api.domainebourgeoisie.ch
Issued by R3
About this certificate
This digital certificate with serial number 04:1a:75:bc:ee:d4:3b:4d:08:56:ad:f7:a5:9b:38:89:f9:cf was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=api.domainebourgeoisie.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:1a:75:bc:ee:d4:3b:4d:08:56:ad:f7:a5:9b:38:89:f9:cfSerial Number (int): 357452985938329835205634304640967733017039
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 57:5f:63:f0:42:65:57:3d:80:3a:bd:5e:07:d3:90:36:07:82:80:5d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 62:a5:3b:c4:a9:18:00:d4:da:91:dc:b6:2f:9a:81:73:5f:74:c0:fc
Fingerprint (sha256): 3e:54:e4:1a:2b:5c:8d:a1:bc:7e:19:95:08:f4:a1:da:ec:64:37:8f:94:57:22:eb:cb:ed:b1:b2:4a:2e:e8:ff
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate api.domainebourgeoisie.ch
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api.domainebourgeoisie.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.domainebourgeoisie.ch
bourgeoisie-api.frogfish.dev
bourgeoisie.frogfish.dev
domainebourgeoisie.ch
www.domainebourgeoisie.ch
bourgeoisie-api.frogfish.dev
bourgeoisie.frogfish.dev
domainebourgeoisie.ch
www.domainebourgeoisie.ch
Other certificates including the domain name domainebourgeoisie.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for api.domainebourgeoisie.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgISBBp1vO7UO00IVq33pZs4ifnPMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjEwMDQ3MjJaFw0yNDAxMTkwMDQ3MjFaMCQxIjAgBgNVBAMT GWFwaS5kb21haW5lYm91cmdlb2lzaWUuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCf3EK2oga8Kt8pjlYaT1aUdyUohIbXHfDnMICzbkdVp8UKrAgS 05TM6yqCebnqMvsdYwl9pA7G+smCRmqft6K3mwXlmua7oxJKWTIjfEAUK/9NQYAA tY1nyTY3UeMbiQndOGTZcztwOkF1tjrCEsyrfPuSTBzOIYGXH94NpDTYN5WLKSEC XfvDq+tn/dTf+vWSn1vb7nB1oZIgNo3l/ESNE09qFKHQYl31pUcxabxDvunu39yz T2rkIhz+RQdcIi1pNtmLT4B+NAeJ6Qv7bPSPIxmEXl0quLh4rui9VEQuD2Dzo2ig VMjDZBix0S5Lz9LsAtB+rcDCh8z/SsVjpI8tAgMBAAGjggKIMIIChDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFFdfY/BCZVc9gDq9XgfTkDYHgoBdMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMIGQBgNVHREEgYgwgYWCGWFwaS5kb21haW5lYm91cmdlb2lz aWUuY2iCHGJvdXJnZW9pc2llLWFwaS5mcm9nZmlzaC5kZXaCGGJvdXJnZW9pc2ll LmZyb2dmaXNoLmRldoIVZG9tYWluZWJvdXJnZW9pc2llLmNoghl3d3cuZG9tYWlu ZWJvdXJnZW9pc2llLmNoMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sA AAGLT+piBwAABAMARzBFAiB13vm0cyt1XZXaADQSxGuF/hkl4G/+IWJcRQVR6zqo JAIhALA2nu/b7ti/AqKPEo1NLqq98buPgqSktSoXr0AenWmMAHYA7s3QZNXbGs7F XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLT+piBQAABAMARzBFAiEAtY9TZlvB 9VRHuBScxGAt9Lu7VEWFUqGKWhHlVTWSbw0CIDZztWDtNmsFJFTZbYU/RG4dApDI nL/enBj8DIgVgW0pMA0GCSqGSIb3DQEBCwUAA4IBAQCL+BnvjFkUnFOIDPKbr6Ry CmuH68hSd0T6NTFXBZZoFskjZkv5wXvn5QCAvudv+lWNDEnCponoyohXnBqqNd2W jpXby6OEkWmSJ72OcYYQVEgJ0xngvCRNbU83IjpSwnA4CS7Jpret3ku+v3nuk7fX saFTwB5XLAc1p4Bcqt/m94ubD9G2bi0+igj3E7hxlMFYNyO+/a9gvhB/Ha2IVQDI UDr3rdaQ7S3gvrLvIlTdwAu0+ClYYzhpTflGwQavNmmW7KlNwbgXfYaUizmsd2ps Tq2oBRvuzethXUSZNzoeaMXrsnmsrFlUZ/BItU41qs61h+wD+mvaCSGfGtLfPpzr -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9xCtqIGvCrfKY5WGk9W lHclKISG1x3w5zCAs25HVafFCqwIEtOUzOsqgnm56jL7HWMJfaQOxvrJgkZqn7ei t5sF5Zrmu6MSSlkyI3xAFCv/TUGAALWNZ8k2N1HjG4kJ3Thk2XM7cDpBdbY6whLM q3z7kkwcziGBlx/eDaQ02DeViykhAl37w6vrZ/3U3/r1kp9b2+5wdaGSIDaN5fxE jRNPahSh0GJd9aVHMWm8Q77p7t/cs09q5CIc/kUHXCItaTbZi0+AfjQHiekL+2z0 jyMZhF5dKri4eK7ovVRELg9g86NooFTIw2QYsdEuS8/S7ALQfq3AwofM/0rFY6SP LQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 357452985938329835205634304640967733017039 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-21 00:47:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-19 00:47:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.domainebourgeoisie.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20180505039216713111879426691708800663795432759264567458235951916324248743888075686786184375771265101862067718334778630263613203345045704831095880262578778563461481150060047354244370346023881802226634382904974959123964789458675236492656826204284345988011915614295237537660857437612092497296710629415357238975217999084875548249954210863390475668564337073353126778265365658932595184645304853512694833550598634278719710933357082709175380055369072707943071066818913102118096067824089657420545718207576741267996537352000740485223245916531573639040425345176925722049077210154980615508842764913859864934280957939713082429229 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 575f63f04265573d803abd5e07d390360782805d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (136 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.domainebourgeoisie.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bourgeoisie-api.frogfish.dev' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bourgeoisie.frogfish.dev' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'domainebourgeoisie.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.domainebourgeoisie.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b4fea62070000040300473045022075def9b4732b755d95da003412c46b85fe1925e06ffe21625c450551eb3aa824022100b0369eefdbeed8bf02a28f128d4d2eaabdf1bb8f82a4a4b52a17af401e9d698c007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b4fea62050000040300473045022100b58f53665bc1f55447b8149cc4602df4bbbb54458552a18a5a11e55535926f0d02203673b560ed366b052454d96d853f446e1d0290c89cbfde9c18fc0c8815816d29 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008bf819ef8c59149c53880cf29bafa4720a6b87ebc8527744fa35315705966816c923664bf9c17be7e50080bee76ffa558d0c49c2a689e8ca88579c1aaa35dd968e95dbcba38491699227bd8e718610544809d319e0bc244d6d4f37223a52c27038092ec9a6b7adde4bbebf79ee93b7d7b1a153c01e572c0735a7805caadfe6f78b9b0fd1b66e2d3e8a08f713b87194c1583723befdaf60be107f1dad885500c8503af7add690ed2de0beb2ef2254ddc00bb4f829586338694df946c106af366996eca94dc1b8177d86948b39ac776a6c4eada8051beecdeb615d4499373a1e68c5ebb279acac595467f048b54e35aaceb587ec03fa6bda09219f1ad2df3e9ceb