architettura-sa.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:bc:ed:e9:f0:01:e0:6f:38:de:00:78:ca:2a:cd:a3:35:52 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=architettura-sa.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bc:ed:e9:f0:01:e0:6f:38:de:00:78:ca:2a:cd:a3:35:52Serial Number (int): 325626184484513226888130633412214201202002
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 74:0c:5d:99:71:82:e2:3c:e8:a2:8e:8f:11:c8:e5:b2:f6:1d:e0:c6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f6:52:cc:3f:4e:c8:30:e0:8d:19:4a:00:50:65:10:96:03:60:8e:d2
Fingerprint (sha256): a2:06:05:d8:0a:ab:59:6a:37:5a:8d:63:b7:b6:24:39:31:20:0d:22:27:aa:94:f0:42:3f:47:63:72:dc:1a:a5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate architettura-sa.ch
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for architettura-sa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.architettura-sa.ch
*.cdr-arch.ch
architettura-sa.ch
cdr-arch.ch
*.cdr-arch.ch
architettura-sa.ch
cdr-arch.ch
Other certificates including the domain name architettura-sa.ch
(limited to 100 certificates)
mail.architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
mail.architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
www.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
*.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
mail.architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
www.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
mail.architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
architettura-sa.ch
*.architettura-sa.ch
architettura-sa.ch
Certificate
The complete raw certificate details for architettura-sa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISA7zt6fAB4G843gB4yirNozVSMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjUwODA2MTBaFw0yMzEyMjQwODA2MDlaMB0xGzAZBgNVBAMT EmFyY2hpdGV0dHVyYS1zYS5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANLTTqybtVs69X3xUU7AFEyLJf7/Ua5ZkoBMyJM/GrsQap9H0OSHw+x9ybuE v3yPZh8O0xpGixT5AkX6a94yqcjHnMdEVWD/8M6+k3OHzxveKK07IOwRwllr3r1s bOjh6sHIlUtzhvRKD+BXNgbAQAkia6lIfm773f4xEgI60Do7qJbpUwvX6XkRSzv3 iqqSKIHsTN0q3OJw4kIrhngC5PixBcQG46FrQyxzeKPkotK6mNZXUAv7sNyxCjR3 1WVEbM+eXZ1m4EhmP12hYOk/2NeGY7oJCSU1ikSCEnSvMuC+tGMm2L3YEvjX0VR7 k+IWDUyC/UlNqg0Q9M5YgsIwNT0CAwEAAaOCAkYwggJCMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUdAxdmXGC4jzooo6PEcjlsvYd4MYwHwYDVR0jBBgwFoAUFC6zF7dY VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy Lm9yZy8wTwYDVR0RBEgwRoIUKi5hcmNoaXRldHR1cmEtc2EuY2iCDSouY2RyLWFy Y2guY2iCEmFyY2hpdGV0dHVyYS1zYS5jaIILY2RyLWFyY2guY2gwEwYDVR0gBAww CjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwB6MoxU2LcttiDq OOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYrLlsVGAAAEAwBIMEYCIQCvKY5nkZGD 6fvmUeKzYo6AkhmShd9n/Rd5SgQrf4AIxgIhAIDH+QpR7FKL7j5qIrG5jUzjZhx9 uK3QMUAgOZ0EeUXbAHUAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkA AAGKy5bFOgAABAMARjBEAiBImIW5T84lnqZCmv/kkKCCQfqzmj1cXCSSGDJWYGkI NwIgDPeNfm4y7XPV+tcV0F/BF+CVErJN0JDcPe/5jn64v1owDQYJKoZIhvcNAQEL BQADggEBAKjvYCb1xuvZHl6BYEHTcy0eOKbvrM+0AkTpYq+t8Yl7CEjiQztZTsrM T7HGpWns75uKTSL5GsyK5xApf2Oyg2mb3GkRMAn2dimA1glrsvoOVSmrtxeTVziT bEXaYzJBvJ1hdzrHS85vlEYjRsk+4Wdy8udak4PRpZ/uvbPiZb730Ka+GEBkiwiT BK0BJaXSswHn4G1KaowB1eCf6LEVjK147D4q7L+MpieSyOaakWqsog8vfVQ6P9iI we+yjXh7upU4I1mduCM/SjmdD9DH6JtZq21szs10FKfwbyw2knjxtLfCuMGo8aXZ gnxj8xQoySsKIklUlo1ZaPLsb2Gg9AA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tNOrJu1Wzr1ffFRTsAU TIsl/v9RrlmSgEzIkz8auxBqn0fQ5IfD7H3Ju4S/fI9mHw7TGkaLFPkCRfpr3jKp yMecx0RVYP/wzr6Tc4fPG94orTsg7BHCWWvevWxs6OHqwciVS3OG9EoP4Fc2BsBA CSJrqUh+bvvd/jESAjrQOjuolulTC9fpeRFLO/eKqpIogexM3Src4nDiQiuGeALk +LEFxAbjoWtDLHN4o+Si0rqY1ldQC/uw3LEKNHfVZURsz55dnWbgSGY/XaFg6T/Y 14ZjugkJJTWKRIISdK8y4L60YybYvdgS+NfRVHuT4hYNTIL9SU2qDRD0zliCwjA1 PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325626184484513226888130633412214201202002 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-25 08:06:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-24 08:06:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'architettura-sa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26614243566571155410620792840203166395024972849491059005993936663296395771735109986018550738790328513641566393066059035575687433017899322871944849812121586229551751975665028377457184134527631464857961892549067082522961120864609312848943978337380102978201268716566116524230096480636161829502841771607153379240702394797056713524551519823415619666116610747442914586755647165138991689393140064644748943675025113703505119225990205892364514988249908480351042023609958045308716181014151525135625403610802918391618387132603638964203945215327139867093508713373526488400340644301701765431442325094329773026144357383855854859581 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 740c5d997182e23ce8a28e8f11c8e5b2f61de0c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.architettura-sa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cdr-arch.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'architettura-sa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdr-arch.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018acb96c5460000040300483046022100af298e67919183e9fbe651e2b3628e8092199285df67fd17794a042b7f8008c602210080c7f90a51ec528bee3e6a22b1b98d4ce3661c7db8add0314020399d047945db007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018acb96c53a00000403004630440220489885b94fce259ea6429affe490a08241fab39a3d5c5c24921832566069083702200cf78d7e6e32ed73d5fad715d05fc117e09512b24dd090dc3deff98e7eb8bf5a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a8ef6026f5c6ebd91e5e816041d3732d1e38a6efaccfb40244e962afadf1897b0848e2433b594ecacc4fb1c6a569ecef9b8a4d22f91acc8ae710297f63b283699bdc69113009f6762980d6096bb2fa0e5529abb717935738936c45da633241bc9d61773ac74bce6f94462346c93ee16772f2e75a9383d1a59feebdb3e265bef7d0a6be1840648b089304ad0125a5d2b301e7e06d4a6a8c01d5e09fe8b1158cad78ec3e2aecbf8ca62792c8e69a916aaca20f2f7d543a3fd888c1efb28d787bba953823599db8233f4a399d0fd0c7e89b59ab6d6ccecd7414a7f06f2c369278f1b4b7c2b8c1a8f1a5d9827c63f31428c92b0a224954968d5968f2ec6f61a0f400