www.hess-gruppe.de

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:3f:27:13:b5:b7:dd:e1:d3:75:9c:5e:f9:10:4a:57:b1:89 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.hess-gruppe.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:3f:27:13:b5:b7:dd:e1:d3:75:9c:5e:f9:10:4a:57:b1:89
Serial Number (int): 282826589142459348213964005055689330766217
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 0a:95:65:ea:ab:f9:4b:51:f4:f0:16:b1:c2:38:c6:63:d2:1d:f1:4c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 01:d4:f3:85:b6:06:2a:84:6f:81:56:be:32:43:59:14:96:68:52:2d
Fingerprint (sha256): 3b:77:5c:9c:df:c3:a7:41:85:cf:05:39:36:ce:cb:ab:ea:3a:0a:44:39:df:56:2d:8b:ea:38:fd:3e:95:31:b9

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.hess-gruppe.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.hess-gruppe.de

Public Key Algorithm

RSA

Key Size

3072

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.hess-gruppe.de

Other certificates including the domain name hess-gruppe.de

(limited to 100 certificates)
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
ssgd.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
vpn.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de

Certificate

The complete raw certificate details for www.hess-gruppe.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAz8nE7W33eHTdZxe+RBKV7GJMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDEwNjA0MDNaFw0x
OTA5MjkwNjA0MDNaMB0xGzAZBgNVBAMTEnd3dy5oZXNzLWdydXBwZS5kZTCCAaIw
DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKaScY1eZihFv7BzppgUTm1VMf3m
OJHIMHzDqhjYDVGo6HHQSHEujNUzrTuYGmgkNisQgV3YO6/xOuELEns1ZJD1+mOx
ILgbSmsGY0djmzW0oobLWluHWL7aXqj6vrtQuTivsaBnwR/LquvAgTLgZ38oTM7v
G4mEKnqcGn1+DTAHBeXU9M1vkTPvMhDVXJ6DZ1n9JGXuU/Cotw5pjVgk1J2im+Zs
YDHekRuVwvTwNvcAMRV1MZZ7sRxmPIZl+k60yaqtVDB2fqXOV0SSNvkqoUp+0PT/
JHops1dCzNfkeYqtjZdhUsytOpJy+v+GGN09GPF2sjIxNVGFKT+Ul28GjmKBie4/
ayHW64538uj7UYKlOIysPukexCOOm7soEvmWY6Lou3x3Rr3PdBfYtlhA5JszqZcp
OSIpZ5x4111C44ksn5zZMhZp4oafV6nlkAdmJyfVex3ItqkQRsoYITfzbjYe+a0a
cPSIyXATowVRyr5p8mkM+sLC88Qd5VtWu87yiQIDAQABo4ICaDCCAmQwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBQKlWXqq/lLUfTwFrHCOMZj0h3xTDAfBgNVHSMEGDAW
gBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUH
MAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUH
MAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB0GA1UdEQQW
MBSCEnd3dy5oZXNzLWdydXBwZS5kZTBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr
BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0
Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AHR+2oMxrTMQkSGcziVPQnDC
v/1eQiAIxjc1eeYQe8xWAAABa6xZBCoAAAQDAEgwRgIhAKxYgyozaKT9StIAugw7
m5eQ6jqi2chTQbOgp8ME80DgAiEA+3qNk3dK5zBcIEN6U/S3ZbniHFU2WTDLqfTU
AwAxGJMAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWusWQQY
AAAEAwBHMEUCIQDA6HbLOkX3baz9VlJ8hHLARt4CJUKlGbd8Q92HIA6uTQIgEVWo
S8HlWLJXz1yfHYutD6wdpOVryCZ+B4/XknKX7jYwDQYJKoZIhvcNAQELBQADggEB
AIgTbUoLuDVbMdLB/LqY9+fmDz4HotYdZOi8x9k66Y8xRJ7mV+xNRHwgQB9yaJTv
v+CXCx7xbaHXw3GI/R2xN9QYQ+fVxMRBYoA7vNRgEjfbHdjcmBge+nogD5cFaoG4
zersA2h1BGcrV30Sw0qthgJ9SWF2D9hYE82d6SafSVcsaZ9MLjtppJ95hmeKTMk+
dgEN4BiKVglshXt40u2jb0iXBQFwS+WRV6NU4NjT9S6dMLrJvbaMG2sbMUNXNaaU
cTw/fZSGZVtJi8dKVI1n9xl6c7nN4X18qRUVtOM90L8GxSpVTDT3TaiRGjk24MjX
tg7sFIfraFOJf1NV2YCu+Jg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAppJxjV5mKEW/sHOmmBRO
bVUx/eY4kcgwfMOqGNgNUajocdBIcS6M1TOtO5gaaCQ2KxCBXdg7r/E64QsSezVk
kPX6Y7EguBtKawZjR2ObNbSihstaW4dYvtpeqPq+u1C5OK+xoGfBH8uq68CBMuBn
fyhMzu8biYQqepwafX4NMAcF5dT0zW+RM+8yENVcnoNnWf0kZe5T8Ki3DmmNWCTU
naKb5mxgMd6RG5XC9PA29wAxFXUxlnuxHGY8hmX6TrTJqq1UMHZ+pc5XRJI2+Sqh
Sn7Q9P8keimzV0LM1+R5iq2Nl2FSzK06knL6/4YY3T0Y8XayMjE1UYUpP5SXbwaO
YoGJ7j9rIdbrjnfy6PtRgqU4jKw+6R7EI46buygS+ZZjoui7fHdGvc90F9i2WEDk
mzOplyk5IilnnHjXXULjiSyfnNkyFmnihp9XqeWQB2YnJ9V7Hci2qRBGyhghN/Nu
Nh75rRpw9IjJcBOjBVHKvmnyaQz6wsLzxB3lW1a7zvKJAgMBAAE=
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 282826589142459348213964005055689330766217
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-01 06:04:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 06:04:03 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.hess-gruppe.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 3780148251082694905600110907090832672952700400557860944927540267167221416358533978298958706977333179450789020437902489534767359164619349047206190068529617492311996004740412713728444006465618693558531448961874990674404718954964365132026348868979464282885716232509475929419740419381822170546034051305501430914250094511407112581278776473009315108508626411415198370817070248675952850572669113538903252078030893677528401889785074963383651111127723770580550037981135124375623631276890601042539776553353385592949982586282388716801306710263698139683749119051015760868868946557563234789946386214823362900837119178140244963158859335937313830574904328579341267270147205572152640371816785734965716642385662370694491191295426683853077725981321426585266649919288116318263065844779166622326406140201067982744481052184964606783485968103334394240141398860371746323148878566438740974004774908860407769526878559536129558513193763820353671328393
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0a9565eaabf94b51f4f016b1c238c663d21df14c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hess-gruppe.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016bac59042a0000040300483046022100ac58832a3368a4fd4ad200ba0c3b9b9790ea3aa2d9c85341b3a0a7c304f340e0022100fb7a8d93774ae7305c20437a53f4b765b9e21c55365930cba9f4d4030031189300760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016bac5904180000040300473045022100c0e876cb3a45f76dacfd56527c8472c046de022542a519b77c43dd87200eae4d02201155a84bc1e558b257cf5c9f1d8bad0fac1da4e56bc8267e078fd7927297ee36
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0088136d4a0bb8355b31d2c1fcba98f7e7e60f3e07a2d61d64e8bcc7d93ae98f31449ee657ec4d447c20401f726894efbfe0970b1ef16da1d7c37188fd1db137d41843e7d5c4c44162803bbcd4601237db1dd8dc98181efa7a200f97056a81b8cdeaec03687504672b577d12c34aad86027d4961760fd85813cd9de9269f49572c699f4c2e3b69a49f7986678a4cc93e76010de0188a56096c857b78d2eda36f48970501704be59157a354e0d8d3f52e9d30bac9bdb68c1b6b1b31435735a694713c3f7d9486655b498bc74a548d67f7197a73b9cde17d7ca91515b4e33dd0bf06c52a554c34f74da8911a3936e0c8d7b60eec1487eb6853897f5355d980aef898