fritz.hermanns-online.de
Issued by WoSign CA Free SSL Certificate G2
About this certificate
This digital certificate with serial number 1a:16:1d:66:e2:14:07:07:31:41:f3:ab:39:37:7d:77 was issued on by WoSign CA Limited.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=fritz.hermanns-online.de
WoSign CA Limited
Organization:
WoSign CA Limited
Country:
CN
This certificate has expire since
Certificate Details
Serial Number (hex): 1a:16:1d:66:e2:14:07:07:31:41:f3:ab:39:37:7d:77Serial Number (int): 34674754762414485181989636115149585783
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: b6:d5:f8:db:b3:94:05:e9:ee:27:40:fd:7b:70:50:3a:8a:c1:6e:73
AuthorityKeyId: d2:a7:16:20:7c:af:d9:95:9e:eb:43:0a:19:f2:e0:b9:74:0e:a8:c7
Fingerprint (sha1): d1:cf:a2:1f:d5:f0:ae:e9:d2:b6:0d:95:82:d7:3b:f6:9d:c4:ca:47
Fingerprint (sha256): 5b:fc:15:55:d3:9c:04:5d:2b:b7:3e:7b:34:47:d5:4f:53:9b:fe:bf:4f:48:6a:64:5c:f9:f2:78:24:e6:d6:16
Issuing Certificate URL: http://aia1.wosign.com/ca6.server1.free.cer
Revocation information
OCSP Server: http://ocsp1.wosign.com/ca6/server1/freeCRL Distribution Point: http://crls1.wosign.com/ca6-server1-free.crl
Check the revocation status for certificate fritz.hermanns-online.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fritz.hermanns-online.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
fritz.hermanns-online.de
nl91cqvq6ol0ro7f.myfritz.net
fritzhh.selfhost.eu
nl91cqvq6ol0ro7f.myfritz.net
fritzhh.selfhost.eu
Other certificates including the domain name hermanns-online.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for fritz.hermanns-online.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6DCCA9CgAwIBAgIQGhYdZuIUBwcxQfOrOTd9dzANBgkqhkiG9w0BAQsFADBV MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV BAMTIVdvU2lnbiBDQSBGcmVlIFNTTCBDZXJ0aWZpY2F0ZSBHMjAeFw0xNjAxMDkw MDAzMDlaFw0xODAxMDkwMDAzMDlaMCMxITAfBgNVBAMMGGZyaXR6Lmhlcm1hbm5z LW9ubGluZS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMGCUMNv uHbDtiOr3jaGGWx7eCD6JGuuGU6vmoGLPpafe4EWZbSZZENuXY0fpPW0eBQvn6Os KQoYeYLM8YVne0d+jeMyi2P8AWNrM2yEjPcxT/dkdTdbSxVWsP+XmLJlqeKAbw8/ XapWWA0jawWnJ8hvyK8CaMHwOZNRIIm9bNSprA/CjIheBGHkEIBkbRT38Dsb4cvF bPZjLX+tkth/2KZCOLBD3uSJLENH7qZvenL9RtJxyLBppDmltMvOvCJECm8hac1V s6+SD1K3bKtqTOR6eNfW80nJDfycs2h9H7VqNoSkLWFEatjetrxQKK8qiPMOTqQJ l/w+7fhqC6fF1f0CAwEAAaOCAeQwggHgMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUttX427OU BenuJ0D9e3BQOorBbnMwHwYDVR0jBBgwFoAU0qcWIHyv2ZWe60MKGfLguXQOqMcw fQYIKwYBBQUHAQEEcTBvMDQGCCsGAQUFBzABhihodHRwOi8vb2NzcDEud29zaWdu LmNvbS9jYTYvc2VydmVyMS9mcmVlMDcGCCsGAQUFBzAChitodHRwOi8vYWlhMS53 b3NpZ24uY29tL2NhNi5zZXJ2ZXIxLmZyZWUuY2VyMD0GA1UdHwQ2MDQwMqAwoC6G LGh0dHA6Ly9jcmxzMS53b3NpZ24uY29tL2NhNi1zZXJ2ZXIxLWZyZWUuY3JsMFYG A1UdEQRPME2CGGZyaXR6Lmhlcm1hbm5zLW9ubGluZS5kZYIcbmw5MWNxdnE2b2ww cm83Zi5teWZyaXR6Lm5ldIITZnJpdHpoaC5zZWxmaG9zdC5ldTBRBgNVHSAESjBI MAgGBmeBDAECATA8Bg0rBgEEAYKbUQYBAgIBMCswKQYIKwYBBQUHAgEWHWh0dHA6 Ly93d3cud29zaWduLmNvbS9wb2xpY3kvMA0GCSqGSIb3DQEBCwUAA4IBAQBGM0MX UW1VKyD6suFSLIcVhz8PmXyXVgP3htpOL1e+xo9MUfm5dBMVCjbae2yY0DmRsioP d5oumSJaygKS7EMBpN9VB11kDVK2XtqzG/M12Gyv7goEhX4c4EVWUXzNLshlLR9x n3p4Q4SljRGPN0xcKdAIijEpCEB9984QFCtav0CM9+UEehJDwuBw/1dQ5xkg5vIb 0/IpPeh/MePCLykUmBwq6vSyspezD6FQOaVkuLpcjC/kPzVO1dIHURiMeDwutoVA tjASLArX739KbyQadBmDi2IlqA2K8W71Yr2bDUomwj5ROf6zYGgL+96vLLj1qeKS PedRNnMmMSLBizrP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYJQw2+4dsO2I6veNoYZ bHt4IPoka64ZTq+agYs+lp97gRZltJlkQ25djR+k9bR4FC+fo6wpChh5gszxhWd7 R36N4zKLY/wBY2szbISM9zFP92R1N1tLFVaw/5eYsmWp4oBvDz9dqlZYDSNrBacn yG/IrwJowfA5k1Egib1s1KmsD8KMiF4EYeQQgGRtFPfwOxvhy8Vs9mMtf62S2H/Y pkI4sEPe5IksQ0fupm96cv1G0nHIsGmkOaW0y868IkQKbyFpzVWzr5IPUrdsq2pM 5Hp419bzSckN/JyzaH0ftWo2hKQtYURq2N62vFAoryqI8w5OpAmX/D7t+GoLp8XV /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 34674754762414485181989636115149585783 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WoSign CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WoSign CA Free SSL Certificate G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-09 00:03:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-09 00:03:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'fritz.hermanns-online.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24428253817722882852830703811364252265801207105925631590341707819364424527655858236945073656007393869113517279187346349550785445513246004190360531943016138647316809990018723799201837298553932941914798493090610834648852559624821312636651640006772303339151197049278442465806181652165019518206136812557775835578068214462404734839161425335975735398762535975742470681106781184102527496193755128531792152392185804778444375012286092056605469395793056853914376173265935333575491239001505123968329993127740003813705527738456530822539587426318229052483258624733253404011110517473025951452303120196602575071546824235769414407677 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b6d5f8dbb39405e9ee2740fd7b70503a8ac16e73 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d2a716207cafd9959eeb430a19f2e0b9740ea8c7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp1.wosign.com/ca6/server1/free' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia1.wosign.com/ca6.server1.free.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls1.wosign.com/ca6-server1-free.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fritz.hermanns-online.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl91cqvq6ol0ro7f.myfritz.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fritzhh.selfhost.eu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.36305.6.1.2.2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.wosign.com/policy/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0046334317516d552b20fab2e1522c8715873f0f997c975603f786da4e2f57bec68f4c51f9b97413150a36da7b6c98d03991b22a0f779a2e99225aca0292ec4301a4df55075d640d52b65edab31bf335d86cafee0a04857e1ce04556517ccd2ec8652d1f719f7a784384a58d118f374c5c29d0088a312908407df7ce10142b5abf408cf7e5047a1243c2e070ff5750e71920e6f21bd3f2293de87f31e3c22f2914981c2aeaf4b2b297b30fa15039a564b8ba5c8c2fe43f354ed5d20751188c783c2eb68540b630122c0ad7ef7f4a6f241a7419838b6225a80d8af16ef562bd9b0d4a26c23e5139feb360680bfbdeaf2cb8f5a9e2923de7513673263122c18b3acf