hajoscho.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:dd:81:52:06:72:f2:33:d1:71:d9:68:4c:32:6a:01:35:b4 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=hajoscho.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:dd:81:52:06:72:f2:33:d1:71:d9:68:4c:32:6a:01:35:b4Serial Number (int): 336711157195408220533952083098728994518452
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: cb:ae:73:7e:fd:7d:c8:f4:7c:b8:e9:bc:61:98:b9:e2:6a:54:63:e9
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 6e:b8:49:09:63:32:fb:55:ff:8e:2d:47:01:7f:a7:58:81:06:b9:b4
Fingerprint (sha256): 8c:e0:00:9f:04:67:1f:4b:b7:fe:0a:b3:46:e3:c6:8b:6f:3e:f8:fa:cb:50:ff:44:df:80:56:87:bf:1a:59:78
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate hajoscho.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hajoscho.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hajoscho.de
www.hajoscho.de
www.hajoscho.de
Other certificates including the domain name hajoscho.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for hajoscho.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXjCCBUagAwIBAgISA92BUgZy8jPRcdloTDJqATW0MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDExNjI5MjdaFw0y MDAxMzAxNjI5MjdaMBYxFDASBgNVBAMTC2hham9zY2hvLmRlMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAzoArsFXAwUqvkm82gxRr6tPshE/g4D/rQhr8 ru1MXR6sYQ17yC2lmOJs9v73gsHk/B3ET9mY/XQ8MeOi9jPx85TxAx64JZGb/opR d6nNx8lTQ0prbpnjRO2IXSXciC/bRBrTd3pfj5KBldFvBYkbaLqkFGh2GomzsBJN YYH2kjnPuB6+1qPfj8nAhtrEwyCCjOhZrjfzKBRl5MmZc5I92oCkhd2i5XSnj4d5 kOjousyVa4B++LDt7PLaDtyct+Dhiad1BG391psGIapSEkL5+HSBL64G5jCUxUkO 5zMLkAeRGaOQgKGgKFvbfpqsPTNhSkQoxhoMvDkSdG0/eTf14n6QNi2FvuIJP0Cm xlv3iobitLNt7LQWr8amhhaQjbBV1bVHRyEdL+oEVXMLSOeu5SfBBYK0W9hDFzcH xGQkKrvfHZCsEP4gJc3hsKPx5KGSdpcM81cgvF3Dy/ltzDxn7vUg18KL4TImotSc 90p0j0SUgylyyxgh9B/dC4GOk2p+6M5O8GCjVQSBu4CJ2RqqQ1POq292g3TJ+Yaj f2R1winOBRVDQNSHs2IKbEP5qeCR0H17h9E/NH5o4MHjDtvp+7yrQchS2S1UMitB UfAIY3/7HaI4apIy1rUeq8m2DoKvw56kBUQPKo0cEPDYXnFl202d/QFzYckqlsh0 VYFHpcECAwEAAaOCAnAwggJsMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUy65zfv19 yPR8uOm8YZi54mpUY+kwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAnBgNVHREEIDAeggtoYWpvc2Noby5kZYIPd3d3Lmhh am9zY2hvLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgw JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYB BAHWeQIEAgSB9ASB8QDvAHUAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFx RVgAAAFuKAPJ4QAABAMARjBEAiBZAmbpeJflre59OiLnZ83XbzFPtGuvhrxHuAer kcX1kAIgYtijHGzY7wgdoh+fo9FEjhYr7NrlcDsEzBw6cMGDc1IAdgCyHgXMi6LN iiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW4oA8vHAAAEAwBHMEUCICX50GFA 9fIJ6mc3Qlr5ftxocbHhZdQ/eEv4q6xAhUhFAiEA6hPCpX5CuFdAHnoLpv+2oYul MOhJI8+CRigtV8dEyz8wDQYJKoZIhvcNAQELBQADggEBAI4OT9QvsOUZlxuXmBvf modBt+8VjbgUFhVwXOOTLS+u+WvFkMMeXCTwM85tOJyC/5Ys4H6Z7iXTk9bNOc7Z 2Jsu4sG8YQoxgeCLDj8tPVhEV2b5wpJMW5jOGhHV9BCwS8NKijdCfcbOg9YAOFn1 sXSTZ10aG65lNpczo8O1OC6WKrOvo26jag78BgOdhwgONkyehQHfdW5lWmkTMVnL 39Nl82KRzy0mgcKhsmQM/OBPlu0cWoXyx/0Dzj8/CuBhgDqAjfCN8TuyRaD4NK9U jeCw/3wtC3tSBMcJbA6hKVjYHrFyhojKwAkTgh++0TCsdK9CF848gwIJjXXsOutv R60= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzoArsFXAwUqvkm82gxRr 6tPshE/g4D/rQhr8ru1MXR6sYQ17yC2lmOJs9v73gsHk/B3ET9mY/XQ8MeOi9jPx 85TxAx64JZGb/opRd6nNx8lTQ0prbpnjRO2IXSXciC/bRBrTd3pfj5KBldFvBYkb aLqkFGh2GomzsBJNYYH2kjnPuB6+1qPfj8nAhtrEwyCCjOhZrjfzKBRl5MmZc5I9 2oCkhd2i5XSnj4d5kOjousyVa4B++LDt7PLaDtyct+Dhiad1BG391psGIapSEkL5 +HSBL64G5jCUxUkO5zMLkAeRGaOQgKGgKFvbfpqsPTNhSkQoxhoMvDkSdG0/eTf1 4n6QNi2FvuIJP0Cmxlv3iobitLNt7LQWr8amhhaQjbBV1bVHRyEdL+oEVXMLSOeu 5SfBBYK0W9hDFzcHxGQkKrvfHZCsEP4gJc3hsKPx5KGSdpcM81cgvF3Dy/ltzDxn 7vUg18KL4TImotSc90p0j0SUgylyyxgh9B/dC4GOk2p+6M5O8GCjVQSBu4CJ2Rqq Q1POq292g3TJ+Yajf2R1winOBRVDQNSHs2IKbEP5qeCR0H17h9E/NH5o4MHjDtvp +7yrQchS2S1UMitBUfAIY3/7HaI4apIy1rUeq8m2DoKvw56kBUQPKo0cEPDYXnFl 202d/QFzYckqlsh0VYFHpcECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336711157195408220533952083098728994518452 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-01 16:29:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-30 16:29:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hajoscho.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 842449219693195702662448952784663292071176969294893302002666503142756780361660077136302524799589651654798960441652781710567466087231071483074734297425430052436361536691026553328187929407887881522496237226972785445090341241809583213136079718687831698834988325332471294151226949963389500049632546405704438044884670612529297564464481767131850337054704817382253984950887656612022690344466212546891167610870773667532670452463694836550759625212846957691372710884532738799018053482522288049366713030606048078036847077547941392658418151885998012419456542589791556162870290976381231364887880016142921734541623650696705460933781328779024270128287467202723625008636529395082114049123863757922522218729154129073696964953261617030514859735312598422640454836102969993281774917107387495150401599015404337495503546574188807740483511500171412074929639318582809269233290339394679910966632017663964301749594873789296462668804205691551875545532160964998599595698902927282734427072072932768172389584686253570759266977877245121623229899051973014028917823267894346704200043941284434068800992493866760999482962238380308733560393587836743013244387588086917120136005452112990744199815364125268722711841849900648251654934288012650026503563533585748103638001089 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cbae737efd7dc8f47cb8e9bc6198b9e26a5463e9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hajoscho.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hajoscho.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016e2803c9e100000403004630440220590266e97897e5adee7d3a22e767cdd76f314fb46baf86bc47b807ab91c5f590022062d8a31c6cd8ef081da21f9fa3d1448e162becdae5703b04cc1c3a70c1837352007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e2803cbc70000040300473045022025f9d06140f5f209ea6737425af97edc6871b1e165d43f784bf8abac40854845022100ea13c2a57e42b857401e7a0ba6ffb6a18ba530e84923cf8246282d57c744cb3f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008e0e4fd42fb0e519971b97981bdf9a8741b7ef158db8141615705ce3932d2faef96bc590c31e5c24f033ce6d389c82ff962ce07e99ee25d393d6cd39ced9d89b2ee2c1bc610a3181e08b0e3f2d3d58445766f9c2924c5b98ce1a11d5f410b04bc34a8a37427dc6ce83d6003859f5b17493675d1a1bae65369733a3c3b5382e962ab3afa36ea36a0efc06039d87080e364c9e8501df756e655a69133159cbdfd365f36291cf2d2681c2a1b2640cfce04f96ed1c5a85f2c7fd03ce3f3f0ae061803a808df08df13bb245a0f834af548de0b0ff7c2d0b7b5204c7096c0ea12958d81eb1728688cac00913821fbed130ac74af4217ce3c8302098d75ec3aeb6f47ad