docker.markusko.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:2a:a3:6d:e0:35:b7:be:a9:41:d4:1a:95:fa:26:ff:98:c3 was issued on by Let's Encrypt.
With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=docker.markusko.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:2a:a3:6d:e0:35:b7:be:a9:41:d4:1a:95:fa:26:ff:98:c3Serial Number (int): 275845951877146387072055737841368004794563
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fe:fe:60:b8:eb:a7:29:13:a8:fa:bd:2b:2c:50:12:a5:81:a5:61:a4
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 45:15:61:eb:b2:dc:ef:f3:bd:db:e7:90:e9:93:9b:cd:36:11:2a:9b
Fingerprint (sha256): ca:a6:01:89:80:e1:70:5b:23:70:48:b1:5a:1a:42:c5:0f:71:0f:35:7d:6e:2d:40:f0:5f:b0:a5:58:ed:f0:d5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate docker.markusko.ch
12
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for docker.markusko.ch
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bitwarden.docker.markusko.ch
docker.markusko.ch
heimdall.docker.markusko.ch
jellyfin.docker.markusko.ch
lychee.docker.markusko.ch
nextcloud.docker.markusko.ch
paperless.docker.markusko.ch
pastr.markusko.ch
pihole.docker.markusko.ch
portainer.docker.markusko.ch
q.markusko.ch
ycast.docker.markusko.ch
docker.markusko.ch
heimdall.docker.markusko.ch
jellyfin.docker.markusko.ch
lychee.docker.markusko.ch
nextcloud.docker.markusko.ch
paperless.docker.markusko.ch
pastr.markusko.ch
pihole.docker.markusko.ch
portainer.docker.markusko.ch
q.markusko.ch
ycast.docker.markusko.ch
Other certificates including the domain name markusko.ch
(limited to 100 certificates)
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
stats.moin-alex.de
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
stats.moin-alex.de
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
Certificate
The complete raw certificate details for docker.markusko.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEXTCCA0WgAwIBAgISAyqjbeA1t76pQdQalfom/5jDMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDIwMTEwMTNaFw0yNDA3MDEwMTEwMTJaMB0xGzAZBgNVBAMT EmRvY2tlci5tYXJrdXNrby5jaDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFlh GKl6v3C7xEOyxKdZOFaZOpiGCnqn5NE5SbX6ydXEKeUsGXiYPalSSdZxfg7S9Mek 9/qQs1WLKUDVf39W+DejggJLMIICRzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFP7+ YLjrpykTqPq9KyxQEqWBpWGkMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52L FMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVu Y3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIBRQYD VR0RBIIBPDCCATiCHGJpdHdhcmRlbi5kb2NrZXIubWFya3Vza28uY2iCEmRvY2tl ci5tYXJrdXNrby5jaIIbaGVpbWRhbGwuZG9ja2VyLm1hcmt1c2tvLmNoghtqZWxs eWZpbi5kb2NrZXIubWFya3Vza28uY2iCGWx5Y2hlZS5kb2NrZXIubWFya3Vza28u Y2iCHG5leHRjbG91ZC5kb2NrZXIubWFya3Vza28uY2iCHHBhcGVybGVzcy5kb2Nr ZXIubWFya3Vza28uY2iCEXBhc3RyLm1hcmt1c2tvLmNoghlwaWhvbGUuZG9ja2Vy Lm1hcmt1c2tvLmNoghxwb3J0YWluZXIuZG9ja2VyLm1hcmt1c2tvLmNogg1xLm1h cmt1c2tvLmNoghh5Y2FzdC5kb2NrZXIubWFya3Vza28uY2gwEwYDVR0gBAwwCjAI BgZngQwBAgEwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEB AA3jbBLS1YivF3LHjlGzTekE6EGU5rc03gzDPQaYGQ+4zy4QROjc0/op/g46K88R 0yj6VLeyvRh7WSx63Fr8jXqVTMZIrhQuAqtiwmtz+l/xd1sppEZx86TuaHzmLQKr /0XCebQodRYRbuM38lGEq//mFdi4T4OvW+IAyrOyLfJ+Q2pbwAxidFOE9SUYNkaB QIhuXIYmooHNl9YYqEqrhGXhI8W+Q48Lox9gB7mg3uO/ub12hVGI3ght9gV75F5P q3cfXLQiDkaAi0mEzIYvEgNXWl2ZnFkmt7p3Li0AAP4UF1AIFdZkIfdDp4woxHo2 07fot7WYw/YTxkgv4y67kBg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWWEYqXq/cLvEQ7LEp1k4Vpk6mIYK eqfk0TlJtfrJ1cQp5SwZeJg9qVJJ1nF+DtL0x6T3+pCzVYspQNV/f1b4Nw== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 275845951877146387072055737841368004794563 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-02 01:10:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-01 01:10:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'docker.markusko.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 0004596118a97abf70bbc443b2c4a7593856993a98860a7aa7e4d13949b5fac9d5c429e52c1978983da95249d6717e0ed2f4c7a4f7fa90b3558b2940d57f7f56f837 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fefe60b8eba72913a8fabd2b2c5012a581a561a4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (316 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bitwarden.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heimdall.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jellyfin.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lychee.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nextcloud.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paperless.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pastr.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pihole.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portainer.docker.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'q.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ycast.docker.markusko.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000de36c12d2d588af1772c78e51b34de904e84194e6b734de0cc33d0698190fb8cf2e1044e8dcd3fa29fe0e3a2bcf11d328fa54b7b2bd187b592c7adc5afc8d7a954cc648ae142e02ab62c26b73fa5ff1775b29a44671f3a4ee687ce62d02abff45c279b4287516116ee337f25184abffe615d8b84f83af5be200cab3b22df27e436a5bc00c62745384f5251836468140886e5c8626a281cd97d618a84aab8465e123c5be438f0ba31f6007b9a0dee3bfb9bd76855188de086df6057be45e4fab771f5cb4220e46808b4984cc862f1203575a5d999c5926b7ba772e2d0000fe1417500815d66421f743a78c28c47a36d3b7e8b7b598c3f613c6482fe32ebb9018