muehle-erks.de
Issued by AlwaysOnSSL TLS RSA CA G1
About this certificate
This digital certificate with serial number 04:cb:bc:40:c7:ae:9e:03:c5:87:d3:91:e2:37:bc:b6 was issued on by CertCenter AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=muehle-erks.de
CertCenter AG
Organization:
CertCenter AG
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 04:cb:bc:40:c7:ae:9e:03:c5:87:d3:91:e2:37:bc:b6Serial Number (int): 6374766470828737177702944614557138102
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: f3:0d:bf:a8:f1:a8:83:66:58:63:2c:46:44:b6:34:b7:8a:c1:cc:d0
AuthorityKeyId: 95:5f:d6:db:b0:c5:25:4d:8f:29:11:92:4d:2f:f7:a9:8a:71:a4:8c
Fingerprint (sha1): b1:76:c0:bb:95:aa:8b:23:8f:29:8a:c2:08:b4:1d:36:77:73:8e:93
Fingerprint (sha256): a9:63:50:19:00:85:c3:b9:8e:25:2c:c3:b2:29:da:1e:bc:e1:d2:81:1b:76:a7:4f:8f:c4:f8:7b:af:9d:03:22
Issuing Certificate URL: http://cacerts.digitalcertvalidation.com/AlwaysOnSSLTLSRSACAG1.crt
Revocation information
OCSP Server: http://statusa.digitalcertvalidation.comCheck the revocation status for certificate muehle-erks.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for muehle-erks.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
muehle-erks.de
www.muehle-erks.de
www.muehle-erks.de
Other certificates including the domain name muehle-erks.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for muehle-erks.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEtjCCA56gAwIBAgIQBMu8QMeungPFh9OR4je8tjANBgkqhkiG9w0BAQsFADBo MQswCQYDVQQGEwJERTEWMBQGA1UEChMNQ2VydENlbnRlciBBRzEdMBsGA1UECxMU RG9tYWluIFZhbGlkYXRlZCBTU0wxIjAgBgNVBAMTGUFsd2F5c09uU1NMIFRMUyBS U0EgQ0EgRzEwHhcNMTgxMDE2MDAwMDAwWhcNMTkwNDE0MTIwMDAwWjAZMRcwFQYD VQQDEw5tdWVobGUtZXJrcy5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQOQtOoD/sY6r/eb0uT6J40M1CHmPzSNCD5wWMqdd0lG1gdzOYGUdVlZn2h JMAZvZAobwtHiYyNGMvKHMaTtTACSjJ4W/jFYvI6vwgS6pipUzvVysM0Q5mngRH+ YFfai6X+tjmG0THMlv0NAcAD+y2wrkaJqh3EqKWCebbChQZ7X0CR7lzu53lzKgth kUMV2C5wcH2zrH17t0OMDyDHmtCyNP8TfHWALVs7WS0/OP9NxdDa6WIYTSls7R8O Ay2cqrd/C1wHabntRyaURFaTBVvz5F9Mq6AtyPNUWtbGKJbrp1Yz+xMBauxeNMoL VZRqU6YPqeBqYwFfUsgSdZfdAUkCAwEAAaOCAakwggGlMB8GA1UdIwQYMBaAFJVf 1tuwxSVNjykRkk0v96mKcaSMMB0GA1UdDgQWBBTzDb+o8aiDZlhjLEZEtjS3isHM 0DAtBgNVHREEJjAkgg5tdWVobGUtZXJrcy5kZYISd3d3Lm11ZWhsZS1lcmtzLmRl MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw TAYDVR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93 d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwgZYGCCsGAQUFBwEBBIGJMIGG MDQGCCsGAQUFBzABhihodHRwOi8vc3RhdHVzYS5kaWdpdGFsY2VydHZhbGlkYXRp b24uY29tME4GCCsGAQUFBzAChkJodHRwOi8vY2FjZXJ0cy5kaWdpdGFsY2VydHZh bGlkYXRpb24uY29tL0Fsd2F5c09uU1NMVExTUlNBQ0FHMS5jcnQwCQYDVR0TBAIw ADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+myyl4g Ka03g3MvNfWeTkfTJbcPVNMKD1ZPcQLiVcXBH1k170p9CKbt5yqll9h6NdNm+23B 7+tkwgt0hbY9oIm128wYuJ5JjL9HZy8h2gTheEW+ZncBhlfrssoYHVk526ieYAfV JPNKzQvtWrvCXaP+z3CUoYWY9h1ZgvPOxKTlylyVx7WyjfmeuJrhJL3UIeFhPowQ TLBd2aNToeDY6Q/AG57i2c93WEaJidmiUSeSSfHFiU+UJ+w3DxUK68mBeZN7kjxJ PTTtizx05UGzBvW0UmzFwtzmQ7FHm2CLb6pE/cjqN7ylGDWpaVBL1dxr2UDP+94j TdwKOpFEUusvRw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA5C06gP+xjqv95vS5Po njQzUIeY/NI0IPnBYyp13SUbWB3M5gZR1WVmfaEkwBm9kChvC0eJjI0Yy8ocxpO1 MAJKMnhb+MVi8jq/CBLqmKlTO9XKwzRDmaeBEf5gV9qLpf62OYbRMcyW/Q0BwAP7 LbCuRomqHcSopYJ5tsKFBntfQJHuXO7neXMqC2GRQxXYLnBwfbOsfXu3Q4wPIMea 0LI0/xN8dYAtWztZLT84/03F0NrpYhhNKWztHw4DLZyqt38LXAdpue1HJpREVpMF W/PkX0yroC3I81Ra1sYoluunVjP7EwFq7F40ygtVlGpTpg+p4GpjAV9SyBJ1l90B SQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6374766470828737177702944614557138102 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CertCenter AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AlwaysOnSSL TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-14 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'muehle-erks.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22729927275861273709584501219623373118126611802830536320427909838722481279879539698426615762301694265069665788737660822702243278494015160769551300877282818383334327802818967432020464625366901910023872812793947490567073563194327363054319588063978042038273541832484089017022366051439565532141929153952969543454128985950089323092565592648299703852967784992194258741843675370288664980231533565724409208295288492776767087374005381188112817095493767123647454866413620319283417456853574909535045824772744196930671877001453108866473502855249769768333707389801111296006494151957921263626233243520948521839077707299233713684809 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 955fd6dbb0c5254d8f2911924d2ff7a98a71a48c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f30dbfa8f1a8836658632c4644b634b78ac1ccd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'muehle-erks.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.muehle-erks.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (137 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://statusa.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digitalcertvalidation.com/AlwaysOnSSLTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005be9b2ca5e2029ad3783732f35f59e4e47d325b70f54d30a0f564f7102e255c5c11f5935ef4a7d08a6ede72aa597d87a35d366fb6dc1efeb64c20b7485b63da089b5dbcc18b89e498cbf47672f21da04e17845be6677018657ebb2ca181d5939dba89e6007d524f34acd0bed5abbc25da3fecf7094a18598f61d5982f3cec4a4e5ca5c95c7b5b28df99eb89ae124bdd421e1613e8c104cb05dd9a353a1e0d8e90fc01b9ee2d9cf7758468989d9a251279249f1c5894f9427ec370f150aebc98179937b923c493d34ed8b3c74e541b306f5b4526cc5c2dce643b1479b608b6faa44fdc8ea37bca51835a969504bd5dc6bd940cffbde234ddc0a3a914452eb2f47