berka.net
Issued by R3
About this certificate
This digital certificate with serial number 04:08:e4:06:9b:80:15:84:d6:96:a0:62:01:cd:90:dc:59:7d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=berka.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:08:e4:06:9b:80:15:84:d6:96:a0:62:01:cd:90:dc:59:7dSerial Number (int): 351474500953149959466804618110335249570173
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: b2:68:67:5f:46:f3:8f:fc:23:f2:c5:f6:8e:6c:4e:97:5c:89:62:c9
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1f:86:9b:69:70:be:cf:6f:45:ee:bb:ea:fe:94:76:96:9a:01:f5:ca
Fingerprint (sha256): cc:16:f7:94:9a:ef:4f:75:ca:4b:81:a8:f9:5c:73:d1:85:af:1d:6d:fb:26:94:f3:14:e7:04:4d:73:1d:f1:49
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate berka.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for berka.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
berka.net
www.berka.net
www.berka.net
Other certificates including the domain name berka.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for berka.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7zCCBNegAwIBAgISBAjkBpuAFYTWlqBiAc2Q3Fl9MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTExNzM3MjZaFw0yNDAzMTAxNzM3MjVaMBQxEjAQBgNVBAMT CWJlcmthLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALViJ7B9 W0M9Aw4CT6Y8B2mZwLhRsnKCv9rWm+DQUikW87wChxPQTnUFAUYYAW6bkeZeS8eh uXKU00tLNvPKL19HLjfaanD73FozGqIhlAFDRWrBEb3uh0nJ8eR8P5IR3Zwlh6o9 FUrjAT8LHTO2yyghNvniXu3vH3/iuRANgQQW83IAuXFpBZp5agtUxLkBLBaO1G1m cJdQUr95x0CDzP+NGxc+MDUFqd1+IMbCCAJmWMrp4g8WjT9fuH05z1EThTsG4JUH yya4r8l/CxnOw264Q8tpHsysgF30aWR8CNb9CtZOp2Y0DopB5zh0GYzZJsTU9eZJ C0t/d6xy4qdc/WovSmEyp9peeTGX73Sk9k3OxkF60awS//9l1Z9zULrCTvUVQBUy LQPOskxvFDN228Kg4LpHOV70A+uxUMXsE0Do4TvOhLns4snktuBbgE5rIwWshP8u fQ9UEIt+HCnK9priJhh1QSeOVmpT8tQV/UiwezhQz8QXrDJUElLVQpoqZ8Y6Htip KHuiZLD8EqMiqMqyUUUF1LSQbWkhNYwW0roo+iBQI9LQ67EUpQnotcaiSFjuh93+ HQSSevC2JNMyBTTQV+3QjB63+7b/+AaJIJ3zHqTyTK3BFc+Nfd56nqIHSRQ1kbrz ZwcHQ82U8I5tDIpPoIQx6wIhDvNTTncZai4DAgMBAAGjggIbMIICFzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFLJoZ19G84/8I/LF9o5sTpdciWLJMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCWJlcmthLm5ldIINd3d3LmJlcmthLm5l dDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3 AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjFordrQAAAQDAEgw RgIhAOFHTLQQPTZAS6+Sx0EBWdLS1dzaCc3xzik1B4K7DjwsAiEAhkSmJGJ6jkiT xJf8QnZyOcWxmF8x+g5hJMKaNmz2PGoAdgDuzdBk1dsazsVct520zROiModGfLzs 3sNRSFlGcR+1mwAAAYxaK3a1AAAEAwBHMEUCIFL83GBfRvGWAe6O4WvtaKHtIizK JgSMIi9CNL6z8cYMAiEAtVJeLKUl3RsDSvT+RSwuas4+CxLtFmvGbXu3Ky5fOYkw DQYJKoZIhvcNAQELBQADggEBAD310uQtFuyFkKoJthuddGTIU2eutwHW/KWtCLGW a31tBwJc5qiUJCroZJpKaXJzGHxKmdyQsNojP3Ud98MN/7tHJlTDWYyaqVkkK0l1 NUoqNMzYLw5jLobvO7L93nSu9hvv+62SlADYKq5qXgzfPnZcFYRDtPmMh5Anpeit lLvTTlqhdk4E86fa1kBzLnA4woVmnLyXI8hNNa5zTXDmJgZlOE1diZ8Z7zekzcwr 34F2GqxgYRPHrWnP9Le0GFdtYzlEB9ktz1Ub9nRgRHiJ3WL5zbsKxRg86Tr+GeZi G1A4s9aiZIKqgfBVJi62dAZWYLMalo+PEczkhtoXUgfpebo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtWInsH1bQz0DDgJPpjwH aZnAuFGycoK/2tab4NBSKRbzvAKHE9BOdQUBRhgBbpuR5l5Lx6G5cpTTS0s288ov X0cuN9pqcPvcWjMaoiGUAUNFasERve6HScnx5Hw/khHdnCWHqj0VSuMBPwsdM7bL KCE2+eJe7e8ff+K5EA2BBBbzcgC5cWkFmnlqC1TEuQEsFo7UbWZwl1BSv3nHQIPM /40bFz4wNQWp3X4gxsIIAmZYyuniDxaNP1+4fTnPUROFOwbglQfLJrivyX8LGc7D brhDy2kezKyAXfRpZHwI1v0K1k6nZjQOikHnOHQZjNkmxNT15kkLS393rHLip1z9 ai9KYTKn2l55MZfvdKT2Tc7GQXrRrBL//2XVn3NQusJO9RVAFTItA86yTG8UM3bb wqDgukc5XvQD67FQxewTQOjhO86EueziyeS24FuATmsjBayE/y59D1QQi34cKcr2 muImGHVBJ45WalPy1BX9SLB7OFDPxBesMlQSUtVCmipnxjoe2Kkoe6JksPwSoyKo yrJRRQXUtJBtaSE1jBbSuij6IFAj0tDrsRSlCei1xqJIWO6H3f4dBJJ68LYk0zIF NNBX7dCMHrf7tv/4BokgnfMepPJMrcEVz4193nqeogdJFDWRuvNnBwdDzZTwjm0M ik+ghDHrAiEO81NOdxlqLgMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 351474500953149959466804618110335249570173 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 17:37:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 17:37:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'berka.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 739979785739376350850755774059854877330546276681698605103028486421410419784334738502540285585901871899369139869245118253245879163198082146807412371835678171159033737398299196282535773322075257985410994453904204188219939879177360018174697474893698938688824527622235060885726735724159405705225855407241582391863268846742446865830538856858251397375920488512357474406718655842682799196190700808778604903315536520133423204251710010158093660194897062992533107532869839990714388239419998695143860356629416329925365964513702334625287623431912579917961059491801340440258179605870068697790868631909069126166443773730943980908839799556867404562048621265266423717323505867589310125359504838632546312064234441097127417908591205788251020359489740100419884528219222622454817894126297904768212407438232547090472641983141653062546594212841834082950168650817734499804414849377753449462997973907339556386006876048483175332818875931711314925686545955877805045611000189459330667693398483063062960319845498229600338017686809021220098881248239246458823019330949952739070924889144534021327101999648003677022842330863517842403592224273980089378103541640789042046412712985423553110122058629489816789052627929740873701754081723453172457874998132189459529739779 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b268675f46f38ffc23f2c5f68e6c4e975c8962c9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'berka.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.berka.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c5a2b76b40000040300483046022100e1474cb4103d36404baf92c7410159d2d2d5dcda09cdf1ce29350782bb0e3c2c0221008644a624627a8e4893c497fc42767239c5b1985f31fa0e6124c29a366cf63c6a007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c5a2b76b50000040300473045022052fcdc605f46f19601ee8ee16bed68a1ed222cca26048c222f4234beb3f1c60c022100b5525e2ca525dd1b034af4fe452c2e6ace3e0b12ed166bc66d7bb72b2e5f3989 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003df5d2e42d16ec8590aa09b61b9d7464c85367aeb701d6fca5ad08b1966b7d6d07025ce6a894242ae8649a4a697273187c4a99dc90b0da233f751df7c30dffbb472654c3598c9aa959242b4975354a2a34ccd82f0e632e86ef3bb2fdde74aef61beffbad929400d82aae6a5e0cdf3e765c158443b4f98c879027a5e8ad94bbd34e5aa1764e04f3a7dad640732e7038c285669cbc9723c84d35ae734d70e6260665384d5d899f19ef37a4cdcc2bdf81761aac606113c7ad69cff4b7b418576d63394407d92dcf551bf67460447889dd62f9cdbb0ac5183ce93afe19e6621b5038b3d6a26482aa81f055262eb674065660b31a968f8f11cce486da175207e979ba