tauwerk.de
Issued by R3
About this certificate
This digital certificate with serial number 03:c3:67:a3:6d:3a:5d:1c:37:7e:16:29:eb:84:de:2f:c3:84 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tauwerk.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:c3:67:a3:6d:3a:5d:1c:37:7e:16:29:eb:84:de:2f:c3:84Serial Number (int): 327829678388224224268794075024204227396484
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6f:fc:6e:2b:78:d6:04:7e:f7:e7:d5:9b:4a:d3:22:33:20:93:fa:a8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 76:ba:cf:e8:4f:f8:de:48:60:a7:c7:0d:a9:62:59:2a:ad:b7:ad:75
Fingerprint (sha256): 50:13:3d:b1:22:2d:45:e4:06:a3:66:0a:86:67:87:06:40:fd:3f:17:0e:50:ce:94:65:38:3c:6b:c3:ce:f0:bc
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate tauwerk.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tauwerk.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tauwerk.de
www.tauwerk.de
www.tauwerk.de
Other certificates including the domain name tauwerk.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for tauwerk.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7zCCBNegAwIBAgISA8Nno206XRw3fhYp64TeL8OEMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjQyMTA0MTVaFw0yNDA3MjMyMTA0MTRaMBUxEzARBgNVBAMT CnRhdXdlcmsuZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVq4+y NNqxCb30VqOgtfuTFvjAsXzBqB/AbdiwHjmyBjU3TQXFJeFZz7g/rkitmBkfUCfK 5GIBG5IixbO70D1qsnP0hfUZTmKNJx5jFKmiul/SWV8qTxUytGmg6eb06DhSj/CV T7EjNxTPkwTpotTbW+LzbZM6esvPJvEXtmHoTP6gu0XIcy/sS9+w/BtIazXaudc0 iM022ARZ9WAVIkVpEfo4NbY7YJDfClJE67/813P9qwEcDrqjGcva7MA3xQ3HoAoN Xa5nD6njkE1QYoRojfVUEqRBBHBf1SSMIfHtLHzl1YOQpxdEkyWV4UrpCG7lB+4Q P7iyXEJu0aAMIQN/3U7uf2OHsrO7DlqPmfm1M7uXA4Zv8PGaN5znDDRM08uZKv9i mCF7XQXG2ZMFtnAOT7l0kzkrZRNxldTA6CN/tUv3mMofA0p1kT4UWrvu08JAlLnd eq4bfG2GIXG5LAoG947q9OuhwFibnbfkCeVOk71cAj0ZzANw+chPAHQUre8LuBMq FAvI/5BkXKXUhOV74VhhNsRLJffgFl3/M4VoA6kBXQRi2j48J8RydnajVKRlnhA5 u7JMx6Uj0XFQMErrndo22A8sc6ROvvabtONFxb8YHeVNQqpS+TJ45ecDIkgy0dP5 hpk/YqkLFDcVpfAip4SVWsS1zdGOFx/mmf839QIDAQABo4ICGjCCAhYwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBRv/G4reNYEfvfn1ZtK0yIzIJP6qDAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggp0YXV3ZXJrLmRlgg53d3cudGF1d2Vy ay5kZTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA 7gB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjxIjT5EAAAQD AEYwRAIgA1kvydZADJBTzKmDTTX8amfE+8UQcNECKWPOG6lXO1ECIHHHJHO275kr DnuEW8CCRQNDt2736kbr3kvZmqfhCQw+AHUA7s3QZNXbGs7FXLedtM0TojKHRny8 7N7DUUhZRnEftZsAAAGPEiNPlgAABAMARjBEAiBCMypY+bDN10F93sH1Bm6I5DU1 0WUf1GyAs0yknsbhLwIgX0HLd2iAp8+7OD+Ppqsjy8XaNsQso1JVlAWh0DNv0yQw DQYJKoZIhvcNAQELBQADggEBAB/sL9iRDlrjGIxeyZGumTibMruA3RsC5p4EoMnc udh++Qx/cMVFs7u3jz+ua+3fHhYEJm9Sd1oJSfHPvx4GRoA+8+6bQseofFWE0Gw8 SrXQRxPilfoYoleQBmBFNUVA+95AU/ZRiy8tnGtjoTA9EPnTluj8sqvbO8nfuoHN X76bOdal/zPj3RXujMMsXXlcmLEn3vRZlftoUIVGTbXgYa9T66y8IlUWVuaQe92B Rm0u8KiVSoLBb1qgVuETLlAZMgPW1e0tMr3qOxoN4KCeGizrXnnayL5DioyfYMj7 gMQ/oXKZm5dvMNt/a9LCqCuDvP28F2rxEYyBW7UU/XFxhHc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1auPsjTasQm99FajoLX7 kxb4wLF8wagfwG3YsB45sgY1N00FxSXhWc+4P65IrZgZH1AnyuRiARuSIsWzu9A9 arJz9IX1GU5ijSceYxSporpf0llfKk8VMrRpoOnm9Og4Uo/wlU+xIzcUz5ME6aLU 21vi822TOnrLzybxF7Zh6Ez+oLtFyHMv7EvfsPwbSGs12rnXNIjNNtgEWfVgFSJF aRH6ODW2O2CQ3wpSROu//Ndz/asBHA66oxnL2uzAN8UNx6AKDV2uZw+p45BNUGKE aI31VBKkQQRwX9UkjCHx7Sx85dWDkKcXRJMlleFK6Qhu5QfuED+4slxCbtGgDCED f91O7n9jh7Kzuw5aj5n5tTO7lwOGb/Dxmjec5ww0TNPLmSr/Ypghe10FxtmTBbZw Dk+5dJM5K2UTcZXUwOgjf7VL95jKHwNKdZE+FFq77tPCQJS53XquG3xthiFxuSwK BveO6vTrocBYm5235AnlTpO9XAI9GcwDcPnITwB0FK3vC7gTKhQLyP+QZFyl1ITl e+FYYTbESyX34BZd/zOFaAOpAV0EYto+PCfEcnZ2o1SkZZ4QObuyTMelI9FxUDBK 653aNtgPLHOkTr72m7TjRcW/GB3lTUKqUvkyeOXnAyJIMtHT+YaZP2KpCxQ3FaXw IqeElVrEtc3Rjhcf5pn/N/UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 327829678388224224268794075024204227396484 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-24 21:04:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-23 21:04:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tauwerk.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 871698206381797370155250046075943906754387570025308024305216148874800763170197913482359140994264802733324776630759426039014602242884406494773510931737344246630697093706543092652435784740778477503263844333063309437606630076433163695082490222352274090224400318907608275885465753141276370119261036961933792083714421974091711905736182465171591771023147076123507185748500054266322677173892033108180308328897210707610234252003482624913296296693704464479455600221041156777231550237748952262485726247940711926453192131294876917717166094040260067816983423918226699659190020030051171519157472726966150741233260927613886277735031440146864492190457089025662691870597841865934857678327203182560784792855878135244907939948367970289263932017152690314917684523780425547077515010170967128860388649411523118386360327076433073042193649914593071658082064757192952968607730346434019072828518311791692023055680697250545813192093123941326376180726789491599123028146142770409243485353463552263767386620415469468573907294506993626990451169138270529276116920233264973820624240674304123154465945301381387146306436123122590520946111130726930220472663678061958871899135813681662436319441397241708035609634471756492553460830716249827388500020970575307451052013557 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6ffc6e2b78d6047ef7e7d59b4ad322332093faa8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tauwerk.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tauwerk.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f12234f910000040300463044022003592fc9d6400c9053cca9834d35fc6a67c4fbc51070d1022963ce1ba9573b51022071c72473b6ef992b0e7b845bc082450343b76ef7ea46ebde4bd99aa7e1090c3e007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f12234f960000040300463044022042332a58f9b0cdd7417ddec1f5066e88e43535d1651fd46c80b34ca49ec6e12f02205f41cb776880a7cfbb383f8fa6ab23cbc5da36c42ca352559405a1d0336fd324 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001fec2fd8910e5ae3188c5ec991ae99389b32bb80dd1b02e69e04a0c9dcb9d87ef90c7f70c545b3bbb78f3fae6beddf1e1604266f52775a0949f1cfbf1e0646803ef3ee9b42c7a87c5584d06c3c4ab5d04713e295fa18a25790066045354540fbde4053f6518b2f2d9c6b63a1303d10f9d396e8fcb2abdb3bc9dfba81cd5fbe9b39d6a5ff33e3dd15ee8cc32c5d795c98b127def45995fb685085464db5e061af53ebacbc22551656e6907bdd81466d2ef0a8954a82c16f5aa056e1132e50193203d6d5ed2d32bdea3b1a0de0a09e1a2ceb5e79dac8be438a8c9f60c8fb80c43fa172999b976f30db7f6bd2c2a82b83bcfdbc176af1118c815bb514fd71718477