sikt.no

Issued by R3

About this certificate

This digital certificate with serial number 04:d0:a1:70:a5:30:d7:77:8c:2c:8e:bb:1c:05:d3:74:af:f2 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=sikt.no

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d0:a1:70:a5:30:d7:77:8c:2c:8e:bb:1c:05:d3:74:af:f2
Serial Number (int): 419442466641632934547557105380645563314162
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: a6:7f:7d:f1:ac:f0:bd:b3:b6:98:a6:93:74:db:1d:0a:52:89:07:de
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): c8:63:8e:30:bf:b3:e2:67:67:fd:d6:01:0a:b2:d3:5b:19:01:38:ab
Fingerprint (sha256): 2a:d5:8b:a5:b2:b3:a7:f8:08:62:dc:79:21:0d:c2:86:e8:d2:0c:09:46:6f:15:4b:68:96:8d:d2:38:42:c5:27

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate sikt.no

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sikt.no

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sikt.no

Other certificates including the domain name sikt.no

(limited to 100 certificates)
surveybanken.nsd.no
sikt.no
sikt.no
sikt.no
feidehotell1.sikt.no
polsys.sikt.no
sikt.no
matomo.sikt.no
sikt.no
skolevalg.sikt.no
*.nva.sikt.no
ess.nsd.no
rdakatalogisering.sikt.no
www.sikt.no
sikt.no
gitlab.sikt.no
sikt.no
sikt.no
matomo.sikt.no
skolevalg.sikt.no
filesender.sikt.no
sikt.no
gitlab.sikt.no
sikt.no
sikt.no
skolevalg.nsd.no
sikt.no
old.sikt.no

Certificate

The complete raw certificate details for sikt.no in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgISBNChcKUw13eMLI67HAXTdK/yMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMjcxMDU4MTdaFw0yNDAxMjUxMDU4MTZaMBIxEDAOBgNVBAMT
B3Npa3Qubm8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCTm6funfO
1es2S27d6yLrYvksalOyTap/QFtg5pED4semcmUkRxMx0187XrAx9lacqvp8NmYl
y8yfvgJn3BcZoflk/7b0HWhDyJHeC92aZOzwpmMVri4FIBv3SDxVesDL1Cdg2dAS
u4p1dxymtaYzFTx9ZdF8NUSS4MHx0RY2X5kj21rE7pHTK4uKWaCEw0snAGhT8l94
I/cXjtcE9WSDCWB50+LSL8y2NWjgNiwzxWR+ePNCXC2n1O0VTnrQDV04qN2g3gGp
eMfz7cSTy+1p1FYIx9idI92Eub/nrqQYvz8azyI6elyjB/8rETatpgLpuFJ6FTpu
+k/3QkR83oTvAgMBAAGjggIHMIICAzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKZ/
ffGs8L2ztpimk3TbHQpSiQfeMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52L
FMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVu
Y3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBIGA1Ud
EQQLMAmCB3Npa3Qubm8wEwYDVR0gBAwwCjAIBgZngQwBAgEwggECBgorBgEEAdZ5
AgQCBIHzBIHwAO4AdQA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAA
AYtw/9w/AAAEAwBGMEQCIGrL9Uj5vlytIrrLtEg/f96Tgwh6KOIBHJdP50q3BZoD
AiACv5sRJXAGAZbTdrZG6u6mzxiiABQA0nWSa9mk24yvqwB1AO7N0GTV2xrOxVy3
nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi3D/3EQAAAQDAEYwRAIgeyLgPMgedox0
HTX6n7RsHKyilqP0PpITeYc5jPuvrgwCIGiJiLyklqPQANgdC2uC0IHkjBybITFt
TNHyMgUXarP5MA0GCSqGSIb3DQEBCwUAA4IBAQA6ecd9QT657W5HalpLGb8cCW54
PaAEOBQiMRPgKazuPxJ++z+y2uxmorwgHzZYRcWkcWWfZoX/pYblOs/PAEB+OYn5
nO5IVtx+wURDPFx2e7aFn1m/RfCm8wgfpfHuMdkGMLJax3kkEqmnoRuHpDEEB1f4
pNkGtxYlD93QbY5EaZ9tDa7ZsbKJgA0wFHRCCmT03LqEgrFxZgwmzq3mS2Z4ivCQ
pkzpcznbf4FjUQ3MnKnBWqELSEGLugTAt6WVGuVGTPjJipaZefZzJiinVDKrzRVS
WD50m3XSU73Q8Oyc94tkWFE1VPtA6n+H6xXR2Be1sh7JnkkYX0cFTRQXa/KT
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk5un7p3ztXrNktu3esi
62L5LGpTsk2qf0BbYOaRA+LHpnJlJEcTMdNfO16wMfZWnKr6fDZmJcvMn74CZ9wX
GaH5ZP+29B1oQ8iR3gvdmmTs8KZjFa4uBSAb90g8VXrAy9QnYNnQEruKdXccprWm
MxU8fWXRfDVEkuDB8dEWNl+ZI9taxO6R0yuLilmghMNLJwBoU/JfeCP3F47XBPVk
gwlgedPi0i/MtjVo4DYsM8VkfnjzQlwtp9TtFU560A1dOKjdoN4BqXjH8+3Ek8vt
adRWCMfYnSPdhLm/566kGL8/Gs8iOnpcowf/KxE2raYC6bhSehU6bvpP90JEfN6E
7wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 419442466641632934547557105380645563314162
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-27 10:58:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 10:58:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sikt.no'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24528907485621695257013749972654995003838003389919540484059464457247541850119233837737464448622322549743418666717139637707462812988161257632174077775291751945190756499869093559954116531598074404055117572987501238901526888528394286504268692360741630867709170941220285116857115749793466100721808123346648327105499289467080116754104684474555988977291474804347337286099573837253681646473686663019089817293865454595525792119139963263807761610098302986730541483030595137749413473254791807544029313021864421456140466228829001142148773748750664096201093464224974017037171000820672214877393656782108609513221073057516043011311
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a67f7df1acf0bdb3b698a69374db1d0a528907de
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (11 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sikt.no'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b70ffdc3f000004030046304402206acbf548f9be5cad22bacbb4483f7fde9383087a28e2011c974fe74ab7059a03022002bf9b112570060196d376b646eaeea6cf18a2001400d275926bd9a4db8cafab007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b70ffdc44000004030046304402207b22e03cc81e768c741d35fa9fb46c1caca296a3f43e92137987398cfbafae0c0220688988bca496a3d000d81d0b6b82d081e48c1c9b21316d4cd1f23205176ab3f9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003a79c77d413eb9ed6e476a5a4b19bf1c096e783da0043814223113e029acee3f127efb3fb2daec66a2bc201f365845c5a471659f6685ffa586e53acfcf00407e3989f99cee4856dc7ec144433c5c767bb6859f59bf45f0a6f3081fa5f1ee31d90630b25ac7792412a9a7a11b87a431040757f8a4d906b716250fddd06d8e44699f6d0daed9b1b289800d301474420a64f4dcba8482b171660c26ceade64b66788af090a64ce97339db7f8163510dcc9ca9c15aa10b48418bba04c0b7a5951ae5464cf8c98a969979f6732628a75432abcd1552583e749b75d253bdd0f0ec9cf78b6458513554fb40ea7f87eb15d1d817b5b21ec99e49185f47054d14176bf293