1of21.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:61:fe:cc:20:fa:0e:1a:03:21:7c:90:f0:28:7a:df:a8:93 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=1of21.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:61:fe:cc:20:fa:0e:1a:03:21:7c:90:f0:28:7a:df:a8:93Serial Number (int): 294682931194948792814785987360215940442259
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 37:83:6c:5d:06:63:74:3b:1e:2f:be:1a:b7:6c:90:f0:c3:48:97:63
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0f:a4:e4:00:da:55:cd:cd:23:5d:32:9d:e2:7f:25:98:26:22:e3:b2
Fingerprint (sha256): 89:11:7a:2b:61:ea:2d:4f:3d:d8:29:fd:d1:9d:78:cc:76:fe:33:98:f1:b6:0a:20:72:61:b0:ea:11:97:91:c4
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate 1of21.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for 1of21.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
1of21.ch
www.1of21.ch
www.1of21.ch
Other certificates including the domain name 1of21.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for 1of21.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISA2H+zCD6DhoDIXyQ8Ch636iTMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MjUyMzU0NTFaFw0x OTA3MjQyMzU0NTFaMBMxETAPBgNVBAMTCDFvZjIxLmNoMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAwfAlIZCg+I3JshsM5JtFKWsevyh8CTUIR02ynV7W fEQFUJXhuxnpUn2EqeVHk/VTZuMJhupD3THheftn+QZnNxckVqjGTWJ1XVfHtoFK KqmrAfxKVp09DQJbDxDLNDKQ73Kdeae8KVMqrh7qQd/dQLrOQS3aOBUdIDIQ+JTY hGv/qnvrjHNzE5CHAb+bSV38ISads5HdwHY/MCmfjWsCAQ4daAV/mxouRHKywriD cGYs/FksK2VbW3NmseWjwj6S2b+3HRv4Z/hn2VLoDCzN2nMPG2AzYZfEcWhCbiBv d4dw5Gg6985qa7EEIOVrYS2hZHsfl5MpbgYSJM/vyqtKUwIDAQABo4ICazCCAmcw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ3g2xdBmN0Ox4vvhq3bJDww0iXYzAfBgNV HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG A1UdEQQaMBiCCDFvZjIxLmNoggx3d3cuMW9mMjEuY2gwTAYDVR0gBEUwQzAIBgZn gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDiaUuuJujp QAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWpXI0oJAAAEAwBHMEUCIQDtT/in WCAGTWx3hlGGMW74E9xscBVafeodXe5CntXaxAIgJutAAFRXYQ29uK4lPlZnOv1c 7YfCN4GaGXacWIjkAqQAdgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0 eAAAAWpXI0oxAAAEAwBHMEUCIQDZgEd9q/3KYPE23y7UqQSr7EcGVHHQfzIYgq0R VJAVAgIgHni68cVbnMhkKXlcHVvuF9quKYLepk2KNIDR918aB6QwDQYJKoZIhvcN AQELBQADggEBADR/BI06yqlJ5n1D/LDeBnMIQY7N9tz54ECwApRGO9m4YTZqY/GP lMmnHJVySGyPpKnlOi1Hymdu6fJ7gO08ZZOYf6BjsOERCUtFtw9T555qAt2I5nqO Au/X9/wrjfq3zeH5b/2XNsE00S5ZyGsL+VJMw6qjgxkDq/NL51dAChenHspPUnTa AOsGEB+LcRS0cOxSJzdLjWyYxMQgiRS0W29pzGJbAxXcMHr4X8LswZHAawCSRNaK NzEzMAi9ysJTnO71JQYrDqdTvB+cGLgknN7l/VIEUcleQFLxDl1nrsLKreG3hC8E wZj7oRrpSokTghrZMcEd7p9u7xNF8e0nRog= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfAlIZCg+I3JshsM5JtF KWsevyh8CTUIR02ynV7WfEQFUJXhuxnpUn2EqeVHk/VTZuMJhupD3THheftn+QZn NxckVqjGTWJ1XVfHtoFKKqmrAfxKVp09DQJbDxDLNDKQ73Kdeae8KVMqrh7qQd/d QLrOQS3aOBUdIDIQ+JTYhGv/qnvrjHNzE5CHAb+bSV38ISads5HdwHY/MCmfjWsC AQ4daAV/mxouRHKywriDcGYs/FksK2VbW3NmseWjwj6S2b+3HRv4Z/hn2VLoDCzN 2nMPG2AzYZfEcWhCbiBvd4dw5Gg6985qa7EEIOVrYS2hZHsfl5MpbgYSJM/vyqtK UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294682931194948792814785987360215940442259 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-25 23:54:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-24 23:54:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1of21.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24482412792926474457539137111205325370632509410773708741141272302949328832281602143969176852236781770178930361280569201316316396090900500690898375315416608307586610171208563153708265763681654542401669418180165258664687306126611123869033637805756628998965719835012506221600019222098574828027935764641939256207140008773775385539450482019925376481572632856867941476146780307300759456545260786486838482780700501735825248575077397680549594109368350780248218236636618223730570897272240621733883424970415424546647699963546015121437620304845028464312290272246774797071789125414880447936980650502171998051882210316231755123283 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 37836c5d0663743b1e2fbe1ab76c90f0c3489763 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1of21.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.1of21.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016a57234a090000040300473045022100ed4ff8a75820064d6c77865186316ef813dc6c70155a7dea1d5dee429ed5dac4022026eb40005457610dbdb8ae253e56673afd5ced87c237819a19769c5888e402a4007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016a57234a310000040300473045022100d980477dabfdca60f136df2ed4a904abec47065471d07f321882ad115490150202201e78baf1c55b9cc86429795c1d5bee17daae2982dea64d8a3480d1f75f1a07a4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00347f048d3acaa949e67d43fcb0de067308418ecdf6dcf9e040b00294463bd9b861366a63f18f94c9a71c9572486c8fa4a9e53a2d47ca676ee9f27b80ed3c6593987fa063b0e111094b45b70f53e79e6a02dd88e67a8e02efd7f7fc2b8dfab7cde1f96ffd9736c134d12e59c86b0bf9524cc3aaa3831903abf34be757400a17a71eca4f5274da00eb06101f8b7114b470ec5227374b8d6c98c4c4208914b45b6f69cc625b0315dc307af85fc2ecc191c06b009244d68a3731333008bdcac2539ceef525062b0ea753bc1f9c18b8249cdee5fd520451c95e4052f10e5d67aec2caade1b7842f04c198fba11ae94a8913821ad931c11dee9f6eef1345f1ed274688