pesavento.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:e8:ab:7d:0f:9f:93:ac:e9:22:31:8a:04:81:35:70:6e:a5 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=pesavento.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e8:ab:7d:0f:9f:93:ac:e9:22:31:8a:04:81:35:70:6e:a5Serial Number (int): 340510314262204126158264671706761250500261
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 9f:c7:a5:79:05:0f:ba:d6:ad:f3:cb:74:a6:3b:f5:a1:68:f1:05:37
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): bd:74:a0:13:a1:e9:27:f4:b0:28:61:2c:41:7a:90:14:1c:21:54:84
Fingerprint (sha256): 31:6c:71:2a:42:8d:9f:a2:95:bf:62:a9:07:8c:42:09:5b:30:70:d2:fe:5c:f7:fb:37:53:8d:99:64:2b:90:93
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate pesavento.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pesavento.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.pesavento.ch
pesavento.ch
pesavento.ch
Other certificates including the domain name pesavento.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for pesavento.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgISA+irfQ+fk6zpIjGKBIE1cG6lMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzAyMDgwMDMzMjJaFw0yMzA1MDkwMDMzMjFaMBcxFTATBgNVBAMT DHBlc2F2ZW50by5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMYe y0pLXKVm/gq7gCuU7CJGs7Sb6q1zmY+oxrVgA+xToiE706TsXjsWF2zUjvjnOtum 9Ea79Se6hLdhGpesOwEoWev5ut8G3MQkfnd+0ulTzMKNW7azqOs8iKMx5Li1vM6w kQTmkTRVtjiHGO9iSPArFwsdVDFpL8gR+5lIp7l3SDkiZftafcBI9RAu8wYfs4ux Fk6m14sZrhrrJ6vdTS6yJ/E3SRFP57b7QekuS74zlBlvFb+hkP3gJDG+NOdAYjyx PIu5D3PzBeDNWhv04JOZvca7ZeXBpyNXCl4FZLznL7LG2esglyOo3lDCNDpM11dF O5qWalaGMOVSn5RHxj0CAwEAAaOCAlcwggJTMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUn8eleQUPutat88t0pjv1oWjxBTcwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w JwYDVR0RBCAwHoIOKi5wZXNhdmVudG8uY2iCDHBlc2F2ZW50by5jaDBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2 AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhi6n7NUAAAQDAEcw RQIhAMrkEdq1kOv8b6TPfHUva6VR5DQFin8YdT47KMa/MQayAiBH7+hjg+gw2S4N nNFYxcN9RdDYLT4Ux9w6TH0bg7VdoAB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs 62nhd31tBr1uAAABhi6n7VwAAAQDAEcwRQIgPlzWg2RmbQdBybzF5KytI8lXwPC9 qT3Av7F6Npu5rtgCIQC6GNyQSE8OuThGXxZeqf/hcg5mq1vzuGA4sb559hiChTAN BgkqhkiG9w0BAQsFAAOCAQEAEZzkPuY/ZdXQE5I7FNSzI5DtF1R0/LnYiY74QYt0 btUlX8ILwZGQp41J7GbaN6Uo5N9XmHHN4e+JoWd+YX6AfPMvrRHX657Q9W19BmhV jnrgL/FXJQ8eUIElsceCIwaabbwB06/IGS1niYyXJK/r7H4mj/94wTMuK4WY5uvk 1r0AlqRNB02mByw6ipWe9muvSRo2K+HOgs7BHPhFfqH061zOdD8E3yXWJBgik0Ff KtPdiXADP13NqFff88Sfcc4NSX/kxXT+TKkA+jIZA1NT4mBOcFM4cUyusKt84Hux 0SO046Q2WLpVgnAbS3p/ujU3OOlYo2ci4HYDkLRAIAlEbg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh7LSktcpWb+CruAK5Ts IkaztJvqrXOZj6jGtWAD7FOiITvTpOxeOxYXbNSO+Oc626b0Rrv1J7qEt2Eal6w7 AShZ6/m63wbcxCR+d37S6VPMwo1btrOo6zyIozHkuLW8zrCRBOaRNFW2OIcY72JI 8CsXCx1UMWkvyBH7mUinuXdIOSJl+1p9wEj1EC7zBh+zi7EWTqbXixmuGusnq91N LrIn8TdJEU/ntvtB6S5LvjOUGW8Vv6GQ/eAkMb4050BiPLE8i7kPc/MF4M1aG/Tg k5m9xrtl5cGnI1cKXgVkvOcvssbZ6yCXI6jeUMI0OkzXV0U7mpZqVoYw5VKflEfG PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 340510314262204126158264671706761250500261 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-08 00:33:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-09 00:33:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pesavento.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25010369521127093319815507126691303275702187638365501430325389885042986871856319881316407994147103613598510323946619399638848725169297435513948293056884227625285864024846113876276280339832791423389496042667748965710638496234185510919574804262805992972192880931170170293650156203495122588184911832398276824714159925553827861550066139452013733792426218103962938686896973669168089405960323836930715974646473985895337764857497787602122436111371245922382034311468840200646067925389216702997370415181555969951487062178298266959968329095888850168775016951592331075364055678438278106755962363075191843536720172080912681911869 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9fc7a579050fbad6adf3cb74a63bf5a168f10537 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pesavento.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pesavento.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001862ea7ecd50000040300473045022100cae411dab590ebfc6fa4cf7c752f6ba551e434058a7f18753e3b28c6bf3106b2022047efe86383e830d92e0d9cd158c5c37d45d0d82d3e14c7dc3a4c7d1b83b55da0007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001862ea7ed5c000004030047304502203e5cd68364666d0741c9bcc5e4acad23c957c0f0bda93dc0bfb17a369bb9aed8022100ba18dc90484f0eb938465f165ea9ffe1720e66ab5bf3b86038b1be79f6188285 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00119ce43ee63f65d5d013923b14d4b32390ed175474fcb9d8898ef8418b746ed5255fc20bc19190a78d49ec66da37a528e4df579871cde1ef89a1677e617e807cf32fad11d7eb9ed0f56d7d0668558e7ae02ff157250f1e508125b1c78223069a6dbc01d3afc8192d67898c9724afebec7e268fff78c1332e2b8598e6ebe4d6bd0096a44d074da6072c3a8a959ef66baf491a362be1ce82cec11cf8457ea1f4eb5cce743f04df25d624182293415f2ad3dd8970033f5dcda857dff3c49f71ce0d497fe4c574fe4ca900fa3219035353e2604e705338714caeb0ab7ce07bb1d123b4e3a43658ba5582701b4b7a7fba353738e958a36722e0760390b4402009446e