chaman.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:ec:08:2f:be:77:f9:82:3f:2e:c6:b0:c3:49:a1:19:be:b8 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=chaman.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:ec:08:2f:be:77:f9:82:3f:2e:c6:b0:c3:49:a1:19:be:b8
Serial Number (int): 341654378113704043040298734604934358613688
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: cb:32:f9:9e:d3:23:e6:46:44:51:6f:3d:64:7a:55:c2:e6:db:3c:58
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): cf:86:3c:db:d5:f4:9b:a5:72:62:1e:12:17:f5:74:f5:b7:40:4a:0a
Fingerprint (sha256): a9:f8:d4:3d:ec:af:d1:1c:a0:bd:3b:2c:5a:35:ef:7c:c1:c3:47:cb:52:56:3b:b0:7f:ab:96:1d:3b:02:87:ce

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate chaman.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for chaman.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

chaman.ch
www.chaman.ch

Other certificates including the domain name chaman.ch

(limited to 100 certificates)
server.chaman.ch
www.chaman.ch
chaman.ch
chaman.ch
www.chaman.ch
chaman.ch
chaman.ch
server.chaman.ch
www.chaman.ch
chaman.ch
www.chaman.ch
www.chaman.ch
www.chaman.ch
www.chaman.ch
www.chaman.ch
chaman.ch
chaman.ch
chaman.ch
www.chaman.ch
www.chaman.ch
chaman.ch
*.chaman.ch
klio.chaman.ch

Certificate

The complete raw certificate details for chaman.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISA+wIL753+YI/Lsaww0mhGb64MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEyMjYxNTEyNTRaFw0x
OTAzMjYxNTEyNTRaMBQxEjAQBgNVBAMTCWNoYW1hbi5jaDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAIp71AcDq62SDN6ju4aIQQN5N4ig6fJVamNUrcZl
Z/eRBo2dYF0OakyQgefw/YKLsWlbvw2TTRpKQVJ5ICdycI8g8Ru2DK4/R2kKefxk
Kg0LiYSR7p18ipKdjdflS3RGNpZajC4jKx2FfJotmOpvOkx6oHBzgkoXuPGgcEHW
JC1jTr+NDgpJToyQQ5U6glegktBHtLMBf8LPJ3jqoo1UFShp1zS92LxztSMTVJf5
LYXsz7r8iQbDkqyXw6bNSurR9/AYe0LzkF/4R5vLTpCRnQ9GslntlHk/xSG1OZoy
30dmCeAo48Lh30F6KRDRCoNdJiOLKWN0xTDpvDtH1Z9KPWcCAwEAAaOCAm4wggJq
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUyzL5ntMj5kZEUW89ZHpVwubbPFgwHwYD
VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G
CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G
CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAj
BgNVHREEHDAaggljaGFtYW4uY2iCDXd3dy5jaGFtYW4uY2gwTAYDVR0gBEUwQzAI
BgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw
cy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDiaUuu
JujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWfrSk3yAAAEAwBHMEUCIQD9
6Scb4h+TQuSPUFKD0YAkIBlIcMJLxZAV4XSlHafpMAIgURV7PK09cbu58F4+EbQJ
YjYI3ZBV0Ja3En/MVbQTrzkAdwBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdo
VEvYjQAAAWfrSk3zAAAEAwBIMEYCIQD6LmX20n0gf3yexUu2ZCt9OlPHHjVATSoQ
cFbIKHuxzgIhANxUlu06AD7WwFcm0sgAjbPvp14E8PYhBTQUDIVwecgxMA0GCSqG
SIb3DQEBCwUAA4IBAQA9ftBJ9O0fvbLsG5aS1iQ4otT9qemM/PEdSnUsWuMqi23o
BoalmoHRCCBZhEmFPbwsIDR1FbcHsoaoV/Crl2r38YaruRsqthUb8BFJgVAXAG20
FW6MuEZIKyIwYh/WywmHNSrVDFivrzFXA6gtnJG03y4zjaUDfZRZ5bCcxZn5sSxP
n4UNdhOAArhQf1zQO9OhS4rwqpc5B58XdLFKXT+HC+RT7MlZH+D4hAJ4KyJNN97v
pxrhuWPqBsnPtASHGzoY+2Aq8ueyWnYEJPRywVIhQivP6CC5K6cLym5mvwJcpyhD
bsdbZvhl4wnFZrjxRjUng96BK0XA8apqzeonZMLj
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinvUBwOrrZIM3qO7hohB
A3k3iKDp8lVqY1StxmVn95EGjZ1gXQ5qTJCB5/D9gouxaVu/DZNNGkpBUnkgJ3Jw
jyDxG7YMrj9HaQp5/GQqDQuJhJHunXyKkp2N1+VLdEY2llqMLiMrHYV8mi2Y6m86
THqgcHOCShe48aBwQdYkLWNOv40OCklOjJBDlTqCV6CS0Ee0swF/ws8neOqijVQV
KGnXNL3YvHO1IxNUl/kthezPuvyJBsOSrJfDps1K6tH38Bh7QvOQX/hHm8tOkJGd
D0ayWe2UeT/FIbU5mjLfR2YJ4CjjwuHfQXopENEKg10mI4spY3TFMOm8O0fVn0o9
ZwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 341654378113704043040298734604934358613688
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-26 15:12:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-26 15:12:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chaman.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17481948062341285382792428327748591237566064809097199595110356687523355249177066841749823318801561054150555252921922582139353010508290702897844765950859120643008635308677216047536162078931460341485757598438219871489248680602357890674297960625998810569187829404423559666649629203835262993570091952655641189772470876300866233384308528749209410534670994698894359239831704159004839601364865968748759619656625601480659157422252161169598656630610754184574180647341085185113483356743582390593144311668942631404312415221579325028446700833866291761807433243019352193222021475543172388666910940912079905962598716943876680727911
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cb32f99ed323e64644516f3d647a55c2e6db3c58
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chaman.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chaman.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000167eb4a4df20000040300473045022100fde9271be21f9342e48f505283d1802420194870c24bc59015e174a51da7e930022051157b3cad3d71bbb9f05e3e11b409623608dd9055d096b7127fcc55b413af3900770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000167eb4a4df30000040300483046022100fa2e65f6d27d207f7c9ec54bb6642b7d3a53c71e35404d2a107056c8287bb1ce022100dc5496ed3a003ed6c05726d2c8008db3efa75e04f0f6210534140c857079c831
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003d7ed049f4ed1fbdb2ec1b9692d62438a2d4fda9e98cfcf11d4a752c5ae32a8b6de80686a59a81d10820598449853dbc2c20347515b707b286a857f0ab976af7f186abb91b2ab6151bf01149815017006db4156e8cb846482b2230621fd6cb0987352ad50c58afaf315703a82d9c91b4df2e338da5037d9459e5b09cc599f9b12c4f9f850d76138002b8507f5cd03bd3a14b8af0aa9739079f1774b14a5d3f870be453ecc9591fe0f88402782b224d37deefa71ae1b963ea06c9cfb404871b3a18fb602af2e7b25a760424f472c15221422bcfe820b92ba70bca6e66bf025ca728436ec75b66f865e309c566b8f146352783de812b45c0f1aa6acdea2764c2e3