struikhoeve.nl
Issued by R3
About this certificate
This digital certificate with serial number 03:e4:60:fb:2e:90:17:7b:b1:ff:f6:b6:ab:c1:f8:50:70:ce was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=struikhoeve.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e4:60:fb:2e:90:17:7b:b1:ff:f6:b6:ab:c1:f8:50:70:ceSerial Number (int): 339050147551768518638767808077571545919694
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ea:72:28:76:7e:4c:a7:39:1b:ff:ce:16:10:ba:95:8a:91:ce:5b:10
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f9:e0:c7:23:8b:fe:2a:b7:87:41:a4:37:c4:c3:40:12:5a:00:dc:91
Fingerprint (sha256): 38:22:59:08:4c:fc:26:da:89:57:c4:63:b9:e4:99:c8:96:1d:38:4c:e2:40:5a:17:71:f2:cb:3b:57:8b:09:4b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate struikhoeve.nl
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for struikhoeve.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
struikhoeve.nl
struikhoeve.wepsaid.nl
www.struikhoeve.nl
struikhoeve.wepsaid.nl
www.struikhoeve.nl
Other certificates including the domain name struikhoeve.nl
(limited to 100 certificates)
Certificate
The complete raw certificate details for struikhoeve.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGFzCCBP+gAwIBAgISA+Rg+y6QF3ux//a2q8H4UHDOMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTYyMjExNTlaFw0yNDA1MTYyMjExNThaMBkxFzAVBgNVBAMT DnN0cnVpa2hvZXZlLm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA t46r39lHDj6nUmyPqEYuSIJxse9MoSyT+938r1+2zMOtaLPs80eMCKPu342N7urr g4xMXsZzA9usVboLUMcJFI30oVwOuX3u86Eb41XeNgUMFUejrXoYhyHV+1W/AfY5 l0/S/PeHuix+yR+enyqEJpiG9scSC/Vf9THGG9iWOaf2GHBUNXcRZ8wtAC30oMtH N9pF0sSjNbLqPjpxN7JyzsLQ2/PE+/mYgcHzIKE0AKEuya6qip7IsOfstc/+eTN+ OArGbCWJeybxHyENuL4xS/xryrJBJgVvEDx4vnt/KbjOW/2a012Kxuy49ZsIjrTw XPtneD2TtBbAXlVrIXS7bSU5E1V85i0AprMWqlfH7B3hR2yHDgdxrjNKid3Xlie6 AQF0MHLZcIQC+GvULSnVpnu66EbsUVsdFuTiFT5nFWS8YMGMTyhH11DVZdKliK0U AjH5fwuOnU3IVyQsw3fV7MZOdsGtFJFW9ILd0n7WrVqvh91PEjvp5fimLi8QvUWM oGlV0K4MGbykQZtwtDZ+vO3DliHrhYDYe+s483Bt+S3qUzUqZSXBgXC2WyL+cmfT afiv3umQa6XT7S3KH9nBhbZqTbhu3npCDNd3xEMFDFgGSj2yjwp5XcmxseVtnT16 Y7qtThizyTWDCizSNriKwyUbvIvjdakZUzDK2U6vn1kCAwEAAaOCAj4wggI6MA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQU6nIodn5Mpzkb/84WELqVipHOWxAwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wRQYDVR0RBD4wPIIOc3RydWlraG9ldmUubmyCFnN0 cnVpa2hvZXZlLndlcHNhaWQubmyCEnd3dy5zdHJ1aWtob2V2ZS5ubDATBgNVHSAE DDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AEiw42vapkc0 D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjbQw47EAAAQDAEgwRgIhAMdA3qoO BqeivjiK6Iuh8V/z6iO8hCaSa+oVDhbIb+oaAiEArUmxwbmSchRtPG8Wqy/4IolJ wFw4TUdASbD9GoWghJsAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1 mwAAAY20MOWoAAAEAwBIMEYCIQDOWel3wx7r6t1zW0bm1ap6eaZe2jfiAI1JwGLJ 68erlQIhAJF/OdeHiieNAUaZljopnhc+oIODuKUYAIGZw3N1BCmbMA0GCSqGSIb3 DQEBCwUAA4IBAQAdUlYtlMjbfvN7WPNKYSN7eMzQO+coo2EvvVuHI+k3DlzeCnuJ o9vfJYUektGF7zekCeywwBwRREIp4U9BFM6VC1GM3qKgM0EOgGMIRgGUHyabMb21 9RQrxrrTyR50tUb1T2jtwW9sD+sv6AJPOwX2asBXb2M1wLlOUUxmYh7D60ZmJKDM XJW1kNvc+WkTADM2ggPHromW9mQifLLQXbDeRMpZ9ha7zHA7IDyvCIv92jOYPt84 t3/Xn1ignT7KC1bi0ZnLjznji4qH1vrRsCOtmVBoDdOqp67hpRhLFMEqBOAT1udA 05umgjovwBNmbwzOHKrwfN2x2hDnQB2jhStN -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt46r39lHDj6nUmyPqEYu SIJxse9MoSyT+938r1+2zMOtaLPs80eMCKPu342N7urrg4xMXsZzA9usVboLUMcJ FI30oVwOuX3u86Eb41XeNgUMFUejrXoYhyHV+1W/AfY5l0/S/PeHuix+yR+enyqE JpiG9scSC/Vf9THGG9iWOaf2GHBUNXcRZ8wtAC30oMtHN9pF0sSjNbLqPjpxN7Jy zsLQ2/PE+/mYgcHzIKE0AKEuya6qip7IsOfstc/+eTN+OArGbCWJeybxHyENuL4x S/xryrJBJgVvEDx4vnt/KbjOW/2a012Kxuy49ZsIjrTwXPtneD2TtBbAXlVrIXS7 bSU5E1V85i0AprMWqlfH7B3hR2yHDgdxrjNKid3Xlie6AQF0MHLZcIQC+GvULSnV pnu66EbsUVsdFuTiFT5nFWS8YMGMTyhH11DVZdKliK0UAjH5fwuOnU3IVyQsw3fV 7MZOdsGtFJFW9ILd0n7WrVqvh91PEjvp5fimLi8QvUWMoGlV0K4MGbykQZtwtDZ+ vO3DliHrhYDYe+s483Bt+S3qUzUqZSXBgXC2WyL+cmfTafiv3umQa6XT7S3KH9nB hbZqTbhu3npCDNd3xEMFDFgGSj2yjwp5XcmxseVtnT16Y7qtThizyTWDCizSNriK wyUbvIvjdakZUzDK2U6vn1kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 339050147551768518638767808077571545919694 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-16 22:11:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-16 22:11:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'struikhoeve.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 748848491272243329521338956366676967734199971513773507472268766869372954667125124774835499227482109928853093493064313581249473259997230391480595828226184155738474317482271426471536257742292238380223808077674219592869300919245877585556019948126683424327590350594753857823490860414832891332431027242649547615340446949942948623353332337606891221005632787593876899887773192215139281391903112766463315155769485226143638768226329644870965697548776304579144647921692091026427982030274253946992165930560009589986310825581744831230881699732956974508547359621621018174788493518987942007615350404818278775529708248671694864329997839851585938092200151035853932636816916842157206515212124435622332980788888230458606601499098406155212395193266017805820161961994254756278726117801985102840763365652298620943459778743251833498260459218448947404027964104442337374630245372969979499480982914120246353229095197011084373334206400659334732786403093504726557078103536230848393981125992847013411588034388384286607294483785358781968301295797996868376831048970851044895648111448439559091016393533566580712868948679271056834418454457470188682508657994383881005742164881027354335083093882920096517867548307448763215356552904065520719979040628379306830978850649 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ea7228767e4ca7391bffce1610ba958a91ce5b10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'struikhoeve.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'struikhoeve.wepsaid.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.struikhoeve.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018db430e3b10000040300483046022100c740deaa0e06a7a2be388ae88ba1f15ff3ea23bc8426926bea150e16c86fea1a022100ad49b1c1b99272146d3c6f16ab2ff8228949c05c384d474049b0fd1a85a0849b007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018db430e5a80000040300483046022100ce59e977c31eebeadd735b46e6d5aa7a79a65eda37e2008d49c062c9ebc7ab95022100917f39d7878a278d014699963a299e173ea08383b8a518008199c3737504299b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001d52562d94c8db7ef37b58f34a61237b78ccd03be728a3612fbd5b8723e9370e5cde0a7b89a3dbdf25851e92d185ef37a409ecb0c01c11444229e14f4114ce950b518cdea2a033410e8063084601941f269b31bdb5f5142bc6bad3c91e74b546f54f68edc16f6c0feb2fe8024f3b05f66ac0576f6335c0b94e514c66621ec3eb466624a0cc5c95b590dbdcf969130033368203c7ae8996f664227cb2d05db0de44ca59f616bbcc703b203caf088bfdda33983edf38b77fd79f58a09d3eca0b56e2d199cb8f39e38b8a87d6fad1b023ad9950680dd3aaa7aee1a5184b14c12a04e013d6e740d39ba6823a2fc013666f0cce1caaf07cddb1da10e7401da3852b4d