cgrx.de
Issued by R3
About this certificate
This digital certificate with serial number 03:bd:d9:14:67:02:9c:4f:8e:67:47:25:64:a0:d1:9a:23:5f was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cgrx.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bd:d9:14:67:02:9c:4f:8e:67:47:25:64:a0:d1:9a:23:5fSerial Number (int): 325938773553655628315725839603863844954975
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 09:ed:4d:fb:53:44:c8:2c:90:6e:68:46:99:33:30:48:6b:03:85:11
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 34:e0:85:f1:82:c2:ba:6f:db:6a:6a:af:88:e3:be:af:2c:6f:37:a9
Fingerprint (sha256): d0:ff:a6:c4:2e:a1:68:50:48:72:6c:e3:68:8c:1b:c7:ad:46:39:11:a3:f5:77:4e:25:4f:7e:bc:c2:42:b3:fe
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate cgrx.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cgrx.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cgrx.de
www.cgrx.de
www.cgrx.de
Other certificates including the domain name cgrx.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for cgrx.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5zCCBM+gAwIBAgISA73ZFGcCnE+OZ0clZKDRmiNfMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMDIwMDAwMTFaFw0yNDA0MDEwMDAwMTBaMBIxEDAOBgNVBAMT B2NncnguZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqU/kYTq34 cBahh6tLhOwcmayS3YKE/SR8g+eo/JWArM3hbqkmwAyk6aXca8MCvxGebHFvLHkY aRVDac8iavsmS6xliAsO2Zcs8iL2gUIe8NtKDnOHIkP4eL/8L6YEI0T1SnWif1gW STwi0UDoPLcEYt+7JEJzBMVUUsHXn9z9G+rcLYqYK4Km6aunInkSMPmH6bBmFqNS MSxuv+ztjAtCgs8vuNVbOXb8hP0w5Nyk5bUktmv91JOpDMDxXJK4YKPkGcQYJqiB pARz9+ga1S3GtwVSKYrcXA+LOTfpbGHgnZ7dHqgIzLg5X8NBTkWL36sNV/pmedvP 96eia1RfGawzcK1nKlrQ6IN36nBzCWPSjX6IBV5XHPbegVGR4L718mCfhVRZ56Xe 07PvwRyvTaWRmUcRnFgICY/N6dIWCaicGKsJJhZjZCuUcIqySi2JKPVi43OL4u9U 7i1RnIL9n2IRwsDE2uvVvyaXflxvqXLrtOkFXRlCDBeXZ0HlRHdPLmkvF05eH1Xd UlcmGelJoogr4wz+f0FxAC5rnsCQf5apJSjnov3x4bXoHalPApwVqj4Ais6CqLqY wdBMr8Pe6XIdLvSpfAtnIR48bAPe4LH0B6rKA730z8W+Lk9rZ9btFctno13UCNpk yEXfPJFA73NT2ZvstSupBxm4E0liqifjHQIDAQABo4ICFTCCAhEwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBQJ7U37U0TILJBuaEaZMzBIawOFETAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzAfBgNVHREEGDAWggdjZ3J4LmRlggt3d3cuY2dyeC5kZTATBgNV HSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ADtTd3U+ LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjMevaoYAAAQDAEYwRAIgBi+R ETFuK2mPoFwitz5XmgdEZlqkSQBSQ8MFh2wTjTcCIAmBJLAyklvwI0brp2IrZZRB t8UQOObpgsF7iH2qs3quAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xa OnQAAAGMx69qpgAABAMARzBFAiEAiqSu00kSmRSYi5ceKN799JhloV8yi9eIVsfS fXO+clACIB6g+D5BghbSWdPDvptEUZehcfr2HMK0H735uQJF321TMA0GCSqGSIb3 DQEBCwUAA4IBAQBBBvwpaA/bKlNM7pUey+CMltr+1Wwbc5xUzm3vtI/rqE/xQRop LkfLxOg6dXUpAyifRSUFgkn9iSEY+awvHbOHF8Oa6xf6llAMT4JrMarNkQWlHKTD uW+5D72l4b7BC2PvmbzI36djDlrlBqr7sHMhiUU741mCOyQ0DFho9STcrAHJvvnM w21Myc5nlNIRyInzmag8Ymj5SoALj/yBuuyqT69HbY9xQUrlV2ca4SNA3FlUG9Qf lt2TM1xbTRBNuNSencIso8/W+tw8tBCRvxbTN+gzpYiJgKlEybwuhF6SgnAS1g3n gCD7S1ipFriC9edNx/6UKMljjkIAPEs8y83u -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqlP5GE6t+HAWoYerS4Ts HJmskt2ChP0kfIPnqPyVgKzN4W6pJsAMpOml3GvDAr8Rnmxxbyx5GGkVQ2nPImr7 JkusZYgLDtmXLPIi9oFCHvDbSg5zhyJD+Hi//C+mBCNE9Up1on9YFkk8ItFA6Dy3 BGLfuyRCcwTFVFLB15/c/Rvq3C2KmCuCpumrpyJ5EjD5h+mwZhajUjEsbr/s7YwL QoLPL7jVWzl2/IT9MOTcpOW1JLZr/dSTqQzA8VySuGCj5BnEGCaogaQEc/foGtUt xrcFUimK3FwPizk36Wxh4J2e3R6oCMy4OV/DQU5Fi9+rDVf6Znnbz/enomtUXxms M3CtZypa0OiDd+pwcwlj0o1+iAVeVxz23oFRkeC+9fJgn4VUWeel3tOz78Ecr02l kZlHEZxYCAmPzenSFgmonBirCSYWY2QrlHCKskotiSj1YuNzi+LvVO4tUZyC/Z9i EcLAxNrr1b8ml35cb6ly67TpBV0ZQgwXl2dB5UR3Ty5pLxdOXh9V3VJXJhnpSaKI K+MM/n9BcQAua57AkH+WqSUo56L98eG16B2pTwKcFao+AIrOgqi6mMHQTK/D3uly HS70qXwLZyEePGwD3uCx9AeqygO99M/Fvi5Pa2fW7RXLZ6Nd1AjaZMhF3zyRQO9z U9mb7LUrqQcZuBNJYqon4x0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325938773553655628315725839603863844954975 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-02 00:00:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-01 00:00:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cgrx.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 694877694930955416852975723645530209482542621597151230760254616915986931031223560703658055132912193671084686065969641868554727794796494338814702588485523299897309827198565898861108981800884278727236000629526031063936453921019900174978956234812397737887541901808978548715364578858183174249135603717225743201823309710328750185337118045308534665069402356486830461604532304187668976624665489060999541956807821781099371466940833264138747462481918527386979694223582920816476506864194369709523857689097056581207000202559521694670015216983523813599066362157402950571720920547756363047212891668378323198247653937235628524594033913744699229607442672562254141733785679844030282526453560667169177840129230150223643727116835359661117266494519845532589641664564611478766638603013733935167529136961152939526875958852937377547343813749650509432334379957914141559962386908715392745283436724239158933582037922234403687846795781470331127678766547141316405189218085296792361603282389946416308152213941259687406066678448565117629127382586997062835188448412282602599936412142269529247192587745972858979570354853499116212801854415830531681931943304521386182326205685693461955769726580380289844034697154712228286577324425814107171597825163908400256706405149 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 09ed4dfb5344c82c906e6846993330486b038511 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cgrx.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cgrx.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cc7af6a8600000403004630440220062f9111316e2b698fa05c22b73e579a0744665aa449005243c305876c138d370220098124b032925bf02346eba7622b659441b7c51038e6e982c17b887daab37aae00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cc7af6aa600000403004730450221008aa4aed349129914988b971e28defdf49865a15f328bd78856c7d27d73be725002201ea0f83e418216d259d3c3be9b445197a171faf61cc2b41fbdf9b90245df6d53 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004106fc29680fdb2a534cee951ecbe08c96dafed56c1b739c54ce6defb48feba84ff1411a292e47cbc4e83a75752903289f4525058249fd892118f9ac2f1db38717c39aeb17fa96500c4f826b31aacd9105a51ca4c3b96fb90fbda5e1bec10b63ef99bcc8dfa7630e5ae506aafbb0732189453be359823b24340c5868f524dcac01c9bef9ccc36d4cc9ce6794d211c889f399a83c6268f94a800b8ffc81baecaa4faf476d8f71414ae557671ae12340dc59541bd41f96dd93335c5b4d104db8d49e9dc22ca3cfd6fadc3cb41091bf16d337e833a5888980a944c9bc2e845e92827012d60de78020fb4b58a916b882f5e74dc7fe9428c9638e42003c4b3ccbcdee