www.armindoalves.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:a5:ae:7d:2a:61:f7:de:fd:7f:9f:35:58:71:4f:a4:a9:fc was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.armindoalves.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a5:ae:7d:2a:61:f7:de:fd:7f:9f:35:58:71:4f:a4:a9:fcSerial Number (int): 317715383905232526119991891542630635710972
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: bf:f8:b9:fb:31:1d:d3:c9:a0:49:40:c8:b8:08:4b:fc:4d:27:55:f8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c6:2b:1b:ee:34:87:ec:76:bb:87:95:0d:fc:4a:05:09:0f:c3:71:7e
Fingerprint (sha256): 5e:48:4d:e2:e2:09:e0:4f:33:0e:ec:63:ee:03:6f:29:fc:6d:2a:95:dc:da:09:cb:52:99:15:57:25:62:aa:b2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.armindoalves.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.armindoalves.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
armindoalves.ch
www.armindoalves.ch
www.armindoalves.ch
Other certificates including the domain name armindoalves.ch
(limited to 100 certificates)
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
www.armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
www.armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
www.armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
www.armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
armindoalves.ch
Certificate
The complete raw certificate details for www.armindoalves.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGAzCCBOugAwIBAgISA6WufSph9979f581WHFPpKn8MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMDUwODMzMTJaFw0yNDAxMDMwODMzMTFaMB4xHDAaBgNVBAMT E3d3dy5hcm1pbmRvYWx2ZXMuY2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQCUqbl7P6YXffbLDNGmrl6Nzspm+d6Apdk5rXpDTPozmzT1C3Uef3+Oi8L/ T9mbZI6w85ZbUr27QWw6I/DG8mLCnDwVnUFA3+nmU19BcoRloe0KMP/9Xg3vQQZR 9FXXSOpw6Uirk6yxRUzV81bR+3Ut8MidxI9aLrTDBnT5Z3R+9tObyj+yEvAxfsRM XkviEFQEaMtgDouclazO7BZgGh+gGbiTkJRQs1Hp6lnJ8F7YbGSM7x+9mlQGU0dD 950LiCTvFPnv0EF7cqCDCd/XUxG44n3rRep/X7NxHyGB6Fca6AfEyjk1ySTVwBHF aDzQju7V8oi+MGZmCsL1mP0pjp2GX2uFbbNaJZgsFfom1q6IM10lxH0LHCvnt+nD Wqr10kvcjGA6/FqxTjwSQ7FFqAZoU8tOO+MuEX8JFGbEudGo7q+MRLGgbsde+L8j cmzpoNapxahbSC8Uw7DH6O/khC+cMEtdnbLr+JTssq6DK9SMQr2GFABSjghx03FF SzRP58Q/yzD5iFmi8t8FZxRJtu0+zQPw2FV0mwU5YQOOJhSXcQ7LJeDQ7nqAAzV+ 5EriSaLM0kHAzISO5KcfNvC1JVkUFHPdLS6gzY1vD1HVo+5eg9SY9iZCip6Y/F+3 +0ykBB4fDTPdkFHlQ9muWFGS2Qf67BosxUTxbL/hErO856uBLQIDAQABo4ICJTCC AiEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS/+Ln7MR3TyaBJQMi4CEv8TSdV+DAf BgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcw IQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYW aHR0cDovL3IzLmkubGVuY3Iub3JnLzAvBgNVHREEKDAmgg9hcm1pbmRvYWx2ZXMu Y2iCE3d3dy5hcm1pbmRvYWx2ZXMuY2gwEwYDVR0gBAwwCjAIBgZngQwBAgEwggED BgorBgEEAdZ5AgQCBIH0BIHxAO8AdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9 pD0wSNf7qwAAAYr/LxxhAAAEAwBHMEUCIB8qzhaHoNxHNsYiEh9wQGlA0mNmioIO t1ECZ71kYKWJAiEAnta7p17addkLc8jOfdfyycNwWHJBp8ZbzovA3GZgVo4AdQA7 U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYr/LxyAAAAEAwBGMEQC IBCovrBm8E8jvTT9St/vGxI+XF5FIqymdwS7yRnOXBKvAiByxNd+EMwi4xH0G9/9 5LwNC36GZQIuXeV5D7oI91XI3DANBgkqhkiG9w0BAQsFAAOCAQEAI1UG09rbkLVR MhMCjPHTG8mrX1Q3Os2Jt/kh0cLSX54etFIO5X+EW20berJWlxV5dH52IHuo0rFH 16v86RDuA8B5eb+75txL2WTLzJ47t7eW9LzNFG/UscuU+ggCBZGZpvT3Z/5ljbJo 4tOTdfJ0tUbiZ1/9De+UK1OrBr6Ty7YU+re1eh3VNCsMeLlp8t6NEoU2jjW6GwTh 0Hm3z26F8AZ4MgL/V3JnLxjz36tna8Hbmh22F1tUBu/y8VpKc8dXjAp/MLfIiIh5 KJSX4DzT4aTWndYbhz6ewS/bP0IzQDAHSlVwRgNrW8WV7cfrc9Oz+3LdOsMLqRZu YRs83Gnsjw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlKm5ez+mF332ywzRpq5e jc7KZvnegKXZOa16Q0z6M5s09Qt1Hn9/jovC/0/Zm2SOsPOWW1K9u0FsOiPwxvJi wpw8FZ1BQN/p5lNfQXKEZaHtCjD//V4N70EGUfRV10jqcOlIq5OssUVM1fNW0ft1 LfDIncSPWi60wwZ0+Wd0fvbTm8o/shLwMX7ETF5L4hBUBGjLYA6LnJWszuwWYBof oBm4k5CUULNR6epZyfBe2GxkjO8fvZpUBlNHQ/edC4gk7xT579BBe3Kggwnf11MR uOJ960Xqf1+zcR8hgehXGugHxMo5Nckk1cARxWg80I7u1fKIvjBmZgrC9Zj9KY6d hl9rhW2zWiWYLBX6JtauiDNdJcR9Cxwr57fpw1qq9dJL3IxgOvxasU48EkOxRagG aFPLTjvjLhF/CRRmxLnRqO6vjESxoG7HXvi/I3Js6aDWqcWoW0gvFMOwx+jv5IQv nDBLXZ2y6/iU7LKugyvUjEK9hhQAUo4IcdNxRUs0T+fEP8sw+YhZovLfBWcUSbbt Ps0D8NhVdJsFOWEDjiYUl3EOyyXg0O56gAM1fuRK4kmizNJBwMyEjuSnHzbwtSVZ FBRz3S0uoM2Nbw9R1aPuXoPUmPYmQoqemPxft/tMpAQeHw0z3ZBR5UPZrlhRktkH +uwaLMVE8Wy/4RKzvOergS0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 317715383905232526119991891542630635710972 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-05 08:33:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-03 08:33:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.armindoalves.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 606492070895333546226306863037451427588722507936802482640025350084328847992568837407634232860733612472952441907319348245819174933879850106465754887083642523091890331534955684145290820017022801541975241120454033920119723309223245230167848114572654849069624793955076651670973097794045233400181148685475433656017927191020503471001030994400229719477974998656783701288428048261042442314996420494241569509623553465337402903956953295547826156719941062968165964812366411980925187094236740218086864431669847744064291351112909535877065874513084794008593431739685297158109071583103663865407658866587459849366820267910083307399349952255833005585801514100690060437535896770400535394561885538003311552657465840084264005488079508677677849003942131905944065016843311038957021546496452949153614546209616144819707151274712605319432662615172636774666142003820571510450175033137994590170523311647957639652025198516755871388553694474263262254250994536012913278435767030022394908418983743758364914284976281192956342138259201305577019386773537264701870920654983716573095597096050041941010556410355577735816060741915464982710748118349965753404312705088488172219263116212652749594738057569201155374112526343551816365761863038716668452107713831592628729905453 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bff8b9fb311dd3c9a04940c8b8084bfc4d2755f8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'armindoalves.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.armindoalves.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018aff2f1c61000004030047304502201f2ace1687a0dc4736c622121f70406940d263668a820eb7510267bd6460a5890221009ed6bba75eda75d90b73c8ce7dd7f2c9c370587241a7c65bce8bc0dc6660568e0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018aff2f1c800000040300463044022010a8beb066f04f23bd34fd4adfef1b123e5c5e4522aca67704bbc919ce5c12af022072c4d77e10cc22e311f41bdffde4bc0d0b7e8665022e5de5790fba08f755c8dc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00235506d3dadb90b5513213028cf1d31bc9ab5f54373acd89b7f921d1c2d25f9e1eb4520ee57f845b6d1b7ab256971579747e76207ba8d2b147d7abfce910ee03c07979bfbbe6dc4bd964cbcc9e3bb7b796f4bccd146fd4b1cb94fa0802059199a6f4f767fe658db268e2d39375f274b546e2675ffd0def942b53ab06be93cbb614fab7b57a1dd5342b0c78b969f2de8d1285368e35ba1b04e1d079b7cf6e85f006783202ff5772672f18f3dfab676bc1db9a1db6175b5406eff2f15a4a73c7578c0a7f30b7c8888879289497e03cd3e1a4d69dd61b873e9ec12fdb3f42334030074a557046036b5bc595edc7eb73d3b3fb72dd3ac30ba9166e611b3cdc69ec8f