www.cura-domicil.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:6f:7f:18:be:96:37:06:90:98:03:25:93:9a:df:8b:30:6d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.cura-domicil.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:6f:7f:18:be:96:37:06:90:98:03:25:93:9a:df:8b:30:6d
Serial Number (int): 299277140959653277218905176398738410385517
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 75:0a:65:32:48:05:22:40:69:d3:0d:04:42:f1:12:ad:d1:e1:c6:22
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 54:d4:4a:2a:61:7d:bb:0a:05:b8:fa:2f:a7:d6:4e:50:10:83:80:1d
Fingerprint (sha256): 2d:51:59:21:51:71:fd:16:b1:08:de:9a:47:81:4b:e9:97:4b:28:47:ec:8f:5f:9f:a1:a5:55:2c:2d:31:13:75

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.cura-domicil.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.cura-domicil.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.cura-domicil.ch

Other certificates including the domain name cura-domicil.ch

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.cura-domicil.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISA29/GL6WNwaQmAMlk5rfizBtMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTUwMjM2MTNaFw0y
MDAzMTQwMjM2MTNaMB4xHDAaBgNVBAMTE3d3dy5jdXJhLWRvbWljaWwuY2gwggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHB02rUvYiPQ+wBsSot89BiUqT
e12xsaodwNvoQBG+hkQipjHeDxHzqTGpx23G4n8/BesrHSmHq11LcncIkM2kRHlk
min/1vciyy/csP3YEcBp3ythMojgus2i0MOYIDexcdO1jkM3mT0pBe7MnlBhDL/x
1cQ5dEpyf9aOYOHb5fpUkNNQWkOup8ARah0P/AmejNbr8QFbYQin0Zxt8Z59WS6Y
1H5iD8pLpi7nruoC8gKrK+XAj295olU8Y/nFWiSCBzqS1p5Sh/ZjHei0BI7Ag0iM
LvKuP2iTJFu43PQD06z+Y8Zvo0TmS98MweI+stjo2xFHVh+ItCnMadBlvPXuVgea
DLgyxalCIegKlbUWl/fzLscm5OponVj/NeJmuPBJ9fGJHvVCFLCBdNMsFMNlTehI
4e03330R0R3hfQrw/y4vJGCU8tRnCTpza7PvfNMXhhnY3s27SndW20ofKr1maVAr
W3GuFBAG5ehQ+W3RSeLUqXc/d5QZahWqEhTZTMV4OHyht2bZUa1iyNVYrjhxFty/
VWi0OPce4cbD7Mk4ql6P3EDl6ZdBN1uY7lcXE+bjztB0dvY5tM1Ii1/z8N4KKlGQ
NqGy9gEWpAHJt/4fnasPGNGm4EkIpe4QMgoOj4RkbuPD12VrcxCkpnwIF2VAX4wI
tDwshnMD9HPN8iLiWQIDAQABo4ICZzCCAmMwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBR1CmUySAUiQGnTDQRC8RKt0eHGIjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem
RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw
LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0
LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB4GA1UdEQQXMBWCE3d3dy5jdXJhLWRv
bWljaWwuY2gwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm
BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEE
AdZ5AgQCBIH0BIHxAO8AdQBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFF
WAAAAW8HoMOCAAAEAwBGMEQCIFm3pHTswu8YVpw3TfBcoxZ2fBz+vL4rtwPUhFG1
Ao8oAiBC5lH4AFpa9rqB1YMAagihIjh7XqpKgez3xuhALJgUygB2AAe3XBvlfWj/
8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABbwegw6EAAAQDAEcwRQIgdhJ3v6gl
WFevDBQoecfMVTUKNt3Qv5n6cOcFFertQ0QCIQD6kD7VunG9D8uuMgpxbH2r9Q2u
hYWgpjLlmEE3h911UTANBgkqhkiG9w0BAQsFAAOCAQEAhQlWXSt2Rushu3c1kJIZ
MbFeYn8Kxv2ljAH48l8PgOfwjsDGG9zqtK7UYIv3YkPEvNWKykRKXff9sJw7x7Ew
r85GnpT6P1vhllBjoJ36/20YuPhBAP/56Lx7xQzwE7mCS2uB+0STNvWCyrDVhQft
e4KUvqPL3fC39kayC7P4MZyudIOZSqEP4kiURrwxxoLGrjbQLz7pQ2h+I7VjhRK0
T4p6P81oBdFXm8h0vyORUjHjtKo1VDfC2NhaX7Uae0fQ+V6fRnLLWjW8Myn2EY69
TVVY096IjJGXjAMBsCK1mn9viAsQyyUENUwAwwhT7mcu2Cl0DE1Ungu/mWIDemnt
Uw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxwdNq1L2Ij0PsAbEqLfP
QYlKk3tdsbGqHcDb6EARvoZEIqYx3g8R86kxqcdtxuJ/PwXrKx0ph6tdS3J3CJDN
pER5ZJop/9b3Issv3LD92BHAad8rYTKI4LrNotDDmCA3sXHTtY5DN5k9KQXuzJ5Q
YQy/8dXEOXRKcn/WjmDh2+X6VJDTUFpDrqfAEWodD/wJnozW6/EBW2EIp9GcbfGe
fVkumNR+Yg/KS6Yu567qAvICqyvlwI9veaJVPGP5xVokggc6ktaeUof2Yx3otASO
wINIjC7yrj9okyRbuNz0A9Os/mPGb6NE5kvfDMHiPrLY6NsRR1YfiLQpzGnQZbz1
7lYHmgy4MsWpQiHoCpW1Fpf38y7HJuTqaJ1Y/zXiZrjwSfXxiR71QhSwgXTTLBTD
ZU3oSOHtN999EdEd4X0K8P8uLyRglPLUZwk6c2uz73zTF4YZ2N7Nu0p3VttKHyq9
ZmlQK1txrhQQBuXoUPlt0Uni1Kl3P3eUGWoVqhIU2UzFeDh8obdm2VGtYsjVWK44
cRbcv1VotDj3HuHGw+zJOKpej9xA5emXQTdbmO5XFxPm487QdHb2ObTNSItf8/De
CipRkDahsvYBFqQBybf+H52rDxjRpuBJCKXuEDIKDo+EZG7jw9dla3MQpKZ8CBdl
QF+MCLQ8LIZzA/RzzfIi4lkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 299277140959653277218905176398738410385517
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-15 02:36:13 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-14 02:36:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cura-domicil.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 811965557246611112835342926584337777211035969192526967570172657339551639723612820912375143845611717319530591702936513533574309648826974494677799760252266828493854683114148732450784668157894684539754033864577129091070730123452906491178284586020566521726544287505884565592222613933573805896647449165462475664440869452817150095380606087457050739065105111092403427320172513843357549460487736764602160693387386535583006413409849005789206973038951620634953186447230572331822831740730511370626051384026036935692641853806627818132049355413757535834036073321108581865889730744696339240461980958841640582416339532015572778405167838850160771708423187061401361497376973789455966278095674289958515966396839970388089951745373630304217184141257253077593503545870944268443074157203669230167455617445070918449968647453935257876270548107207260997753876907846219753449844696558570408145370613406540924019199892728774140390312361356623386976613388466962338045444484526035760952138373087326558892304803299749426106701320702360129249606090873104783085321565396679306221561676017495665708929200593780300516353058014466932940689148477359494272056271461261760920079802634872869781675328973999377931576633348537039446280068011993931767586165934314739250422361
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							750a65324805224069d30d0442f112add1e1c622
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cura-domicil.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f07a0c3820000040300463044022059b7a474ecc2ef18569c374df05ca316767c1cfebcbe2bb703d48451b5028f28022042e651f8005a5af6ba81d583006a08a122387b5eaa4a81ecf7c6e8402c9814ca00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f07a0c3a100000403004730450220761277bfa8255857af0c142879c7cc55350a36ddd0bf99fa70e70515eaed4344022100fa903ed5ba71bd0fcbae320a716c7dabf50dae8585a0a632e598413787dd7551
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008509565d2b7646eb21bb773590921931b15e627f0ac6fda58c01f8f25f0f80e7f08ec0c61bdceab4aed4608bf76243c4bcd58aca444a5df7fdb09c3bc7b130afce469e94fa3f5be1965063a09dfaff6d18b8f84100fff9e8bc7bc50cf013b9824b6b81fb449336f582cab0d58507ed7b8294bea3cbddf0b7f646b20bb3f8319cae7483994aa10fe2489446bc31c682c6ae36d02f3ee943687e23b5638512b44f8a7a3fcd6805d1579bc874bf23915231e3b4aa355437c2d8d85a5fb51a7b47d0f95e9f4672cb5a35bc3329f6118ebd4d5558d3de888c91978c0301b022b59a7f6f880b10cb2504354c00c30853ee672ed829740c4d549e0bbf9962037a69ed53