mgstage.bmw-abo.ch

Issued by R3

About this certificate

This digital certificate with serial number 03:d2:ac:3b:dd:a2:ca:b6:eb:ab:df:11:ec:a2:fc:e8:e6:02 was issued on by Let's Encrypt.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mgstage.bmw-abo.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:d2:ac:3b:dd:a2:ca:b6:eb:ab:df:11:ec:a2:fc:e8:e6:02
Serial Number (int): 333025092904777698195889562730510603052546
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: e8:86:58:1e:2f:75:e5:46:82:e9:e8:73:87:92:b7:9a:60:12:83:84
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 4d:42:71:6c:1e:cc:58:08:66:00:2f:6c:10:a8:56:e2:a5:66:c5:53
Fingerprint (sha256): 6c:8d:20:0a:14:82:9b:6d:26:23:cd:85:13:15:fa:73:66:7a:f7:2b:e8:4b:1a:20:80:a7:19:94:f1:e0:e2:f0

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate mgstage.bmw-abo.ch

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mgstage.bmw-abo.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mgstage.bmw-abo.ch
mgstage.hyundai-abo.at
mgstage.mini-abo.ch
mgstage.mitsubishi-abo.at
mgstage.vivelacar.at
mgstage.vivelacar.com

Other certificates including the domain name bmw-abo.ch

(limited to 100 certificates)
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
mgstage.bmw-abo.ch
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
vivelacar.com
vivelacar.com
vivelacar.com
vivelacar.com
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net

Certificate

The complete raw certificate details for mgstage.bmw-abo.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISA9KsO92iyrbrq98R7KL86OYCMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MTYyMzA4MTVaFw0yNDA3MTUyMzA4MTRaMB0xGzAZBgNVBAMT
Em1nc3RhZ2UuYm13LWFiby5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzQYfG/hl2QzIjeGFP0vsoW8UCVxX9+U5DLCLthbaBUWIhE+fiGyOnTwsy1
FA9tlJoId6B71iy/lDvJgk1Pood/WqJS4YgY3GU5ov2JIM4252wr2ZTxNyRApty5
9qxzK+SwlSjvyPjvnITMj/A3Yd9r0zedttI/3cyNr6TZD4OdBZ2TqCojpbX9SqRq
N/ntkySnUa1ffzkpLoPHphyHfVb94kJ8EzUsBRJIJNmzBqpJm3wflo0Vn9JeqDUj
Ls2Wmye8ad2vRzRM5HUu+Xi0MIdDcM5qMjp4UdfUQ3zdDXnsd/BeCWbHjt3VQ6ZC
In2FUM/N5CgCwvQ41jZzjMYMB7UCAwEAAaOCAo0wggKJMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQU6IZYHi915UaC6ehzh5K3mmASg4QwHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wgZQGA1UdEQSBjDCBiYISbWdzdGFnZS5ibXctYWJvLmNoghZtZ3N0YWdl
Lmh5dW5kYWktYWJvLmF0ghNtZ3N0YWdlLm1pbmktYWJvLmNoghltZ3N0YWdlLm1p
dHN1YmlzaGktYWJvLmF0ghRtZ3N0YWdlLnZpdmVsYWNhci5hdIIVbWdzdGFnZS52
aXZlbGFjYXIuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE
AgSB9gSB8wDxAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO
6WH5bQAABAMASDBGAiEAv+hp4OJZCS/0MG81seS8o5+QpAGGlPTf08n+efJMXC4C
IQCBPu4VRklvp/MpM5jutDrpJ9RmxYmXcqKTeVYRAeNaygB2AHb/iD8KtvuVUcJh
zPWHujS0pM27KdxoQgqf5mdMWjp0AAABjulh+cIAAAQDAEcwRQIhAPMtdFWKJ9ex
G165IOkJ85ZHo4KakvsvK7jpJVzFpD6pAiASFzdh+cUxLvOfui0JQ9ehXwoFCIi4
OJhOS8oCGvJVETANBgkqhkiG9w0BAQsFAAOCAQEAExCGsdQeC6EyABydy+qTWmcP
iNMcxnBw8ooGAryeZBD5G+Y3mMsbxZUBh+nrryzOvLTyXXK/QA9T4VsHX5hcBwI9
UbQ4D27EF3fN/hPLtN82ULjgVRpcvx9QVxOVrPc7pnxDY9YHtsj+JvOZaDlrSIG4
4uTDoGCBv7M+bcmaQae+PpXfMu6OntWvPpNNbV8rYrjLW6K5O1kfgN+Tb5V4W/RD
YOfXo/WocW3rtZBl1W7sxsDdGPtwnTxrzNTG2xL9E+efG+dSCvL1MBCXOBt9Mf2Y
iOeYcoLOqtitUquuTftcq5Y4Nfz4KO/cIffUERTw1iUKFp7CtQNnCuBZVpY3wA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNBh8b+GXZDMiN4YU/S+
yhbxQJXFf35TkMsIu2FtoFRYiET5+IbI6dPCzLUUD22Umgh3oHvWLL+UO8mCTU+i
h39aolLhiBjcZTmi/YkgzjbnbCvZlPE3JECm3Ln2rHMr5LCVKO/I+O+chMyP8Ddh
32vTN5220j/dzI2vpNkPg50FnZOoKiOltf1KpGo3+e2TJKdRrV9/OSkug8emHId9
Vv3iQnwTNSwFEkgk2bMGqkmbfB+WjRWf0l6oNSMuzZabJ7xp3a9HNEzkdS75eLQw
h0NwzmoyOnhR19RDfN0Neex38F4JZseO3dVDpkIifYVQz83kKALC9DjWNnOMxgwH
tQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 333025092904777698195889562730510603052546
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-16 23:08:15 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-15 23:08:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mgstage.bmw-abo.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21815745741589866848764628064967593282608818972842155849396965377358071120012193254850506402824419039213583687070769385170128893319744813816728627282930157724336917036569478381186572821678865432617823089770023738796720767664940135555546524267429763791497292008999420228626783464356027558172441167863174316641446694560457926938405452883659788576215618902994474010402607989045517879757979878185025165115403424952566763330459362172210762802119493819702546058364885719636105382255310928281754682727413523087890181994656995160745564810833372182630505424940547305486504060749347824885423727492648063703040770195720736868277
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e886581e2f75e54682e9e8738792b79a60128384
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.bmw-abo.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.hyundai-abo.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.mini-abo.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.mitsubishi-abo.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.vivelacar.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.vivelacar.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ee961f96d0000040300483046022100bfe869e0e259092ff4306f35b1e4bca39f90a4018694f4dfd3c9fe79f24c5c2e022100813eee1546496fa7f3293398eeb43ae927d466c5899772a29379561101e35aca00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ee961f9c20000040300473045022100f32d74558a27d7b11b5eb920e909f39647a3829a92fb2f2bb8e9255cc5a43ea9022012173761f9c5312ef39fba2d0943d7a15f0a050888b838984e4bca021af25511
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00131086b1d41e0ba132001c9dcbea935a670f88d31cc67070f28a0602bc9e6410f91be63798cb1bc5950187e9ebaf2ccebcb4f25d72bf400f53e15b075f985c07023d51b4380f6ec41777cdfe13cbb4df3650b8e0551a5cbf1f50571395acf73ba67c4363d607b6c8fe26f39968396b4881b8e2e4c3a06081bfb33e6dc99a41a7be3e95df32ee8e9ed5af3e934d6d5f2b62b8cb5ba2b93b591f80df936f95785bf44360e7d7a3f5a8716debb59065d56eecc6c0dd18fb709d3c6bccd4c6db12fd13e79f1be7520af2f5301097381b7d31fd9888e7987282ceaad8ad52abae4dfb5cab963835fcf828efdc21f7d41114f0d6250a169ec2b503670ae059569637c0