jan-wilhelm.ch
Issued by R3
About this certificate
This digital certificate with serial number 04:9e:37:9e:44:73:c1:a7:69:bf:f5:fb:09:ca:c0:35:9c:1e was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=jan-wilhelm.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:9e:37:9e:44:73:c1:a7:69:bf:f5:fb:09:ca:c0:35:9c:1eSerial Number (int): 402287687011596107423834719675008293379102
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 5b:aa:97:9d:3e:80:c4:89:03:62:dc:b8:6b:65:20:0f:8f:71:7c:fa
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1b:09:91:fd:b7:df:90:4a:39:35:e5:7b:5e:60:9b:e4:54:f2:dd:62
Fingerprint (sha256): 29:d5:1e:70:99:28:84:1b:32:8f:b1:11:81:61:7c:fa:37:33:3c:41:21:ed:3e:56:c4:74:1e:9e:81:e4:dd:89
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate jan-wilhelm.ch
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for jan-wilhelm.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bee-local.ch
jan-wilhelm.ch
www.bee-local.ch
www.jan-wilhelm.ch
jan-wilhelm.ch
www.bee-local.ch
www.jan-wilhelm.ch
Other certificates including the domain name jan-wilhelm.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for jan-wilhelm.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHTCCBQWgAwIBAgISBJ43nkRzwadpv/X7CcrANZweMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMjMwMzMzMjJaFw0yNDA1MjMwMzMzMjFaMBkxFzAVBgNVBAMT Dmphbi13aWxoZWxtLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA pOBO5vZNUEy6rBdc1ZNhDxnQmmwMywbLavzrNOz2hKUJH6/JxORd9p1g/lRddf16 qAOzAoWl8gRTM1b8w7J8+6Jg8CRUxPhyZ+hzuTr/qmA7XFA2F35C5JxKmPhkfo/p 6e2SZsJL+kbNgJ4INgh4NLSE0bf9nKk9qB33L8dmZ8/U2ELErkPSs8/nRhIMiLk3 vFl98GfRBxznviTxc4Cwc8i8l1B4kS6WtL9wU5REi1/JsFtaGbPCx4RYDhmsMQp5 3x0UCJXqbtI0oYPGwH8rkdEXEHmT51YdS+kBDLoswI6a7DODeAOksnD8Na8PY6hl FRus4ZxV35M1Ju3daNxXf2Yte+BdGjjZkt6I9GU/t5AHUSMGHUio48cYCB4MNB0A J86KquPECHAJcwM0aa6D3ZxaMC9R6S+9pf/QNHEuTyUvdE9rbF8LbNLfqaVNHbtH sc0A08Y87wEWDuIvhbHnoabU7B/Va2F7gtOLvribu1KjTusRSmfw/JOSz9/v11NZ eglMPP9FK6ElhHQSGC8G19QHRYHscWFcqAfdb5MOtXAcPGt6JZ9wYyosXWsbh2la sZHyFz/dkEXMudguMOfeweG0nY3ozPxzxvSVIxywg5wOytEPjhLluUvN2175ZuVG JUH+V0RiOd8S9xyYeWlpzl+3+lJ02XejPNleWLsOE2cCAwEAAaOCAkQwggJAMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUW6qXnT6AxIkDYty4a2UgD49xfPowHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wTQYDVR0RBEYwRIIMYmVlLWxvY2FsLmNogg5qYW4t d2lsaGVsbS5jaIIQd3d3LmJlZS1sb2NhbC5jaIISd3d3Lmphbi13aWxoZWxtLmNo MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGN1D1I8gAABAMARzBF AiBBUZDjjROA6i9MqGji1RL5/FiVU2YQMNntvtSM4i2FjgIhAP+jbNsh/CGaLWth HA5cdLGN8gVIzyTnn6TzLCsAcgmEAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGN1D1JJgAABAMARzBFAiA4wUD3xJGVDxPtfA4nNFIQH1ukAX2x Qh2m5oSbzVDudQIhANDVt+nC7mBBiWuKl4FzsMVjU2P+oAZS4+Om3KE/3AXXMA0G CSqGSIb3DQEBCwUAA4IBAQASXc5G2PBgbWXio5E89VhG54Xvv1zmNIeh++592N+s n19tyRfEuJCnzhn84BOwdblcwhZAG/E/uP8oJZWmMc1oCZT4DfThZo+YjHu1zcW9 xQsxOrPQYwV9oSE04kl5dSbAXyR8Y4BA4resupvFryCpGAeh8UkIBsSApGyqwigD oY3de1s/ColVJVn0HOP07zL9KsrDCtXs9US2J7DjhZ4e2JnTmjOoIsZ4BomnpwVC xsKUJ+tYuiuQZN6InMq9QPSPtvf8ETIgDFPu7Gy3UzgNrvEEce4xi24NzaDEeSu5 72OrKXp2M++j5QXDwtwh5asSs/3MoVfdvnn+s1zEmf2A -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApOBO5vZNUEy6rBdc1ZNh DxnQmmwMywbLavzrNOz2hKUJH6/JxORd9p1g/lRddf16qAOzAoWl8gRTM1b8w7J8 +6Jg8CRUxPhyZ+hzuTr/qmA7XFA2F35C5JxKmPhkfo/p6e2SZsJL+kbNgJ4INgh4 NLSE0bf9nKk9qB33L8dmZ8/U2ELErkPSs8/nRhIMiLk3vFl98GfRBxznviTxc4Cw c8i8l1B4kS6WtL9wU5REi1/JsFtaGbPCx4RYDhmsMQp53x0UCJXqbtI0oYPGwH8r kdEXEHmT51YdS+kBDLoswI6a7DODeAOksnD8Na8PY6hlFRus4ZxV35M1Ju3daNxX f2Yte+BdGjjZkt6I9GU/t5AHUSMGHUio48cYCB4MNB0AJ86KquPECHAJcwM0aa6D 3ZxaMC9R6S+9pf/QNHEuTyUvdE9rbF8LbNLfqaVNHbtHsc0A08Y87wEWDuIvhbHn oabU7B/Va2F7gtOLvribu1KjTusRSmfw/JOSz9/v11NZeglMPP9FK6ElhHQSGC8G 19QHRYHscWFcqAfdb5MOtXAcPGt6JZ9wYyosXWsbh2lasZHyFz/dkEXMudguMOfe weG0nY3ozPxzxvSVIxywg5wOytEPjhLluUvN2175ZuVGJUH+V0RiOd8S9xyYeWlp zl+3+lJ02XejPNleWLsOE2cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 402287687011596107423834719675008293379102 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-23 03:33:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-23 03:33:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'jan-wilhelm.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 672636227410297688715638595426189054462308587863704972756542545815456919023681941344369513711890526636679538843525280820863037414851152561186235541577795647161178429762553490068693149610409443777863887212133249635115451946091597691537955864652947853740109747784039626734556308916858905314523669987372848762194459801880952905607914403194365565884560897632832470440694231537798877008898263552622773938144828226131747978692862379299040875412899072017410163016908519067504396343068389709053264779345138679849844256832806490789437128877316961285877682150615724141432422671194354770859029323535912652619653409526954059675728910608936468685492028809113448694066780055347718776758806953270274284539613993139846428111707423367388931385856715302053965419763913819222569641234269635095646954720522755399079585707805996331935120586312667496865758917270965685645474042323685736776418628786136914363352537958794888374680040648412093012931197217169536253437803085459248653504488227649359951140894440546481365086353838094996971326072964657287835591913167895906200995658071735616459226460283963330239905105074242617122370178356749974230824540120688610623614313924944232379820605499917241155542175323614038327024557455441487376851454546040541579973479 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5baa979d3e80c4890362dcb86b65200f8f717cfa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bee-local.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jan-wilhelm.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bee-local.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jan-wilhelm.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dd43d48f200000403004730450220415190e38d1380ea2f4ca868e2d512f9fc589553661030d9edbed48ce22d858e022100ffa36cdb21fc219a2d6b611c0e5c74b18df20548cf24e79fa4f32c2b00720984007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018dd43d49260000040300473045022038c140f7c491950f13ed7c0e273452101f5ba4017db1421da6e6849bcd50ee75022100d0d5b7e9c2ee6041896b8a978173b0c5635363fea00652e3e3a6dca13fdc05d7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00125dce46d8f0606d65e2a3913cf55846e785efbf5ce63487a1fbee7dd8dfac9f5f6dc917c4b890a7ce19fce013b075b95cc216401bf13fb8ff282595a631cd680994f80df4e1668f988c7bb5cdc5bdc50b313ab3d063057da12134e249797526c05f247c638040e2b7acba9bc5af20a91807a1f1490806c480a46caac22803a18ddd7b5b3f0a89552559f41ce3f4ef32fd2acac30ad5ecf544b627b0e3859e1ed899d39a33a822c6780689a7a70542c6c29427eb58ba2b9064de889ccabd40f48fb6f7fc1132200c53eeec6cb753380daef10471ee318b6e0dcda0c4792bb9ef63ab297a7633efa3e505c3c2dc21e5ab12b3fdcca157ddbe79feb35cc499fd80