auth.blek.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:38:f8:4b:3b:ac:7b:70:0b:ea:36:6a:c5:d5:65:76:7d:a2 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=auth.blek.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:38:f8:4b:3b:ac:7b:70:0b:ea:36:6a:c5:d5:65:76:7d:a2
Serial Number (int): 280722709518399955822441294411609356533154
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 0b:4f:26:51:04:3b:8f:40:54:4b:d4:38:62:25:4b:9d:ef:40:32:83
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 48:ef:00:8b:4a:76:cf:c4:45:d4:57:5c:b3:cd:5b:d6:03:b0:08:c0
Fingerprint (sha256): 62:b9:ce:b2:5a:b8:05:eb:4f:71:98:da:9b:20:22:20:6f:89:75:9d:c8:d3:d7:df:8d:97:cc:6c:48:95:ad:7b

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate auth.blek.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for auth.blek.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

auth.blek.ch

Other certificates including the domain name blek.ch

(limited to 100 certificates)
archives.blek.ch
benevoles.balelec.ch
webcams.blek.ch
*.blek.ch
*.blek.ch
intranet.blek.ch
mail.blek.ch
public.balelec.ch
stats.blek.ch
gallery.blek.ch
files.blek.ch
mail.blek.ch
mail.blek.ch
auth.blek.ch
webcams.blek.ch
gallery.blek.ch
public.balelec.ch
auth.blek.ch
mail.blek.ch
archives.blek.ch
public.balelec.ch
webcams.blek.ch
public.balelec.ch
webcams.blek.ch
public.balelec.ch
files.blek.ch
*.blek.ch
gallery.blek.ch
stats.blek.ch
gallery.blek.ch
auth.blek.ch
mail.blek.ch
files.blek.ch
auth.blek.ch
mail.blek.ch
gallery.blek.ch
public.balelec.ch
gallery.blek.ch
public.balelec.ch
*.srv.blek.ch
benevoles.balelec.ch
files.blek.ch
archives.blek.ch
auth.blek.ch
archives.blek.ch
stats.blek.ch
intranet.blek.ch
auth.blek.ch
files.blek.ch
files.blek.ch
auth.blek.ch
gallery.blek.ch
intranet.blek.ch
mail.blek.ch
cdn.blek.ch
auth.blek.ch
webcams.blek.ch
archives.blek.ch
intranet.blek.ch
public.balelec.ch
gallery.blek.ch
auth.blek.ch
files.blek.ch
webcams.blek.ch
mail.blek.ch
benevoles.balelec.ch
mail.blek.ch
*.srv.blek.ch
webcams.blek.ch
webcams.blek.ch
intranet.blek.ch
stats.blek.ch
intranet.blek.ch
auth.blek.ch
auth.blek.ch
public.balelec.ch
archives.blek.ch
archives.blek.ch
webcams.blek.ch
files.blek.ch
public.balelec.ch
mail.blek.ch
gallery.blek.ch
gallery.blek.ch
gallery.blek.ch
archives.blek.ch
public.balelec.ch
webcams.blek.ch
webcams.blek.ch
intranet.blek.ch
mail.blek.ch
public.balelec.ch
public.balelec.ch
public.balelec.ch
auth.balelec.ch
archives.blek.ch
*.blek.ch
public.balelec.ch
auth.blek.ch
archives.blek.ch

Certificate

The complete raw certificate details for auth.blek.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgISAzj4Szuse3AL6jZqxdVldn2iMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MjgxMDAwMDBaFw0x
NzExMjYxMDAwMDBaMBcxFTATBgNVBAMTDGF1dGguYmxlay5jaDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAOR5NccqkV50Zrhecr3DjjmiPphpKaABI9OF
GnDXekncU8z4bF4as5MbQIvyiPv18OuVTkNy4ypDxgZL1v5Gdfh6KW+BcVuFY/rc
i1LVpNZF8zYzzVuVvrWMdKHx9m756qfhmZUhM0luAglROT2HiXdgfDEz05cUgCVU
hCJxVGcclyALAVLm3F9JWgOxny3md73ufVUg2fjIE2Kgvu3HhL6l1nn35bnQYTv4
hUN4C7ItXJ76FBJ2iD7JV3CkbP0HE3z1QsepFAh1PkcXO+Y17OqWohbr2ANIqDG/
vQhV1y5YT6zjeoA7mwYlk5VfDHoUzX4P2tay6zbY6cwyuRQd1fMCAwEAAaOCAgww
ggIIMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUC08mUQQ7j0BUS9Q4YiVLne9AMoMw
HwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBh
MC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
MC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
LzAXBgNVHREEEDAOggxhdXRoLmJsZWsuY2gwgf4GA1UdIASB9jCB8zAIBgZngQwB
AgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
dHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRl
IG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQg
b25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBm
b3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkq
hkiG9w0BAQsFAAOCAQEADsWgSSdeGJ+XMBOK1ZHNB8zXS9gaYrsV2X3OZD7KBzeC
jOgV7rUu2K7Dzbxn82s1WVFSUMwGbzaR7lI7QAEUiRP+HmFfpDkC9qujXSPO6wXX
N9xx2MJ19EH+/1JNvgcSVcypxgCwGWJGwD022d8j6dz4+vBpsHxbFfjW6G+a923v
cGIADUllM6t52NLVshlfgPjK2EdPczcLhBhb0I9eig3bLiw/c2TX2sM5k8cOA7PH
/xm0Wk4eFpg27jPAgmbEKztzmbCG2nZVnAgqpM/odQ7vb9udxr06ToReiZv+5Ttf
lRIiheJ2fb1KcBxhM9yrMkvrCejIc7JCFILyXj+xdA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Hk1xyqRXnRmuF5yvcOO
OaI+mGkpoAEj04UacNd6SdxTzPhsXhqzkxtAi/KI+/Xw65VOQ3LjKkPGBkvW/kZ1
+Hopb4FxW4Vj+tyLUtWk1kXzNjPNW5W+tYx0ofH2bvnqp+GZlSEzSW4CCVE5PYeJ
d2B8MTPTlxSAJVSEInFUZxyXIAsBUubcX0laA7GfLeZ3ve59VSDZ+MgTYqC+7ceE
vqXWeffludBhO/iFQ3gLsi1cnvoUEnaIPslXcKRs/QcTfPVCx6kUCHU+Rxc75jXs
6paiFuvYA0ioMb+9CFXXLlhPrON6gDubBiWTlV8MehTNfg/a1rLrNtjpzDK5FB3V
8wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 280722709518399955822441294411609356533154
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-28 10:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-26 10:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'auth.blek.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28842104445611970974332109393434630626086577906831632425620807058684650689621387710528774090588913887037634174792721956229338544643387816721790710751350342523926391762591196200381466686142099198978710983743338344457655640181733811914970485798906871524053156087658442290062059914836482013027351905486102458070392423341165845307432197987537612844686085367724675313066116236630513002411263621933667258082576782810317988229885230231136182736548523344948692488389880256746375277427280762294774810384992120335198502751787518459225825281478271419941641966643572233885888285566967559620513661144326696020457834757245271660019
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0b4f2651043b8f40544bd43862254b9def403283
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.blek.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000ec5a049275e189f9730138ad591cd07ccd74bd81a62bb15d97dce643eca0737828ce815eeb52ed8aec3cdbc67f36b3559515250cc066f3691ee523b4001148913fe1e615fa43902f6aba35d23ceeb05d737dc71d8c275f441feff524dbe071255cca9c600b0196246c03d36d9df23e9dcf8faf069b07c5b15f8d6e86f9af76def7062000d496533ab79d8d2d5b2195f80f8cad8474f73370b84185bd08f5e8a0ddb2e2c3f7364d7dac33993c70e03b3c7ff19b45a4e1e169836ee33c08266c42b3b7399b086da76559c082aa4cfe8750eef6fdb9dc6bd3a4e845e899bfee53b5f95122285e2767dbd4a701c6133dcab324beb09e8c873b2421482f25e3fb174