DV SSL/TLS Certificate for iam.serviceportal.krzn.de

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the iam.serviceportal.krzn.de DV SSL/TLS Certificate

This certificate with serial number 06:bb:1e:22:16:61:f1:93:9f:1f:ff:6c:2c:88:88:dd:4a:cd for iam.serviceportal.krzn.de was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for iam.serviceportal.krzn.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:bb:1e:22:16:61:f1:93:9f:1f:ff:6c:2c:88:88:dd:4a:cd
Serial Number (int): 586346572036716617602850275416385542507213
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: a7:2c:6d:f1:7f:8b:19:d3:4b:f5:35:21:8d:dd:99:c1:4c:7c:35:e9
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): bd:0c:08:81:6e:66:b7:b1:b4:d3:23:1a:5e:22:ea:fd:47:36:78:c8
Fingerprint (SHA-256): f5:3e:d8:bc:30:0d:dd:4e:aa:e1:1a:ee:73:f5:2e:4c:fe:cc:7f:32:08:cf:1d:ab:b0:29:e9:e8:9f:95:2b:00

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/78.crl

Check the revocation status for certificate iam.serviceportal.krzn.de
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for iam.serviceportal.krzn.de

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

iam.serviceportal.krzn.de

X.509 Certificate

The complete raw X.509 certificate details for iam.serviceportal.krzn.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISBrseIhZh8ZOfH/9sLIiI3UrNMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjAzMDU0NDEwWhcNMjUwOTAxMDU0NDA5WjAkMSIwIAYDVQQD
ExlpYW0uc2VydmljZXBvcnRhbC5rcnpuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAovJJ8JW8cWOs+8cS4Q6G3N9J+q7TnWxDUfw2UWllFUbdg/Cp
EDYur0+rcK6jKrUvanoouvhGLsysle2rHWen/lKxRi1qsKJ0ql7MhtGi3Auu58VP
Qzf0UaNqeQYljMpQeSZ7S6hd8DCQQSSXgNIL3YSWD5WSJF2WzSkPIzUGpJYl41IX
bFVPmy21o2cKqyBYA4G/vU4nxDTcgT1x3tMfEWd1RUCQGmDluiQjGFd4JmEDy2K/
pj5uXtNyA7/FT0USK0KUCVctW0xWUS/ccKFSstEhszqO+Xy7gyfnw24uPhFIPIoV
1GzyVUR+jDqGgqsmnSXPoVdt2kKAr4NLrt2oDL5EEsVv25EeURhNS40tVyn7oIfN
pIC9vdxDdO8k/Atj/v7rjjCKFGd7DzT/SFHRGj6xVqp1OQwWrUjZbpUUWLhQ7tEP
e+uA8zGy5mmadGI1FmJ5uDU9TvXzueyM2HGN8NUBDymEbOzoVh9tTPlknddOjR9l
TUT+crQV0ubpYW/At6PGy74worztjhi2E+4bKdZ5pS54AGFTGA46MQFgwDzjHBQn
WySjNd81zvotc4p4ClKYzCoSwbf1dDYtqe8rlEhRfB5cFcuZHC/XLee+0cuqPOmM
n95ozDVhJmSHpkPKUp9ipBnDGf+Lk1JhTV5nIvb+qBgfOUtJCxXa1WRoEa8CAwEA
AaOCAicwggIjMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUpyxt8X+LGdNL9TUhjd2Z
wUx8NekwHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXELbBeki8m47kwMwYIKwYBBQUH
AQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVuY3Iub3JnLzAkBgNV
HREEHTAbghlpYW0uc2VydmljZXBvcnRhbC5rcnpuLmRlMBMGA1UdIAQMMAowCAYG
Z4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTEuYy5sZW5jci5vcmcv
NzguY3JsMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUAzPsPaoVxCWX+lZtTzumy
fCLphVwNl422qX5UwP5MDbAAAAGXNIciRgAABAMARjBEAiA/crmXWHjpqTNggbmK
drsJSdzlZQ7kurjEwZnaexke5wIgBg13kfWvG6jp8uB770fxWA1K0INFhN/76Fno
hIKLuHoAdQAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZc0hyoR
AAAEAwBGMEQCICmRCETvW9Tu5YLloehsudJHlX/v7NkMlq3pRb5xjT7RAiAEf6Y0
y1r8wb18PBHxRsufE2iXucGIk7q+4Ac8mJ9S0DANBgkqhkiG9w0BAQsFAAOCAQEA
EmSsgQ6KsEp7gbwoseoz/FuU4KzxiLfRm3Zcggu2cXktxyyRKRuTN8Mds1xneVGQ
kJVrguh84A9q/N6IXH1RM65Kxc9pVnJ8PIiCIG0xYDgxgbn5j0J4/jvE+V1ZTLdr
Qs1Vq/w53DBLWbjdW2gxPhmc0bhhh7rUxTibygpKAzyBL1QL1JBlW5eK9DwwwIVm
F/ntXz68bg8/6PucQNRbAcuB8T/pcyeNiLCZ4rCnSfFJoeofAibRUWuSucpHHnH7
9kzeZyc9Trsu4WVzXAk2RUWLHHPBc9ZR3BB3Lt2w1KnxxVJA5jUnSkoyNgmox4vo
J9QZkhL2AsgNa3Jw0qRfUA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAovJJ8JW8cWOs+8cS4Q6G
3N9J+q7TnWxDUfw2UWllFUbdg/CpEDYur0+rcK6jKrUvanoouvhGLsysle2rHWen
/lKxRi1qsKJ0ql7MhtGi3Auu58VPQzf0UaNqeQYljMpQeSZ7S6hd8DCQQSSXgNIL
3YSWD5WSJF2WzSkPIzUGpJYl41IXbFVPmy21o2cKqyBYA4G/vU4nxDTcgT1x3tMf
EWd1RUCQGmDluiQjGFd4JmEDy2K/pj5uXtNyA7/FT0USK0KUCVctW0xWUS/ccKFS
stEhszqO+Xy7gyfnw24uPhFIPIoV1GzyVUR+jDqGgqsmnSXPoVdt2kKAr4NLrt2o
DL5EEsVv25EeURhNS40tVyn7oIfNpIC9vdxDdO8k/Atj/v7rjjCKFGd7DzT/SFHR
Gj6xVqp1OQwWrUjZbpUUWLhQ7tEPe+uA8zGy5mmadGI1FmJ5uDU9TvXzueyM2HGN
8NUBDymEbOzoVh9tTPlknddOjR9lTUT+crQV0ubpYW/At6PGy74worztjhi2E+4b
KdZ5pS54AGFTGA46MQFgwDzjHBQnWySjNd81zvotc4p4ClKYzCoSwbf1dDYtqe8r
lEhRfB5cFcuZHC/XLee+0cuqPOmMn95ozDVhJmSHpkPKUp9ipBnDGf+Lk1JhTV5n
Ivb+qBgfOUtJCxXa1WRoEa8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 586346572036716617602850275416385542507213
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-03 05:44:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-01 05:44:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iam.serviceportal.krzn.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 664763480335581353448163038201552941498249679791246679125920750034829800640364003828004261726549921843146066629572836573806441607424223992696685740260671767666361904886133785841500342917325922973813452988951734458758572824192848383014154368619839190799552611419250243627637831789149094638777751145477594783806685463488612576809460508224586173968395925820731777543536214316968060581003267303177336063783836949526812201488387390297671870474883403476181638997185679213885863081867155200957420223333729000938378219497660374196414846258849653951837980009212066916259583801321380567302314547871016153962825001398416175864426778464306503204577085400660588038511526841724750200624749753530697996501273392725810348880528838920996517283415527912154682083038833610025062982736030687857714071316718387731761948403560218159295993676623432017240059161469716725667359644890517745604682947408481980756799714973795079734552645127120794059380749093082320123221726433450134539301978029798570249406127285294088449200848275838294273579852763935938707138754940416605004823331197860527675308914105027071274927233835411326205891951933157751323785299613144108676943027464626023340514146351497066064844417144180684058602690195066871463525439925282833823175087
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a72c6df17f8b19d34bf535218ddd99c14c7c35e9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iam.serviceportal.krzn.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/78.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000019734872246000004030046304402203f72b9975878e9a9336081b98a76bb0949dce5650ee4bab8c4c199da7b191ee70220060d7791f5af1ba8e9f2e07bef47f1580d4ad0834584dffbe859e884828bb87a00750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a0000019734872a110000040300463044022029910844ef5bd4eee582e5a1e86cb9d247957fefecd90c96ade945be718d3ed10220047fa634cb5afcc1bd7c3c11f146cb9f136897b9c18893babee0073c989f52d0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001264ac810e8ab04a7b81bc28b1ea33fc5b94e0acf188b7d19b765c820bb671792dc72c91291b9337c31db35c6779519090956b82e87ce00f6afcde885c7d5133ae4ac5cf6956727c3c8882206d3160383181b9f98f4278fe3bc4f95d594cb76b42cd55abfc39dc304b59b8dd5b68313e199cd1b86187bad4c5389bca0a4a033c812f540bd490655b978af43c30c0856617f9ed5f3ebc6e0f3fe8fb9c40d45b01cb81f13fe973278d88b099e2b0a749f149a1ea1f0226d1516b92b9ca471e71fbf64cde67273d4ebb2ee165735c093645458b1c73c173d651dc10772eddb0d4a9f1c55240e635274a4a323609a8c78be827d4199212f602c80d6b7270d2a45f50