annatom.de
Issued by R3
About this certificate
This digital certificate with serial number 03:fa:ba:1a:3a:59:da:f2:f0:8c:f1:80:1e:99:d7:61:29:25 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=annatom.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:fa:ba:1a:3a:59:da:f2:f0:8c:f1:80:1e:99:d7:61:29:25Serial Number (int): 346654822115948496967317512873305450817829
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c8:9b:eb:80:1b:9a:78:f5:bd:0f:22:cb:be:01:96:54:03:31:ef:3e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fb:c1:e6:99:27:eb:75:fd:86:e7:a8:33:9f:8e:19:0f:9a:5e:c2:fc
Fingerprint (sha256): cc:43:5e:4f:86:6e:1a:dc:8b:00:f8:fb:2d:0b:25:2d:a6:d7:5a:ae:3b:6e:f8:92:16:bd:18:7b:18:e0:c0:be
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate annatom.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for annatom.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
annatom.de
webmail.annatom.de
www.annatom.de
webmail.annatom.de
www.annatom.de
Other certificates including the domain name annatom.de
(limited to 100 certificates)
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
annatom.de
Certificate
The complete raw certificate details for annatom.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBTCCBO2gAwIBAgISA/q6GjpZ2vLwjPGAHpnXYSklMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjExMTU2NDVaFw0yNDA2MTkxMTU2NDRaMBUxEzARBgNVBAMT CmFubmF0b20uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ+/cd +37xWjkruIaBE6BfcCL+Xd7+FSV0rWDoEqbGweVOltYkJiTqggp4gKGd5i/GITM2 WfqyNgXXd+olOPo0dHL/0DSqLaXZ++HPBN3kkI068H9UrdvZfs/ZkhHGNtTcTU6o IDx0uZcImQtlyisXZDbsA/W7vfor+BzzlKIwv8FviOLZhXaKKOyjvdcZrrsBRakp y7CF3C2I9ptRLVJRIGBngKc8BMgXoHF64+72if3fPGT1/QAFUHADmsgBc76f82OI YDpWuJJ2vSdT78teISXfkkWlPllmGDlbz+hoztvxhmIpTnnJryooPlLSperoZbAo vDjlXL/5cacDBDjgOgn/2aEhdGAkGV463WS6UKiY33jIbbnfO1mNhIc+nqjVvo8l u16vHtki+vHqD+Zlj1Xum7Pm1gxQh3InGGHAYDN1616IrLfJdCTUHZsTa/hRdS7L deT/NitxNhsj+Ve+W6jVyfpYKaQ5zR6o6Fa9rJotQzKtF0AfmRGca84CQwsbWhWh T5hPe0hU2F4VggayvJRlqQ+RyYcA3T3ZdCxfuJpz46S2y1S61gY9fRyxuqPN8P5F colbqyXzP0r+po7TbOxFhMvJxCnicxFcWB3FN4PbZ6BJ/NJGmr6OWNPR3hUWx0c2 o2pqMLL2PCgYyVPK527fIhO+eYTghn4HBaNTTQIDAQABo4ICMDCCAiwwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBTIm+uAG5p49b0PIsu+AZZUAzHvPjAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzA5BgNVHREEMjAwggphbm5hdG9tLmRlghJ3ZWJtYWlsLmFu bmF0b20uZGWCDnd3dy5hbm5hdG9tLmRlMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB 2bu/qznYhHMAAAGOYRXYewAABAMASDBGAiEAm6nBJjNpu0xOJCnrrtTv06fAh7MD MHUbvE3M0jb8UXACIQCSxbd9PRW2gU54A611NJ5qSyd6L+DB4MqpwzffkHPDzgB1 AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjmEV2MwAAAQDAEYw RAIgd4t+fVDzJdYyYB1Ukw9/V453jpzi4ZOc/F3j0nmv7Z0CIHQE8YEbUxkbFaEV ge+ZWQB+J8p27UfC5qy8N2hZTtBjMA0GCSqGSIb3DQEBCwUAA4IBAQBORle2RRO0 JZXYfrPk+tf7byeTiWKpOyIJlxmhhqkBqSFYUcAqPzl+eOxsTDmHx+bOlvJLusGW Eg6D57zdg929Mmt5hHk0Kt5KXmgRxirKiMn19KpAPw91T3BCFZnxZVLRlpil90C4 Sa/H0TPd5Y0hzhjTm9CWt69DxM91TuncSZVy6XoKttCuwiT9j7Tl5JyJUo1U0qOf G+DNqQgo719GOxdwPr7wn7ZLKs9MY4rsp+N9o+V9jKXJI9atMXFppIPzbngDxovk 8SXNm2vNjH9qbsjtrfLU/lLlr9vo51rHOMs4arsRnv7VGbbM2S+7ddoS26wc1dxa EKjEaw30rjWL -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyfv3Hft+8Vo5K7iGgROg X3Ai/l3e/hUldK1g6BKmxsHlTpbWJCYk6oIKeIChneYvxiEzNln6sjYF13fqJTj6 NHRy/9A0qi2l2fvhzwTd5JCNOvB/VK3b2X7P2ZIRxjbU3E1OqCA8dLmXCJkLZcor F2Q27AP1u736K/gc85SiML/Bb4ji2YV2iijso73XGa67AUWpKcuwhdwtiPabUS1S USBgZ4CnPATIF6BxeuPu9on93zxk9f0ABVBwA5rIAXO+n/NjiGA6VriSdr0nU+/L XiEl35JFpT5ZZhg5W8/oaM7b8YZiKU55ya8qKD5S0qXq6GWwKLw45Vy/+XGnAwQ4 4DoJ/9mhIXRgJBleOt1kulComN94yG253ztZjYSHPp6o1b6PJbterx7ZIvrx6g/m ZY9V7puz5tYMUIdyJxhhwGAzdeteiKy3yXQk1B2bE2v4UXUuy3Xk/zYrcTYbI/lX vluo1cn6WCmkOc0eqOhWvayaLUMyrRdAH5kRnGvOAkMLG1oVoU+YT3tIVNheFYIG sryUZakPkcmHAN092XQsX7iac+OktstUutYGPX0csbqjzfD+RXKJW6sl8z9K/qaO 02zsRYTLycQp4nMRXFgdxTeD22egSfzSRpq+jljT0d4VFsdHNqNqajCy9jwoGMlT yudu3yITvnmE4IZ+BwWjU00CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 346654822115948496967317512873305450817829 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-21 11:56:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-19 11:56:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'annatom.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 824023804338342023464097856163376898633454418906249397489067914631709307055880350252690537288686080872346901568323082393638918767325126377918108050466454750212914843940542019873846627412164386235340181168778637984444082551468636213839414362311075050181353129212702154270204135807953220629756238865474638018380188836018738422056111739605422487524871005118286467546107954938477444185344625760296728898431296122358449501322491525345459276546218913566342686732339564941905705534031469748933251258340402152282363805334025617129175566492142565714508973559945848107979319147819335093947361955998095640836205166256889633130594652257587102941520083705172646446446080308771824500484900397169612083979138713023517771484111236531347596879419518814843774934182933135368872093972416766963717080897919140218080891132037968895030458637822002155888107567622904118023708287721212412486157458977685051574754889126998870824060600697727748734359330601862592862262595693195368566868910601732044098553143488727011842638842553796362680967226492164069732314750945946062201772753029332047566191237720293141704604380165946425536351985199519171368613001133859869735358917994106824488354600501190882710229492033346467866813302658429003452375602224836719195411277 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c89beb801b9a78f5bd0f22cbbe0196540331ef3e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annatom.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.annatom.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.annatom.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e6115d87b00000403004830460221009ba9c1263369bb4c4e2429ebaed4efd3a7c087b30330751bbc4dccd236fc517002210092c5b77d3d15b6814e7803ad75349e6a4b277a2fe0c1e0caa9c337df9073c3ce00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e6115d8cc00000403004630440220778b7e7d50f325d632601d54930f7f578e778e9ce2e1939cfc5de3d279afed9d02207404f1811b53191b15a11581ef9959007e27ca76ed47c2e6acbc3768594ed063 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004e4657b64513b42595d87eb3e4fad7fb6f27938962a93b22099719a186a901a9215851c02a3f397e78ec6c4c3987c7e6ce96f24bbac196120e83e7bcdd83ddbd326b798479342ade4a5e6811c62aca88c9f5f4aa403f0f754f70421599f16552d19698a5f740b849afc7d133dde58d21ce18d39bd096b7af43c4cf754ee9dc499572e97a0ab6d0aec224fd8fb4e5e49c89528d54d2a39f1be0cda90828ef5f463b17703ebef09fb64b2acf4c638aeca7e37da3e57d8ca5c923d6ad317169a483f36e7803c68be4f125cd9b6bcd8c7f6a6ec8edadf2d4fe52e5afdbe8e75ac738cb386abb119efed519b6ccd92fbb75da12dbac1cd5dc5a10a8c46b0df4ae358b