ticino-win.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:21:9c:61:69:40:04:37:d9:3b:a5:de:54:f5:7c:b7:51:17 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ticino-win.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:21:9c:61:69:40:04:37:d9:3b:a5:de:54:f5:7c:b7:51:17Serial Number (int): 272774041258534350229767534984658010198295
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0a:15:8b:d0:23:2d:45:56:79:1b:df:18:ab:71:b2:90:29:76:5c:5c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 10:cf:27:61:97:6e:ac:c0:94:34:51:a7:9e:21:6e:6a:99:d4:ae:32
Fingerprint (sha256): 66:6f:17:d5:d7:b5:41:c9:4c:b8:ae:75:65:4a:9d:1e:4e:62:2b:81:51:6f:3b:a9:0a:3d:7a:25:4a:36:fc:21
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ticino-win.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ticino-win.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ticino-win.ch
www.ticino-win.ch
www.ticino-win.ch
Other certificates including the domain name ticino-win.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for ticino-win.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZjCCBU6gAwIBAgISAyGcYWlABDfZO6XeVPV8t1EXMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMjExMzIxMTFaFw0y MDAxMTkxMzIxMTFaMBgxFjAUBgNVBAMTDXRpY2luby13aW4uY2gwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDEzeWneg21WCX8Q43tX0FH9lT1y2YX2dLS VhvqtcSKTP1ilxTQqfVVIdhrI1t2nLzW6maXIvCT6TqWAGsHScaJ9HUt8xrPbUFV xyX+sglZ0eAZOk4gT/zK1+lQIClycQ/Z67jJO823/pBhvUA2T/UljijVuvt6E1rR B665HrjhiquMaZBUo9av4Ucz7krYbLCGDClCmxFtYBOQX3y5+Fbx/ntf6909GAE+ 5RE3+JK4yxuONCO90x6kACW3xx0mF6icN9xK8pE1RdakNFskNiJbX2RVHg7pirsd XZsGOhnnznanMMBgeRh6aQVlLObS1J5M5Xin09JeDmVaPT9H7ZgqQHLUJ1Ob5AZ6 JlHTxGM2X1eRefFK5tzuk5oMCUSuXrcV4k99omDtM4/nkjEZj5Bk8W2FT3y0/x4A boZ9MmkIjS7pucTAqkshxTxc5+M2lH5s6eepCv/Sz9S/qb1m7L4Ni+hKiAJsEBSn ybW+7hrXIWj98POMWHhtiZB9puNNVvJYwvercbGZzTo8333Pt7uYglplqtSEbYja RhM8Q1g7ooeuvQFJGTTw2Clm1DpMaMgeazo7UoSuBuyh9ifnSm/9vrrqC9EMY5qB oEuLw3M95/BVUBWpfEaRRtZuk8/cOjQZnTPxBVttRXN3o9JJ1DDP4zOuQ3OCVJNA F9qKYNspnwIDAQABo4ICdjCCAnIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQKFYvQ Iy1FVnkb3xircbKQKXZcXDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCsGA1UdEQQkMCKCDXRpY2luby13aW4uY2iCEXd3 dy50aWNpbm8td2luLmNoMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQ NKawqKqOsnMAAAFt7rF7VgAABAMASDBGAiEA6k+Iw/O/Y2JkrA1oRBvdCONuBAGb OOUCPSDJ2ZuNweACIQD+qXsIMnnKxTwwxNZI9QaZMoBv4zj4R4jTfniRJ03AOgB2 ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABbe6xe0gAAAQDAEcw RQIgXKbD9vgFBxEtYjoP6pC/2aoI1MGvm7O8Sct1CWOhDUUCIQCZYzw9CxnIEZZk VvautOKF9T8PM2Nle2/vpj3/Zu7PFzANBgkqhkiG9w0BAQsFAAOCAQEABxZHFqop 1Py5jwrPQe4hzm8q5DJP2UwmtauKcFHncL+UPRMyt9KISgQ8gW05IH4ir6gMpQ3M FLodGVcVogjn1c7H/V9T2LqWb5+gP0BcbWjXa1jXrLuTJ5SRnQnethbLhFqIcQDZ fQljjDN8zslzAfFjP2B8M+yvqBzCQsVWVE5zVmatCguPfL3JjPOgXbR5S4wpbz1o MsaQ9xc3Q8itw+DFT6sO47kFG5Mu3IQNYcy7QZl5nh9HOXyBl781a+msqStlpRvk HIANvXC5tzdfE9gpWVE1bxPkwU2Qfa4gAmYmUtlzC6hYRCZ4nGiN01tuv4BMsmRz flVSolC4mvOU6w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM3lp3oNtVgl/EON7V9B R/ZU9ctmF9nS0lYb6rXEikz9YpcU0Kn1VSHYayNbdpy81upmlyLwk+k6lgBrB0nG ifR1LfMaz21BVccl/rIJWdHgGTpOIE/8ytfpUCApcnEP2eu4yTvNt/6QYb1ANk/1 JY4o1br7ehNa0QeuuR644YqrjGmQVKPWr+FHM+5K2GywhgwpQpsRbWATkF98ufhW 8f57X+vdPRgBPuURN/iSuMsbjjQjvdMepAAlt8cdJheonDfcSvKRNUXWpDRbJDYi W19kVR4O6Yq7HV2bBjoZ5852pzDAYHkYemkFZSzm0tSeTOV4p9PSXg5lWj0/R+2Y KkBy1CdTm+QGeiZR08RjNl9XkXnxSubc7pOaDAlErl63FeJPfaJg7TOP55IxGY+Q ZPFthU98tP8eAG6GfTJpCI0u6bnEwKpLIcU8XOfjNpR+bOnnqQr/0s/Uv6m9Zuy+ DYvoSogCbBAUp8m1vu4a1yFo/fDzjFh4bYmQfabjTVbyWML3q3Gxmc06PN99z7e7 mIJaZarUhG2I2kYTPENYO6KHrr0BSRk08NgpZtQ6TGjIHms6O1KErgbsofYn50pv /b666gvRDGOagaBLi8NzPefwVVAVqXxGkUbWbpPP3Do0GZ0z8QVbbUVzd6PSSdQw z+MzrkNzglSTQBfaimDbKZ8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 272774041258534350229767534984658010198295 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-21 13:21:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-19 13:21:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ticino-win.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 802891435880978526371310891673227802514525229676550078566051219040396943537435404777190463242150105510617128194891578303429361164904211640386826798631503372066133621474677879536495250525726642312518217555644772853156404420369928734765029779855217773370303567941300813464868392916298919518691034710961430290014263102527016593694414703016539456131623840239329461439129073797158207447974993473582510806221591185182129358402429918329573504016526715733187395342945095496926498536362343162246428552226006709988365974858474071931705936604358848881266191401854573861945165622091287220386997341023049664470151798431660288267711037009152955558068326821799202619400887025156524671922188685649228799249419374434547421526800878597507876441923570898054221392716317646398519134855377801587641460583509503522976309366396269118285328081126861220396622866331151076962755544552352349756639928184448162196389219860308344780713489268838764810855337446981186593343547312853938376267658874678551049474461679238032783795800727420693538969478974414985451754076987144010216887159529534640653657268157830044085188161046767546334527980927283456141472268517142882600660154276493672942591208171290985512204290671661416470648560456644357117620282981245724869208479 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0a158bd0232d4556791bdf18ab71b29029765c5c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticino-win.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ticino-win.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016deeb17b560000040300483046022100ea4f88c3f3bf636264ac0d68441bdd08e36e04019b38e5023d20c9d99b8dc1e0022100fea97b083279cac53c30c4d648f5069932806fe338f84788d37e7891274dc03a007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016deeb17b48000004030047304502205ca6c3f6f80507112d623a0fea90bfd9aa08d4c1af9bb3bc49cb750963a10d4502210099633c3d0b19c811966456f6aeb4e285f53f0f3363657b6fefa63dff66eecf17 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0007164716aa29d4fcb98f0acf41ee21ce6f2ae4324fd94c26b5ab8a7051e770bf943d1332b7d2884a043c816d39207e22afa80ca50dcc14ba1d195715a208e7d5cec7fd5f53d8ba966f9fa03f405c6d68d76b58d7acbb932794919d09deb616cb845a887100d97d09638c337ccec97301f1633f607c33ecafa81cc242c556544e735666ad0a0b8f7cbdc98cf3a05db4794b8c296f3d6832c690f7173743c8adc3e0c54fab0ee3b9051b932edc840d61ccbb4199799e1f47397c8197bf356be9aca92b65a51be41c800dbd70b9b7375f13d8295951356f13e4c14d907dae2002662652d9730ba8584426789c688dd35b6ebf804cb264737e5552a250b89af394eb