chaman.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ec:08:2f:be:77:f9:82:3f:2e:c6:b0:c3:49:a1:19:be:b8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=chaman.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ec:08:2f:be:77:f9:82:3f:2e:c6:b0:c3:49:a1:19:be:b8Serial Number (int): 341654378113704043040298734604934358613688
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: cb:32:f9:9e:d3:23:e6:46:44:51:6f:3d:64:7a:55:c2:e6:db:3c:58
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): cf:86:3c:db:d5:f4:9b:a5:72:62:1e:12:17:f5:74:f5:b7:40:4a:0a
Fingerprint (sha256): a9:f8:d4:3d:ec:af:d1:1c:a0:bd:3b:2c:5a:35:ef:7c:c1:c3:47:cb:52:56:3b:b0:7f:ab:96:1d:3b:02:87:ce
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate chaman.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for chaman.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
chaman.ch
www.chaman.ch
www.chaman.ch
Other certificates including the domain name chaman.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for chaman.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISA+wIL753+YI/Lsaww0mhGb64MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEyMjYxNTEyNTRaFw0x OTAzMjYxNTEyNTRaMBQxEjAQBgNVBAMTCWNoYW1hbi5jaDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAIp71AcDq62SDN6ju4aIQQN5N4ig6fJVamNUrcZl Z/eRBo2dYF0OakyQgefw/YKLsWlbvw2TTRpKQVJ5ICdycI8g8Ru2DK4/R2kKefxk Kg0LiYSR7p18ipKdjdflS3RGNpZajC4jKx2FfJotmOpvOkx6oHBzgkoXuPGgcEHW JC1jTr+NDgpJToyQQ5U6glegktBHtLMBf8LPJ3jqoo1UFShp1zS92LxztSMTVJf5 LYXsz7r8iQbDkqyXw6bNSurR9/AYe0LzkF/4R5vLTpCRnQ9GslntlHk/xSG1OZoy 30dmCeAo48Lh30F6KRDRCoNdJiOLKWN0xTDpvDtH1Z9KPWcCAwEAAaOCAm4wggJq MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUyzL5ntMj5kZEUW89ZHpVwubbPFgwHwYD VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAj BgNVHREEHDAaggljaGFtYW4uY2iCDXd3dy5jaGFtYW4uY2gwTAYDVR0gBEUwQzAI BgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw cy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDiaUuu JujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWfrSk3yAAAEAwBHMEUCIQD9 6Scb4h+TQuSPUFKD0YAkIBlIcMJLxZAV4XSlHafpMAIgURV7PK09cbu58F4+EbQJ YjYI3ZBV0Ja3En/MVbQTrzkAdwBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdo VEvYjQAAAWfrSk3zAAAEAwBIMEYCIQD6LmX20n0gf3yexUu2ZCt9OlPHHjVATSoQ cFbIKHuxzgIhANxUlu06AD7WwFcm0sgAjbPvp14E8PYhBTQUDIVwecgxMA0GCSqG SIb3DQEBCwUAA4IBAQA9ftBJ9O0fvbLsG5aS1iQ4otT9qemM/PEdSnUsWuMqi23o BoalmoHRCCBZhEmFPbwsIDR1FbcHsoaoV/Crl2r38YaruRsqthUb8BFJgVAXAG20 FW6MuEZIKyIwYh/WywmHNSrVDFivrzFXA6gtnJG03y4zjaUDfZRZ5bCcxZn5sSxP n4UNdhOAArhQf1zQO9OhS4rwqpc5B58XdLFKXT+HC+RT7MlZH+D4hAJ4KyJNN97v pxrhuWPqBsnPtASHGzoY+2Aq8ueyWnYEJPRywVIhQivP6CC5K6cLym5mvwJcpyhD bsdbZvhl4wnFZrjxRjUng96BK0XA8apqzeonZMLj -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinvUBwOrrZIM3qO7hohB A3k3iKDp8lVqY1StxmVn95EGjZ1gXQ5qTJCB5/D9gouxaVu/DZNNGkpBUnkgJ3Jw jyDxG7YMrj9HaQp5/GQqDQuJhJHunXyKkp2N1+VLdEY2llqMLiMrHYV8mi2Y6m86 THqgcHOCShe48aBwQdYkLWNOv40OCklOjJBDlTqCV6CS0Ee0swF/ws8neOqijVQV KGnXNL3YvHO1IxNUl/kthezPuvyJBsOSrJfDps1K6tH38Bh7QvOQX/hHm8tOkJGd D0ayWe2UeT/FIbU5mjLfR2YJ4CjjwuHfQXopENEKg10mI4spY3TFMOm8O0fVn0o9 ZwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 341654378113704043040298734604934358613688 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-26 15:12:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-26 15:12:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chaman.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17481948062341285382792428327748591237566064809097199595110356687523355249177066841749823318801561054150555252921922582139353010508290702897844765950859120643008635308677216047536162078931460341485757598438219871489248680602357890674297960625998810569187829404423559666649629203835262993570091952655641189772470876300866233384308528749209410534670994698894359239831704159004839601364865968748759619656625601480659157422252161169598656630610754184574180647341085185113483356743582390593144311668942631404312415221579325028446700833866291761807433243019352193222021475543172388666910940912079905962598716943876680727911 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cb32f99ed323e64644516f3d647a55c2e6db3c58 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chaman.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chaman.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000167eb4a4df20000040300473045022100fde9271be21f9342e48f505283d1802420194870c24bc59015e174a51da7e930022051157b3cad3d71bbb9f05e3e11b409623608dd9055d096b7127fcc55b413af3900770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000167eb4a4df30000040300483046022100fa2e65f6d27d207f7c9ec54bb6642b7d3a53c71e35404d2a107056c8287bb1ce022100dc5496ed3a003ed6c05726d2c8008db3efa75e04f0f6210534140c857079c831 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003d7ed049f4ed1fbdb2ec1b9692d62438a2d4fda9e98cfcf11d4a752c5ae32a8b6de80686a59a81d10820598449853dbc2c20347515b707b286a857f0ab976af7f186abb91b2ab6151bf01149815017006db4156e8cb846482b2230621fd6cb0987352ad50c58afaf315703a82d9c91b4df2e338da5037d9459e5b09cc599f9b12c4f9f850d76138002b8507f5cd03bd3a14b8af0aa9739079f1774b14a5d3f870be453ecc9591fe0f88402782b224d37deefa71ae1b963ea06c9cfb404871b3a18fb602af2e7b25a760424f472c15221422bcfe820b92ba70bca6e66bf025ca728436ec75b66f865e309c566b8f146352783de812b45c0f1aa6acdea2764c2e3