ticino-win.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:37:e3:71:86:f0:15:9b:f2:00:48:40:d4:2a:9a:96:7e:24 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ticino-win.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:37:e3:71:86:f0:15:9b:f2:00:48:40:d4:2a:9a:96:7e:24Serial Number (int): 280354712197384879373301951659364427660836
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0a:15:8b:d0:23:2d:45:56:79:1b:df:18:ab:71:b2:90:29:76:5c:5c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 33:12:45:0f:60:0b:e6:f9:4e:5b:00:fb:21:26:4c:ec:92:ff:d8:c6
Fingerprint (sha256): 58:97:3c:51:7c:bd:2c:83:d7:5b:11:10:35:69:e0:13:33:0e:94:68:db:80:1f:eb:41:60:0e:07:40:eb:9e:e4
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ticino-win.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ticino-win.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ticino-win.ch
www.ticino-win.ch
www.ticino-win.ch
Other certificates including the domain name ticino-win.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for ticino-win.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZjCCBU6gAwIBAgISAzfjcYbwFZvyAEhA1Cqaln4kMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MDExNDA1MTlaFw0x OTA2MzAxNDA1MTlaMBgxFjAUBgNVBAMTDXRpY2luby13aW4uY2gwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDEzeWneg21WCX8Q43tX0FH9lT1y2YX2dLS VhvqtcSKTP1ilxTQqfVVIdhrI1t2nLzW6maXIvCT6TqWAGsHScaJ9HUt8xrPbUFV xyX+sglZ0eAZOk4gT/zK1+lQIClycQ/Z67jJO823/pBhvUA2T/UljijVuvt6E1rR B665HrjhiquMaZBUo9av4Ucz7krYbLCGDClCmxFtYBOQX3y5+Fbx/ntf6909GAE+ 5RE3+JK4yxuONCO90x6kACW3xx0mF6icN9xK8pE1RdakNFskNiJbX2RVHg7pirsd XZsGOhnnznanMMBgeRh6aQVlLObS1J5M5Xin09JeDmVaPT9H7ZgqQHLUJ1Ob5AZ6 JlHTxGM2X1eRefFK5tzuk5oMCUSuXrcV4k99omDtM4/nkjEZj5Bk8W2FT3y0/x4A boZ9MmkIjS7pucTAqkshxTxc5+M2lH5s6eepCv/Sz9S/qb1m7L4Ni+hKiAJsEBSn ybW+7hrXIWj98POMWHhtiZB9puNNVvJYwvercbGZzTo8333Pt7uYglplqtSEbYja RhM8Q1g7ooeuvQFJGTTw2Clm1DpMaMgeazo7UoSuBuyh9ifnSm/9vrrqC9EMY5qB oEuLw3M95/BVUBWpfEaRRtZuk8/cOjQZnTPxBVttRXN3o9JJ1DDP4zOuQ3OCVJNA F9qKYNspnwIDAQABo4ICdjCCAnIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQKFYvQ Iy1FVnkb3xircbKQKXZcXDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCsGA1UdEQQkMCKCDXRpY2luby13aW4uY2iCEXd3 dy50aWNpbm8td2luLmNoMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjG NzV55hB7zFYAAAFp2W7uywAABAMASDBGAiEA8jcqWwWeX568TZm0LQCR6Y/UFLWp P+SAwIa0OXGeZiMCIQCIn7EEScBDlbtrqbjmp/fLs8v2rfQLRdblQVdCzRqe6QB2 AGPy283oO8wszwtyhCdXazOkjWF3j711pjixx2hUS9iNAAABadlu7zUAAAQDAEcw RQIhAMVYGAvDv0vDmUimIUkxqhKU4nIIg/uxhnLQNvL4/mnEAiAQZrjOtndvbzyZ QdMiL7NoZFbtl3dFF4m7d6MPfh1c4jANBgkqhkiG9w0BAQsFAAOCAQEAGTebkCcb dBM3d9OGF54HhOXBTJmPe4PgTjDCONKjGE6Q5cm/bzqC3lLjgkV0yRF7T5oqifzt e1yUq57UOoRqBzeILj+upnMVaTgoQje3Rmo1M1wpQjQflF6j7g78HiMOiCzwaIlW BEsEs8IajlQIDL8OvhYsXewRl4BXmoFGEQ9tX8poLR3ktDi6a0yERz5m/WApVo8s kX8KapxN9jQMG71OuKmGJ8zoU+OiI2gXSNAQCPL2uBH+h4g+xAzRF3/6w3EPlpph CEO0u56fqFgZ6A1Kqy7qfV9GqZc5Uis1FANxwo5YUnDT2sNmiacAOI7OgA1/TT7w ZG7lURc3JFq3aQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM3lp3oNtVgl/EON7V9B R/ZU9ctmF9nS0lYb6rXEikz9YpcU0Kn1VSHYayNbdpy81upmlyLwk+k6lgBrB0nG ifR1LfMaz21BVccl/rIJWdHgGTpOIE/8ytfpUCApcnEP2eu4yTvNt/6QYb1ANk/1 JY4o1br7ehNa0QeuuR644YqrjGmQVKPWr+FHM+5K2GywhgwpQpsRbWATkF98ufhW 8f57X+vdPRgBPuURN/iSuMsbjjQjvdMepAAlt8cdJheonDfcSvKRNUXWpDRbJDYi W19kVR4O6Yq7HV2bBjoZ5852pzDAYHkYemkFZSzm0tSeTOV4p9PSXg5lWj0/R+2Y KkBy1CdTm+QGeiZR08RjNl9XkXnxSubc7pOaDAlErl63FeJPfaJg7TOP55IxGY+Q ZPFthU98tP8eAG6GfTJpCI0u6bnEwKpLIcU8XOfjNpR+bOnnqQr/0s/Uv6m9Zuy+ DYvoSogCbBAUp8m1vu4a1yFo/fDzjFh4bYmQfabjTVbyWML3q3Gxmc06PN99z7e7 mIJaZarUhG2I2kYTPENYO6KHrr0BSRk08NgpZtQ6TGjIHms6O1KErgbsofYn50pv /b666gvRDGOagaBLi8NzPefwVVAVqXxGkUbWbpPP3Do0GZ0z8QVbbUVzd6PSSdQw z+MzrkNzglSTQBfaimDbKZ8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 280354712197384879373301951659364427660836 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-01 14:05:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-30 14:05:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ticino-win.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 802891435880978526371310891673227802514525229676550078566051219040396943537435404777190463242150105510617128194891578303429361164904211640386826798631503372066133621474677879536495250525726642312518217555644772853156404420369928734765029779855217773370303567941300813464868392916298919518691034710961430290014263102527016593694414703016539456131623840239329461439129073797158207447974993473582510806221591185182129358402429918329573504016526715733187395342945095496926498536362343162246428552226006709988365974858474071931705936604358848881266191401854573861945165622091287220386997341023049664470151798431660288267711037009152955558068326821799202619400887025156524671922188685649228799249419374434547421526800878597507876441923570898054221392716317646398519134855377801587641460583509503522976309366396269118285328081126861220396622866331151076962755544552352349756639928184448162196389219860308344780713489268838764810855337446981186593343547312853938376267658874678551049474461679238032783795800727420693538969478974414985451754076987144010216887159529534640653657268157830044085188161046767546334527980927283456141472268517142882600660154276493672942591208171290985512204290671661416470648560456644357117620282981245724869208479 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0a158bd0232d4556791bdf18ab71b29029765c5c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticino-win.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ticino-win.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000169d96eeecb0000040300483046022100f2372a5b059e5f9ebc4d99b42d0091e98fd414b5a93fe480c086b439719e6623022100889fb10449c04395bb6ba9b8e6a7f7cbb3cbf6adf40b45d6e5415742cd1a9ee900760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000169d96eef350000040300473045022100c558180bc3bf4bc39948a6214931aa1294e2720883fbb18672d036f2f8fe69c402201066b8ceb6776f6f3c9941d3222fb3686456ed9777451789bb77a30f7e1d5ce2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0019379b90271b74133777d386179e0784e5c14c998f7b83e04e30c238d2a3184e90e5c9bf6f3a82de52e3824574c9117b4f9a2a89fced7b5c94ab9ed43a846a0737882e3faea673156938284237b7466a35335c2942341f945ea3ee0efc1e230e882cf0688956044b04b3c21a8e54080cbf0ebe162c5dec119780579a8146110f6d5fca682d1de4b438ba6b4c84473e66fd6029568f2c917f0a6a9c4df6340c1bbd4eb8a98627cce853e3a223681748d01008f2f6b811fe87883ec40cd1177ffac3710f969a610843b4bb9e9fa85819e80d4aab2eea7d5f46a99739522b35140371c28e585270d3dac36689a700388ece800d7f4d3ef0646ee5511737245ab769