re-center.ch
Issued by R3
About this certificate
This digital certificate with serial number 04:64:64:f9:b7:dd:72:f2:fc:71:0a:e1:76:ad:cd:6d:10:03 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=re-center.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:64:64:f9:b7:dd:72:f2:fc:71:0a:e1:76:ad:cd:6d:10:03Serial Number (int): 382611599829857056119400649623315342495747
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 12:00:dd:86:af:4e:8c:eb:f1:9e:0f:a6:65:12:88:44:5b:79:b3:2f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 70:5a:78:6e:ec:3f:31:a5:82:76:22:e1:b0:9e:81:59:dc:e6:96:b4
Fingerprint (sha256): 82:3e:6d:e5:cb:78:25:40:0f:f0:26:df:7b:40:81:c4:7e:4f:cc:0e:bb:c2:5d:7c:b5:23:ab:d4:ba:ea:6e:9c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate re-center.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for re-center.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
re-center.ch
www.re-center.ch
www.re-center.ch
Other certificates including the domain name re-center.ch
(limited to 100 certificates)
re-center.ch
*.meyer-spinnler.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
*.meyer-spinnler.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
*.meyer-spinnler.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
*.meyer-spinnler.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
re-center.ch
Certificate
The complete raw certificate details for re-center.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+DCCA+CgAwIBAgISBGRk+bfdcvL8cQrhdq3NbRADMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMjYyMDQ2MDBaFw0yNDAyMjQyMDQ1NTlaMBcxFTATBgNVBAMT DHJlLWNlbnRlci5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANj2 dMQcFadV+2iA4Ap1A+Qn9qB4mJ1Hmicrl5syHNaB37mjGFSav6ahFUeBWGm3VQIF uhNm51AtqtWiI0awZtO94d9+M1vqojccPqmK444iE77H8dJsp4GUVyA0CR1jx+Fb Y9R0dLz3P7HA5USWIy0ECy5LKnOoEVy8Oa/Dv8GJSHuuBwd92w6NsGJYrHXdyJ0S cH2DvQMZdjPuGS+Vishqymr4fxC/ieAJc/zhO2/aLQmPUGmZxCQhCghXtjBxTfZd bO7jU79POKVO+yt5mcd4nMkl+VOPvuIgZyVeY2Dbgh/eJG9KlTDb+yzkBJye9h52 H9CT2pF8zi9nTPioKYsCAwEAAaOCAiEwggIdMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUEgDdhq9OjOvxng+mZRKIRFt5sy8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w KQYDVR0RBCIwIIIMcmUtY2VudGVyLmNoghB3d3cucmUtY2VudGVyLmNoMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcASLDja9qm RzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMDZi1/gAABAMASDBGAiEA2PC4 t3Y51tiPM8mv+XIdlBV0A1MUqcwatrNKXfdwd5YCIQCmF0HxBgCRf66dO31yOGkO rRUkH96irYrc2nCfkS1oMQB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM Wjp0AAABjA2YtlEAAAQDAEcwRQIhANpLBdmMIqDVgk/wKfSQe18SAxQe/7549Brb V1WAPA7IAiAFW/X+gwzwObqMc5tP3k3pcTaCC4ukdbrjGLz7rvhIujANBgkqhkiG 9w0BAQsFAAOCAQEAStvUPpqUjdxMXMy5+osx3AtwDueDAEcpdSmuAQSoMXB7q0kL 6H0C8jl4UG3+Ac1UyEx//oHaR++4Gdttj9viwETU+i8nfg3bvTu+MiQ8ZvrWTH6n BpJ/lqCRB0mgdy32kI/XFFmrR6TbrLVt25CoVTu9mSyDuelHLMvmbMQ27S0UVCZZ FGz2jDpPvlxRs1rwHh/fotmAKSbGkiSdYj3qFkBBSUuopIzhKXhFLX/5Mvqhpw0M nBVNRPrmi/jTPtih5c4tt1e8fx2gwxMHe0N86sxt2gxZNlFvr2nf/oDShvt5kSwF H71AiSGse7Qoh2W6UgbPkhT9mJmgF9qo/DLNqg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PZ0xBwVp1X7aIDgCnUD 5Cf2oHiYnUeaJyuXmzIc1oHfuaMYVJq/pqEVR4FYabdVAgW6E2bnUC2q1aIjRrBm 073h334zW+qiNxw+qYrjjiITvsfx0myngZRXIDQJHWPH4Vtj1HR0vPc/scDlRJYj LQQLLksqc6gRXLw5r8O/wYlIe64HB33bDo2wYlisdd3InRJwfYO9Axl2M+4ZL5WK yGrKavh/EL+J4Alz/OE7b9otCY9QaZnEJCEKCFe2MHFN9l1s7uNTv084pU77K3mZ x3icySX5U4++4iBnJV5jYNuCH94kb0qVMNv7LOQEnJ72HnYf0JPakXzOL2dM+Kgp iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 382611599829857056119400649623315342495747 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-26 20:46:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-24 20:45:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 're-center.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27389005913718140001671140356049546956420183146850102778057000072798011084839825894350883839422483981263392983146596983549503560187266368070053619183033052136281807745355041259797977393446924654127288412631188208085399347156938286270634523646907119766672288808026810509252080599998645921189029696454784641642090599415751534362442576426042710457849549869023945116167595504082195989485147746290649089718100333085790179629204286392671034718540227136402969060991730585674849283293422848485462331043830727003033705715300648049255779296597206815154856608875703344158351264398726136432717405685721850407998797504784292653451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1200dd86af4e8cebf19e0fa6651288445b79b32f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 're-center.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.re-center.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c0d98b5fe0000040300483046022100d8f0b8b77639d6d88f33c9aff9721d941574035314a9cc1ab6b34a5df7707796022100a61741f10600917fae9d3b7d7238690ead15241fdea2ad8adcda709f912d683100760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c0d98b6510000040300473045022100da4b05d98c22a0d5824ff029f4907b5f1203141effbe78f41adb5755803c0ec80220055bf5fe830cf039ba8c739b4fde4de97136820b8ba475bae318bcfbaef848ba . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004adbd43e9a948ddc4c5cccb9fa8b31dc0b700ee7830047297529ae0104a831707bab490be87d02f23978506dfe01cd54c84c7ffe81da47efb819db6d8fdbe2c044d4fa2f277e0ddbbd3bbe32243c66fad64c7ea706927f96a0910749a0772df6908fd71459ab47a4dbacb56ddb90a8553bbd992c83b9e9472ccbe66cc436ed2d14542659146cf68c3a4fbe5c51b35af01e1fdfa2d9802926c692249d623dea164041494ba8a48ce12978452d7ff932faa1a70d0c9c154d44fae68bf8d33ed8a1e5ce2db757bc7f1da0c313077b437ceacc6dda0c5936516faf69dffe80d286fb79912c051fbd408921ac7bb4288765ba5206cf9214fd9899a017daa8fc32cdaa