berka.net

Issued by R3

About this certificate

This digital certificate with serial number 04:08:e4:06:9b:80:15:84:d6:96:a0:62:01:cd:90:dc:59:7d was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=berka.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:08:e4:06:9b:80:15:84:d6:96:a0:62:01:cd:90:dc:59:7d
Serial Number (int): 351474500953149959466804618110335249570173
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: b2:68:67:5f:46:f3:8f:fc:23:f2:c5:f6:8e:6c:4e:97:5c:89:62:c9
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 1f:86:9b:69:70:be:cf:6f:45:ee:bb:ea:fe:94:76:96:9a:01:f5:ca
Fingerprint (sha256): cc:16:f7:94:9a:ef:4f:75:ca:4b:81:a8:f9:5c:73:d1:85:af:1d:6d:fb:26:94:f3:14:e7:04:4d:73:1d:f1:49

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate berka.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for berka.net

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

berka.net
www.berka.net

Other certificates including the domain name berka.net

(limited to 100 certificates)
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
berka.net
www.berka.net

Certificate

The complete raw certificate details for berka.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISBAjkBpuAFYTWlqBiAc2Q3Fl9MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMTExNzM3MjZaFw0yNDAzMTAxNzM3MjVaMBQxEjAQBgNVBAMT
CWJlcmthLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALViJ7B9
W0M9Aw4CT6Y8B2mZwLhRsnKCv9rWm+DQUikW87wChxPQTnUFAUYYAW6bkeZeS8eh
uXKU00tLNvPKL19HLjfaanD73FozGqIhlAFDRWrBEb3uh0nJ8eR8P5IR3Zwlh6o9
FUrjAT8LHTO2yyghNvniXu3vH3/iuRANgQQW83IAuXFpBZp5agtUxLkBLBaO1G1m
cJdQUr95x0CDzP+NGxc+MDUFqd1+IMbCCAJmWMrp4g8WjT9fuH05z1EThTsG4JUH
yya4r8l/CxnOw264Q8tpHsysgF30aWR8CNb9CtZOp2Y0DopB5zh0GYzZJsTU9eZJ
C0t/d6xy4qdc/WovSmEyp9peeTGX73Sk9k3OxkF60awS//9l1Z9zULrCTvUVQBUy
LQPOskxvFDN228Kg4LpHOV70A+uxUMXsE0Do4TvOhLns4snktuBbgE5rIwWshP8u
fQ9UEIt+HCnK9priJhh1QSeOVmpT8tQV/UiwezhQz8QXrDJUElLVQpoqZ8Y6Htip
KHuiZLD8EqMiqMqyUUUF1LSQbWkhNYwW0roo+iBQI9LQ67EUpQnotcaiSFjuh93+
HQSSevC2JNMyBTTQV+3QjB63+7b/+AaJIJ3zHqTyTK3BFc+Nfd56nqIHSRQ1kbrz
ZwcHQ82U8I5tDIpPoIQx6wIhDvNTTncZai4DAgMBAAGjggIbMIICFzAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFLJoZ19G84/8I/LF9o5sTpdciWLJMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCWJlcmthLm5ldIINd3d3LmJlcmthLm5l
dDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3
AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjFordrQAAAQDAEgw
RgIhAOFHTLQQPTZAS6+Sx0EBWdLS1dzaCc3xzik1B4K7DjwsAiEAhkSmJGJ6jkiT
xJf8QnZyOcWxmF8x+g5hJMKaNmz2PGoAdgDuzdBk1dsazsVct520zROiModGfLzs
3sNRSFlGcR+1mwAAAYxaK3a1AAAEAwBHMEUCIFL83GBfRvGWAe6O4WvtaKHtIizK
JgSMIi9CNL6z8cYMAiEAtVJeLKUl3RsDSvT+RSwuas4+CxLtFmvGbXu3Ky5fOYkw
DQYJKoZIhvcNAQELBQADggEBAD310uQtFuyFkKoJthuddGTIU2eutwHW/KWtCLGW
a31tBwJc5qiUJCroZJpKaXJzGHxKmdyQsNojP3Ud98MN/7tHJlTDWYyaqVkkK0l1
NUoqNMzYLw5jLobvO7L93nSu9hvv+62SlADYKq5qXgzfPnZcFYRDtPmMh5Anpeit
lLvTTlqhdk4E86fa1kBzLnA4woVmnLyXI8hNNa5zTXDmJgZlOE1diZ8Z7zekzcwr
34F2GqxgYRPHrWnP9Le0GFdtYzlEB9ktz1Ub9nRgRHiJ3WL5zbsKxRg86Tr+GeZi
G1A4s9aiZIKqgfBVJi62dAZWYLMalo+PEczkhtoXUgfpebo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtWInsH1bQz0DDgJPpjwH
aZnAuFGycoK/2tab4NBSKRbzvAKHE9BOdQUBRhgBbpuR5l5Lx6G5cpTTS0s288ov
X0cuN9pqcPvcWjMaoiGUAUNFasERve6HScnx5Hw/khHdnCWHqj0VSuMBPwsdM7bL
KCE2+eJe7e8ff+K5EA2BBBbzcgC5cWkFmnlqC1TEuQEsFo7UbWZwl1BSv3nHQIPM
/40bFz4wNQWp3X4gxsIIAmZYyuniDxaNP1+4fTnPUROFOwbglQfLJrivyX8LGc7D
brhDy2kezKyAXfRpZHwI1v0K1k6nZjQOikHnOHQZjNkmxNT15kkLS393rHLip1z9
ai9KYTKn2l55MZfvdKT2Tc7GQXrRrBL//2XVn3NQusJO9RVAFTItA86yTG8UM3bb
wqDgukc5XvQD67FQxewTQOjhO86EueziyeS24FuATmsjBayE/y59D1QQi34cKcr2
muImGHVBJ45WalPy1BX9SLB7OFDPxBesMlQSUtVCmipnxjoe2Kkoe6JksPwSoyKo
yrJRRQXUtJBtaSE1jBbSuij6IFAj0tDrsRSlCei1xqJIWO6H3f4dBJJ68LYk0zIF
NNBX7dCMHrf7tv/4BokgnfMepPJMrcEVz4193nqeogdJFDWRuvNnBwdDzZTwjm0M
ik+ghDHrAiEO81NOdxlqLgMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 351474500953149959466804618110335249570173
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 17:37:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 17:37:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'berka.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 739979785739376350850755774059854877330546276681698605103028486421410419784334738502540285585901871899369139869245118253245879163198082146807412371835678171159033737398299196282535773322075257985410994453904204188219939879177360018174697474893698938688824527622235060885726735724159405705225855407241582391863268846742446865830538856858251397375920488512357474406718655842682799196190700808778604903315536520133423204251710010158093660194897062992533107532869839990714388239419998695143860356629416329925365964513702334625287623431912579917961059491801340440258179605870068697790868631909069126166443773730943980908839799556867404562048621265266423717323505867589310125359504838632546312064234441097127417908591205788251020359489740100419884528219222622454817894126297904768212407438232547090472641983141653062546594212841834082950168650817734499804414849377753449462997973907339556386006876048483175332818875931711314925686545955877805045611000189459330667693398483063062960319845498229600338017686809021220098881248239246458823019330949952739070924889144534021327101999648003677022842330863517842403592224273980089378103541640789042046412712985423553110122058629489816789052627929740873701754081723453172457874998132189459529739779
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b268675f46f38ffc23f2c5f68e6c4e975c8962c9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'berka.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.berka.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c5a2b76b40000040300483046022100e1474cb4103d36404baf92c7410159d2d2d5dcda09cdf1ce29350782bb0e3c2c0221008644a624627a8e4893c497fc42767239c5b1985f31fa0e6124c29a366cf63c6a007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c5a2b76b50000040300473045022052fcdc605f46f19601ee8ee16bed68a1ed222cca26048c222f4234beb3f1c60c022100b5525e2ca525dd1b034af4fe452c2e6ace3e0b12ed166bc66d7bb72b2e5f3989
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003df5d2e42d16ec8590aa09b61b9d7464c85367aeb701d6fca5ad08b1966b7d6d07025ce6a894242ae8649a4a697273187c4a99dc90b0da233f751df7c30dffbb472654c3598c9aa959242b4975354a2a34ccd82f0e632e86ef3bb2fdde74aef61beffbad929400d82aae6a5e0cdf3e765c158443b4f98c879027a5e8ad94bbd34e5aa1764e04f3a7dad640732e7038c285669cbc9723c84d35ae734d70e6260665384d5d899f19ef37a4cdcc2bdf81761aac606113c7ad69cff4b7b418576d63394407d92dcf551bf67460447889dd62f9cdbb0ac5183ce93afe19e6621b5038b3d6a26482aa81f055262eb674065660b31a968f8f11cce486da175207e979ba