www.cklie.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:52:8f:d5:b5:64:37:1c:d6:06:5b:09:6c:c1:4d:6f:06:dc was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.cklie.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:52:8f:d5:b5:64:37:1c:d6:06:5b:09:6c:c1:4d:6f:06:dcSerial Number (int): 289431201124481815880524109097000883914460
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 86:28:3e:29:b7:d7:d9:2d:96:33:e3:10:af:11:63:51:d1:4d:0b:7c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 2f:bb:ff:2f:ca:0e:9f:d6:22:9e:e3:66:ac:ca:aa:19:48:cb:b2:f6
Fingerprint (sha256): b9:5d:1f:62:7d:1b:c7:28:b9:44:cb:7c:a9:3c:67:51:fd:28:0b:34:5e:5d:70:4e:c8:63:2a:6d:d0:43:d8:6d
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.cklie.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cklie.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cklie.de
www.cklie.de
www.cklie.de
Other certificates including the domain name cklie.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.cklie.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWDCCBUCgAwIBAgISA1KP1bVkNxzWBlsJbMFNbwbcMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMTEwMjI4MjhaFw0y MDA0MTAwMjI4MjhaMBcxFTATBgNVBAMTDHd3dy5ja2xpZS5kZTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAPHYazKCq/gppBjI99ygTAwggt8B0t/2lLYV A9AU/pxpT+wOjX+5WCMBfaujhTqfASmtvww4xSfUA6/kDrUvTskhiSkaxW6+xDET c4HI8H26O3nqfntLR8qDFV+KEe+4Vc+x70Nkw1lM1ZxyEkznyexTdnp/rSVLi2dA Z5KfyqOTE3GBbxPCIv/vWktwpbEOzJnNN5uMBXcPQ4ffVSkwbFqkUrkzrWJ8BrC7 C5UcF+DkbyEib+A0TViRd36DW8DRE1f5UJuiMKGa2q1ayAKQKTONKWEAyrQywINY VeZ8ji6gMMT+Ig5Klys4AEVgbRXTcV8hMBDoM5nR4Du1BeU24uDn3clswG5C/83U RAxWlHq9aI6ma1idUVtYIqY9kJn49AnuiS1IREw6oG5EyEFJEX8QhXviogFLNNUC TFiBcROBPDk/ZYxN1CG0I/Ro++NGQzwRGnGdiz6k76CPjeWqssGAoSlEQA1/YGnp 9gU6NYRrp+tr5F9eZFw+LLR08qd/gfPtmyiBVEUrCL4lV/sPcwQsP1fI6JA6ZJ8j FVnZYG5lhPExQaTdEfzoAaMIC4znTFzu3ejUfAy2PulRgAGdAseV2uFetogE67n1 pLm2g3hTA+8Jijdgcfk4nABPlcsqQUACJTRb1XUNCssQhmm2eCekQ4dMWa3aPt8m iGWkReAjAgMBAAGjggJpMIICZTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIYoPim3 19ktljPjEK8RY1HRTQt8MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wIQYDVR0RBBowGIIIY2tsaWUuZGWCDHd3dy5ja2xp ZS5kZTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQIGCisGAQQB1nkC BAIEgfMEgfAA7gB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAAB b5KlXn8AAAQDAEYwRAIgcfW1PqfSAxzjWj5SO7cZnm0pyIk4DS6L47lGJrrWgdEC IA0JvbY0Bd2aYi+NBiY05eIwrRov+T9iwyq8EtYbBlw8AHUAsh4FzIuizYogTodm +Su5iiUgZ2va+nDnsklTLe+LkF4AAAFvkqVeaAAABAMARjBEAiATw6JgvqO+Imgw jHaHPXdr2EZFup+/3MXKTWyT4IOmagIgYyGPCDUkZydW7iQeEeO2h5s/DHU9WetL BK3NyTr0kGUwDQYJKoZIhvcNAQELBQADggEBAAdPNTvz1r90Zt3OF6ww6fUX8DTB 980sbOE/SDXJ/7m6se5yhNre2ff6O/Z4eC3sgG2o0xZ5YxoLv+iOptNXfUJoeOwH BGIkHXD08pQ5a0Q8gaXB89UV4dtEsfrv9dizUl9f4S7EB127Qs+TRpaRYh4tt0iM EmXOSMB7IorOmHRxbAImQMQA00iG7aRG6cQA2TKsLxPnvfeKSZAWcIRMbBlAW7xT eR2RB/uBtsi7cpMmwaYPq8ixQM4VQ2spqoScOm8JTQA+qXNJPSiaOgkWEzHt3TrD w9wVn1/4Ca9KYuKPbopYjWnxyIDkckA8Eqs65DbArfQcPn3RnQHL8DnSCss= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8dhrMoKr+CmkGMj33KBM DCCC3wHS3/aUthUD0BT+nGlP7A6Nf7lYIwF9q6OFOp8BKa2/DDjFJ9QDr+QOtS9O ySGJKRrFbr7EMRNzgcjwfbo7eep+e0tHyoMVX4oR77hVz7HvQ2TDWUzVnHISTOfJ 7FN2en+tJUuLZ0Bnkp/Ko5MTcYFvE8Ii/+9aS3ClsQ7Mmc03m4wFdw9Dh99VKTBs WqRSuTOtYnwGsLsLlRwX4ORvISJv4DRNWJF3foNbwNETV/lQm6IwoZrarVrIApAp M40pYQDKtDLAg1hV5nyOLqAwxP4iDkqXKzgARWBtFdNxXyEwEOgzmdHgO7UF5Tbi 4OfdyWzAbkL/zdREDFaUer1ojqZrWJ1RW1gipj2Qmfj0Ce6JLUhETDqgbkTIQUkR fxCFe+KiAUs01QJMWIFxE4E8OT9ljE3UIbQj9Gj740ZDPBEacZ2LPqTvoI+N5aqy wYChKURADX9gaen2BTo1hGun62vkX15kXD4stHTyp3+B8+2bKIFURSsIviVX+w9z BCw/V8jokDpknyMVWdlgbmWE8TFBpN0R/OgBowgLjOdMXO7d6NR8DLY+6VGAAZ0C x5Xa4V62iATrufWkubaDeFMD7wmKN2Bx+TicAE+VyypBQAIlNFvVdQ0KyxCGabZ4 J6RDh0xZrdo+3yaIZaRF4CMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 289431201124481815880524109097000883914460 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-11 02:28:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-10 02:28:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cklie.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 986643093153476423981733701257497086824196928326044509320893795157796888107227473282497977746571674931107634796716599747098079824425164679509240251505432207732252813764175167522968998543218593805800454944386223861976526895727962532744432895801682061160725540678373658953631544513795699074221963787156323448218974310418298763211066646328369865388756904787211605144696035334516821167502405125258651736960195197757620914269235581163518678368763036574375759876638947731422191255478138264420107535045816718014956787556383208815491725533895803757146461787079688673658845230702804663358955738730099245186665700990949395774016169968869165056327292372117689159102698357859004593356244393997290396011430259040227881936435145647321553968039765821837621689597325496974764459760159667781642454913147267651276749908272748587825091873287714369570651891359123757306630972944140481783908628648000995893287389585936222136116846268945991650880732963471171241840824214291099172056915909777099619098464290217635862955675995496497351705818664414756604048267297844634169148944616583858749632315924331301121206554003062580861890284705511201068193246704099680155755978306022382220945182471116580009999660245112026147488458832755422328575680272126836530864163 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 86283e29b7d7d92d9633e310af116351d14d0b7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cklie.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cklie.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f92a55e7f0000040300463044022071f5b53ea7d2031ce35a3e523bb7199e6d29c889380d2e8be3b94626bad681d102200d09bdb63405dd9a622f8d062634e5e230ad1a2ff93f62c32abc12d61b065c3c007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f92a55e680000040300463044022013c3a260bea3be2268308c76873d776bd84645ba9fbfdcc5ca4d6c93e083a66a022063218f083524672756ee241e11e3b6879b3f0c753d59eb4b04adcdc93af49065 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00074f353bf3d6bf7466ddce17ac30e9f517f034c1f7cd2c6ce13f4835c9ffb9bab1ee7284daded9f7fa3bf678782dec806da8d31679631a0bbfe88ea6d3577d426878ec070462241d70f4f294396b443c81a5c1f3d515e1db44b1faeff5d8b3525f5fe12ec4075dbb42cf93469691621e2db7488c1265ce48c07b228ace9874716c022640c400d34886eda446e9c400d932ac2f13e7bdf78a49901670844c6c19405bbc53791d9107fb81b6c8bb729326c1a60fabc8b140ce15436b29aa849c3a6f094d003ea973493d289a3a09161331eddd3ac3c3dc159f5ff809af4a62e28f6e8a588d69f1c880e472403c12ab3ae436c0adf41c3e7dd19d01cbf039d20acb