architektur-daescher.ch
Issued by R3
About this certificate
This digital certificate with serial number 04:76:5e:a2:b9:d1:77:26:c2:e8:21:71:31:47:39:cc:93:97 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=architektur-daescher.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:76:5e:a2:b9:d1:77:26:c2:e8:21:71:31:47:39:cc:93:97Serial Number (int): 388728255376247928226113893960799434347415
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 59:df:96:1c:5d:a1:03:46:79:d3:1f:0a:e8:f4:8a:e8:45:af:e3:50
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 0d:91:5b:38:fc:87:ac:2c:9f:fc:f9:12:03:e1:aa:fe:b5:d5:37:33
Fingerprint (sha256): 4f:20:bd:e7:01:33:2c:5f:d6:a8:8f:db:ae:4b:45:f4:9a:fc:1e:68:03:f5:d1:8d:4a:af:c2:41:0b:dc:d0:c9
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate architektur-daescher.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for architektur-daescher.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
architektur-daescher.ch
Other certificates including the domain name architektur-daescher.ch
(limited to 100 certificates)
*.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
architektur-daescher.ch
architektur-daescher.ch
*.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
*.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
architektur-daescher.ch
architektur-daescher.ch
*.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
*.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
www.architektur-daescher.ch
Certificate
The complete raw certificate details for architektur-daescher.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+zCCA+OgAwIBAgISBHZeornRdybC6CFxMUc5zJOXMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMDYxMTA0MDZaFw0yNDA0MDUxMTA0MDVaMCIxIDAeBgNVBAMT F2FyY2hpdGVrdHVyLWRhZXNjaGVyLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAvZ915bMN/jzo2WVy6Xu/Kvq7nO1nQU3icZH6iWQ/InTwH688S1tb EC54gPaZwggYq49ODvjBt2XGRI4fL11zHYuU7eGJVytki01jXKNouQBwqtah+IFS D3O7v3kTgWW2PfQankxYn5wRo5usNQZJ5oDfe5WKzXGzezPkV3g9IoGYwb/EUVM2 3KRX63D9KwXmzMvIhZx+C69uvuuFmLhdxYPzXdILTUKhp5ZU3skQx7yjy6S8TY22 8uvLcQ4G5OydW70dcK1zhDlRGHGGZdw7gvDcZRL6LblS3ixMdc4AzHS9IOsih+3Y n/epPL5g2t/c1R7ug7VBdy0ZYyzBMqdWRQIDAQABo4ICGTCCAhUwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBRZ35YcXaEDRnnTHwro9IroRa/jUDAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzAiBgNVHREEGzAZghdhcmNoaXRla3R1ci1kYWVzY2hlci5jaDAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtT d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjN6or9EAAAQDAEcwRQIg X4qxEp/rEY5rRXvKBjlPfjdEekrCTHBad4g/c841I5ECIQC6xY+0PnCrl6qCfzlK BnKdXF6VkuMv2un1h7lEXhRF8wB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7 v6s52IRzAAABjN6osBsAAAQDAEcwRQIhAP7Z7hq4Qoc1swEqkZ11fMnT5CeaHWTs AOZbRTdA0RiMAiB5ms0d4Kozl3a4avzs3r1XWxw/1RR3AjQTaHHwgYMehDANBgkq hkiG9w0BAQsFAAOCAQEAOxNXgM7vAWtCQd2G9HTskfVGrJE/yaH1QxCP701maUXN bdl4QifmTIQ9+yDXJ5yKLyUSTr76D5fw+fDU8CAyXROPtw/E7GLaTQt/D0L0t5Rx oY38bnHXoIQfa12dtjJ0GriggmdSeQo/5Nmj0F/IS3CBbDqEShNH3dgCKuXiaqCq jl1YMr+FnVHQF8DfgqJvS3oARFsbRe+1hf1s4Z4VCg4iUXpyXAVXbPltDO2hiByB LCzUpijUBP2863+7+zph7OyJT4LqrKOG09FsIKCSMNzO60dTOb9NSWMRx5owxnvt hQjPmi+Njo7NBcJz+49Lo+dHBo9GYC6ktpw0cGz+Ug== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ915bMN/jzo2WVy6Xu/ Kvq7nO1nQU3icZH6iWQ/InTwH688S1tbEC54gPaZwggYq49ODvjBt2XGRI4fL11z HYuU7eGJVytki01jXKNouQBwqtah+IFSD3O7v3kTgWW2PfQankxYn5wRo5usNQZJ 5oDfe5WKzXGzezPkV3g9IoGYwb/EUVM23KRX63D9KwXmzMvIhZx+C69uvuuFmLhd xYPzXdILTUKhp5ZU3skQx7yjy6S8TY228uvLcQ4G5OydW70dcK1zhDlRGHGGZdw7 gvDcZRL6LblS3ixMdc4AzHS9IOsih+3Yn/epPL5g2t/c1R7ug7VBdy0ZYyzBMqdW RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 388728255376247928226113893960799434347415 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-06 11:04:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-05 11:04:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'architektur-daescher.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23937672559667097495951091011220152041613948925385949298686478711573129444564175902090674583320992403051688579359118834151241337457397806781118358622381141252605080646598549054852124162091054505267936939884680841884316409383635332797417468839181612657148454409894051145437647023525870422260636650091533839764178234725759854320062758695088897426383966665364186900806213462872165824193867902998695880465590519516094974844454254573278329417356885641723974096887960824895358856328706473547032420180473051767424827649052663702558165880227229020118459900361754978781678913788255345618958177400603356221018911666207461955141 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 59df961c5da1034679d31f0ae8f48ae845afe350 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'architektur-daescher.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cdea8afd1000004030047304502205f8ab1129feb118e6b457bca06394f7e37447a4ac24c705a77883f73ce352391022100bac58fb43e70ab97aa827f394a06729d5c5e9592e32fdae9f587b9445e1445f300760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cdea8b01b0000040300473045022100fed9ee1ab8428735b3012a919d757cc9d3e4279a1d64ec00e65b453740d1188c0220799acd1de0aa339776b86afcecdebd575b1c3fd514770234136871f081831e84 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003b135780ceef016b4241dd86f474ec91f546ac913fc9a1f543108fef4d666945cd6dd9784227e64c843dfb20d7279c8a2f25124ebefa0f97f0f9f0d4f020325d138fb70fc4ec62da4d0b7f0f42f4b79471a18dfc6e71d7a0841f6b5d9db632741ab8a0826752790a3fe4d9a3d05fc84b70816c3a844a1347ddd8022ae5e26aa0aa8e5d5832bf859d51d017c0df82a26f4b7a00445b1b45efb585fd6ce19e150a0e22517a725c05576cf96d0ceda1881c812c2cd4a628d404fdbceb7fbbfb3a61ecec894f82eaaca386d3d16c20a09230dcceeb475339bf4d496311c79a30c67bed8508cf9a2f8d8e8ecd05c273fb8f4ba3e747068f46602ea4b69c34706cfe52