www.diygeneva.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:b1:53:2a:94:a6:47:cf:fb:78:fd:af:9d:a6:d1:f7:41:3a was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.diygeneva.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:b1:53:2a:94:a6:47:cf:fb:78:fd:af:9d:a6:d1:f7:41:3aSerial Number (int): 408789669687136022288427272797121255260474
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 1e:a6:89:0b:19:4e:ab:1e:91:bc:8b:2f:a1:69:91:6e:e8:c4:7f:87
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 83:07:52:2c:eb:8d:55:f9:77:58:3a:b2:f7:5b:f4:95:70:22:c0:71
Fingerprint (sha256): 8a:ad:af:74:69:37:bc:80:1f:88:a2:41:01:90:c7:46:a3:24:38:19:ca:cd:45:76:c8:a2:5d:54:72:57:00:fc
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.diygeneva.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.diygeneva.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.diygeneva.ch
Other certificates including the domain name diygeneva.ch
(limited to 100 certificates)
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
www.diygeneva.ch
Certificate
The complete raw certificate details for www.diygeneva.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgISBLFTKpSmR8/7eP2vnabR90E6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDIyMTE3NDRaFw0y MDAzMDEyMTE3NDRaMBsxGTAXBgNVBAMTEHd3dy5kaXlnZW5ldmEuY2gwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg8hHuPYex9XiYYAdH200huxQ3V8Iv c4gJEK9GuCoXcvpquVuLF+kNUpudm0c/H617EZep1JVL5P4vQ/SnpHUZgyOEDC84 2OBZ6kckYyRJb3u9rGje+8PeM+Wc6j+IOqS436rIc0dRl+kOIyFXTd+4rDg/ahfp RYuE5cC+FG1LfJ6fUP6kHYdQCBbBmDrLlBAm7HP/0mMznBWTImvB4V0AgFky3SNJ yk+uw5GgMWDIVZWNcF6pOr6ApVMutLRL//TNBYKRe8WRVIQoRaqlNHYBPqc/mt/4 sw8mhnHfmV9+CUxdUfglufBwzjuINJ2PooBTSjKdzMDJfnyuzLkCLQvnAgMBAAGj ggJmMIICYjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFB6miQsZTqsekbyLL6FpkW7o xH+HMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0 Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0 Lm9yZy8wGwYDVR0RBBQwEoIQd3d3LmRpeWdlbmV2YS5jaDBMBgNVHSAERTBDMAgG BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz LmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AAe3XBvl fWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABbsiw3EwAAAQDAEgwRgIhANVH A/P4ZeAgXwWCqvp2y7Uilwkb06AjG9QuIAi3CbKBAiEAuKoFxfXyqzY6mzjS0uZB 8QGJqkRpYMivHfvOnEIU7fMAdgDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCo qo6ycwAAAW7IsNwmAAAEAwBHMEUCIQDah33wcHqTQ71qndWclBPtMbaFs5fYkRZv OVT1pOfCpQIgeoH5IbnS5GbjxsxdaFfV8KjjMHgY2Hyk9l1L3Tu7gIEwDQYJKoZI hvcNAQELBQADggEBAJiAhFAkRbb5FfeNvRbafjotzay1mKTsXggLytyeyYuIN0V9 Tx51arJuJgUiEzIkTn1qp4N86U83D4gJOOWgRdRvE/rpPPxiTYAdBElsFwg5wfOn v5k3EPNTfKVddNDKx+DnM0ro+2Y8CWML2IAcgwTONnHWzule4BPLOaERe9OsHpqV b5HNER6JNu9ugN/x9YHJSChb35J06raFrLEbK+RmZ7mVmD9RsgF56rB8aCZwRLif 0gr6gvYLakr7878p+lW9fL5siGNJu9/l5C4pV6uBCni3605Ux2oVbsIydYuSUPWc bxbelrmrg/h3izl+oAU1YYCFyxYA/TGXeDLIfIM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PIR7j2HsfV4mGAHR9tN IbsUN1fCL3OICRCvRrgqF3L6arlbixfpDVKbnZtHPx+texGXqdSVS+T+L0P0p6R1 GYMjhAwvONjgWepHJGMkSW97vaxo3vvD3jPlnOo/iDqkuN+qyHNHUZfpDiMhV03f uKw4P2oX6UWLhOXAvhRtS3yen1D+pB2HUAgWwZg6y5QQJuxz/9JjM5wVkyJrweFd AIBZMt0jScpPrsORoDFgyFWVjXBeqTq+gKVTLrS0S//0zQWCkXvFkVSEKEWqpTR2 AT6nP5rf+LMPJoZx35lffglMXVH4JbnwcM47iDSdj6KAU0oynczAyX58rsy5Ai0L 5wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 408789669687136022288427272797121255260474 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 21:17:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-01 21:17:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.diygeneva.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28396749498815858831668728007559226933506872961056369578020158091697280369063424018519064413139003549814223782883863083315847546326197553131732532306803732190358061642446233454612004342350003148321101296614394320626334679003569028544607613757441891094625778938956195370486142934885901291520414675254195535882041712038717933807229843176119263002911227863295418259295543799483416895980478462751751816305723169518145594995887082005990280337497904695993592145688039813744169081543618900064468704107224232928741511065146883924854010497925379204685664312464039780519476918966920304841893105183029180373322012667034760711143 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1ea6890b194eab1e91bc8b2fa169916ee8c47f87 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.diygeneva.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ec8b0dc4c0000040300483046022100d54703f3f865e0205f0582aafa76cbb52297091bd3a0231bd42e2008b709b281022100b8aa05c5f5f2ab363a9b38d2d2e641f10189aa446960c8af1dfbce9c4214edf3007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016ec8b0dc260000040300473045022100da877df0707a9343bd6a9dd59c9413ed31b685b397d891166f3954f5a4e7c2a502207a81f921b9d2e466e3c6cc5d6857d5f0a8e3307818d87ca4f65d4bdd3bbb8081 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00988084502445b6f915f78dbd16da7e3a2dcdacb598a4ec5e080bcadc9ec98b8837457d4f1e756ab26e2605221332244e7d6aa7837ce94f370f880938e5a045d46f13fae93cfc624d801d04496c170839c1f3a7bf993710f3537ca55d74d0cac7e0e7334ae8fb663c09630bd8801c8304ce3671d6cee95ee013cb39a1117bd3ac1e9a956f91cd111e8936ef6e80dff1f581c948285bdf9274eab685acb11b2be46667b995983f51b20179eab07c68267044b89fd20afa82f60b6a4afbf3bf29fa55bd7cbe6c886349bbdfe5e42e2957ab810a78b7eb4e54c76a156ec232758b9250f59c6f16de96b9ab83f8778b397ea00535618085cb1600fd31977832c87c83