tauwerk.de
Issued by R10
About this certificate
This digital certificate with serial number 03:71:ee:d6:dd:3d:d2:ed:f6:24:36:ac:86:17:26:37:35:87 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tauwerk.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:71:ee:d6:dd:3d:d2:ed:f6:24:36:ac:86:17:26:37:35:87Serial Number (int): 300106237159182042592337837414838586258823
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 32:51:0b:c1:b4:ba:48:2c:3a:e5:9c:f5:f1:bc:ad:99:00:31:67:4a
AuthorityKeyId: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8
Fingerprint (sha1): 6b:ff:58:88:44:7a:fd:12:b5:c9:44:c4:f1:6d:02:5e:07:41:27:f3
Fingerprint (sha256): b6:3d:6b:0c:46:b3:46:26:a5:7c:14:24:6b:e1:ca:71:e2:b5:ba:a7:fe:9f:49:6a:df:98:c7:8d:46:5e:fe:02
Issuing Certificate URL: http://r10.i.lencr.org/
Revocation information
OCSP Server: http://r10.o.lencr.orgCheck the revocation status for certificate tauwerk.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tauwerk.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tauwerk.de
www.tauwerk.de
www.tauwerk.de
Other certificates including the domain name tauwerk.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for tauwerk.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9TCCBN2gAwIBAgISA3Hu1t090u32JDashhcmNzWHMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTAwHhcNMjQwNjIzMjEwNDE3WhcNMjQwOTIxMjEwNDE2WjAVMRMwEQYDVQQD Ewp0YXV3ZXJrLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp87D DGzR+A7nwp2UHmNyEmrbL9MHXXIxjAPAqzH2TClwQpdo0Nb5ScGmBhtBiDctPzR/ IZZ17HMM/8gn+O5X4p/AQgCJgo+m+JGPGv/7ekj5meD26qukVzDBW2YSuH4C4ry6 Os4IFn0tauB4ElV/4wkeABSCwBb48609hickWW4So3d6qVFDt6ffmJ77hI+adjux H4nlfZKhV0gtXcCzuiFnFEG59z4JBnN+cY9RaFM9kvKRxG6Su5vccKWFEyiNMB7l 4LgbgzVOerYGhcE1Q3rILXIqe429Ef3FcE5zwADtBjHm5Yzk1nQLnPhTIapkXpHk 1KHjin52nrp2/wp0v8ChAIYKpQJWbslGG7ruGWR6RAtUkAYqhJ1+1nywzAW8tYit 2xoOn34kw91Hf/MyP0VF1Wo/mj8h4n4IFeKiIJOj5Xp5Bj0W8PuzzNzVkvgQH8gi 4BEWDH1jeBLXU0OJpa7w2mE8ALZun4YGAzUgSLcaDoPkm4A0yPG+9nF250cQCKst yusuiUWwgn4BeNxM4DaWNECK3o/7Q10H9Gr+HhB3ZF+isaWwEUXHKCbWfGVwVXbK waurPPOrOQgTQlZ4NjIb/vmMAIvq5Q6X3GzXAGwnrTiPiwyAxzkOUL35uA0dj/K6 WaxZ8nm0bYTYexb3q6hk9PR3VXjFb7CHsCPl1HsCAwEAAaOCAh8wggIbMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUMlELwbS6SCw65Zz18bytmQAxZ0owHwYDVR0jBBgw FoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUF BzABhhZodHRwOi8vcjEwLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8v cjEwLmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggp0YXV3ZXJrLmRlgg53d3cudGF1 d2Vyay5kZTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYE gfMA8QB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkEcg6eYA AAQDAEcwRQIgSmQod+05wqG6gkXJ49nMoK+Bs4c8NDW6PNczAtFTQzcCIQCacFlu qcT1gnHfTG7Cl26b0wcAjOw5lrwaMvUrQsThBQB3AHb/iD8KtvuVUcJhzPWHujS0 pM27KdxoQgqf5mdMWjp0AAABkEcg6jUAAAQDAEgwRgIhAN2WYsDJYMM5J39Tjr7z 9FYOButMFpkGpGxgegh7MyTyAiEAmNhKDs4EevHnC0HLTu/yyBoiV8QXmUGM7UeS MjiSUIowDQYJKoZIhvcNAQELBQADggEBAE5OrrjSSAS9G8Vtq1LTAlaSNGcOY3s1 DsTLlodvobF+3uop4Qj3jdHbPzgUxjNcdUlOM29THvGTeT6DfywKjgbUoGHzYy1M hY/eJwLqBJA4FqcSGknC2xKZWzklwv/OOkUvmz7Wkpo31shUW975eXC6pmi7WdRj oYU/V/NkHzgI8zxYsCr4v1hxthNrb560xqZ+qz1QdcYIoR3xTsDwEL/Yq/ZlKAzA IEm7/9GRk+P+HXCKUevyl3qGYakhlgc9iQIiVNM/oaTM3Cp+QVgp3qYUC8hbTKVM ZEmuFmVuFIJgk+bLuVBgynDQyKI+3rH6/dTZPF/gDrFNOBncBpNpCy0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp87DDGzR+A7nwp2UHmNy EmrbL9MHXXIxjAPAqzH2TClwQpdo0Nb5ScGmBhtBiDctPzR/IZZ17HMM/8gn+O5X 4p/AQgCJgo+m+JGPGv/7ekj5meD26qukVzDBW2YSuH4C4ry6Os4IFn0tauB4ElV/ 4wkeABSCwBb48609hickWW4So3d6qVFDt6ffmJ77hI+adjuxH4nlfZKhV0gtXcCz uiFnFEG59z4JBnN+cY9RaFM9kvKRxG6Su5vccKWFEyiNMB7l4LgbgzVOerYGhcE1 Q3rILXIqe429Ef3FcE5zwADtBjHm5Yzk1nQLnPhTIapkXpHk1KHjin52nrp2/wp0 v8ChAIYKpQJWbslGG7ruGWR6RAtUkAYqhJ1+1nywzAW8tYit2xoOn34kw91Hf/My P0VF1Wo/mj8h4n4IFeKiIJOj5Xp5Bj0W8PuzzNzVkvgQH8gi4BEWDH1jeBLXU0OJ pa7w2mE8ALZun4YGAzUgSLcaDoPkm4A0yPG+9nF250cQCKstyusuiUWwgn4BeNxM 4DaWNECK3o/7Q10H9Gr+HhB3ZF+isaWwEUXHKCbWfGVwVXbKwaurPPOrOQgTQlZ4 NjIb/vmMAIvq5Q6X3GzXAGwnrTiPiwyAxzkOUL35uA0dj/K6WaxZ8nm0bYTYexb3 q6hk9PR3VXjFb7CHsCPl1HsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300106237159182042592337837414838586258823 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-23 21:04:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-21 21:04:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tauwerk.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 684595539800214973620116252182536837972517628706149486997856922541140534720211982374906544848858403302712677264943354566066262896713894731156728731101057095646016069213062314509344648546026447226024162795956584511016087052134474533170801463220527520705420401305489588187392815267074423365756126002020224743819745003342406996257785355195997684449224651666714665731164267286769632439126177643818426167994688934151644002228429575912205016965534688835540158087390119082554903486924738588223412102760802175943010527555434012219112790243678484682343682839679771834519863927858131953929523208892367537658630209122638351188017954909780957398753083094586964042273905730990549874944028595071016804806317732579094619145929188320484136102972512728097367625826161087769135941680847380955890957638403636750823787943068401334794411187052211678232090348486538772899179411612076929008696769551284458263497094956167610586779282532948308079029307228472914732293011611222812753631445253685613011622992955403723582436688493449347603209881384029814759633797272783515551173833616900402502902345856261956118997277839716549133542774277324079740665077312466191573519824692072830618135478208023147814511326651069297525896474743527683622013772177395356990297211 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 32510bc1b4ba482c3ae59cf5f1bcad990031674a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tauwerk.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tauwerk.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001904720e9e6000004030047304502204a642877ed39c2a1ba8245c9e3d9cca0af81b3873c3435ba3cd73302d15343370221009a70596ea9c4f58271df4c6ec2976e9bd307008cec3996bc1a32f52b42c4e10500770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001904720ea350000040300483046022100dd9662c0c960c339277f538ebef3f4560e06eb4c169906a46c607a087b3324f202210098d84a0ece047af1e70b41cb4eeff2c81a2257c41799418ced4792323892508a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004e4eaeb8d24804bd1bc56dab52d302569234670e637b350ec4cb96876fa1b17edeea29e108f78dd1db3f3814c6335c75494e336f531ef193793e837f2c0a8e06d4a061f3632d4c858fde2702ea04903816a7121a49c2db12995b3925c2ffce3a452f9b3ed6929a37d6c8545bdef97970baa668bb59d463a1853f57f3641f3808f33c58b02af8bf5871b6136b6f9eb4c6a67eab3d5075c608a11df14ec0f010bfd8abf665280cc02049bbffd19193e3fe1d708a51ebf2977a8661a92196073d89022254d33fa1a4ccdc2a7e415829dea6140bc85b4ca54c6449ae16656e14826093e6cbb95060ca70d0c8a23edeb1fafdd4d93c5fe00eb14d3819dc0693690b2d