1of21.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:61:fe:cc:20:fa:0e:1a:03:21:7c:90:f0:28:7a:df:a8:93 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=1of21.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:61:fe:cc:20:fa:0e:1a:03:21:7c:90:f0:28:7a:df:a8:93
Serial Number (int): 294682931194948792814785987360215940442259
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 37:83:6c:5d:06:63:74:3b:1e:2f:be:1a:b7:6c:90:f0:c3:48:97:63
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 0f:a4:e4:00:da:55:cd:cd:23:5d:32:9d:e2:7f:25:98:26:22:e3:b2
Fingerprint (sha256): 89:11:7a:2b:61:ea:2d:4f:3d:d8:29:fd:d1:9d:78:cc:76:fe:33:98:f1:b6:0a:20:72:61:b0:ea:11:97:91:c4

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate 1of21.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for 1of21.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

1of21.ch
www.1of21.ch

Other certificates including the domain name 1of21.ch

(limited to 100 certificates)
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
1of21.ch
mail.1of21.ch
1of21.ch
1of21.ch
1of21.ch

Certificate

The complete raw certificate details for 1of21.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISA2H+zCD6DhoDIXyQ8Ch636iTMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MjUyMzU0NTFaFw0x
OTA3MjQyMzU0NTFaMBMxETAPBgNVBAMTCDFvZjIxLmNoMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAwfAlIZCg+I3JshsM5JtFKWsevyh8CTUIR02ynV7W
fEQFUJXhuxnpUn2EqeVHk/VTZuMJhupD3THheftn+QZnNxckVqjGTWJ1XVfHtoFK
KqmrAfxKVp09DQJbDxDLNDKQ73Kdeae8KVMqrh7qQd/dQLrOQS3aOBUdIDIQ+JTY
hGv/qnvrjHNzE5CHAb+bSV38ISads5HdwHY/MCmfjWsCAQ4daAV/mxouRHKywriD
cGYs/FksK2VbW3NmseWjwj6S2b+3HRv4Z/hn2VLoDCzN2nMPG2AzYZfEcWhCbiBv
d4dw5Gg6985qa7EEIOVrYS2hZHsfl5MpbgYSJM/vyqtKUwIDAQABo4ICazCCAmcw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ3g2xdBmN0Ox4vvhq3bJDww0iXYzAfBgNV
HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI
KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI
KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG
A1UdEQQaMBiCCDFvZjIxLmNoggx3d3cuMW9mMjEuY2gwTAYDVR0gBEUwQzAIBgZn
gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDiaUuuJujp
QAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWpXI0oJAAAEAwBHMEUCIQDtT/in
WCAGTWx3hlGGMW74E9xscBVafeodXe5CntXaxAIgJutAAFRXYQ29uK4lPlZnOv1c
7YfCN4GaGXacWIjkAqQAdgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0
eAAAAWpXI0oxAAAEAwBHMEUCIQDZgEd9q/3KYPE23y7UqQSr7EcGVHHQfzIYgq0R
VJAVAgIgHni68cVbnMhkKXlcHVvuF9quKYLepk2KNIDR918aB6QwDQYJKoZIhvcN
AQELBQADggEBADR/BI06yqlJ5n1D/LDeBnMIQY7N9tz54ECwApRGO9m4YTZqY/GP
lMmnHJVySGyPpKnlOi1Hymdu6fJ7gO08ZZOYf6BjsOERCUtFtw9T555qAt2I5nqO
Au/X9/wrjfq3zeH5b/2XNsE00S5ZyGsL+VJMw6qjgxkDq/NL51dAChenHspPUnTa
AOsGEB+LcRS0cOxSJzdLjWyYxMQgiRS0W29pzGJbAxXcMHr4X8LswZHAawCSRNaK
NzEzMAi9ysJTnO71JQYrDqdTvB+cGLgknN7l/VIEUcleQFLxDl1nrsLKreG3hC8E
wZj7oRrpSokTghrZMcEd7p9u7xNF8e0nRog=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfAlIZCg+I3JshsM5JtF
KWsevyh8CTUIR02ynV7WfEQFUJXhuxnpUn2EqeVHk/VTZuMJhupD3THheftn+QZn
NxckVqjGTWJ1XVfHtoFKKqmrAfxKVp09DQJbDxDLNDKQ73Kdeae8KVMqrh7qQd/d
QLrOQS3aOBUdIDIQ+JTYhGv/qnvrjHNzE5CHAb+bSV38ISads5HdwHY/MCmfjWsC
AQ4daAV/mxouRHKywriDcGYs/FksK2VbW3NmseWjwj6S2b+3HRv4Z/hn2VLoDCzN
2nMPG2AzYZfEcWhCbiBvd4dw5Gg6985qa7EEIOVrYS2hZHsfl5MpbgYSJM/vyqtK
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 294682931194948792814785987360215940442259
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-25 23:54:51 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-24 23:54:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1of21.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24482412792926474457539137111205325370632509410773708741141272302949328832281602143969176852236781770178930361280569201316316396090900500690898375315416608307586610171208563153708265763681654542401669418180165258664687306126611123869033637805756628998965719835012506221600019222098574828027935764641939256207140008773775385539450482019925376481572632856867941476146780307300759456545260786486838482780700501735825248575077397680549594109368350780248218236636618223730570897272240621733883424970415424546647699963546015121437620304845028464312290272246774797071789125414880447936980650502171998051882210316231755123283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							37836c5d0663743b1e2fbe1ab76c90f0c3489763
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1of21.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.1of21.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016a57234a090000040300473045022100ed4ff8a75820064d6c77865186316ef813dc6c70155a7dea1d5dee429ed5dac4022026eb40005457610dbdb8ae253e56673afd5ced87c237819a19769c5888e402a4007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016a57234a310000040300473045022100d980477dabfdca60f136df2ed4a904abec47065471d07f321882ad115490150202201e78baf1c55b9cc86429795c1d5bee17daae2982dea64d8a3480d1f75f1a07a4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00347f048d3acaa949e67d43fcb0de067308418ecdf6dcf9e040b00294463bd9b861366a63f18f94c9a71c9572486c8fa4a9e53a2d47ca676ee9f27b80ed3c6593987fa063b0e111094b45b70f53e79e6a02dd88e67a8e02efd7f7fc2b8dfab7cde1f96ffd9736c134d12e59c86b0bf9524cc3aaa3831903abf34be757400a17a71eca4f5274da00eb06101f8b7114b470ec5227374b8d6c98c4c4208914b45b6f69cc625b0315dc307af85fc2ecc191c06b009244d68a3731333008bdcac2539ceef525062b0ea753bc1f9c18b8249cdee5fd520451c95e4052f10e5d67aec2caade1b7842f04c198fba11ae94a8913821ad931c11dee9f6eef1345f1ed274688