ocx-gmbh.de
Issued by R3
About this certificate
This digital certificate with serial number 03:4f:79:99:39:0a:09:3a:3a:a4:66:7b:26:06:05:75:2b:37 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ocx-gmbh.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:4f:79:99:39:0a:09:3a:3a:a4:66:7b:26:06:05:75:2b:37Serial Number (int): 288380796947836693995730512182328482409271
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 49:5d:e8:61:43:80:05:1f:c7:af:b7:5d:13:2c:84:6c:31:3f:01:cb
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8c:98:1a:14:67:06:10:f3:ef:c1:77:7a:f2:53:ec:46:1d:74:e0:46
Fingerprint (sha256): 34:c6:10:ed:32:94:7c:c5:33:1e:a5:a8:10:22:88:52:19:36:84:6d:2d:59:30:66:54:ba:16:d2:73:fa:ac:1f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ocx-gmbh.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ocx-gmbh.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ocx-gmbh.de
www.ocx-gmbh.de
www.ocx-gmbh.de
Other certificates including the domain name ocx-gmbh.de
(limited to 100 certificates)
support.for-sight.co.uk
bookings.mortgageap.co.uk
support.for-sight.co.uk
ocx-gmbh.de
ugyfelszolgalat.mediaguide.hu
ocx-gmbh.de
ocx-gmbh.de
support.for-sight.co.uk
ajanvaraus.polarbearcnc.com
ocx-gmbh.de
ocx-gmbh.de
meet.bastioncraft.com
support.for-sight.co.uk
ocx-gmbh.de
ocx-gmbh.de
support.for-sight.co.uk
meet.trueleads.com
accounts.gfctech.co.uk
support.ocx-gmbh.de
payment.heavenhr.com
ocx-gmbh.de
my.inspacestorage.com
support.imito.io
support.for-sight.co.uk
suporte.pinkdotstudio.com
ocx-gmbh.de
books.unternehmerbonus.at
bookings.mortgageap.co.uk
support.for-sight.co.uk
ocx-gmbh.de
ugyfelszolgalat.mediaguide.hu
ocx-gmbh.de
ocx-gmbh.de
support.for-sight.co.uk
ajanvaraus.polarbearcnc.com
ocx-gmbh.de
ocx-gmbh.de
meet.bastioncraft.com
support.for-sight.co.uk
ocx-gmbh.de
ocx-gmbh.de
support.for-sight.co.uk
meet.trueleads.com
accounts.gfctech.co.uk
support.ocx-gmbh.de
payment.heavenhr.com
ocx-gmbh.de
my.inspacestorage.com
support.imito.io
support.for-sight.co.uk
suporte.pinkdotstudio.com
ocx-gmbh.de
books.unternehmerbonus.at
Certificate
The complete raw certificate details for ocx-gmbh.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgISA095mTkKCTo6pGZ7JgYFdSs3MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MTIwNjUwNDZaFw0yNDA4MTAwNjUwNDVaMBYxFDASBgNVBAMT C29jeC1nbWJoLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLY0 16vX/VLdgyKMdj7X1RuJHel8qvtaDJ/EXxwLSJFXAXrcL+kE3Yef/UUX2y3NQ7os cOPI7L/mKYkU9fgaiJw55VOhKAww9cPgvWmR//PfF+TK7OI7eUkwaWAprfHIS463 piqzF2C4x5A1BpIHBfH4SPt1UwPSoDmVl0nCXdCug9jDSwK01P2H6FbFVVrixokn Zcx5/iGnSsY4wYAO/HsOQVrIxdJXmA9jxYlK7lXobxeGNRyokFmK7zEy/32TmCog m4uwxMLPxU2V89NOHePmEHYLuHU4WfZtvC6M+ApPWgdkGRFVDPHTFMPip2YuH4zn +HiYQ3YcJhAMQ9lHHQIDAQABo4ICHzCCAhswDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBRJXehhQ4AFH8evt10TLIRsMT8ByzAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAn BgNVHREEIDAeggtvY3gtZ21iaC5kZYIPd3d3Lm9jeC1nbWJoLmRlMBMGA1UdIAQM MAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA3+FW66oFr7Wc D4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGPa8hoYQAABAMASDBGAiEA4hcU82gD Fsv/pt0XgQk3yJU+a5wal1EOzfxXK32omVQCIQDXHCQ2zfUkxZN0cuu9ZA/GOP6V BY/t5yNC9PrD7IEX+AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABj2vIZ5QAAAQDAEcwRQIhAJeSuaKJPP1usWkTeXwzofTcbUXgJl6XsE6p/uA9 2koUAiBZcXU6kuMyNePu//l7dNRyJwGE1ymhVWGTp2FBjzl0rTANBgkqhkiG9w0B AQsFAAOCAQEAfFoesxacjUnmOwdmkZggt4kkNOBtgCTMRlYOfrupeYkg6rflW65S xA9PoZ5Uf5PCN/KHxLX+O9S3cVi3Igl/SVNP7RorXHQMa6Dh5ihnHJMpdewcgcTb KaBtzAe6xR1X5EMHfEFp08QT+REpPrEXvSPU4yZqXA4lJ6fw942mgqkEDEn+xSym VtOo6dINfVTvP1cpTscW9zIpYWb0d3VKEEwbjLcZRmwaxT86vixMzZrqefoMw8yP CPNe4z2MUpZm4ZHyq1Qzh/eZfXOi9IMyCNIMlnSxVGzEbq9XLqu5FD3aWz1MCFRf zDG1cPcMwS6AboS429s2pNAwL5WZr9vDUQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLY016vX/VLdgyKMdj7X 1RuJHel8qvtaDJ/EXxwLSJFXAXrcL+kE3Yef/UUX2y3NQ7oscOPI7L/mKYkU9fga iJw55VOhKAww9cPgvWmR//PfF+TK7OI7eUkwaWAprfHIS463piqzF2C4x5A1BpIH BfH4SPt1UwPSoDmVl0nCXdCug9jDSwK01P2H6FbFVVrixoknZcx5/iGnSsY4wYAO /HsOQVrIxdJXmA9jxYlK7lXobxeGNRyokFmK7zEy/32TmCogm4uwxMLPxU2V89NO HePmEHYLuHU4WfZtvC6M+ApPWgdkGRFVDPHTFMPip2YuH4zn+HiYQ3YcJhAMQ9lH HQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 288380796947836693995730512182328482409271 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-12 06:50:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-10 06:50:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ocx-gmbh.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22307791006428373354485302838951010463028240922155295182368257559176759287732200349368440341337564946404225828704037944291825330488608049990982858094936506595783576487695229152245970211544921908676588963035220387691962967602602815007299999000489296382102847381812851796616528917066210115798877649929719880396950156109482138632279369698888405200500199693759986997450554651235357438559597416739275013211457254886195832684966191787177210070821476621643378696099206351077445273553926964570633183747391577929821996896436983146042518833765655399378681321165312267747064765100322654497444950046825433716446833937768951400221 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 495de8614380051fc7afb75d132c846c313f01cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ocx-gmbh.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ocx-gmbh.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f6bc868610000040300483046022100e21714f3680316cbffa6dd17810937c8953e6b9c1a97510ecdfc572b7da89954022100d71c2436cdf524c5937472ebbd640fc638fe95058fede72342f4fac3ec8117f800760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f6bc8679400000403004730450221009792b9a2893cfd6eb16913797c33a1f4dc6d45e0265e97b04ea9fee03dda4a1402205971753a92e33235e3eefff97b74d472270184d729a1556193a761418f3974ad . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007c5a1eb3169c8d49e63b0766919820b7892434e06d8024cc46560e7ebba9798920eab7e55bae52c40f4fa19e547f93c237f287c4b5fe3bd4b77158b722097f49534fed1a2b5c740c6ba0e1e628671c932975ec1c81c4db29a06dcc07bac51d57e443077c4169d3c413f911293eb117bd23d4e3266a5c0e2527a7f0f78da682a9040c49fec52ca656d3a8e9d20d7d54ef3f57294ec716f732296166f477754a104c1b8cb719466c1ac53f3abe2c4ccd9aea79fa0cc3cc8f08f35ee33d8c529666e191f2ab543387f7997d73a2f4833208d20c9674b1546cc46eaf572eabb9143dda5b3d4c08545fcc31b570f70cc12e806e84b8dbdb36a4d0302f9599afdbc351