tue.technificent.nl
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:50:4a:fa:5a:37:7e:ff:75:bc:c0:7a:68:ef:30:f9:8f:00 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=tue.technificent.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:50:4a:fa:5a:37:7e:ff:75:bc:c0:7a:68:ef:30:f9:8f:00Serial Number (int): 288659109924672251708698785275663754039040
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c1:f1:bf:17:9d:f3:66:77:b1:65:bc:12:d2:3b:2d:14:47:1e:a2:7e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7b:6b:25:ec:88:65:e4:6e:db:bf:3c:54:75:ff:f5:fa:05:98:97:11
Fingerprint (sha256): bf:c7:82:b9:b7:27:fd:d3:76:c9:f8:c8:29:54:55:db:18:90:3c:24:e0:b1:6b:3c:37:a8:8d:ed:10:77:a5:fc
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate tue.technificent.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tue.technificent.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tue.technificent.nl
www.tue.technificent.nl
www.tue.technificent.nl
Other certificates including the domain name technificent.nl
(limited to 100 certificates)
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
euflex.technificent.nl
technificent.nl
technificent.nl
technificent.nl
tue.technificent.nl
technificent.nl
tue.technificent.nl
technificent.nl
technificent.nl
tue.technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
euflex.technificent.nl
technificent.nl
technificent.nl
technificent.nl
tue.technificent.nl
technificent.nl
tue.technificent.nl
technificent.nl
technificent.nl
tue.technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
technificent.nl
Certificate
The complete raw certificate details for tue.technificent.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGIjCCBQqgAwIBAgISA1BK+lo3fv91vMB6aO8w+Y8AMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAxMDIwMjQzMTRaFw0x ODA0MDIwMjQzMTRaMB4xHDAaBgNVBAMTE3R1ZS50ZWNobmlmaWNlbnQubmwwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbqHVdPqWDv9i3XWmwlNKlKD+N zoNOs2ax0cH+gruQJ8sHRpp4KJZPVRHeR687hwmlyKBEkSJ2NFJwp1/lp1hwwgkt caekXLNCKA5fZ+Sq1FWCrTVpPJtDzLJr98PtjPmZ9K/iB/nmToEdJjyVyQzcWZWP DoLw2Hnk2mO6ngGwUyOWDE7XWleMa6xiTC7+S3aLO5UcoMtprt8aa7yQMBP7aKYe 1cDsLqThyCJ+xnRcHCDuMRtMk6GPwKz4xoFeS1Vk1Yqx6MBtsdvG1poenpd8wI0q NVHnUCAzbwIxXB9qR4C2RypkWmlVE/11Oi0bvBAI5Z/QNLUPo3rKnFemYRK8grQz MJH7zCdEEq9sYOEJ3Z8Aw6m1N1JmB9BaEYEseNUzXwdhL4O0lL3VuCyOhv3TWmaN zbTuaUGyJylBSt9S42Di2vOy1UgZHZi8fNXW4gX6jdV/AtMZOeE3WCb/938GsZpC FmyDnWoNiIJR7NrBHLYTpMmHYvvS2W6OAk4zYN+pdZfPd4JYQ7HfKe3nI9qsg26n VCbtEIxiGKd22opje4obvbP3xHO7KSXYq+QdASWgE3cDQaVGJmEwGuasIaxoPPWy JzDvSbm/YYrK2VhvANF+OC+otRTlsOCN9RLAYfiRtVhtpKt5G/BOSeZhD5X83xSX HP6L+GNLVZJNlQn3mwIDAQABo4ICLDCCAigwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBTB8b8XnfNmd7FlvBLSOy0URx6ifjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMDcGA1UdEQQwMC6CE3R1ZS50ZWNobmlm aWNlbnQubmyCF3d3dy50dWUudGVjaG5pZmljZW50Lm5sMIH+BgNVHSAEgfYwgfMw CAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDov L2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0 aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRp ZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQ b2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9y eS8wDQYJKoZIhvcNAQELBQADggEBAFI1EmHzoB/QPypiHLxv2Lo+abxCqAsoUf34 Kwbsm8IePFKwoqiFdb8eK+yZfYvu4PV46jwZpcmj2iUJcOrgnm/ju7eTyJZw93j6 T7A6Rr/uS3A0dCA+45WiZ/HlbuMxlWmFOnb7LrHxbpIDuHUchXwRUqDAvNsaIH2M qBp63bMj9qWIyUHMO7DSME4e/MfFlAJTbORyXrmd2qe/TosakczAArEzUtjXXj4j f4SXEKfqHKkt3RB7/QOuM2WceIgQxLnv7GUqLcFoR8688r8OOwJY6fRv9S1qnow5 ziSdC9Hx/PxwOlEdza/PzuBX7o2j4A6ZuipLn7NvfkE65losvQ0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA26h1XT6lg7/Yt11psJTS pSg/jc6DTrNmsdHB/oK7kCfLB0aaeCiWT1UR3kevO4cJpcigRJEidjRScKdf5adY cMIJLXGnpFyzQigOX2fkqtRVgq01aTybQ8yya/fD7Yz5mfSv4gf55k6BHSY8lckM 3FmVjw6C8Nh55Npjup4BsFMjlgxO11pXjGusYkwu/kt2izuVHKDLaa7fGmu8kDAT +2imHtXA7C6k4cgifsZ0XBwg7jEbTJOhj8Cs+MaBXktVZNWKsejAbbHbxtaaHp6X fMCNKjVR51AgM28CMVwfakeAtkcqZFppVRP9dTotG7wQCOWf0DS1D6N6ypxXpmES vIK0MzCR+8wnRBKvbGDhCd2fAMOptTdSZgfQWhGBLHjVM18HYS+DtJS91bgsjob9 01pmjc207mlBsicpQUrfUuNg4trzstVIGR2YvHzV1uIF+o3VfwLTGTnhN1gm//d/ BrGaQhZsg51qDYiCUezawRy2E6TJh2L70tlujgJOM2DfqXWXz3eCWEOx3ynt5yPa rINup1Qm7RCMYhindtqKY3uKG72z98Rzuykl2KvkHQEloBN3A0GlRiZhMBrmrCGs aDz1sicw70m5v2GKytlYbwDRfjgvqLUU5bDgjfUSwGH4kbVYbaSreRvwTknmYQ+V /N8Ulxz+i/hjS1WSTZUJ95sCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 288659109924672251708698785275663754039040 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-02 02:43:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-02 02:43:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tue.technificent.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 896126623290074474194995810837216871884718681530604184079944147749186144120064980853807874715991202590762003274307054870703785840510572314570192699655397739924091994365863031867721610994296926666583423840648120329619867626011865558828464056723576809788154311944031287280409960225070008396854688589331705694907406973619955245824693783560599544438737625978976580029664600473789466765589447508971949966318349357198877296888855106198971599732964573657723938153346128004393522503490124259749138630328441490697795867762388113280576369347802208444948765810213769982196827072610232818715967024170741103898595162788846586754832843744337652872542382703597646372339076523801118420437867734048004377631203177487526674658665418886924571225663225886501925704599123452284308066332759633180924867186214699468470590634772279957868764416045342532473668983035249369144754498467629048812154708123872665447141968873222564800453401787700057547770534309079574627013803360044739296219648619255575778629898143264225378112559839019149648790574227767324597045571972906992179383010711584975155018414136268856359591797487869582771250486785293220049245056075701595636557655796257336706985408137453801624631765476379183101887623542744900329465249989582716605691803 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c1f1bf179df36677b165bc12d23b2d14471ea27e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tue.technificent.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tue.technificent.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0052351261f3a01fd03f2a621cbc6fd8ba3e69bc42a80b2851fdf82b06ec9bc21e3c52b0a2a88575bf1e2bec997d8beee0f578ea3c19a5c9a3da250970eae09e6fe3bbb793c89670f778fa4fb03a46bfee4b703474203ee395a267f1e56ee3319569853a76fb2eb1f16e9203b8751c857c1152a0c0bcdb1a207d8ca81a7addb323f6a588c941cc3bb0d2304e1efcc7c59402536ce4725eb99ddaa7bf4e8b1a91ccc002b13352d8d75e3e237f849710a7ea1ca92ddd107bfd03ae33659c788810c4b9efec652a2dc16847cebcf2bf0e3b0258e9f46ff52d6a9e8c39ce249d0bd1f1fcfc703a511dcdafcfcee057ee8da3e00e99ba2a4b9fb36f7e413ae65a2cbd0d