www.flunk.de
Issued by R3
About this certificate
This digital certificate with serial number 04:b6:23:4f:83:0d:5c:ee:73:50:78:e6:eb:f9:54:b4:ae:fe was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.flunk.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:b6:23:4f:83:0d:5c:ee:73:50:78:e6:eb:f9:54:b4:ae:feSerial Number (int): 410427470336010468324623554638795792232190
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d8:d8:54:e4:97:ac:34:bc:e3:a3:86:bb:80:1e:79:90:43:f5:b8:80
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f5:9c:5f:1e:04:9e:fe:ec:78:9b:55:db:e8:81:bf:52:45:47:cb:26
Fingerprint (sha256): 4d:44:e7:5f:fa:b3:fb:80:bd:ea:1f:52:5f:80:85:be:4b:f4:bd:69:92:49:f3:42:a1:1b:8f:81:15:53:9a:9a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.flunk.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.flunk.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
flunk.de
www.flunk.de
www.flunk.de
Other certificates including the domain name flunk.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.flunk.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgISBLYjT4MNXO5zUHjm6/lUtK7+MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMDEwMDQwMzFaFw0yNDAzMzEwMDQwMzBaMBcxFTATBgNVBAMT DHd3dy5mbHVuay5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJw2 E39OeS9FsWMPm3V9HqeCkV1g9bEqxoQV9QP2gLFJK7XNjLknrWgNQPmDVtOGYW9n IH731FWd8HhOgWD9AmEtDxmPI/4EfdO57CVLcV4qO8YX1nYcevJO4qjXiws8PrTj iDtEnsWQu9rPt9Ld4V3Qz9Z5RP7NA99qLyNWTkcJrcy9LA+YTEEm+ocNnE07hUlt xKGDu0mFnQTCFcHB73Ke0/PEgCnZQMzV8wGhirYIUzB0ISiFAjgV3OOHrv5o0HNB xHZMwQU+1VHDc0cMWW/4kLAMo8IZRsrmW7bMRFddKQSDkUg1nVH797wwzAAWzBeE kNfNQY4E+eHTVAfVJK8CAwEAAaOCAhYwggISMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQU2NhU5JesNLzjo4a7gB55kEP1uIAwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w IQYDVR0RBBowGIIIZmx1bmsuZGWCDHd3dy5mbHVuay5kZTATBgNVHSAEDDAKMAgG BmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABjMKt+94AAAQDAEYwRAIgfV+o7hN1P4bOaMc/ uNHtYSe7tD+z+8ygRYmzLFtzd9ECIGG7kF119hI4AGTsKTjsdnnTflwyQF692NJT j0Tdvu7FAHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMwq37 6wAABAMARjBEAiBVSdxsE9t54vR6X2kao84J8WQOgzT1avmj5lKeAcUUWAIgTOt7 JtqFCbpd1Z2EPWt6b3GrSVw2wkifMt0/ORqnc+wwDQYJKoZIhvcNAQELBQADggEB AF9FbpvDgT+rgb5to+/ch54/ApXlbpITBB5uTzrf32g4rXSeOS2qkv1A8VThFpwR biDUfDjlZz4mVvsHELAu2e42wjyg6O2xvPd3F1K0JVpAEBkJXqTssQkAaEIsz7rb RGtlYskD9syZ39NNML2PKoS3XeGWjjOKWqkONAHS09J/dVnwQOHZKEC1nvs1KnKV CrWi4p7zGNYl3lkog7hvYC09rx2ZwuBCMU/EgRuJTwWFuvGj9jRDUVEmA6Q/BCNE CrzQhea4c0z8WMzL2BRB73QDw1KXQGVZu03W9Eck8jcEWkxISuPs9VGXm1OXYjaS 9lWRJjNT08Kgsvo+N86GCvA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDYTf055L0WxYw+bdX0e p4KRXWD1sSrGhBX1A/aAsUkrtc2MuSetaA1A+YNW04Zhb2cgfvfUVZ3weE6BYP0C YS0PGY8j/gR907nsJUtxXio7xhfWdhx68k7iqNeLCzw+tOOIO0SexZC72s+30t3h XdDP1nlE/s0D32ovI1ZORwmtzL0sD5hMQSb6hw2cTTuFSW3EoYO7SYWdBMIVwcHv cp7T88SAKdlAzNXzAaGKtghTMHQhKIUCOBXc44eu/mjQc0HEdkzBBT7VUcNzRwxZ b/iQsAyjwhlGyuZbtsxEV10pBIORSDWdUfv3vDDMABbMF4SQ181BjgT54dNUB9Uk rwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 410427470336010468324623554638795792232190 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-01 00:40:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-31 00:40:30 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.flunk.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19719841523692542845129974551371806413904581455776846631405843047279718136882887615066081311115057341455224543635727722526900345008889444428196894458486750475737240828391230561485517323062897487940744786773572284531525528218306434936735489182879493729182563963930616970510384600427744297928465185350806867879550381063696812732039774008792004729958531634568007171815168871019336106457488833069058108190960225920085312283165991694760334192950296358176884662005310173775402642578512005999463247486125890651195899049741679428854457509820507862093796431578745932275469831059616976009263560728997819456565287837830906979503 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d8d854e497ac34bce3a386bb801e799043f5b880 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flunk.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.flunk.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cc2adfbde000004030046304402207d5fa8ee13753f86ce68c73fb8d1ed6127bbb43fb3fbcca04589b32c5b7377d1022061bb905d75f612380064ec2938ec7679d37e5c32405ebdd8d2538f44ddbeeec5007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cc2adfbeb000004030046304402205549dc6c13db79e2f47a5f691aa3ce09f1640e8334f56af9a3e6529e01c5145802204ceb7b26da8509ba5dd59d843d6b7a6f71ab495c36c2489f32dd3f391aa773ec . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005f456e9bc3813fab81be6da3efdc879e3f0295e56e9213041e6e4f3adfdf6838ad749e392daa92fd40f154e1169c116e20d47c38e5673e2656fb0710b02ed9ee36c23ca0e8edb1bcf7771752b4255a401019095ea4ecb1090068422ccfbadb446b6562c903f6cc99dfd34d30bd8f2a84b75de1968e338a5aa90e3401d2d3d27f7559f040e1d92840b59efb352a72950ab5a2e29ef318d625de592883b86f602d3daf1d99c2e042314fc4811b894f0585baf1a3f6344351512603a43f0423440abcd085e6b8734cfc58cccbd81441ef7403c35297406559bb4dd6f44724f237045a4c484ae3ecf551979b5397623692f65591263353d3c2a0b2fa3e37ce860af0