lukas.rekli.net

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:a2:d2:74:99:20:12:bb:3b:36:20:be:2b:be:4a:8c:13:a9 was issued on by Let's Encrypt .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

lukas.rekli.net

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:a2:d2:74:99:20:12:bb:3b:36:20:be:2b:be:4a:8c:13:a9
Serial Number (int): 142517772664252467739090486781168210154409
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: e3:1d:b3:76:4b:e8:ce:01:2a:10:1f:f2:f1:c6:1e:0e:fe:d7:d8:6f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): a4:3f:f3:c4:02:43:58:7c:e1:9e:e4:94:0e:b7:0c:9d:df:d1:f2:bf
Fingerprint (sha256): f3:f9:ca:6b:52:96:ad:95:24:e9:b4:78:ab:d5:eb:cf:d8:6e:46:9a:f4:98:a4:3f:f4:ef:0d:0e:0f:4b:6f:3d

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on lukas.rekli.net
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.lukas.rekli.net
lukas.rekli.net

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGFzCCBP+gAwIBAgISAaLSdJkgErs7NiC+K75KjBOpMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMjgxNTM1MDBaFw0x NjAzMjcxNTM1MDBaMBoxGDAWBgNVBAMTD2x1a2FzLnJla2xpLm5ldDCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKY1rOc87nIdzFcX6HchjTdRgSKKIMLR yKPGyavOLe+gSHx2TTUz5gwoT8mJNy8FBDRR17Hk/9eJtvQL2rLYQlEWOJ5NMck9 oc1gsdUolwjiMDbjg3MWMRhhdFNymmWu1+9YyoXvdva6ixXL7/KGceTH4MMukby+ EhBLspqobzHi+Hy60Aux3TXSyiyQIHEWKzEvHl9YjDT24gkEkuFE1D1Vrv1FZovl 5F+aijThpFoHz4vuc84S4G8PDv20A91Xuy+JfsnaVyjpQrvhQmHCSF7yfFQZuZzz N604scL5wZ38CDge1zERYV/DWRzccmoq9PKNL4L5KmQKdUSpKJ2ZPqB83yiqhnCK xMJCpq1smR6jTfcJ7ItMbXVczUDMidGMAaqCYVe6bS1zN6wNRF3iM/R05iENEOPK k+MfE4Ujx2QErCF9/6ROAlZF7mqTx5bp/Iolo/qgxNaB8KCHwCXhu+XIZT+m7hYR oEhTbtanJAOwA1Bi9QOf7tpWZnTXbPtqz6ilR/is5T7Asfr6J1Ol3Cch7KhGDO6c N+SVMMwRT2d2b+vgwPqA6ZkrT1HTuLCBtuqnapWoI2qHSA45l/wYOtSBDlNB1oSG Ay6eFlosjU4BL4qHsm4VgFhXTOkJy/Uej7BCqxJeOUix+0laUfMamrngQn+o6pMa UPkZ2EsnPgNtAgMBAAGjggIlMIICITAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOMd s3ZL6M4BKhAf8vHGHg7+19hvMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50 LXgxLmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14MS5sZXRzZW5jcnlwdC5vcmcvMC8GA1UdEQQoMCaCE3d3dy5sdWthcy5yZWts aS5uZXSCD2x1a2FzLnJla2xpLm5ldDCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB 5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu Y3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5 IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5 IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5k IGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3 DQEBCwUAA4IBAQCPmS4ApCqZ+qvtBUxfFCb79C0gp1h0J0zMYxb6zf/2cKTat5n/ VJtu7ykG1Fzgxgk7FH16QeJEZNVMzHSN5hev1BbXLZzK3zzLqRhp90soWKiumHdZ DTc+scis8kA0KQd4bK1iUjkFO/sh2XnFsH8M0txeZIw6V7i/9GzX28Tr9+qZE+Du ej9+erXQCihlb4lxEPCDuwvBWQutrbyBfJwFaOu1RTL0s6TNO3OoPSg4QPVMvSdW 1bG3wttKnOxzVHNk9VB8gieXNNzVFvO/Qa04TQrMMUpwxlba06BzdQUFaJs5aXDq XrD2t6o8uHiLU/Vop850u9qqVH7luaSlR1PV -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApjWs5zzuch3MVxfodyGN N1GBIoogwtHIo8bJq84t76BIfHZNNTPmDChPyYk3LwUENFHXseT/14m29AvasthC URY4nk0xyT2hzWCx1SiXCOIwNuODcxYxGGF0U3KaZa7X71jKhe929rqLFcvv8oZx 5Mfgwy6RvL4SEEuymqhvMeL4fLrQC7HdNdLKLJAgcRYrMS8eX1iMNPbiCQSS4UTU PVWu/UVmi+XkX5qKNOGkWgfPi+5zzhLgbw8O/bQD3Ve7L4l+ydpXKOlCu+FCYcJI XvJ8VBm5nPM3rTixwvnBnfwIOB7XMRFhX8NZHNxyair08o0vgvkqZAp1RKkonZk+ oHzfKKqGcIrEwkKmrWyZHqNN9wnsi0xtdVzNQMyJ0YwBqoJhV7ptLXM3rA1EXeIz 9HTmIQ0Q48qT4x8ThSPHZASsIX3/pE4CVkXuapPHlun8iiWj+qDE1oHwoIfAJeG7 5chlP6buFhGgSFNu1qckA7ADUGL1A5/u2lZmdNds+2rPqKVH+KzlPsCx+vonU6Xc JyHsqEYM7pw35JUwzBFPZ3Zv6+DA+oDpmStPUdO4sIG26qdqlagjaodIDjmX/Bg6 1IEOU0HWhIYDLp4WWiyNTgEvioeybhWAWFdM6QnL9R6PsEKrEl45SLH7SVpR8xqa ueBCf6jqkxpQ+RnYSyc+A20CAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 142517772664252467739090486781168210154409 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-28 15:35:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-27 15:35:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lukas.rekli.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 678076292405124817031780096056312881627514019148471796930467698695817253017802230219606410195103429698017482793311459886260629978516005862575493748213459330696091257304997620075176979928008706256552819593687755443811567614614173482503384662066896548571081177944095701992084320120203619306442909094272770396099681332052054114727161546958001808878008973596511495892440913797397150976642793136009292862903995708497561034965714091837482758262390632057584494177548417941462280351152991276209065152574154367064989260955384535317076217979860327665039768034902662784737151194804113283405896659756811437630893670491999859321582130907466376606683738271392097036702193359088841417687644404398215014221200726721583334601350359537385994437284770119868552476807145680077296306780721827011247726263618900475513854649556748533663851205071608700198579675517277444928976524931465875835868481586200910449157697276013326053729747355178711738058293234384441084344546620769513039534573951921488831719918010068556871331305823569910798268250074694677779393412631905853190444640595153740048601993644726686672295479691225989704095562669233823210636682118141651563083573206958325712952010985471939485514165868352792318142369444591209178782766079247477257405293 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e31db3764be8ce012a101ff2f1c61e0efed7d86f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lukas.rekli.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lukas.rekli.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008f992e00a42a99faabed054c5f1426fbf42d20a75874274ccc6316facdfff670a4dab799ff549b6eef2906d45ce0c6093b147d7a41e24464d54ccc748de617afd416d72d9ccadf3ccba91869f74b2858a8ae9877590d373eb1c8acf240342907786cad625239053bfb21d979c5b07f0cd2dc5e648c3a57b8bff46cd7dbc4ebf7ea9913e0ee7a3f7e7ab5d00a28656f897110f083bb0bc1590badadbc817c9c0568ebb54532f4b3a4cd3b73a83d283840f54cbd2756d5b1b7c2db4a9cec73547364f5507c82279734dcd516f3bf41ad384d0acc314a70c656dad3a073750505689b396970ea5eb0f6b7aa3cb8788b53f568a7ce74bbdaaa547ee5b9a4a54753d5