DV SSL/TLS Certificate for inyourheart.ch

Certificate has expired

Issued by Let's Encrypt (R3)

About the inyourheart.ch DV SSL/TLS Certificate

This certificate with serial number 03:9d:3f:85:94:33:fa:f9:af:d0:cf:9b:a3:0d:c2:9b:a3:a0 for inyourheart.ch was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate has already expired and will cause a warning or error message. We have found some minor issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for inyourheart.ch provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 03:9d:3f:85:94:33:fa:f9:af:d0:cf:9b:a3:0d:c2:9b:a3:a0
Serial Number (int): 314845624346999644269614187545890907726752
Serial Number Length: 138 bits, 18 octets

Subject Key Identifier: 33:7e:3b:f4:da:40:b4:9d:d7:93:d7:48:89:f5:e9:a2:63:91:2e:73
Authority Key Identifier: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (SHA-1): 64:a4:05:88:bb:b4:12:06:88:89:12:c7:e7:d8:a5:6f:5e:09:45:c4
Fingerprint (SHA-256): 09:80:50:65:d4:e8:d8:f4:bb:54:4c:c5:e2:a7:7a:11:92:c1:04:14:26:2f:be:4b:d5:0e:a0:86:8d:e8:ce:fa

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation Information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate inyourheart.ch
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for inyourheart.ch

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for inyourheart.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISA50/hZQz+vmv0M+bow3Cm6OgMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjA5MDExNjE1MDJaFw0yMjExMzAxNjE1MDFaMBkxFzAVBgNVBAMT
DmlueW91cmhlYXJ0LmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
02vx7q1Be5zJcDzoA2Y5ixh8GwGUUHo3PxYPT2V2wOnCfrd1kcKrSKoldVdXTszI
0EW0qSLjDKODNqthMEmdbmVJtZl4tnQ3gLOENaQ9vH4Gi5IFBtYd2CLWoKFSxtgM
pvMlmNfb4CL1fTi/1bKlR1YJcz1BhxxXfC7SQlxGga//SGd7x5LdZ2bbGrY2j22P
KoKtTHFAJZ1PcyA1g1ne8RqAAEjV/6uCsUWvgZo1lLUZsXhJopqdwh7kDma/ER3S
jh7omZbC2caaz4J2gBsbiXbIBYtJYRmNAwkYdVfBfYs6MrJCFLUB78B1GJCAbnIE
wmbFjt9E0SGXOf7RQOuy3QIDAQABo4ICXTCCAlkwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBQzfjv02kC0ndeT10iJ9emiY5EuczAfBgNVHSMEGDAWgBQULrMXt1hWy65Q
CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y
My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn
LzAtBgNVHREEJjAkgg5pbnlvdXJoZWFydC5jaIISd3d3LmlueW91cmhlYXJ0LmNo
MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH
AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHYA36Veq2iCTx9sre64X04+WurNohKkal6OOxLAIERcKnMAAAGC+gyL
nQAABAMARzBFAiAJurK6+NT58vDsukQ30zAA24eaFO5Fy35a3+jqNU5W2wIhAJuY
z7dZ3cMXsHZP+NOtxQkXGDYIFeehsQk4BG8blgFpAHYARqVV63X6kSAwtaKJafTz
fREsQXS+/Um4havy/HD+bUcAAAGC+gyLxgAABAMARzBFAiA9UmIRsMyeBN9veIm4
crNk6n4sCKDI7WxW+Qr1oryryQIhAIfErco0m0n5fNrt2ql3nuMqmxX55neG/Cpr
aab5j0ixMA0GCSqGSIb3DQEBCwUAA4IBAQA+MUNgB0GV9yo35YXk7DogFPteBPdu
J/69EV9+5kAVFTBk+EC7XNsEKIuphIeGwbBejb4MnIo0l6zEtzIJn3ijg/JBoLf/
FizFqLkdYZpFG1HhTam69zUHMP5OyEEyJid3SJPcnlduA6tLcfVmNH8ce6tqBwlM
wdkrhCNFLjwNLdDtLODhQgbrwzwMEfi+sjxspzD9pkj9y8GwTgdQI6KVHc7AVr6W
029YJsuuyx4SPnnadmQ3cpTZrYnPJ/+c4gMxmnoeBPVcVSaGw47kMh3F8EVNnB3T
QVdD3nUDioN8kqmDYV/J2rWyls6hX8hLaiscehLL/gCqpQhYBgMOUbaR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02vx7q1Be5zJcDzoA2Y5
ixh8GwGUUHo3PxYPT2V2wOnCfrd1kcKrSKoldVdXTszI0EW0qSLjDKODNqthMEmd
bmVJtZl4tnQ3gLOENaQ9vH4Gi5IFBtYd2CLWoKFSxtgMpvMlmNfb4CL1fTi/1bKl
R1YJcz1BhxxXfC7SQlxGga//SGd7x5LdZ2bbGrY2j22PKoKtTHFAJZ1PcyA1g1ne
8RqAAEjV/6uCsUWvgZo1lLUZsXhJopqdwh7kDma/ER3Sjh7omZbC2caaz4J2gBsb
iXbIBYtJYRmNAwkYdVfBfYs6MrJCFLUB78B1GJCAbnIEwmbFjt9E0SGXOf7RQOuy
3QIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 314845624346999644269614187545890907726752
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-01 16:15:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-30 16:15:01 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'inyourheart.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26689512034987937764648984119350956605284984781913728556582540669728351924335531589174836775328035892634534604046510077327390808547607743628709050748438635114236667710477865554392124595973917034481666596744973052944295682096198549969808026178405060625770983396215385612021877385546443958312875552485510434486755714520908503280744756274256450264289588261387085903024446579993622309377023702275493235235782551549296915867571458940966422183908820279415363181190568504424157962758182898884539769521364024102273161798750635940667989944637008282864071062481610190444862714042100679851377084621267490175159324740792422740701
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							337e3bf4da40b49dd793d74889f5e9a263912e73
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inyourheart.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.inyourheart.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dfa55eab68824f1f6cadeeb85f4e3e5aeacda212a46a5e8e3b12c020445c2a7300000182fa0c8b9d0000040300473045022009bab2baf8d4f9f2f0ecba4437d33000db879a14ee45cb7e5adfe8ea354e56db0221009b98cfb759ddc317b0764ff8d3adc5091718360815e7a1b10938046f1b96016900760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d4700000182fa0c8bc6000004030047304502203d526211b0cc9e04df6f7889b872b364ea7e2c08a0c8ed6c56f90af5a2bcabc902210087c4adca349b49f97cdaeddaa9779ee32a9b15f9e67786fc2a6b69a6f98f48b1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003e314360074195f72a37e585e4ec3a2014fb5e04f76e27febd115f7ee64015153064f840bb5cdb04288ba9848786c1b05e8dbe0c9c8a3497acc4b732099f78a383f241a0b7ff162cc5a8b91d619a451b51e14da9baf7350730fe4ec841322627774893dc9e576e03ab4b71f566347f1c7bab6a07094cc1d92b8423452e3c0d2dd0ed2ce0e14206ebc33c0c11f8beb23c6ca730fda648fdcbc1b04e075023a2951dcec056be96d36f5826cbaecb1e123e79da7664377294d9ad89cf27ff9ce203319a7a1e04f55c552686c38ee4321dc5f0454d9c1dd3415743de75038a837c92a983615fc9dab5b296cea15fc84b6a2b1c7a12cbfe00aaa5085806030e51b691