stefan-witschel.de

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:dd:00:88:a1:9a:7e:e8:f1:9d:91:f8:94:5a:42:da:ae:24 was issued on by Let's Encrypt .

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

stefan-witschel.de

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:dd:00:88:a1:9a:7e:e8:f1:9d:91:f8:94:5a:42:da:ae:24
Serial Number (int): 162315398451368767746727433721197299936804
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: f6:ac:2d:9c:ea:42:c7:91:0e:d3:fd:4e:0b:5c:0b:d2:30:73:12:37
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): aa:40:b0:e1:57:c8:cf:11:4c:78:2c:31:50:0e:ca:d0:94:c3:a6:ce
Fingerprint (sha256): 4a:ac:da:f4:4f:0a:10:a5:a6:54:7b:ad:b1:7a:0c:00:4e:2a:54:a5:08:87:96:32:40:9f:98:32:db:13:77:bd

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on stefan-witschel.de
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

stefan-witschel.de
blog.stefan-witschel.de
cloud.stefan-witschel.de
www.stefan-witschel.de

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgISAd0AiKGafujxnZH4lFpC2q4kMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMTAwNzI0MDBaFw0x NjAzMDkwNzI0MDBaMB0xGzAZBgNVBAMTEnN0ZWZhbi13aXRzY2hlbC5kZTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOD5Z9znm9rEfsTCWC/H7xADHWoC 9kwTSJi5kkBUmtJfm+u4BXnKunXMlydWx3wSTLk1mPa56PnvDdzkJXk/LUak3EPu X2l+GAz1ERZtm8r6nwF5MjqTFuHTfvEqkKsTWG/MtAO7Gn9GO7pnvldxE3qIkbW9 SOBzSAYGIOaOnx9Lqd9n72jjor7lulLT5w3EJyJv17PggkgnQvkS8obkHfFpds0+ jQd0OvhzJ+KQsj9BuOuQ567xfd83u74JT1uu+GuD4GTDsiQoyjdPKw1LyDaSZs2C /1syJ/PIMVsEmZb8xooVPxN4hRp7BWh59iV8Ssu+s/cu0DbjYHiYFUlGswBGzEc2 +uwe5NUc78bQst9bxKI1bAuNpue0i8pi5gKnw4iThWnmWkZYFsS4O7mFwr/mc+pY mbvEme2CP8W8eKjnWIiv2XUjljbZ5Tsv1BBW6nOr60JVfORumPx7yGqFaMtt37eF 3MUTjHgbNK3MN0mudDZrgRGo1xhKoQ0FTCFP/XfaMUcgJQK2475TpGWQBGCuYSf7 3otus9S8BFm6jy+R6fTX7YOk4zxHJX9SxqW+tmTb4TgWFAvWIYQLJK8+GEJftERx FdXaE+8vRLH1jtn3NwEEiDuNM7iIMYE4J2FQObOO29zsDZ+dZrmDbpWQAUhY3RfN 4buuC21G2D5zDeFZAgMBAAGjggJeMIICWjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FPasLZzqQseRDtP9TgtcC9IwcxI3MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3Au aW50LXgxLmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14MS5sZXRzZW5jcnlwdC5vcmcvMGgGA1UdEQRhMF+CEnN0ZWZhbi13aXRz Y2hlbC5kZYIXYmxvZy5zdGVmYW4td2l0c2NoZWwuZGWCGGNsb3VkLnN0ZWZhbi13 aXRzY2hlbC5kZYIWd3d3LnN0ZWZhbi13aXRzY2hlbC5kZTCB/gYDVR0gBIH2MIHz MAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6 Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2Vy dGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0 aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUg UG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRv cnkvMA0GCSqGSIb3DQEBCwUAA4IBAQA1NqgLV91OO2Yy8lAnLcFj38/LPVL8JQaK KcJdi9aXTjVGgBuv5Ra4KkXj7YHHBkYZ/q8TmihancIAjsdR6v8yx0wPHl/7O1XO LqnOE1RBLc0xbI7SsB99j7K/Pxsy46O3nzpJ2TSeLWpzP+6gUx2ntz+CqC/gMr3I rOQhpMDjHRHbL5qvdLtDCZ+xw9WN935zbc0bS9F37+6Hb3hxH6EnH5qLnG9lf96f GXqSRIPZ4EvLR5rkFF2dH1Q967uVOy5MgJ5e2Enh3WWAeGE3k8Z8U8GuuwNA2wpc 0+TMiXf+DVmNSo9LOrZRbbZ5uu4G73uo8pYmocG60TjlhozH1O4+ -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4Pln3Oeb2sR+xMJYL8fv EAMdagL2TBNImLmSQFSa0l+b67gFecq6dcyXJ1bHfBJMuTWY9rno+e8N3OQleT8t RqTcQ+5faX4YDPURFm2byvqfAXkyOpMW4dN+8SqQqxNYb8y0A7saf0Y7ume+V3ET eoiRtb1I4HNIBgYg5o6fH0up32fvaOOivuW6UtPnDcQnIm/Xs+CCSCdC+RLyhuQd 8Wl2zT6NB3Q6+HMn4pCyP0G465DnrvF93ze7vglPW674a4PgZMOyJCjKN08rDUvI NpJmzYL/WzIn88gxWwSZlvzGihU/E3iFGnsFaHn2JXxKy76z9y7QNuNgeJgVSUaz AEbMRzb67B7k1RzvxtCy31vEojVsC42m57SLymLmAqfDiJOFaeZaRlgWxLg7uYXC v+Zz6liZu8SZ7YI/xbx4qOdYiK/ZdSOWNtnlOy/UEFbqc6vrQlV85G6Y/HvIaoVo y23ft4XcxROMeBs0rcw3Sa50NmuBEajXGEqhDQVMIU/9d9oxRyAlArbjvlOkZZAE YK5hJ/vei26z1LwEWbqPL5Hp9Nftg6TjPEclf1LGpb62ZNvhOBYUC9YhhAskrz4Y Ql+0RHEV1doT7y9EsfWO2fc3AQSIO40zuIgxgTgnYVA5s47b3OwNn51muYNulZAB SFjdF83hu64LbUbYPnMN4VkCAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 162315398451368767746727433721197299936804 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-10 07:24:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-09 07:24:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stefan-witschel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 917814828047616070072595114906870972823581023636072060158662710380660298536512093212159700954442402633817996252408761397854214284016740093850195365145641731206643758629437228897887470287389819258144649170491066521686366918967811268440313806849207092192736926455969596162377688288712717098305241856815100410640430613194035836433350119649448767043267589103828828586170584593828192853670208279107016683463171631300320003105481106903690210511500219846351425286118538863133410774623503627045825404109241793104452006553276119664453375708136221291379110330667380312610059905293468865246757277856994331659418038464245979654967828911930184149888890169968486594158342449737321113235935004758088856018847958773913418752865468835588843944103034624354492615323783834808355170894577464936475269498663935734239954411998381681506723212007461223157759721029727830565736645603808106247919763267572493514209397742168417511446600253870316944783209177293499647764709753260697461491893075036775627190604552604382383104710854489268010207452661996040656408029487404889359965822305755546653753436406457972389782331592432993819774927344528222160433942651680019548747934663139498409581124035282937580154780237177188664204844213679103840971910049616023312523609 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f6ac2d9cea42c7910ed3fd4e0b5c0bd230731237 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stefan-witschel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.stefan-witschel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cloud.stefan-witschel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stefan-witschel.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003536a80b57dd4e3b6632f250272dc163dfcfcb3d52fc25068a29c25d8bd6974e3546801bafe516b82a45e3ed81c7064619feaf139a285a9dc2008ec751eaff32c74c0f1e5ffb3b55ce2ea9ce1354412dcd316c8ed2b01f7d8fb2bf3f1b32e3a3b79f3a49d9349e2d6a733feea0531da7b73f82a82fe032bdc8ace421a4c0e31d11db2f9aaf74bb43099fb1c3d58df77e736dcd1b4bd177efee876f78711fa1271f9a8b9c6f657fde9f197a924483d9e04bcb479ae4145d9d1f543debbb953b2e4c809e5ed849e1dd658078613793c67c53c1aebb0340db0a5cd3e4cc8977fe0d598d4a8f4b3ab6516db679baee06ef7ba8f29626a1c1bad138e5868cc7d4ee3e