blog.krumer.it

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:42:1f:c3:d0:eb:ad:7a:c4:a8:60:0b:d8:c2:3a:aa:e7:6f was issued on by Let's Encrypt .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

blog.krumer.it

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:42:1f:c3:d0:eb:ad:7a:c4:a8:60:0b:d8:c2:3a:aa:e7:6f
Serial Number (int): 109613144951712436993392662766256820774767
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: bb:51:29:ce:dc:db:91:80:0a:39:03:ce:6c:33:6f:21:be:ae:d4:80
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): eb:75:5d:0b:1f:04:60:00:db:a2:e6:98:28:48:15:26:ee:ef:26:9f
Fingerprint (sha256): 00:bf:1b:06:04:91:9d:dc:bc:f8:50:14:9f:d2:a2:e6:1a:71:29:2b:69:77:95:23:f3:a5:58:1d:e2:a1:fc:70

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on blog.krumer.it
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: blog.krumer.it

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGADCCBOigAwIBAgISAUIfw9DrrXrEqGAL2MI6qudvMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMDUxNDA1MDBaFw0x NjAzMDQxNDA1MDBaMBkxFzAVBgNVBAMTDmJsb2cua3J1bWVyLml0MIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp3lnCTiNBT2nPGYo45+1duiDDxG3bLcM 08gKGI6SxaGGrBGeXOZeGA/CfRNbnA+gA8GxtkN4AgpD8mVCyr+/2BpIn4KvOZrn fY2oyNviC5NtNC5NNUHbj+s7AqLHRmQ2s4fC5TgJOH6vQ045L1yaQJvt68pxctZT m0rhGOr7EnFIomEgbMUD0pgEH6DyVXf8K1jPeVBNHxOSdihQWlGI/W2J36TvxmO7 vpVm/HQvbibQdFLjInUNaAFyH1vIQKgOXkb9llf3wdVg91fAD0gn8IWrjZduByhY j9ZiP4wvLCy65YDnD8vHbuN40MsZUAI2jFEW8wFubVvu8/Z/3BAAFoDIIj14YEEF pggz08RJd1pJKKT61mEZmhVSKdImDbXjZ+mxEOTISjNxFxNBLMUsyXtlyscKnE9o 9/rZTeoVNFj+KKBZMn5h9v6ULoBFRtNc/znhtgHU6t+KTk8pFukwprhUxyQNQQKs fMz1xKnnMgNuJ0rRQlOZ53Y8cGBqfH5Sa74AekdLt6vAQFf8C6uUqub+R79am166 NCA2jaTqQ9PIsnobhduHnTBw2OeTiCQLG99tKAXFf2lZG3LQkzoObnBZOhU0Wn1E +U72V7+5posg2TZXqTNSwK22SHKHCnGrTlatBwQhLyMUVmaUx+6B9nKfu9a1wGD7 FqbzqTCLsEsCAwEAAaOCAg8wggILMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUu1Ep ztzbkYAKOQPObDNvIb6u1IAwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwcAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQt eDEubGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgxLmxldHNlbmNyeXB0Lm9yZy8wGQYDVR0RBBIwEIIOYmxvZy5rcnVtZXIuaXQw gf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsG AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIw gZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5 IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhl IENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0 Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAQuTAHVEmMZHa3z+x kg3TjHDQgVsvL6mKSa9YhnpgqOdpQrojuKpa9kdWHYtxcVuuxrgzwcCan9CGKDqw KEHRYrjyFIkm7y10GfpHe4U+onJeWg3cdfTFwC0Q8pPvNcCNnTHxkyo4XshOkIgW Y/5ZnN+c7w09f8ACwkIsw96J14IzRnvZRDZwkk8Sl/Nc8oKoR43xOafIDd1QPkjK 9x4PCRUfH36tPoBEem1t07dTYsQUq5MTUmNNI//mzU24nYwrxmwzBIedq4Y2EL2g M3lojNFMwFR7bwW9tyvRVIkl10q2qzGgEgbtYpz9+l3hv5OssQ4avuoHOWRJLj0m UIqJBQ== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp3lnCTiNBT2nPGYo45+1 duiDDxG3bLcM08gKGI6SxaGGrBGeXOZeGA/CfRNbnA+gA8GxtkN4AgpD8mVCyr+/ 2BpIn4KvOZrnfY2oyNviC5NtNC5NNUHbj+s7AqLHRmQ2s4fC5TgJOH6vQ045L1ya QJvt68pxctZTm0rhGOr7EnFIomEgbMUD0pgEH6DyVXf8K1jPeVBNHxOSdihQWlGI /W2J36TvxmO7vpVm/HQvbibQdFLjInUNaAFyH1vIQKgOXkb9llf3wdVg91fAD0gn 8IWrjZduByhYj9ZiP4wvLCy65YDnD8vHbuN40MsZUAI2jFEW8wFubVvu8/Z/3BAA FoDIIj14YEEFpggz08RJd1pJKKT61mEZmhVSKdImDbXjZ+mxEOTISjNxFxNBLMUs yXtlyscKnE9o9/rZTeoVNFj+KKBZMn5h9v6ULoBFRtNc/znhtgHU6t+KTk8pFukw prhUxyQNQQKsfMz1xKnnMgNuJ0rRQlOZ53Y8cGBqfH5Sa74AekdLt6vAQFf8C6uU qub+R79am166NCA2jaTqQ9PIsnobhduHnTBw2OeTiCQLG99tKAXFf2lZG3LQkzoO bnBZOhU0Wn1E+U72V7+5posg2TZXqTNSwK22SHKHCnGrTlatBwQhLyMUVmaUx+6B 9nKfu9a1wGD7FqbzqTCLsEsCAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 109613144951712436993392662766256820774767 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-05 14:05:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-04 14:05:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blog.krumer.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 683235242662206963951173883614755190703626045860590694235651111475260519504786257784271991311454854577153289778693300508310936418066240292910485442523973760228508197460572990945048749778415052038342501732027618555194913082035998060916023634189223931762569437417874887950858754688146708026130031738487211310960901660652947108433491716098134594814697488176054248345431176033464199646244779867764784952885876609851641744317745306858754453326905508954602718862564785537424924981714640619743133319484066814565288623152366074706168229101573004998638667174162982901062382785206654715912705126948077455328462483103461955386982717859298847004003876196099123525527936824989700018034882936843907975105230658207532822720988066368105284272422793545350667645663979374840878410528291892510149415163761707127388170887639794416753520302387640569117681443125714996106058428514506687408772763917158650944244565798867606132601026330277456995159117486351790362314236169814328461358442681254484208446357209142256456811890712916995124929698106425488907368756386829143991514374540862027946472896387313586853396822958491846077226408642594860889530131549364994786829698768011505090586411429654739097611283560152398954090577578259240022748837276252263546597451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bb5129cedcdb91800a3903ce6c336f21beaed480 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.krumer.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042e4c01d51263191dadf3fb1920dd38c70d0815b2f2fa98a49af58867a60a8e76942ba23b8aa5af647561d8b71715baec6b833c1c09a9fd086283ab02841d162b8f2148926ef2d7419fa477b853ea2725e5a0ddc75f4c5c02d10f293ef35c08d9d31f1932a385ec84e90881663fe599cdf9cef0d3d7fc002c2422cc3de89d78233467bd9443670924f1297f35cf282a8478df139a7c80ddd503e48caf71e0f09151f1f7ead3e80447a6d6dd3b75362c414ab931352634d23ffe6cd4db89d8c2bc66c3304879dab863610bda03379688cd14cc0547b6f05bdb72bd1548925d74ab6ab31a01206ed629cfdfa5de1bf93acb10e1abeea073964492e3d26508a8905