www.cklie.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0f:d2:be:fa:e3:41:c7:02:01:76:55:12:0f:6f:63:ef:ed was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.cklie.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0f:d2:be:fa:e3:41:c7:02:01:76:55:12:0f:6f:63:ef:edSerial Number (int): 266721222803220321757385345708396107788269
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4d:3d:a6:ba:02:c2:c0:84:36:be:82:42:28:55:86:c6:00:53:12:db
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 42:86:33:af:a9:66:a2:b9:b8:8b:d3:df:6c:3d:20:f1:f8:c8:74:0a
Fingerprint (sha256): 42:87:12:16:0f:86:44:61:b5:99:16:a0:8e:0c:b1:f1:91:07:4e:a0:e0:c8:87:03:17:6e:b2:6f:3d:f7:40:0b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.cklie.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cklie.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cklie.de
www.cklie.de
www.cklie.de
Other certificates including the domain name cklie.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.cklie.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWzCCBUOgAwIBAgISAw/SvvrjQccCAXZVEg9vY+/tMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDkwMjMwMzVaFw0y MDAyMDcwMjMwMzVaMBcxFTATBgNVBAMTDHd3dy5ja2xpZS5kZTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAK8MVlOBJpu/Ek1/fU7r0jJ1ZhUet0dAFt4O i9JRXuTqIzDNHJWoNo9jtoaufd9h843u/K6fcI4fPnfc1wzbudyS8UflZ2e3pPVF h88LNkDH6Z7vjoUaLgK3XsqfTx6h3lEaTf6jnlkfux3CzXo8Zs9r4yDcwak4V7Fq qBqABlqKc2l22WaJ5G/G8LCXGw8GqjbZ/5O5y62RuzpcAr1vcWC7YOEMDcRpXlUz vo0/p2yWej7kQF+27LELpQutD/xICueHciZ/2TWvOLWgvFzntGPPg7d5/Ec09doE KhY6fWhe+wt9uKLIPHilhFOiveXGedpNDQm5TySg+fDArYUeyZPcB2k+ZwJBaj/F TeWw04NJlnEu2YUoHaEiT1kmgq+JOTZUdIThC9ithN2GgYCz8cbvyu2Z+jfO9d+u U9M2MXHh9JBq6OM2s6NuNJSApWsl98ViAPifGWxTIIchaHrTHA21Qb+bwbPvIqIO m/qkFmKjTPDH0uvNIAftPEOVTko1tSYJdA8z0HXXQrbmwH7SIC6mPlonsM4MqHDb Ypo3ErAEFXtYVgvv1+3rc2w0nPGkrHCVF7hIxgZKVF1zm5Gsm03lwAj8fn09UVAm dC4QXbmHn5Tm4PIitAeJ4Yv6fTKGMmVwizQHrm2NwA2UwuCO6Iz3HIJjD9c924G5 +ZdUgiJ1AgMBAAGjggJsMIICaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFE09proC wsCENr6CQihVhsYAUxLbMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wIQYDVR0RBBowGIIIY2tsaWUuZGWCDHd3dy5ja2xp ZS5kZTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkC BAIEgfYEgfMA8QB2APCVpFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAAB bk42qaIAAAQDAEcwRQIhAOO2Oos1g4yEG5O+hQsbG5mLUdC60PJ38Kw6dD5XMlgY AiAadZfyM/QElqwrr4j8G1NS6tBm2BDPWAJ3ElFmBxBNdgB3ALIeBcyLos2KIE6H ZvkruYolIGdr2vpw57JJUy3vi5BeAAABbk42qZQAAAQDAEgwRgIhANZ/MItb6HYG 5DqcZFRyT82HY8MuGG8VQ6bI0UXTAyTwAiEA0E7mBpwFuAc6VcABxmXx2kKWJLUu GFlTC5NsgMCleb0wDQYJKoZIhvcNAQELBQADggEBAJPBgl/zLD9e845xfi95hm6N 547zKcEQDAiTRNAwbe2xnrc9qkV3U9WlEbOhsHBBCOrYBSZF1lVc5ii6+R+h9kd8 8OX5SnU4/kBGtfzZ/YiKEW1SDmkvMVhwpBQKcJbnJThEWE/T4R8AkXSN2jGnweoH 1uyNwdh9YJSkxY4M1DabnSmqHPjyVFkHvGFTK5HSdfGY9zTyVrsQxJpxc7hCBTuv O1EyMaACWLcRIE5djM2fsIlj+J4Ft9bIQ4GxDx7hiwqGsYnQv54vggxmiGJBUx/i pap9TwawhhB/hS2bcaolr0Nc8uJzSHZTZ8TX4kDH6oOwzVB90DNU1D35b3nBFdw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArwxWU4Emm78STX99TuvS MnVmFR63R0AW3g6L0lFe5OojMM0clag2j2O2hq5932Hzje78rp9wjh8+d9zXDNu5 3JLxR+VnZ7ek9UWHzws2QMfpnu+OhRouArdeyp9PHqHeURpN/qOeWR+7HcLNejxm z2vjINzBqThXsWqoGoAGWopzaXbZZonkb8bwsJcbDwaqNtn/k7nLrZG7OlwCvW9x YLtg4QwNxGleVTO+jT+nbJZ6PuRAX7bssQulC60P/EgK54dyJn/ZNa84taC8XOe0 Y8+Dt3n8RzT12gQqFjp9aF77C324osg8eKWEU6K95cZ52k0NCblPJKD58MCthR7J k9wHaT5nAkFqP8VN5bDTg0mWcS7ZhSgdoSJPWSaCr4k5NlR0hOEL2K2E3YaBgLPx xu/K7Zn6N871365T0zYxceH0kGro4zazo240lIClayX3xWIA+J8ZbFMghyFoetMc DbVBv5vBs+8iog6b+qQWYqNM8MfS680gB+08Q5VOSjW1Jgl0DzPQdddCtubAftIg LqY+WiewzgyocNtimjcSsAQVe1hWC+/X7etzbDSc8aSscJUXuEjGBkpUXXObkayb TeXACPx+fT1RUCZ0LhBduYeflObg8iK0B4nhi/p9MoYyZXCLNAeubY3ADZTC4I7o jPccgmMP1z3bgbn5l1SCInUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266721222803220321757385345708396107788269 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-09 02:30:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-07 02:30:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cklie.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 714134319061475120910403169303158757281558589588200603663126857320761514600231469789614145772749173462456806769497596571183456048251419245508166036327009187288617400473792966707328086699142414081918164527244505471333410358451956001007782575414476156236675445433028974426377966091356235801488953147507847217162731765219168891432737615366003766655142925910846252329724894792955282357643596936562812453542884563973837816772867651585552643457290773786157740052241124771888904005482008138526090556066262659784017340677400725748798695192870166025400074215773625805909308064844301879628640359335329079283278592399645527491767170724737401784351875418125172033382164949170467578831607237607910341691341766326544028186716363819602849185713757800662502051432413912531573779530823006716991879273106959500259427180047675998702940568801023106795740000761647397153067970980201501212537525510755807157514093825217766043745361332661621245391418697818900674641306013738840868593863299397226108435046214560649629271367600561047662659229505642094181371452163202777395499259305829635329149635232775570259933069138149368147524935867420337058494475973002957966223883969456900905157319714763991339756890124415292049597321674414621375305382408222520465564277 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4d3da6ba02c2c08436be8242285586c6005312db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cklie.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cklie.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016e4e36a9a20000040300473045022100e3b63a8b35838c841b93be850b1b1b998b51d0bad0f277f0ac3a743e5732581802201a7597f233f40496ac2baf88fc1b5352ead066d810cf58027712516607104d76007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e4e36a9940000040300483046022100d67f308b5be87606e43a9c6454724fcd8763c32e186f1543a6c8d145d30324f0022100d04ee6069c05b8073a55c001c665f1da429624b52e1859530b936c80c0a579bd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0093c1825ff32c3f5ef38e717e2f79866e8de78ef329c1100c089344d0306dedb19eb73daa457753d5a511b3a1b0704108ead8052645d6555ce628baf91fa1f6477cf0e5f94a7538fe4046b5fcd9fd888a116d520e692f315870a4140a7096e7253844584fd3e11f0091748dda31a7c1ea07d6ec8dc1d87d6094a4c58e0cd4369b9d29aa1cf8f2545907bc61532b91d275f198f734f256bb10c49a7173b842053baf3b513231a00258b711204e5d8ccd9fb08963f89e05b7d6c84381b10f1ee18b0a86b189d0bf9e2f820c66886241531fe2a5aa7d4f06b086107f852d9b71aa25af435cf2e27348765367c4d7e240c7ea83b0cd507dd03354d43df96f79c115dc