www.institut-zweistein.de

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:60:8e:6e:81:8a:64:dc:c2:c4:80:b9:37:c3:cd:24:5a:4d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.institut-zweistein.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:60:8e:6e:81:8a:64:dc:c2:c4:80:b9:37:c3:cd:24:5a:4d
Serial Number (int): 381305575106902516646431387304511704160845
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 66:d2:a3:2b:67:f4:22:83:71:39:5f:3b:a6:70:72:d3:43:e6:1c:a5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 58:a1:96:9d:f1:f4:99:dc:bd:5f:a4:2c:4a:8a:2c:59:da:e5:e0:a4
Fingerprint (sha256): 80:94:0e:5b:ad:a4:96:93:4c:8f:49:eb:40:ad:8d:8f:83:54:de:35:90:d6:0b:13:de:53:5a:f9:54:f4:1a:12

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.institut-zweistein.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.institut-zweistein.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.institut-zweistein.de

Other certificates including the domain name institut-zweistein.de

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.institut-zweistein.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISBGCOboGKZNzCxIC5N8PNJFpNMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMjgxNzM2MDhaFw0y
MDA0MjcxNzM2MDhaMCQxIjAgBgNVBAMTGXd3dy5pbnN0aXR1dC16d2Vpc3RlaW4u
ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNU49sxr5c/MGvEjf2
ZIB4osjpYlRSOSxWjYss4n8kGL4aC19v67yI+6BqVOi5wF9M9w5/AirJstWrfLPm
r+8tv1tgTjm/4vc0KyPzYbN9JMvH1Yn6d2QVxYbCejzkyjL6rPVeWeiq4Xbj/ltO
mzy/hhrLDhQBFIZqnuOmSOfT7WbUI+ZexWqg6s3bjBBYxsBReIVU9N56fJ+Z8F8t
iFJox+lYBTfCumjICfcQ7DROCvm1PyFf09htGtlK44+vtPcFb+bU0ZXajtw0qVbw
ppAgYrwkw6EsYhT9zgEqFkbgdynGSXvUqRHmf0OGhd5DB/RiV/ZcNszL87YiEWtU
YlXhAgMBAAGjggJvMIICazAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGbSoytn9CKD
cTlfO6ZwctND5hylMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G
CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl
dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl
dHNlbmNyeXB0Lm9yZy8wJAYDVR0RBB0wG4IZd3d3Lmluc3RpdHV0LXp3ZWlzdGVp
bi5kZTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG
AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkC
BAIEgfYEgfMA8QB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAAB
b+1wegIAAAQDAEgwRgIhAJi+52rjLXJZ8hvsmBoPctWWRRHSdZ0jMo3t4MBxMNx8
AiEAqojpKEk7n8n76nd/pZgEyqhvFcjkQmXG+HodeIzwcCgAdgAHt1wb5X1o//Gw
xh0jFce65ld8V5S3au68YToaadOiHAAAAW/tcHoHAAAEAwBHMEUCIF2n5Mc3CnT+
F6JUKnLwjEMTUpKm7ZDUgbmW609fEAlgAiEAp0l8CxVgfAU5Lp+9xKIrU+xQpgs2
ptVFiOc4/dV7FqowDQYJKoZIhvcNAQELBQADggEBAHFy2QI6l2FmdD9YCaPCOqlo
gbIfRmfh+tgzgs9mxC6pVWtMc5Y9sz8opuJT3qW+9mVA0pA9d7VIZQ2Ac5A5O1k0
O3yFjSudnpv87hre3/HTMrWrxcbrA11M+80rmNvtIV2fnLyfuZHNY4xeNQRi76lK
7d6ky7RNZQQqb6Yi7CBRuSMYK+dv4pYkSAJyu3Yd2jr8AR3mz3IhPNojNSwt7u2e
lNZ7rjgqtJFljo8XKL6kXhjMHT+Uya1lqgs07zWOMLDC/GoJ+VreasWZAvg7q/xH
7U82JhvinTcwXsDqxCKT32MOml0rYOfIKPtrRnY1KQGOpclQDl/2QF8g/fum4/I=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVOPbMa+XPzBrxI39mSA
eKLI6WJUUjksVo2LLOJ/JBi+Ggtfb+u8iPugalToucBfTPcOfwIqybLVq3yz5q/v
Lb9bYE45v+L3NCsj82GzfSTLx9WJ+ndkFcWGwno85Moy+qz1XlnoquF24/5bTps8
v4Yayw4UARSGap7jpkjn0+1m1CPmXsVqoOrN24wQWMbAUXiFVPTeenyfmfBfLYhS
aMfpWAU3wrpoyAn3EOw0Tgr5tT8hX9PYbRrZSuOPr7T3BW/m1NGV2o7cNKlW8KaQ
IGK8JMOhLGIU/c4BKhZG4Hcpxkl71KkR5n9DhoXeQwf0Ylf2XDbMy/O2IhFrVGJV
4QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 381305575106902516646431387304511704160845
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-28 17:36:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-27 17:36:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.institut-zweistein.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25920057614800173093231747474154050880192716426397920398998206337297203286867248673200633085608168748634659880252524251037698697523638596689398989605880115390800929278341617528474396487649699695377305700816310867299419959944260463240066553341365413330901167925212666847010751058731745774354459755282034340360603193995822339859480202731352078506791031820414337669335709922872198855302291758210498559532376484543428677086824000628337437206575082430154445191745542906550849813011653368077554770587027886334292453833819077878101563471187805537450793504417955008372975034880890005715592945718070056329661016787570554721761
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							66d2a32b67f4228371395f3ba67072d343e61ca5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.institut-zweistein.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016fed707a02000004030048304602210098bee76ae32d7259f21bec981a0f72d5964511d2759d23328dede0c07130dc7c022100aa88e928493b9fc9fbea777fa59804caa86f15c8e44265c6f87a1d788cf0702800760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016fed707a07000004030047304502205da7e4c7370a74fe17a2542a72f08c43135292a6ed90d481b996eb4f5f100960022100a7497c0b15607c05392e9fbdc4a22b53ec50a60b36a6d54588e738fdd57b16aa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007172d9023a976166743f5809a3c23aa96881b21f4667e1fad83382cf66c42ea9556b4c73963db33f28a6e253dea5bef66540d2903d77b548650d807390393b59343b7c858d2b9d9e9bfcee1adedff1d332b5abc5c6eb035d4cfbcd2b98dbed215d9f9cbc9fb991cd638c5e350462efa94aeddea4cbb44d65042a6fa622ec2051b923182be76fe29624480272bb761dda3afc011de6cf72213cda23352c2deeed9e94d67bae382ab491658e8f1728bea45e18cc1d3f94c9ad65aa0b34ef358e30b0c2fc6a09f95ade6ac59902f83babfc47ed4f36261be29d37305ec0eac42293df630e9a5d2b60e7c828fb6b46763529018ea5c9500e5ff6405f20fdfba6e3f2