mgstage.bmw-abo.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:d2:ac:3b:dd:a2:ca:b6:eb:ab:df:11:ec:a2:fc:e8:e6:02 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mgstage.bmw-abo.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:d2:ac:3b:dd:a2:ca:b6:eb:ab:df:11:ec:a2:fc:e8:e6:02Serial Number (int): 333025092904777698195889562730510603052546
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e8:86:58:1e:2f:75:e5:46:82:e9:e8:73:87:92:b7:9a:60:12:83:84
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 4d:42:71:6c:1e:cc:58:08:66:00:2f:6c:10:a8:56:e2:a5:66:c5:53
Fingerprint (sha256): 6c:8d:20:0a:14:82:9b:6d:26:23:cd:85:13:15:fa:73:66:7a:f7:2b:e8:4b:1a:20:80:a7:19:94:f1:e0:e2:f0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mgstage.bmw-abo.ch
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mgstage.bmw-abo.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mgstage.bmw-abo.ch
mgstage.hyundai-abo.at
mgstage.mini-abo.ch
mgstage.mitsubishi-abo.at
mgstage.vivelacar.at
mgstage.vivelacar.com
mgstage.hyundai-abo.at
mgstage.mini-abo.ch
mgstage.mitsubishi-abo.at
mgstage.vivelacar.at
mgstage.vivelacar.com
Other certificates including the domain name bmw-abo.ch
(limited to 100 certificates)
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
mgstage.bmw-abo.ch
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
vivelacar.com
vivelacar.com
vivelacar.com
vivelacar.com
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
mgstage.bmw-abo.ch
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
vivelacar.com
magentocloud52.map.fastly.net
vivelacar.com
vivelacar.com
vivelacar.com
vivelacar.com
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
magentocloud52.map.fastly.net
Certificate
The complete raw certificate details for mgstage.bmw-abo.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgISA9KsO92iyrbrq98R7KL86OYCMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTYyMzA4MTVaFw0yNDA3MTUyMzA4MTRaMB0xGzAZBgNVBAMT Em1nc3RhZ2UuYm13LWFiby5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKzQYfG/hl2QzIjeGFP0vsoW8UCVxX9+U5DLCLthbaBUWIhE+fiGyOnTwsy1 FA9tlJoId6B71iy/lDvJgk1Pood/WqJS4YgY3GU5ov2JIM4252wr2ZTxNyRApty5 9qxzK+SwlSjvyPjvnITMj/A3Yd9r0zedttI/3cyNr6TZD4OdBZ2TqCojpbX9SqRq N/ntkySnUa1ffzkpLoPHphyHfVb94kJ8EzUsBRJIJNmzBqpJm3wflo0Vn9JeqDUj Ls2Wmye8ad2vRzRM5HUu+Xi0MIdDcM5qMjp4UdfUQ3zdDXnsd/BeCWbHjt3VQ6ZC In2FUM/N5CgCwvQ41jZzjMYMB7UCAwEAAaOCAo0wggKJMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQU6IZYHi915UaC6ehzh5K3mmASg4QwHwYDVR0jBBgwFoAUFC6zF7dY VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy Lm9yZy8wgZQGA1UdEQSBjDCBiYISbWdzdGFnZS5ibXctYWJvLmNoghZtZ3N0YWdl Lmh5dW5kYWktYWJvLmF0ghNtZ3N0YWdlLm1pbmktYWJvLmNoghltZ3N0YWdlLm1p dHN1YmlzaGktYWJvLmF0ghRtZ3N0YWdlLnZpdmVsYWNhci5hdIIVbWdzdGFnZS52 aXZlbGFjYXIuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO 6WH5bQAABAMASDBGAiEAv+hp4OJZCS/0MG81seS8o5+QpAGGlPTf08n+efJMXC4C IQCBPu4VRklvp/MpM5jutDrpJ9RmxYmXcqKTeVYRAeNaygB2AHb/iD8KtvuVUcJh zPWHujS0pM27KdxoQgqf5mdMWjp0AAABjulh+cIAAAQDAEcwRQIhAPMtdFWKJ9ex G165IOkJ85ZHo4KakvsvK7jpJVzFpD6pAiASFzdh+cUxLvOfui0JQ9ehXwoFCIi4 OJhOS8oCGvJVETANBgkqhkiG9w0BAQsFAAOCAQEAExCGsdQeC6EyABydy+qTWmcP iNMcxnBw8ooGAryeZBD5G+Y3mMsbxZUBh+nrryzOvLTyXXK/QA9T4VsHX5hcBwI9 UbQ4D27EF3fN/hPLtN82ULjgVRpcvx9QVxOVrPc7pnxDY9YHtsj+JvOZaDlrSIG4 4uTDoGCBv7M+bcmaQae+PpXfMu6OntWvPpNNbV8rYrjLW6K5O1kfgN+Tb5V4W/RD YOfXo/WocW3rtZBl1W7sxsDdGPtwnTxrzNTG2xL9E+efG+dSCvL1MBCXOBt9Mf2Y iOeYcoLOqtitUquuTftcq5Y4Nfz4KO/cIffUERTw1iUKFp7CtQNnCuBZVpY3wA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNBh8b+GXZDMiN4YU/S+ yhbxQJXFf35TkMsIu2FtoFRYiET5+IbI6dPCzLUUD22Umgh3oHvWLL+UO8mCTU+i h39aolLhiBjcZTmi/YkgzjbnbCvZlPE3JECm3Ln2rHMr5LCVKO/I+O+chMyP8Ddh 32vTN5220j/dzI2vpNkPg50FnZOoKiOltf1KpGo3+e2TJKdRrV9/OSkug8emHId9 Vv3iQnwTNSwFEkgk2bMGqkmbfB+WjRWf0l6oNSMuzZabJ7xp3a9HNEzkdS75eLQw h0NwzmoyOnhR19RDfN0Neex38F4JZseO3dVDpkIifYVQz83kKALC9DjWNnOMxgwH tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 333025092904777698195889562730510603052546 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-16 23:08:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-15 23:08:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mgstage.bmw-abo.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21815745741589866848764628064967593282608818972842155849396965377358071120012193254850506402824419039213583687070769385170128893319744813816728627282930157724336917036569478381186572821678865432617823089770023738796720767664940135555546524267429763791497292008999420228626783464356027558172441167863174316641446694560457926938405452883659788576215618902994474010402607989045517879757979878185025165115403424952566763330459362172210762802119493819702546058364885719636105382255310928281754682727413523087890181994656995160745564810833372182630505424940547305486504060749347824885423727492648063703040770195720736868277 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e886581e2f75e54682e9e8738792b79a60128384 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.bmw-abo.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.hyundai-abo.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.mini-abo.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.mitsubishi-abo.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.vivelacar.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgstage.vivelacar.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ee961f96d0000040300483046022100bfe869e0e259092ff4306f35b1e4bca39f90a4018694f4dfd3c9fe79f24c5c2e022100813eee1546496fa7f3293398eeb43ae927d466c5899772a29379561101e35aca00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ee961f9c20000040300473045022100f32d74558a27d7b11b5eb920e909f39647a3829a92fb2f2bb8e9255cc5a43ea9022012173761f9c5312ef39fba2d0943d7a15f0a050888b838984e4bca021af25511 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00131086b1d41e0ba132001c9dcbea935a670f88d31cc67070f28a0602bc9e6410f91be63798cb1bc5950187e9ebaf2ccebcb4f25d72bf400f53e15b075f985c07023d51b4380f6ec41777cdfe13cbb4df3650b8e0551a5cbf1f50571395acf73ba67c4363d607b6c8fe26f39968396b4881b8e2e4c3a06081bfb33e6dc99a41a7be3e95df32ee8e9ed5af3e934d6d5f2b62b8cb5ba2b93b591f80df936f95785bf44360e7d7a3f5a8716debb59065d56eecc6c0dd18fb709d3c6bccd4c6db12fd13e79f1be7520af2f5301097381b7d31fd9888e7987282ceaad8ad52abae4dfb5cab963835fcf828efdc21f7d41114f0d6250a169ec2b503670ae059569637c0