baikal.nimag.net

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:b6:6a:47:4d:8e:36:18:1b:f5:2d:ac:92:29:f9:2e:07:55 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=baikal.nimag.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b6:6a:47:4d:8e:36:18:1b:f5:2d:ac:92:29:f9:2e:07:55
Serial Number (int): 323409516968534377240476126742517746894677
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 87:f4:67:38:d8:e6:ad:49:a4:f7:85:c5:32:f8:37:7a:d1:ad:ae:81
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 12:b6:d9:30:19:69:c1:af:4f:8d:f4:7a:d2:6c:86:ce:9c:d1:86:8d
Fingerprint (sha256): 42:31:84:b7:9b:ab:cd:8c:ba:5a:de:b3:00:74:cf:7f:54:a0:17:c7:19:d7:e1:a2:73:de:57:fb:6f:76:34:98

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate baikal.nimag.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for baikal.nimag.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

baikal.nimag.net

Other certificates including the domain name nimag.net

(limited to 100 certificates)
s3.nimag.net
ispmail3.nimag.net
ispmail3.nimag.net
grid.nimag.net
ispmail3.nimag.net
lesjardinsdouchy.ch
baikal.nimag.net
ispmail3.nimag.net
openproject.nimag.net
confluences.ch
nimag.net
ispmail1.nimag.net
ftth.nimag.net
lesjardinsdouchy.ch
cockpit.saitis.net
ispmail1.nimag.net
lesjardinsdouchy.ch
ispmail3.nimag.net
dev.webmail.nimag.net
admin.nimag.net
ispmail3.nimag.net
nimag.net
nimag.net
olympiafilms.com
dev.webmail.nimag.net
*.ssl.nimag.net
s3.nimag.net
s3.nimag.net
isptest1.nimag.net
unifi.nimag.net
www.nimag.net
ispmail3.nimag.net
wiki.nimag.net
ispmail2.nimag.net
extranet.ssl.nimag.net
ispmail2.nimag.net
mailcleanerpro.saitis.net
nimag.net
mail.nimag.net
admin.nimag.net
ispmail2.nimag.net
plesk9.nimag.net
nimag.net
wiki.nimag.net
admin.nimag.net
ispmail1.nimag.net
ispmail3.nimag.net
nimag.net
baikal.nimag.net
baikal.nimag.net
admin.nimag.net
olympiafilms.com
ispmail1.nimag.net
stats.nimag.net
nimag.net
ispmail2.nimag.net
ispmail1.nimag.net
www.nimag.net
nimag.net
bruno.vserver.nimag.net
antispam.nimag.net
b-o-v-arch.ch
olympiafilms.com
extranet.ssl.nimag.net
files.nimag.net
mailcleanerpro.saitis.net
cololausanne.ch
ispmail2.nimag.net
nimag.net
olympiafilms.com
ispmail3.nimag.net
ispmail3.nimag.net
ispmail3.nimag.net
cockpit.saitis.net
meige.ch
baikal.nimag.net
ispmail2.nimag.net
ispmail3.nimag.net
nimag.net
openproject.nimag.net
smtp.nimag.net
antispam.nimag.net
lesjardinsdouchy.ch
extranet.ssl.nimag.net
lesjardinsdouchy.ch
admin.nimag.net
git.nimag.net
baikal.nimag.net
olympiafilms.com
ispmail3.nimag.net
b-o-v-arch.ch
admin.nimag.net
ispmail1.nimag.net
extranet.ssl.nimag.net
nimag.net
bbb.nimag.net
nimag.net
admin.nimag.net
bruno.vserver.nimag.net
nimag.net

Certificate

The complete raw certificate details for baikal.nimag.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISA7ZqR02ONhgb9S2skin5LgdVMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjExMDcwMDMwMDBaFw0x
NzAyMDUwMDMwMDBaMBsxGTAXBgNVBAMTEGJhaWthbC5uaW1hZy5uZXQwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl9x2XhJ+tBmfySF5QMuKOXkDfWTmb
iHiSTz43U1kmJHZUSEDlCbLZAVcw9jNHm9CKfJQaujpsxA20jYj9fKvFE5DjuK03
a0qs+XRyaCLhL2EFYgMCg5zScKD1ZfxoSLUJlE8Ii06yhWRbZwjF8plGfKjKtMM1
peV0hcRp2Q210jO6jd/XWhbGWJsaXa1fSUTkG2mFSf+fQfbRPWQekvqcpNuXyxPY
6Q8bSxABPcZJNeWVyBapT7OY1nxDg7szuClBy6tIsAp+Lmn2NV2iUTKxXQM1QvaY
2zNkdnMPF+f+RYCsgvZZCsgc0G7IJxw1s74IlS9nMkFnyx0au5QbrwFRAgMBAAGj
ggIRMIICDTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIf0ZzjY5q1JpPeFxTL4N3rR
ra6BMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEB
BGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlw
dC5vcmcvMBsGA1UdEQQUMBKCEGJhaWthbC5uaW1hZy5uZXQwgf4GA1UdIASB9jCB
8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRw
Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENl
cnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFy
dGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRl
IFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0
b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAOR9O1kkawTWmbpozqu8rR6OApAHWvrlu
AIsOJvXF9uHP+tLmqDyfQMftCXlJA+rNqTIIrg6jpdvqFt74D5iUlyesVz1oLQYu
ZRos3jAxWfL56Hvypexv0yxzUhFDtOzLcM0T8d376RRHSw6G4irhgxqrJZqiUy2L
cB1nrDcZTK6AqEwuLf4fRJNFw7btlQyWSun8RdxHllTKj7eYa2/FQP2JBCiYFkgt
VvhJJUX4RGLvg1C73+AgjbK5hdkFyZ122VcnLi6I71uHrV13tbRTkSKQn+PbI6oh
lweP3orfh/+JuG3O7xPkF5Nwfr5P4Hg1QrGcFpktHDvrsEmg5PTznw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfcdl4SfrQZn8kheUDLi
jl5A31k5m4h4kk8+N1NZJiR2VEhA5Qmy2QFXMPYzR5vQinyUGro6bMQNtI2I/Xyr
xROQ47itN2tKrPl0cmgi4S9hBWIDAoOc0nCg9WX8aEi1CZRPCItOsoVkW2cIxfKZ
RnyoyrTDNaXldIXEadkNtdIzuo3f11oWxlibGl2tX0lE5BtphUn/n0H20T1kHpL6
nKTbl8sT2OkPG0sQAT3GSTXllcgWqU+zmNZ8Q4O7M7gpQcurSLAKfi5p9jVdolEy
sV0DNUL2mNszZHZzDxfn/kWArIL2WQrIHNBuyCccNbO+CJUvZzJBZ8sdGruUG68B
UQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 323409516968534377240476126742517746894677
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-07 00:30:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-05 00:30:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'baikal.nimag.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20951177560103997882746197316804278590667407690561247285950637889333050622133499924439139447861617318528557044038998760783820010466814360782160794516589691423891149944799539006165744444887514677968069120809898050875873305776801252688010122780720555996277550161642000646070105856098991158428247970351972441336362536208220323438106062843201562755663001560137633354848707795480718418069047033300725457987983409215392381427032262522059495281634473220004962356338494111880795181939361812092837773777197423967724392330759894301706704911306860558339449999344022667387031774855765302894870018349923653967594357710871201775953
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							87f46738d8e6ad49a4f785c532f8377ad1adae81
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'baikal.nimag.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00391f4ed6491ac135a66e9a33aaef2b47a380a401d6beb96e008b0e26f5c5f6e1cffad2e6a83c9f40c7ed09794903eacda93208ae0ea3a5dbea16def80f98949727ac573d682d062e651a2cde303159f2f9e87bf2a5ec6fd32c73521143b4eccb70cd13f1ddfbe914474b0e86e22ae1831aab259aa2532d8b701d67ac37194cae80a84c2e2dfe1f449345c3b6ed950c964ae9fc45dc479654ca8fb7986b6fc540fd8904289816482d56f8492545f84462ef8350bbdfe0208db2b985d905c99d76d957272e2e88ef5b87ad5d77b5b4539122909fe3db23aa2197078fde8adf87ff89b86dceef13e41793707ebe4fe0783542b19c16992d1c3bebb049a0e4f4f39f