crm.bretz.xyz

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:2c:5e:6e:8c:13:ab:cb:0d:5a:88:3c:3e:17:2e:96:bf:d3 was issued on by Let's Encrypt .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

crm.bretz.xyz

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:2c:5e:6e:8c:13:ab:cb:0d:5a:88:3c:3e:17:2e:96:bf:d3
Serial Number (int): 102210231501635606972790980024656243113939
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: 57:64:7d:1a:ff:c6:5a:d1:54:75:af:57:b7:6e:1c:6b:2b:ce:32:66
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 23:35:73:c8:e7:b4:c4:c0:ea:eb:40:06:9e:24:c7:a6:a2:fb:6e:5a
Fingerprint (sha256): 79:1d:c4:39:0e:39:82:2a:2c:26:52:36:f1:1e:1e:e0:e9:4e:18:86:2d:a8:1c:3a:ec:fb:30:92:0a:86:50:71

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on crm.bretz.xyz
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: crm.bretz.xyz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIF/jCCBOagAwIBAgISASxebowTq8sNWog8Phculr/TMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMDQwNjU4MDBaFw0x NjAzMDMwNjU4MDBaMBgxFjAUBgNVBAMTDWNybS5icmV0ei54eXowggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDAXV5xoE/BfBtuaZUwCFqDEtZQS1V6Cc9q xoV+czsOqMFUt5GBxXga7gvNFkEpM7KZAura209PoFtVNyIOGNIOd19fDnyOovug cPXfBxqHc0Rb6NJdbcv8GQ2LAKO2i2+OUqh7PlyuEzahwVlisbDDqjsbGbLSXdS8 0MPONwzbJgIb6Q0emTiG7UoynMfuvKGbLlTf33Fgixtfb0cRQqfGVWCCWR/XdTV2 7kRtSJElQNQgaQV/ylPs+Uo0/F2e2ufCIu0OK3uIx8OiMBQ1HuPuTxZUk40zDBFQ qHW9MONYwpLbe3O9fG4/A/oLv7NTLTyoOZB+Khv2x3vNUkvtBewotA1u3Q/chRHt 9mLIZKUhS1VIYOx5jhQnikIuyfsNA9RoJvCRiRRMnV9/EmsqFV8L2QcgEew+oc+Y dEF7tIW9wNg9JN5Hh3R+rgNsUQwwoZS9UsQZszscamvgBPm/O7X/8y1mWqu7my7l sokZr4lRgGPmQVbIARCtbhHaxE8PBxUui0iQgUefGF/xP86EfPcMm2WIQU40PtrJ 57uy88BzcUleg0Yt1PnaVsKVZMLVQBWpE++y1EehGix3giedjM+6qYRKject2J44 CFaIV1QF576QUKJJicEDPP5LI5YMwKk0FqgdGMS5AEy2y9ixZqgY2Tmgxg/kB7p7 K0Xui2rmwQIDAQABo4ICDjCCAgowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRXZH0a /8Za0VR1r1e3bhxrK84yZjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14 MS5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDEubGV0c2VuY3J5cHQub3JnLzAYBgNVHREEETAPgg1jcm0uYnJldHoueHl6MIH+ BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGe DIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBS ZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBD ZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5v cmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBABiaFw+1npoBDu4QYd2k rdW76uCO/xupoaCt5eZmNg2Xgexk8RgTLVheYCdlONNJ6QbEptCUdXkUrv1s+F3r 4pLg4M+du7y2aNJuEMal7KrZ2XmPot8d8YL2xaNRM9oi1vR6O1JjIVamLhKMFpYK VNiqZDDXuyzi7YHRiPw7MXZe0ywupsA+ZYy4FBqZoEkMBXwJ6AqFoSKLOf3ZKy3V TUp73ZcXI+IbQBDSHW+2jGznsP9WZXAKjCe+SRUL1oinlUFPudw9VuzAznfqseDy Tm/oJg9YCm/GnEJD4Hd08tpo+fxqYFEQBu0wtVHrbwI0C6GOphVjTBpXnsAFnWNr 8QA= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwF1ecaBPwXwbbmmVMAha gxLWUEtVegnPasaFfnM7DqjBVLeRgcV4Gu4LzRZBKTOymQLq2ttPT6BbVTciDhjS DndfXw58jqL7oHD13wcah3NEW+jSXW3L/BkNiwCjtotvjlKoez5crhM2ocFZYrGw w6o7Gxmy0l3UvNDDzjcM2yYCG+kNHpk4hu1KMpzH7ryhmy5U399xYIsbX29HEUKn xlVgglkf13U1du5EbUiRJUDUIGkFf8pT7PlKNPxdntrnwiLtDit7iMfDojAUNR7j 7k8WVJONMwwRUKh1vTDjWMKS23tzvXxuPwP6C7+zUy08qDmQfiob9sd7zVJL7QXs KLQNbt0P3IUR7fZiyGSlIUtVSGDseY4UJ4pCLsn7DQPUaCbwkYkUTJ1ffxJrKhVf C9kHIBHsPqHPmHRBe7SFvcDYPSTeR4d0fq4DbFEMMKGUvVLEGbM7HGpr4AT5vzu1 //MtZlqru5su5bKJGa+JUYBj5kFWyAEQrW4R2sRPDwcVLotIkIFHnxhf8T/OhHz3 DJtliEFOND7ayee7svPAc3FJXoNGLdT52lbClWTC1UAVqRPvstRHoRosd4InnYzP uqmESo3nLdieOAhWiFdUBee+kFCiSYnBAzz+SyOWDMCpNBaoHRjEuQBMtsvYsWao GNk5oMYP5Ae6eytF7otq5sECAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 102210231501635606972790980024656243113939 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-04 06:58:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-03 06:58:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'crm.bretz.xyz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 784779598426711134135137722550029253008345342566278650413238479702355878615759776435199812022713848672708655353773288954057051117076109022794924451220971304404969561389740519197286796593749877927854838719807400859002603337076095532690925640220912821636231591966252756259398002119699613098474022327698060345344239875820462249392218312433967469450247387952228553015011888499346583290823378778077267191572866784325596341943229730379296434750760776263972556033751468307407833614009205190636485931435429130776605436195665218931241302308561136537201291089446959146263126365654690186442590299668716728512214492360164464226578108291683844363757633968109553086422790423928580802562393197977446843542092601486459930789931778338322216089965848678564042997010500708262631401453367025851091524729731382830589691868936597644423143355220330190325833940242571517053305946533065437125068584943532150317163174499507628437950577561484424982321930583332292545391015633384556677362509906901271113560046041051628898995067959294855358454057870828816397649071839516458221259844677158490156917897073075055973887727810831163896447500839265727527163467646195581803927106513567652937506691973251173499319206131272120891560680026068792615743022687773301593007809 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 57647d1affc65ad15475af57b76e1c6b2bce3266 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crm.bretz.xyz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00189a170fb59e9a010eee1061dda4add5bbeae08eff1ba9a1a0ade5e666360d9781ec64f118132d585e60276538d349e906c4a6d094757914aefd6cf85debe292e0e0cf9dbbbcb668d26e10c6a5ecaad9d9798fa2df1df182f6c5a35133da22d6f47a3b52632156a62e128c16960a54d8aa6430d7bb2ce2ed81d188fc3b31765ed32c2ea6c03e658cb8141a99a0490c057c09e80a85a1228b39fdd92b2dd54d4a7bdd971723e21b4010d21d6fb68c6ce7b0ff5665700a8c27be49150bd688a795414fb9dc3d56ecc0ce77eab1e0f24e6fe8260f580a6fc69c4243e07774f2da68f9fc6a60511006ed30b551eb6f02340ba18ea615634c1a579ec0059d636bf100