agetty.de
Issued by R3
About this certificate
This digital certificate with serial number 04:b7:8d:68:31:ab:07:2c:b2:59:45:92:72:81:7e:2f:41:b8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=agetty.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:b7:8d:68:31:ab:07:2c:b2:59:45:92:72:81:7e:2f:41:b8Serial Number (int): 410908779027239992959349827466930796052920
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: fe:6f:08:82:55:20:4f:32:9b:3a:9d:65:66:42:d8:37:cb:05:c4:70
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8e:fc:23:76:7d:94:15:52:25:40:cd:17:0a:ef:0b:af:91:de:41:cf
Fingerprint (sha256): b7:24:ff:75:9e:bb:84:1a:49:5d:08:b8:5c:0e:b6:d9:c5:06:a5:ff:3d:21:b4:cc:1e:89:65:e7:ff:a1:56:40
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate agetty.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for agetty.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
agetty.de
www.agetty.de
www.agetty.de
Other certificates including the domain name agetty.de
(limited to 100 certificates)
mail.agetty.de
sni52471.cloudflaressl.com
sni52471.cloudflaressl.com
mail2.agetty.de
autoconfig.agetty.de
agetty.de
mail2.agetty.de
agetty.de
mail2.agetty.de
agetty.de
mail.agetty.de
sni52471.cloudflaressl.com
www.agetty.de
agetty.de
mail2.agetty.de
mail2.agetty.de
sni52471.cloudflaressl.com
mail.agetty.de
secure.agetty.de
eunomia.agetty.de
secure.agetty.de
agetty.de
agetty.de
mail2.agetty.de
agetty.de
agetty.de
autoconfig.agetty.de
mail2.agetty.de
mail2.agetty.de
agetty.de
agetty.de
mail2.agetty.de
agetty.de
mail2.agetty.de
sni52471.cloudflaressl.com
sni52471.cloudflaressl.com
mail2.agetty.de
autoconfig.agetty.de
agetty.de
mail2.agetty.de
agetty.de
mail2.agetty.de
agetty.de
mail.agetty.de
sni52471.cloudflaressl.com
www.agetty.de
agetty.de
mail2.agetty.de
mail2.agetty.de
sni52471.cloudflaressl.com
mail.agetty.de
secure.agetty.de
eunomia.agetty.de
secure.agetty.de
agetty.de
agetty.de
mail2.agetty.de
agetty.de
agetty.de
autoconfig.agetty.de
mail2.agetty.de
mail2.agetty.de
agetty.de
agetty.de
mail2.agetty.de
agetty.de
mail2.agetty.de
Certificate
The complete raw certificate details for agetty.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgISBLeNaDGrByyyWUWScoF+L0G4MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjgwMTI0MjVaFw0yNDAzMjcwMTI0MjRaMBQxEjAQBgNVBAMT CWFnZXR0eS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKCK6vkw GXa0opoxAr8e6/Wp6AfOQIopvjFG2hFkEHe+kQUsgkbPZJbjP6IrSt1qyDMimR2B dn1O6sRAGNJut4Hip290A3+bp0fAymtzhzkmH4luQuQhMz+j/K0t0BZMlXn0A0S1 aVJVBsrLaWU5pOfHRF9myCq4Nt8ADbSDuzM/HITtK/9tV5iMxHE+ActgzwTFITEe Vvo/Q1Hu4z09Txkg+nNcAQ65AabKHE6EMiGktm/Ac84Y5gZaPj/qE7AH94+CGO4l U8tMhoChzrD0yqKKVsn3RHYas+M4ibvHMCQYexBHZqQ5c13nD4EwBIIeOIR6d2+v rjPjqetnn3khPdMCAwEAAaOCAhowggIWMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU /m8IglUgTzKbOp1lZkLYN8sFxHAwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wIwYD VR0RBBwwGoIJYWdldHR5LmRlgg13d3cuYWdldHR5LmRlMBMGA1UdIAQMMAowCAYG Z4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGMrjy/5wAABAMARjBEAiA5W3mPF/yUNN83D/X4 eVjYZRcMrQbj4sFNBb9DELYL+AIgexn3LeJdR9q1gPr6c+axHGeIAcXYt9Vvr3Uz n2GjEwIAdwA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYyuPMHY AAAEAwBIMEYCIQDU3e0ouEPUb4gtdMNVOJZVTrOL/Vdv7gRXfQDU1AMiYAIhAOk5 0jM8jqRpJLTKPqc2h82i1gAFuddA9b9UWJlQiA92MA0GCSqGSIb3DQEBCwUAA4IB AQB9j4/v2g+AqIyo+7GGYMm4m3ISmJO1umdVndbS4NoCq7uBEJ3Z6xaJTtL34a4f 6GTZZgYGqjwwJ8Mwr1l9WPguS9B7QjjaP+eYyCVIT+Dn02xqabjiyEDlWrEt4b0N YGHgv+YGQO7hmmsSjAUbqiIEbH7MTN4rJIeWYfErjA1T7ywkZYn1mR4BBm6rkLNj XyZlNMmTnizFJG9KGXv5p5jlPap84noETXI/DCVgkum1qCtg5sHLK/7/La0gPEdx +hpoWaFfEKGP7wmf3Dc8gF6CBD7d8vIXWUQrdNpEMij2DHMZpLnYs1tugxfaoApk aHcCkTO2Glp/cuR7iEx+FeMG -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIrq+TAZdrSimjECvx7r 9anoB85Aiim+MUbaEWQQd76RBSyCRs9kluM/oitK3WrIMyKZHYF2fU7qxEAY0m63 geKnb3QDf5unR8DKa3OHOSYfiW5C5CEzP6P8rS3QFkyVefQDRLVpUlUGystpZTmk 58dEX2bIKrg23wANtIO7Mz8chO0r/21XmIzEcT4By2DPBMUhMR5W+j9DUe7jPT1P GSD6c1wBDrkBpsocToQyIaS2b8BzzhjmBlo+P+oTsAf3j4IY7iVTy0yGgKHOsPTK oopWyfdEdhqz4ziJu8cwJBh7EEdmpDlzXecPgTAEgh44hHp3b6+uM+Op62efeSE9 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 410908779027239992959349827466930796052920 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-28 01:24:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 01:24:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'agetty.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20266631746844931719528288318039852985978157776713463709950597917460863075633953473002201899472440610859820747521722995149770501987320999919720445106495132059887592515927802053721027735867879199316594309753175251358271019430073992130127661663917659112792916203449217476314750074489332069441895908367533513784804590174801051515137288608693958480926102724912306701884934514664712056991609271377973001556075926027455568023966236929822667913092338012460267520523216237427597509829361593772059877930467868589725355132532352005399114748036859686937666376405477064530993481173290132598209459410431069323095449296240973528531 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fe6f088255204f329b3a9d656642d837cb05c470 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agetty.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agetty.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cae3cbfe700000403004630440220395b798f17fc9434df370ff5f87958d865170cad06e3e2c14d05bf4310b60bf802207b19f72de25d47dab580fafa73e6b11c678801c5d8b7d56faf75339f61a313020077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cae3cc1d80000040300483046022100d4dded28b843d46f882d74c3553896554eb38bfd576fee04577d00d4d4032260022100e939d2333c8ea46924b4ca3ea73687cda2d60005b9d740f5bf54589950880f76 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007d8f8fefda0f80a88ca8fbb18660c9b89b72129893b5ba67559dd6d2e0da02abbb81109dd9eb16894ed2f7e1ae1fe864d9660606aa3c3027c330af597d58f82e4bd07b4238da3fe798c825484fe0e7d36c6a69b8e2c840e55ab12de1bd0d6061e0bfe60640eee19a6b128c051baa22046c7ecc4cde2b24879661f12b8c0d53ef2c246589f5991e01066eab90b3635f266534c9939e2cc5246f4a197bf9a798e53daa7ce27a044d723f0c256092e9b5a82b60e6c1cb2bfeff2dad203c4771fa1a6859a15f10a18fef099fdc373c805e82043eddf2f21759442b74da443228f60c7319a4b9d8b35b6e8317daa00a646877029133b61a5a7f72e47b884c7e15e306