www.hess-gruppe.de

Issued by R3

About this certificate

This digital certificate with serial number 04:4c:10:24:a0:19:b1:ca:c9:31:bc:a8:b9:e9:82:ae:ae:a3 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.hess-gruppe.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:4c:10:24:a0:19:b1:ca:c9:31:bc:a8:b9:e9:82:ae:ae:a3
Serial Number (int): 374332061430873040364464120525731996282531
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 88:a9:da:f8:1b:93:cc:ad:36:ac:14:a0:6d:7a:1c:e4:d2:50:e8:4d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ef:a6:bd:47:7b:2a:51:e8:d2:8b:43:1a:37:67:69:ba:51:78:38:17
Fingerprint (sha256): 39:1f:4f:24:a6:4a:1d:19:34:ca:f8:2a:d3:be:33:f5:91:a5:74:6f:b0:28:57:27:5e:01:8a:cd:17:54:0e:6f

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.hess-gruppe.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.hess-gruppe.de

Public Key Algorithm

RSA

Key Size

3072

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hess-gruppe.de
www.hess-gruppe.de

Other certificates including the domain name hess-gruppe.de

(limited to 100 certificates)
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
ssgd.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
vpn.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de

Certificate

The complete raw certificate details for www.hess-gruppe.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISBEwQJKAZscrJMbyouemCrq6jMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjEwMzEwNzA2MzdaFw0yMzAxMjkwNzA2MzZaMB0xGzAZBgNVBAMT
End3dy5oZXNzLWdydXBwZS5kZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoC
ggGBAIJ18iscLSmCxJWrw/72+hiMj21IEZoB96szdEMtY2kbdxKh5zOiV60zbn88
4gvAMTzky39sQNVNsCicCpTB4KE9mfn4Cnduo87SaYn0uELkv6oJl4NT4xcrAXwF
iRVNICAnv5APkU5oFmSNgKtTaJshNnJK5+AKTVD6JFyFjI72gnQyhGwkip3D69Gg
d/OpBJieD4Tehi64v2+SPnOfzpLMAyRJfrQtj3xxOpD13bS43Beo8oFi1IIEIua2
hlf3Rdj/BGYufAI5FJvz34QuV0MqfhisjilIGHeuTVBfCK2TCJmHCoczskKMKN4p
J6kzb3sFIXaI5ExQYaAEnIou3NVdDMIbRIe9aoyKvKs05GXXRrpcaFsDps+SDP39
cJ/u58sUKrQ99jQLfdfeHVOIJUFOYMnFNm5RRbi3EosjfYAO/Ge/m6Bn7NI9roh+
SRUH0Wr1eWf6F6VAWw/KEDWM6Des6tpgSM8IprIfJ+wNDmHDHjbxez1MEpKSz4KM
kom+2wIDAQABo4ICXTCCAlkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSIqdr4G5PM
rTasFKBtehzk0lDoTTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBV
BggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9y
ZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAtBgNVHREEJjAk
gg5oZXNzLWdydXBwZS5kZYISd3d3Lmhlc3MtZ3J1cHBlLmRlMEwGA1UdIARFMEMw
CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j
cHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAtz77
JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGELRQDewAABAMARjBEAiAb
I7OdJEfPvf2lGfbn1D8guVBUvIdS137VeZEdB9pw6wIgNZCQoDSbhDrqT2N2EOL+
2+8N8W/SUQvPoHZCeEysA94AdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpX
o1LrUgAAAYQtFAWCAAAEAwBIMEYCIQD3yI+OqqPKL2UZ22rfFthLjPdpO1G5nSHa
YjubuDX3FAIhAP9yl2+dP4XysPAMDoIavnxP7kGQKgM/PZVAwh4XIsY8MA0GCSqG
SIb3DQEBCwUAA4IBAQBAqddaOFMqRJDpm9KSkpPjGYv/4sxAiPhagNlahF0xOmgv
s75mdLoCPwm9TVZ3sYFBJjWR2pEWj/6aAYcPGlUbFXOR6PGLCEKqKJtsaPSKv2Jc
W3ZB9kxt56BmWgads6x0t3M3yZ3Ebzs0r0XbFpSA5Un0BD5jqsDY7xzWnqiaVqr0
i/oZ8adk0rWrP6kI/BoXLWQAPCME6bA95lU8syopuUs6QqwsvVB7JD+wDVjs1Jtk
WzVFQgKcUyLvsjIhVzDv5kAlc7XkDJof236+T8R1Qyn7f2o5Y1+YhFEpw3B4T1y3
xTKD5HgTnGOXNjDhIe1PuBs1zO/CBg7NSr8Cge/4
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAgnXyKxwtKYLElavD/vb6
GIyPbUgRmgH3qzN0Qy1jaRt3EqHnM6JXrTNufzziC8AxPOTLf2xA1U2wKJwKlMHg
oT2Z+fgKd26jztJpifS4QuS/qgmXg1PjFysBfAWJFU0gICe/kA+RTmgWZI2Aq1No
myE2ckrn4ApNUPokXIWMjvaCdDKEbCSKncPr0aB386kEmJ4PhN6GLri/b5I+c5/O
kswDJEl+tC2PfHE6kPXdtLjcF6jygWLUggQi5raGV/dF2P8EZi58AjkUm/PfhC5X
Qyp+GKyOKUgYd65NUF8IrZMImYcKhzOyQowo3iknqTNvewUhdojkTFBhoAScii7c
1V0MwhtEh71qjIq8qzTkZddGulxoWwOmz5IM/f1wn+7nyxQqtD32NAt9194dU4gl
QU5gycU2blFFuLcSiyN9gA78Z7+boGfs0j2uiH5JFQfRavV5Z/oXpUBbD8oQNYzo
N6zq2mBIzwimsh8n7A0OYcMeNvF7PUwSkpLPgoySib7bAgMBAAE=
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 374332061430873040364464120525731996282531
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-31 07:06:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-29 07:06:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.hess-gruppe.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2960646166109308722772079643128863033280454765397412303796029080558478290519695764700057033092123288229538109599902862366004208293240730978239277652892357632786467233162426929833195100404699818326334099895644024850738712416110056110415388092462375616950991990173901538045705447044212744598241755181489678421906273055074817616297213956166728360492578109556353645799693304122238147988837180919696173017691268147625842061409987243151783970755017026501425880589531066133539288917226961986840711257762196315940771239151905102686962356477940397106682199312179126903345781499895276725436361238164511581596188147629216724211615135541229885717439273601478583402494547192480165984266344226372891923266950730549366212840331714393617842128028855921509907446430165994965728057527636225533094053700766581532538618514696231484118619936580171679484662461705533075855447296816090272497871274002539074492856487387226737859776708103634919472859
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							88a9daf81b93ccad36ac14a06d7a1ce4d250e84d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hess-gruppe.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hess-gruppe.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001842d14037b000004030046304402201b23b39d2447cfbdfda519f6e7d43f20b95054bc8752d77ed579911d07da70eb0220359090a0349b843aea4f637610e2fedbef0df16fd2510bcfa07642784cac03de0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001842d1405820000040300483046022100f7c88f8eaaa3ca2f6519db6adf16d84b8cf7693b51b99d21da623b9bb835f714022100ff72976f9d3f85f2b0f00c0e821abe7c4fee41902a033f3d9540c21e1722c63c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0040a9d75a38532a4490e99bd2929293e3198bffe2cc4088f85a80d95a845d313a682fb3be6674ba023f09bd4d5677b18141263591da91168ffe9a01870f1a551b157391e8f18b0842aa289b6c68f48abf625c5b7641f64c6de7a0665a069db3ac74b77337c99dc46f3b34af45db169480e549f4043e63aac0d8ef1cd69ea89a56aaf48bfa19f1a764d2b5ab3fa908fc1a172d64003c2304e9b03de6553cb32a29b94b3a42ac2cbd507b243fb00d58ecd49b645b354542029c5322efb232215730efe6402573b5e40c9a1fdb7ebe4fc4754329fb7f6a39635f98845129c370784f5cb7c53283e478139c63973630e121ed4fb81b35ccefc2060ecd4abf0281eff8