af-belgium.be
Issued by R3
About this certificate
This digital certificate with serial number 04:df:71:63:15:69:f6:4e:64:da:7c:e5:58:fa:29:5f:fd:73 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=af-belgium.be
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:df:71:63:15:69:f6:4e:64:da:7c:e5:58:fa:29:5f:fd:73Serial Number (int): 424482828785648741205981343554854579076467
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 90:86:57:9b:71:11:9d:cd:d2:6a:8c:ed:a6:1c:9b:f2:af:ae:08:5f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): e9:1c:d5:28:02:41:59:0f:f6:6c:7f:6f:57:da:fd:73:97:00:ab:a1
Fingerprint (sha256): bf:fa:96:42:a6:49:bd:35:6e:e5:a2:73:a1:36:40:76:4b:ff:eb:f0:2c:a0:07:55:74:fc:23:60:d3:8e:08:06
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate af-belgium.be
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for af-belgium.be
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
af-belgium.be
www.af-belgium.be
www2.af-belgium.be
www.af-belgium.be
www2.af-belgium.be
Other certificates including the domain name af-belgium.be
(limited to 100 certificates)
newreal.be
newreal.be
www-dev.cheaseed.com
newreal.be
auctech.com.br
bank.novapay.co.zw
lpdevelopers.co.in
newreal.be
dev.admin.gymrabbit.io
www.despliegayvuela.cl
newreal.be
www.bilgisayar-servisi.net
www.audit.af-belgium.be
support.newreal.be
newreal.be
atelier34zeromuzeum.be
newreal.be
pixiesolutions.co.uk
inordine.cloud
bank.novapay.co.zw
newreal.be
dktuningxtreme.com
www.bilgisayar-servisi.net
alpha.zonotho.com
newreal.be
inordine.cloud
troyskoiz.com
af-belgium.be
af-belgium.be
atelier34zeromuzeum.be
newreal.be
dktuningxtreme.com
admin.dev.bioracermotion.com
atelier34zeromuzeum.be
mci.tt2021-a098.de
www.cucorea.nu
newreal.be
troyskoiz.com
www.atelier340muzeum.be
newreal.be
www-dev.cheaseed.com
newreal.be
auctech.com.br
bank.novapay.co.zw
lpdevelopers.co.in
newreal.be
dev.admin.gymrabbit.io
www.despliegayvuela.cl
newreal.be
www.bilgisayar-servisi.net
www.audit.af-belgium.be
support.newreal.be
newreal.be
atelier34zeromuzeum.be
newreal.be
pixiesolutions.co.uk
inordine.cloud
bank.novapay.co.zw
newreal.be
dktuningxtreme.com
www.bilgisayar-servisi.net
alpha.zonotho.com
newreal.be
inordine.cloud
troyskoiz.com
af-belgium.be
af-belgium.be
atelier34zeromuzeum.be
newreal.be
dktuningxtreme.com
admin.dev.bioracermotion.com
atelier34zeromuzeum.be
mci.tt2021-a098.de
www.cucorea.nu
newreal.be
troyskoiz.com
www.atelier340muzeum.be
Certificate
The complete raw certificate details for af-belgium.be in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISBN9xYxVp9k5k2nzlWPopX/1zMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTAxNzQ0MThaFw0yNDAxMDgxNzQ0MTdaMBgxFjAUBgNVBAMT DWFmLWJlbGdpdW0uYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK mIaxZDipylF5NEScOsjX5E3TivBUCNAX9Ywo2NZiBSFHgzTNL+jr/dCcTEGONv5C GdDpBZFRSrGEgN44YNvCPtaCMOx9A1KV1GzjtMtKGS3dhTvmxqpJz+leLOEtaYj5 Bdc1KNCmnl6LYmW3vAMg/8kdOnUZBE6n7IHtMZlPjGRCTaZVyiOQN3dDhjtDdvui 23bEk0bkFvUudcvp+CtPai10eVt2QbmJnL5yqC/zw+ENxZVd2N2hc6sZeN23Pmhg qWID0KigMkyam1zzDntaUTP9IUlP8WASmc6HxvaPl0XcN2zj/8YoLJC252zlOUPJ ak41khv2kOtSBOSvXwN7AgMBAAGjggI3MIICMzAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFJCGV5txEZ3N0mqM7aYcm/KvrghfMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv MD8GA1UdEQQ4MDaCDWFmLWJlbGdpdW0uYmWCEXd3dy5hZi1iZWxnaXVtLmJlghJ3 d3cyLmFmLWJlbGdpdW0uYmUwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEE AdZ5AgQCBIH2BIHzAPEAdwA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frU FwAAAYsa53bYAAAEAwBIMEYCIQD7JZAQkAfzewqSb2uh1UdxE5FXFu49lW8W+wT1 9am6mAIhALo+UC4c4mTEg5Z+sSvHWU47W5uAYEteRHuhUwyxfo0sAHYA7s3QZNXb Gs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLGud24QAABAMARzBFAiBYvsY3 7X/hpMqEWKIEUn4QUWE/wJUT0S1ZxhNyek16awIhAIebTzZCIa1tTzicjsuNCQEw JJNyl8vGIlya/NDlKHy5MA0GCSqGSIb3DQEBCwUAA4IBAQCSn6DZt3BJJGdIqawL XNr0SfuVVJm7qi56HoBY/Byc7JmaHrZswSSz/z1RhJ9akWwJ27yT6AEL7dLbe6pw tkHu/GmsBhUvVqFC2BqurjVge89lE59TJAvvOluNZQ86fv/dW37GKJTNeiXEeOLW L5EzTIUcKr2ojyV3wbO3GAVXaqYXjnkEE/ZhyYGa9i2HGOiTMFZvi4BtNOn6oE9/ 5iUEzUvbsJ+XZb+kcy9/svk7AZ+IECkezPsjy8/SyNRjph0wbl9pcSgqFeiQ73LD wupcU0hCBCUoAQ5YHPsRPhO9TzI8/5VZAZJ4ri7D3MV1mXwtmDrBpBpJvzGbHMpx P0FB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypiGsWQ4qcpReTREnDrI 1+RN04rwVAjQF/WMKNjWYgUhR4M0zS/o6/3QnExBjjb+QhnQ6QWRUUqxhIDeOGDb wj7WgjDsfQNSldRs47TLShkt3YU75saqSc/pXizhLWmI+QXXNSjQpp5ei2Jlt7wD IP/JHTp1GQROp+yB7TGZT4xkQk2mVcojkDd3Q4Y7Q3b7ott2xJNG5Bb1LnXL6fgr T2otdHlbdkG5iZy+cqgv88PhDcWVXdjdoXOrGXjdtz5oYKliA9CooDJMmptc8w57 WlEz/SFJT/FgEpnOh8b2j5dF3Dds4//GKCyQtuds5TlDyWpONZIb9pDrUgTkr18D ewIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 424482828785648741205981343554854579076467 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-10 17:44:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-08 17:44:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'af-belgium.be' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25575351048131459052287107292631611005780487384098236536362459177863076240239564596450182906642208602410006321038042111198012797286487479852956856583470337630989585302000787161839479084940857996032774071849621548224166365218059832933865716512633931061830465423681209108573766271636713158043560917046575592147200767212712603607567316251995571331072575092844246327077128058718441276499297557405982032519355034310873013608582074736786551949813627549632367799770348219070939080210007200655203296648876794558942346222536889664236227690803409314777052259940136395893412576640596417665043806664838029215971334131405174014843 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9086579b71119dcdd26a8ceda61c9bf2afae085f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'af-belgium.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.af-belgium.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.af-belgium.be' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b1ae776d80000040300483046022100fb2590109007f37b0a926f6ba1d5477113915716ee3d956f16fb04f5f5a9ba98022100ba3e502e1ce264c483967eb12bc7594e3b5b9b80604b5e447ba1530cb17e8d2c007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b1ae776e10000040300473045022058bec637ed7fe1a4ca8458a204527e1051613fc09513d12d59c613727a4d7a6b022100879b4f364221ad6d4f389c8ecb8d09013024937297cbc6225c9afcd0e5287cb9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00929fa0d9b77049246748a9ac0b5cdaf449fb955499bbaa2e7a1e8058fc1c9cec999a1eb66cc124b3ff3d51849f5a916c09dbbc93e8010bedd2db7baa70b641eefc69ac06152f56a142d81aaeae35607bcf65139f53240bef3a5b8d650f3a7effdd5b7ec62894cd7a25c478e2d62f91334c851c2abda88f2577c1b3b71805576aa6178e790413f661c9819af62d8718e89330566f8b806d34e9faa04f7fe62504cd4bdbb09f9765bfa4732f7fb2f93b019f8810291eccfb23cbcfd2c8d463a61d306e5f6971282a15e890ef72c3c2ea5c534842042528010e581cfb113e13bd4f323cff9559019278ae2ec3dcc575997c2d983ac1a41a49bf319b1cca713f4141