jan-wilhelm.ch

Issued by R3

About this certificate

This digital certificate with serial number 04:9e:37:9e:44:73:c1:a7:69:bf:f5:fb:09:ca:c0:35:9c:1e was issued on by Let's Encrypt.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=jan-wilhelm.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:9e:37:9e:44:73:c1:a7:69:bf:f5:fb:09:ca:c0:35:9c:1e
Serial Number (int): 402287687011596107423834719675008293379102
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 5b:aa:97:9d:3e:80:c4:89:03:62:dc:b8:6b:65:20:0f:8f:71:7c:fa
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 1b:09:91:fd:b7:df:90:4a:39:35:e5:7b:5e:60:9b:e4:54:f2:dd:62
Fingerprint (sha256): 29:d5:1e:70:99:28:84:1b:32:8f:b1:11:81:61:7c:fa:37:33:3c:41:21:ed:3e:56:c4:74:1e:9e:81:e4:dd:89

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate jan-wilhelm.ch

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for jan-wilhelm.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bee-local.ch
jan-wilhelm.ch
www.bee-local.ch
www.jan-wilhelm.ch

Other certificates including the domain name jan-wilhelm.ch

(limited to 100 certificates)
jan-wilhelm.ch
jan-wilhelm.ch
www.jan-wilhelm.ch
jan-wilhelm.ch
jan-wilhelm.ch
jan-wilhelm.ch
www.jan-wilhelm.ch

Certificate

The complete raw certificate details for jan-wilhelm.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISBJ43nkRzwadpv/X7CcrANZweMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMjMwMzMzMjJaFw0yNDA1MjMwMzMzMjFaMBkxFzAVBgNVBAMT
Dmphbi13aWxoZWxtLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
pOBO5vZNUEy6rBdc1ZNhDxnQmmwMywbLavzrNOz2hKUJH6/JxORd9p1g/lRddf16
qAOzAoWl8gRTM1b8w7J8+6Jg8CRUxPhyZ+hzuTr/qmA7XFA2F35C5JxKmPhkfo/p
6e2SZsJL+kbNgJ4INgh4NLSE0bf9nKk9qB33L8dmZ8/U2ELErkPSs8/nRhIMiLk3
vFl98GfRBxznviTxc4Cwc8i8l1B4kS6WtL9wU5REi1/JsFtaGbPCx4RYDhmsMQp5
3x0UCJXqbtI0oYPGwH8rkdEXEHmT51YdS+kBDLoswI6a7DODeAOksnD8Na8PY6hl
FRus4ZxV35M1Ju3daNxXf2Yte+BdGjjZkt6I9GU/t5AHUSMGHUio48cYCB4MNB0A
J86KquPECHAJcwM0aa6D3ZxaMC9R6S+9pf/QNHEuTyUvdE9rbF8LbNLfqaVNHbtH
sc0A08Y87wEWDuIvhbHnoabU7B/Va2F7gtOLvribu1KjTusRSmfw/JOSz9/v11NZ
eglMPP9FK6ElhHQSGC8G19QHRYHscWFcqAfdb5MOtXAcPGt6JZ9wYyosXWsbh2la
sZHyFz/dkEXMudguMOfeweG0nY3ozPxzxvSVIxywg5wOytEPjhLluUvN2175ZuVG
JUH+V0RiOd8S9xyYeWlpzl+3+lJ02XejPNleWLsOE2cCAwEAAaOCAkQwggJAMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUW6qXnT6AxIkDYty4a2UgD49xfPowHwYDVR0j
BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9yMy5pLmxlbmNyLm9yZy8wTQYDVR0RBEYwRIIMYmVlLWxvY2FsLmNogg5qYW4t
d2lsaGVsbS5jaIIQd3d3LmJlZS1sb2NhbC5jaIISd3d3Lmphbi13aWxoZWxtLmNo
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA
SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGN1D1I8gAABAMARzBF
AiBBUZDjjROA6i9MqGji1RL5/FiVU2YQMNntvtSM4i2FjgIhAP+jbNsh/CGaLWth
HA5cdLGN8gVIzyTnn6TzLCsAcgmEAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D
UUhZRnEftZsAAAGN1D1JJgAABAMARzBFAiA4wUD3xJGVDxPtfA4nNFIQH1ukAX2x
Qh2m5oSbzVDudQIhANDVt+nC7mBBiWuKl4FzsMVjU2P+oAZS4+Om3KE/3AXXMA0G
CSqGSIb3DQEBCwUAA4IBAQASXc5G2PBgbWXio5E89VhG54Xvv1zmNIeh++592N+s
n19tyRfEuJCnzhn84BOwdblcwhZAG/E/uP8oJZWmMc1oCZT4DfThZo+YjHu1zcW9
xQsxOrPQYwV9oSE04kl5dSbAXyR8Y4BA4resupvFryCpGAeh8UkIBsSApGyqwigD
oY3de1s/ColVJVn0HOP07zL9KsrDCtXs9US2J7DjhZ4e2JnTmjOoIsZ4BomnpwVC
xsKUJ+tYuiuQZN6InMq9QPSPtvf8ETIgDFPu7Gy3UzgNrvEEce4xi24NzaDEeSu5
72OrKXp2M++j5QXDwtwh5asSs/3MoVfdvnn+s1zEmf2A
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApOBO5vZNUEy6rBdc1ZNh
DxnQmmwMywbLavzrNOz2hKUJH6/JxORd9p1g/lRddf16qAOzAoWl8gRTM1b8w7J8
+6Jg8CRUxPhyZ+hzuTr/qmA7XFA2F35C5JxKmPhkfo/p6e2SZsJL+kbNgJ4INgh4
NLSE0bf9nKk9qB33L8dmZ8/U2ELErkPSs8/nRhIMiLk3vFl98GfRBxznviTxc4Cw
c8i8l1B4kS6WtL9wU5REi1/JsFtaGbPCx4RYDhmsMQp53x0UCJXqbtI0oYPGwH8r
kdEXEHmT51YdS+kBDLoswI6a7DODeAOksnD8Na8PY6hlFRus4ZxV35M1Ju3daNxX
f2Yte+BdGjjZkt6I9GU/t5AHUSMGHUio48cYCB4MNB0AJ86KquPECHAJcwM0aa6D
3ZxaMC9R6S+9pf/QNHEuTyUvdE9rbF8LbNLfqaVNHbtHsc0A08Y87wEWDuIvhbHn
oabU7B/Va2F7gtOLvribu1KjTusRSmfw/JOSz9/v11NZeglMPP9FK6ElhHQSGC8G
19QHRYHscWFcqAfdb5MOtXAcPGt6JZ9wYyosXWsbh2lasZHyFz/dkEXMudguMOfe
weG0nY3ozPxzxvSVIxywg5wOytEPjhLluUvN2175ZuVGJUH+V0RiOd8S9xyYeWlp
zl+3+lJ02XejPNleWLsOE2cCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 402287687011596107423834719675008293379102
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-23 03:33:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-23 03:33:21 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'jan-wilhelm.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 672636227410297688715638595426189054462308587863704972756542545815456919023681941344369513711890526636679538843525280820863037414851152561186235541577795647161178429762553490068693149610409443777863887212133249635115451946091597691537955864652947853740109747784039626734556308916858905314523669987372848762194459801880952905607914403194365565884560897632832470440694231537798877008898263552622773938144828226131747978692862379299040875412899072017410163016908519067504396343068389709053264779345138679849844256832806490789437128877316961285877682150615724141432422671194354770859029323535912652619653409526954059675728910608936468685492028809113448694066780055347718776758806953270274284539613993139846428111707423367388931385856715302053965419763913819222569641234269635095646954720522755399079585707805996331935120586312667496865758917270965685645474042323685736776418628786136914363352537958794888374680040648412093012931197217169536253437803085459248653504488227649359951140894440546481365086353838094996971326072964657287835591913167895906200995658071735616459226460283963330239905105074242617122370178356749974230824540120688610623614313924944232379820605499917241155542175323614038327024557455441487376851454546040541579973479
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5baa979d3e80c4890362dcb86b65200f8f717cfa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bee-local.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jan-wilhelm.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bee-local.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jan-wilhelm.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dd43d48f200000403004730450220415190e38d1380ea2f4ca868e2d512f9fc589553661030d9edbed48ce22d858e022100ffa36cdb21fc219a2d6b611c0e5c74b18df20548cf24e79fa4f32c2b00720984007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018dd43d49260000040300473045022038c140f7c491950f13ed7c0e273452101f5ba4017db1421da6e6849bcd50ee75022100d0d5b7e9c2ee6041896b8a978173b0c5635363fea00652e3e3a6dca13fdc05d7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00125dce46d8f0606d65e2a3913cf55846e785efbf5ce63487a1fbee7dd8dfac9f5f6dc917c4b890a7ce19fce013b075b95cc216401bf13fb8ff282595a631cd680994f80df4e1668f988c7bb5cdc5bdc50b313ab3d063057da12134e249797526c05f247c638040e2b7acba9bc5af20a91807a1f1490806c480a46caac22803a18ddd7b5b3f0a89552559f41ce3f4ef32fd2acac30ad5ecf544b627b0e3859e1ed899d39a33a822c6780689a7a70542c6c29427eb58ba2b9064de889ccabd40f48fb6f7fc1132200c53eeec6cb753380daef10471ee318b6e0dcda0c4792bb9ef63ab297a7633efa3e505c3c2dc21e5ab12b3fdcca157ddbe79feb35cc499fd80