115131678105038611651355644993491561240737228222431346764934976872348608575067735889442615983009115053916821298351533474853253067739356869050719123496817980359444814350100700233539680240509624496179490048106317445723640238765841895044938824994545901866128076316152573131537364882980143109791070328779229873894608867190088050979035854405056739859481093025996059931489213985552044830237551507334822837615600975402208931105954702582787596593521818395017433927753263966071762095688987727160472628566845656341735133933274862497100197694877347
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f078226ad34b18baf2a1ef7a6198e08235904b34
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data-2d86fd41e0.geo.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f27fe1c9e0000040300463044022026c169c1724b25bf5c50070aecbcc1bf0e1c000f96e72f2eba9efad3b2466d2902206f7364d63462215237aaef102dadac290779516733adfbdd4e71ea935d955d9b0077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f27fe1cae0000040300483046022100b2eb35ccb6363ab6002a01490e6c20b3bc312ff604167a5a8f883210a4f5ec9c022100a93d66ec398b3540e5cb1696dedec41c986d694bc8023c8e8b7ee742230a26a4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00acbd87f67c24a92b9a4b98b26ed7b202bc939cf2d57182ffbd636a9a1c516b1458be85fa3789e17c590b28a70224b4f1a2de03fe637c2773865d69d53a8576b73a29dec495ec41a6ce0c2d9290ee8cdc4d41ec93296d4389d67643a7992d2a3911d1004edf54b373df44f5ea9610b25324418c862df9450f10b2ea403a8d8413ffff516d8d416c18263c6e98d893509aaa51ef44e11e0e3086f40ad93efcda9fcd5d30bb6f3536e974e76d1496a2c1aca44e5767b2c0e050f8226f8151bd189120def0731a862a457d6b29baac8b132b982943b8c0853d04611e2d00dc2b4ad8c89836dc906d072a37ccdd03ff109b7b3ea22050e114b13bc9cfee03e63e26ff