sf.haeffele.com

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:b0:b1:b2:ab:38:73:28:dc:45:c0:fb:2b:03:fb:a8:60:5a was issued on by Let's Encrypt .

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

sf.haeffele.com

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:b0:b1:b2:ab:38:73:28:dc:45:c0:fb:2b:03:fb:a8:60:5a
Serial Number (int): 147238183566704625023603724684807308337242
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: 49:2a:7f:9c:35:0c:7d:5e:85:fe:51:be:75:13:90:1b:94:19:c5:30
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): e6:bb:e9:71:54:6d:b6:94:26:ff:ac:27:62:f0:ca:41:8d:02:af:2e
Fingerprint (sha256): 9d:12:6b:0d:84:7b:08:80:ff:ba:df:97:02:20:13:17:bb:43:be:2c:62:33:f3:13:43:92:7b:dc:7b:3e:99:ea

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on sf.haeffele.com
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

sf.haeffele.com
brain.haeffele.com
laurent.haeffele.com
rss.haeffele.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgISAbCxsqs4cyjcRcD7KwP7qGBaMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAyMDgyMTEyMDBaFw0x NjA1MDgyMTEyMDBaMBoxGDAWBgNVBAMTD3NmLmhhZWZmZWxlLmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOznV3ddZsVkn3fsqK9xFu950eCbXYoJ LXLvB99aqEDRxB5EVILPoJsI4/vHHKdQmbgG0vNy/sG4t0RVSEWH+pHtGK8aUPxj SBDdu1JYjgZwyepZRHqfgmIqLVgMcU0nIJYh4AvGCfgTQoUZhHUjMzZ73jmVP5HQ b81g63kMHptIf3lLISOw7kkAOPr2+gDNQ1AO24+JGs0eyPJjevMECE8XkQRq8V5q 6MKH96jWxKrM3EAaDJEOXR45OA0ZHYbe2MH1SDn4wEhcHsuCexuDmDQk/C+BEGln 8FKNv7GHlNvTkjRC0uuFvhZxaxaaPatHZSgjLahiiuKx0V8Rzqjb/qECAwEAAaOC AkwwggJIMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUSSp/nDUMfV6F/lG+dROQG5QZ xTAwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEE ZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDEubGV0c2VuY3J5cHQu b3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgxLmxldHNlbmNyeXB0 Lm9yZy8wVgYDVR0RBE8wTYIPc2YuaGFlZmZlbGUuY29tghJicmFpbi5oYWVmZmVs ZS5jb22CFGxhdXJlbnQuaGFlZmZlbGUuY29tghByc3MuaGFlZmZlbGUuY29tMIH+ BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGe DIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBS ZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBD ZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5v cmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAFQ38AVQQJijMR9Rz3HT xqPKn9IhQMRu/29IiYo4ABlVf1JoyEfoDWZ3tFK6M/cQH6/mJmi8jM4tKS7yIQiZ NFH5rNWftYqzdHrieDGg9o7b12u9C/vGqFmvMl6kPNljOLkhO5swXezj101cLf4S hU0Gt9HqhaMH3xKRiAnTtREKqe8FIiPFpoAuODyAB8Pv98j/Hupea/udodqBZ3aP aOGP58Hgi+PW0cjz/J996Pu4mpYJNbFpsr+HXRt0RG8x0X6gvhs47NuBX4WDn0wr GIstthjt7r2pL4UHAr1+FyXJSkwGCsYm/rXrfppQmSvGX6F8VQuMLXSpxy+6+Il4 pwc= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OdXd11mxWSfd+yor3EW 73nR4Jtdigktcu8H31qoQNHEHkRUgs+gmwjj+8ccp1CZuAbS83L+wbi3RFVIRYf6 ke0YrxpQ/GNIEN27UliOBnDJ6llEep+CYiotWAxxTScgliHgC8YJ+BNChRmEdSMz NnveOZU/kdBvzWDreQwem0h/eUshI7DuSQA4+vb6AM1DUA7bj4kazR7I8mN68wQI TxeRBGrxXmrowof3qNbEqszcQBoMkQ5dHjk4DRkdht7YwfVIOfjASFwey4J7G4OY NCT8L4EQaWfwUo2/sYeU29OSNELS64W+FnFrFpo9q0dlKCMtqGKK4rHRXxHOqNv+ oQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 147238183566704625023603724684807308337242 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-02-08 21:12:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-08 21:12:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sf.haeffele.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29906318798833186820807332996505490195118131889090696025317808997440538979161649015562011403013336175285117078571726954708709490054755647906617298655160426701765763551333830993645124630053435365903868015605396211637584047802721184159394719201067398922949121246212817078054603133101619897342867432545477407742999135423293071680162738516194577388001049941991373257618249926854769183166757960759396130846965640248767547560017465955124761237935626267170587017588505856095351327719035861021899141991331562379302466778306408136036840714092702088433287002409039897978883193486466186582727555965258163158923101303650551332513 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 492a7f9c350c7d5e85fe51be7513901b9419c530 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sf.haeffele.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brain.haeffele.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'laurent.haeffele.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rss.haeffele.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005437f005504098a3311f51cf71d3c6a3ca9fd22140c46eff6f48898a380019557f5268c847e80d6677b452ba33f7101fafe62668bc8cce2d292ef22108993451f9acd59fb58ab3747ae27831a0f68edbd76bbd0bfbc6a859af325ea43cd96338b9213b9b305dece3d74d5c2dfe12854d06b7d1ea85a307df12918809d3b5110aa9ef052223c5a6802e383c8007c3eff7c8ff1eea5e6bfb9da1da8167768f68e18fe7c1e08be3d6d1c8f3fc9f7de8fbb89a960935b169b2bf875d1b74446f31d17ea0be1b38ecdb815f85839f4c2b188b2db618edeebda92f850702bd7e1725c94a4c060ac626feb5eb7e9a50992bc65fa17c550b8c2d74a9c72fbaf88978a707