maennchen.com
Issued by R3
About this certificate
This digital certificate with serial number 04:34:97:a2:bb:59:82:d6:eb:b1:40:7b:41:f9:ac:e7:38:ed was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=maennchen.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:34:97:a2:bb:59:82:d6:eb:b1:40:7b:41:f9:ac:e7:38:edSerial Number (int): 366345385186286786846535285672023654086893
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 37:ee:d7:6a:3e:0b:fb:4a:d4:ec:34:75:87:17:21:8e:ae:11:8a:db
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f4:67:d7:24:df:86:e3:65:33:f5:47:6b:dc:0c:ee:e7:86:63:3c:c0
Fingerprint (sha256): 31:fb:d4:31:93:7f:4c:72:a2:80:de:59:66:63:96:8f:ad:66:c5:1d:3b:43:3d:bb:04:a1:f3:22:1f:97:c8:94
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate maennchen.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for maennchen.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
maennchen.com
www.maennchen.com
www.maennchen.com
Other certificates including the domain name maennchen.com
(limited to 100 certificates)
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
cloud.maennchen.com
maennchen.com
cloud.maennchen.com
maennchen.com
cloud.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
maennchen.com
maennchen.com
cloud.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
maennchen.com
maennchen.com
www.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
cloud.maennchen.com
maennchen.com
cloud.maennchen.com
maennchen.com
cloud.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
maennchen.com
maennchen.com
cloud.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
maennchen.com
maennchen.com
maennchen.com
www.maennchen.com
cloud.maennchen.com
cloud.maennchen.com
Certificate
The complete raw certificate details for maennchen.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgISBDSXortZgtbrsUB7Qfms5zjtMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTYyMzM3MTlaFw0yNDA2MTQyMzM3MThaMBgxFjAUBgNVBAMT DW1hZW5uY2hlbi5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDW 5J5ICrtoLfMx2ZtagTxpmL9JWcckbifunHLX55t44y2Cf7BJqLXC5hcqZNrmIy65 wUS/a8vSUjHaoFljZQj10ZVIdIHbLEnhbRTjyeXGIPcNWT6CLBHIzgHyvVn+1xzs n38vJNbmDOJeuPHIZwFYQkhSJ8bynrEdJQKCF3UqBNpz1Olr6dnbOLl99qvP7Ak3 3p6pYfuOqEcvyQu0GmGN3YVE3qfy3fORNfaAjdvZoW/ioPSMYvnKJT1lcjHaaPUC S+5r4STg0lMoGjN6j79P05zboFZw08wI6g5OjJXarSi6zwaS3c0beFld+hNjR4zr pOZtL1W43SFcvkaJPKly58YW52rsUPjpJ/bEAaddFvnUJqkE1Ik0VPkG96V/LNmp hrXqbcIpPxAn8nkrx2qeaZfI+CkXwya4CDkML5q2+XC7Ttu4D+/z+YLhQjdKZuBf Vtoeh0UqmODkSBsu5Lb7LBXXK+OP4rLAF8J7pXLaWvCe7ho9Pn5qCGejzCaMPIuj hCnd0L0WvsjxM30Vp3jPzC1cdkiwZ9OJrDGMiaIDXLs92N7XdKpJgW7xpSgGI3a8 7QTgjyONCJ5W0z9/l5HxlYyO0s/4DPbu1jiw6RcjF9wOVYPgX9SsTyt+uOha5qzw jT0xn7dzZmypVt8ANrYbpPyq82kcee3ij3iC+uc/cQIDAQABo4ICIjCCAh4wDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBQ37tdqPgv7StTsNHWHFyGOrhGK2zAfBgNVHSME GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov L3IzLmkubGVuY3Iub3JnLzArBgNVHREEJDAigg1tYWVubmNoZW4uY29tghF3d3cu bWFlbm5jaGVuLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkC BAIEgfUEgfIA8AB2AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAAB jknXcZYAAAQDAEcwRQIgDU4Bkj9Q3x4ImE130uHfWsvKi1yapRUwwcuT/vufZwYC IQCf5Enqqg2KKg48HYiz5jnNUzzjKIGMfdKt4Yw9eUYQjQB2AHb/iD8KtvuVUcJh zPWHujS0pM27KdxoQgqf5mdMWjp0AAABjknXc6YAAAQDAEcwRQIhAK352jXf7FQh xQeDq7lQAhH/Q/6xbGybFIS0hS0wgtHYAiAQK8Hiq/DlZ1mZR85YgOLxtbGdbUym C/NhA3oC/tWNkzANBgkqhkiG9w0BAQsFAAOCAQEAUeaGkUmpiCac+VxUsYm0+VT5 UgFDLK5I+EOlGLydaLJe3KNGYXY/gbMjhZPvG/Bh2SLMFzZQwQLc6Pq5/pxXqhuT QqO89ItlH364nBjkqdJi6ifzPxQa7GQw9tVmB0xYaKVtT3MGMogpplyNq2hy1Bnc l67ascHOs0rzeeKKlt3H/0I2hZXl4twULYwAD0o1w0wrhTeQwpj4tSPRR7THJoiq z4ExQWBIcmdQyqfKfUhXR/V7GyMqLXRJSwl6bZ4jLvwAJSJImFYCDfAXAW4R2F6n bxUvY23wT0lohu7bH8LWtRC+HdGiPWLFUXLVs8TBlpqgljj8BWTmMojatMryYQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1uSeSAq7aC3zMdmbWoE8 aZi/SVnHJG4n7pxy1+ebeOMtgn+wSai1wuYXKmTa5iMuucFEv2vL0lIx2qBZY2UI 9dGVSHSB2yxJ4W0U48nlxiD3DVk+giwRyM4B8r1Z/tcc7J9/LyTW5gziXrjxyGcB WEJIUifG8p6xHSUCghd1KgTac9Tpa+nZ2zi5ffarz+wJN96eqWH7jqhHL8kLtBph jd2FRN6n8t3zkTX2gI3b2aFv4qD0jGL5yiU9ZXIx2mj1Akvua+Ek4NJTKBozeo+/ T9Oc26BWcNPMCOoOToyV2q0ous8Gkt3NG3hZXfoTY0eM66TmbS9VuN0hXL5GiTyp cufGFudq7FD46Sf2xAGnXRb51CapBNSJNFT5BvelfyzZqYa16m3CKT8QJ/J5K8dq nmmXyPgpF8MmuAg5DC+atvlwu07buA/v8/mC4UI3SmbgX1baHodFKpjg5EgbLuS2 +ywV1yvjj+KywBfCe6Vy2lrwnu4aPT5+aghno8wmjDyLo4Qp3dC9Fr7I8TN9Fad4 z8wtXHZIsGfTiawxjImiA1y7Pdje13SqSYFu8aUoBiN2vO0E4I8jjQieVtM/f5eR 8ZWMjtLP+Az27tY4sOkXIxfcDlWD4F/UrE8rfrjoWuas8I09MZ+3c2ZsqVbfADa2 G6T8qvNpHHnt4o94gvrnP3ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 366345385186286786846535285672023654086893 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-16 23:37:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-14 23:37:18 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'maennchen.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 876687116640183444836413834319870269383285248182752093184077086908771962927251105156516178456332861811491028540603501857046168735026636767683082304396139526600802487345878205058820431149342028086009105850102240325374265053040730162152909654026800334350090602197956138575520392833830051486236429625951207218297499001129449384537610467830571973557865366392577255608072492668441184835548822264311381630918179749077580499716256077467378615465721102664114614466240627172090949141737906230052317354187884133632928561415776829948733722836865896100303696081567938132650401522428508009094564211145252849048624280214214511429429413254057920166221483279176646458160352239676482807347103774167567545836493055754659256180508047449649250102837753779327359218280635476073529243878801415317641470368347087121786563571250676665939459942886866086748638661587994803733923231929883090580214280732573636430155374563024757182950357868867715421389178287582512079814285690102866498231232422663965573488504050870997757060955849084558961078968725826798188117357820704619644716858047841131092115486915900328860506430986547111594037285942238226646435464957561623210790845677332900169650383532140764127358261574959031794931490196204970142315555725679344138796913 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 37eed76a3e0bfb4ad4ec34758717218eae118adb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maennchen.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maennchen.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e49d77196000004030047304502200d4e01923f50df1e08984d77d2e1df5acbca8b5c9aa51530c1cb93fefb9f67060221009fe449eaaa0d8a2a0e3c1d88b3e639cd533ce328818c7dd2ade18c3d7946108d00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e49d773a60000040300473045022100adf9da35dfec5421c50783abb9500211ff43feb16c6c9b1484b4852d3082d1d80220102bc1e2abf0e567599947ce5880e2f1b5b19d6d4ca60bf361037a02fed58d93 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0051e6869149a988269cf95c54b189b4f954f95201432cae48f843a518bc9d68b25edca34661763f81b3238593ef1bf061d922cc173650c102dce8fab9fe9c57aa1b9342a3bcf48b651f7eb89c18e4a9d262ea27f33f141aec6430f6d566074c5868a56d4f7306328829a65c8dab6872d419dc97aedab1c1ceb34af379e28a96ddc7ff42368595e5e2dc142d8c000f4a35c34c2b853790c298f8b523d147b4c72688aacf8131416048726750caa7ca7d485747f57b1b232a2d74494b097a6d9e232efc002522489856020df017016e11d85ea76f152f636df04f496886eedb1fc2d6b510be1dd1a23d62c55172d5b3c4c1969aa09638fc0564e63288dab4caf261