api.domainebourgeoisie.ch

Issued by R3

About this certificate

This digital certificate with serial number 04:1a:75:bc:ee:d4:3b:4d:08:56:ad:f7:a5:9b:38:89:f9:cf was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=api.domainebourgeoisie.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:1a:75:bc:ee:d4:3b:4d:08:56:ad:f7:a5:9b:38:89:f9:cf
Serial Number (int): 357452985938329835205634304640967733017039
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 57:5f:63:f0:42:65:57:3d:80:3a:bd:5e:07:d3:90:36:07:82:80:5d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 62:a5:3b:c4:a9:18:00:d4:da:91:dc:b6:2f:9a:81:73:5f:74:c0:fc
Fingerprint (sha256): 3e:54:e4:1a:2b:5c:8d:a1:bc:7e:19:95:08:f4:a1:da:ec:64:37:8f:94:57:22:eb:cb:ed:b1:b2:4a:2e:e8:ff

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate api.domainebourgeoisie.ch

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api.domainebourgeoisie.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.domainebourgeoisie.ch
bourgeoisie-api.frogfish.dev
bourgeoisie.frogfish.dev
domainebourgeoisie.ch
www.domainebourgeoisie.ch

Other certificates including the domain name domainebourgeoisie.ch

(limited to 100 certificates)
api.domainebourgeoisie.ch
api.domainebourgeoisie.ch
api.domainebourgeoisie.ch
bourgeoisie.frogfish.dev

Certificate

The complete raw certificate details for api.domainebourgeoisie.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISBBp1vO7UO00IVq33pZs4ifnPMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMjEwMDQ3MjJaFw0yNDAxMTkwMDQ3MjFaMCQxIjAgBgNVBAMT
GWFwaS5kb21haW5lYm91cmdlb2lzaWUuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf3EK2oga8Kt8pjlYaT1aUdyUohIbXHfDnMICzbkdVp8UKrAgS
05TM6yqCebnqMvsdYwl9pA7G+smCRmqft6K3mwXlmua7oxJKWTIjfEAUK/9NQYAA
tY1nyTY3UeMbiQndOGTZcztwOkF1tjrCEsyrfPuSTBzOIYGXH94NpDTYN5WLKSEC
XfvDq+tn/dTf+vWSn1vb7nB1oZIgNo3l/ESNE09qFKHQYl31pUcxabxDvunu39yz
T2rkIhz+RQdcIi1pNtmLT4B+NAeJ6Qv7bPSPIxmEXl0quLh4rui9VEQuD2Dzo2ig
VMjDZBix0S5Lz9LsAtB+rcDCh8z/SsVjpI8tAgMBAAGjggKIMIIChDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFFdfY/BCZVc9gDq9XgfTkDYHgoBdMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMIGQBgNVHREEgYgwgYWCGWFwaS5kb21haW5lYm91cmdlb2lz
aWUuY2iCHGJvdXJnZW9pc2llLWFwaS5mcm9nZmlzaC5kZXaCGGJvdXJnZW9pc2ll
LmZyb2dmaXNoLmRldoIVZG9tYWluZWJvdXJnZW9pc2llLmNoghl3d3cuZG9tYWlu
ZWJvdXJnZW9pc2llLmNoMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHW
eQIEAgSB9QSB8gDwAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sA
AAGLT+piBwAABAMARzBFAiB13vm0cyt1XZXaADQSxGuF/hkl4G/+IWJcRQVR6zqo
JAIhALA2nu/b7ti/AqKPEo1NLqq98buPgqSktSoXr0AenWmMAHYA7s3QZNXbGs7F
XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLT+piBQAABAMARzBFAiEAtY9TZlvB
9VRHuBScxGAt9Lu7VEWFUqGKWhHlVTWSbw0CIDZztWDtNmsFJFTZbYU/RG4dApDI
nL/enBj8DIgVgW0pMA0GCSqGSIb3DQEBCwUAA4IBAQCL+BnvjFkUnFOIDPKbr6Ry
CmuH68hSd0T6NTFXBZZoFskjZkv5wXvn5QCAvudv+lWNDEnCponoyohXnBqqNd2W
jpXby6OEkWmSJ72OcYYQVEgJ0xngvCRNbU83IjpSwnA4CS7Jpret3ku+v3nuk7fX
saFTwB5XLAc1p4Bcqt/m94ubD9G2bi0+igj3E7hxlMFYNyO+/a9gvhB/Ha2IVQDI
UDr3rdaQ7S3gvrLvIlTdwAu0+ClYYzhpTflGwQavNmmW7KlNwbgXfYaUizmsd2ps
Tq2oBRvuzethXUSZNzoeaMXrsnmsrFlUZ/BItU41qs61h+wD+mvaCSGfGtLfPpzr
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9xCtqIGvCrfKY5WGk9W
lHclKISG1x3w5zCAs25HVafFCqwIEtOUzOsqgnm56jL7HWMJfaQOxvrJgkZqn7ei
t5sF5Zrmu6MSSlkyI3xAFCv/TUGAALWNZ8k2N1HjG4kJ3Thk2XM7cDpBdbY6whLM
q3z7kkwcziGBlx/eDaQ02DeViykhAl37w6vrZ/3U3/r1kp9b2+5wdaGSIDaN5fxE
jRNPahSh0GJd9aVHMWm8Q77p7t/cs09q5CIc/kUHXCItaTbZi0+AfjQHiekL+2z0
jyMZhF5dKri4eK7ovVRELg9g86NooFTIw2QYsdEuS8/S7ALQfq3AwofM/0rFY6SP
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 357452985938329835205634304640967733017039
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-21 00:47:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-19 00:47:21 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.domainebourgeoisie.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20180505039216713111879426691708800663795432759264567458235951916324248743888075686786184375771265101862067718334778630263613203345045704831095880262578778563461481150060047354244370346023881802226634382904974959123964789458675236492656826204284345988011915614295237537660857437612092497296710629415357238975217999084875548249954210863390475668564337073353126778265365658932595184645304853512694833550598634278719710933357082709175380055369072707943071066818913102118096067824089657420545718207576741267996537352000740485223245916531573639040425345176925722049077210154980615508842764913859864934280957939713082429229
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							575f63f04265573d803abd5e07d390360782805d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (136 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.domainebourgeoisie.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bourgeoisie-api.frogfish.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bourgeoisie.frogfish.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'domainebourgeoisie.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.domainebourgeoisie.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b4fea62070000040300473045022075def9b4732b755d95da003412c46b85fe1925e06ffe21625c450551eb3aa824022100b0369eefdbeed8bf02a28f128d4d2eaabdf1bb8f82a4a4b52a17af401e9d698c007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b4fea62050000040300473045022100b58f53665bc1f55447b8149cc4602df4bbbb54458552a18a5a11e55535926f0d02203673b560ed366b052454d96d853f446e1d0290c89cbfde9c18fc0c8815816d29
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008bf819ef8c59149c53880cf29bafa4720a6b87ebc8527744fa35315705966816c923664bf9c17be7e50080bee76ffa558d0c49c2a689e8ca88579c1aaa35dd968e95dbcba38491699227bd8e718610544809d319e0bc244d6d4f37223a52c27038092ec9a6b7adde4bbebf79ee93b7d7b1a153c01e572c0735a7805caadfe6f78b9b0fd1b66e2d3e8a08f713b87194c1583723befdaf60be107f1dad885500c8503af7add690ed2de0beb2ef2254ddc00bb4f829586338694df946c106af366996eca94dc1b8177d86948b39ac776a6c4eada8051beecdeb615d4499373a1e68c5ebb279acac595467f048b54e35aaceb587ec03fa6bda09219f1ad2df3e9ceb