www.holz-wurm.de

Issued by R3

About this certificate

This digital certificate with serial number 04:08:ee:89:2b:f3:e4:34:4c:90:32:12:c5:5d:a8:3f:cd:00 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.holz-wurm.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:08:ee:89:2b:f3:e4:34:4c:90:32:12:c5:5d:a8:3f:cd:00
Serial Number (int): 351488471161541605799268550537242673663232
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 95:17:f5:f7:93:6d:e7:44:54:0c:84:07:7c:ab:b1:bc:be:ee:2e:1e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): b7:de:ad:22:88:e5:1c:fa:e9:35:05:07:20:25:90:e3:9b:39:92:5e
Fingerprint (sha256): d4:e3:a4:9b:39:03:dd:91:e2:71:fa:19:81:44:46:04:d1:1f:5a:c2:ea:98:e5:23:9e:25:51:f0:57:84:48:e9

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.holz-wurm.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.holz-wurm.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

holz-wurm.de
www.holz-wurm.de

Other certificates including the domain name holz-wurm.de

(limited to 100 certificates)
www.holz-wurm.de
holz-wurm.de
holz-wurm.de
holz-wurm.de
holz-wurm.de
www.holz-wurm.de
www.holz-wurm.de
holz-wurm.de
holzwurm-obersayn.de

Certificate

The complete raw certificate details for www.holz-wurm.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISBAjuiSvz5DRMkDISxV2oP80AMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTYxMDIyMTFaFw0yNDA0MTUxMDIyMTBaMBsxGTAXBgNVBAMT
EHd3dy5ob2x6LXd1cm0uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQDXvFiiGovA//EUQwOp+fFT+UTfOUQioRp5Nc2wuenOsdT72dvn8eE/mNl42Mv7
QqB1DKuEmABNpYUtS16lop3TVbfZjUNxjG9VpNO0JneXNKPdMIPm2rolDkI8bDYA
QNGvFUN++87ZfSChX0kmcAITqsP2fhekJ/BBwtqD/Iva+hteyTSRZoJ/fgHMPsnN
L8UOT8g5SpW0tZDxGRbeK1/EgL647kGp2KmwQaSrz8pMgYv2rq8jwd78mFIAHkwg
kfGHq7zqoiV2vNGER/6RVoY19hRxDWgp0+hqiaOxTieCnQkbTbmf4M5V4IRmWjs2
oRMmchazTkF2kiCAsZ5HEwCCIcO0OJ4/nTximAPwsBavjQ3LgvU8LMSyGq3cvg9L
JqYE8MNIqfT27IGCXfchJ2LVPdHsHK3E8OMxdFpetwKJcEZ1kzauFcBtdtfEDyNC
2PgGNbael7zIzRn0lKv4CYBfu5WziVx93dOtCDIgjLGqksCGR8oaIyVnyjM7FUXE
JflqMjjYlLYQO0+HRAzqN29BsshaMwZVRcB+X9XesJecApLqQBo0ntuUiJ1FBKUZ
mCW+CGfqDIzDDB+eqv5cVHhXintSDpfejPLZTUXozVmy60GkoObp7mwx1WKwFABw
iJhnznVWpGW6Gi4/fEB8VqKdxi3NbZf0lD77Gq2nfSoddwIDAQABo4ICHzCCAhsw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSVF/X3k23nRFQMhAd8q7G8vu4uHjAfBgNV
HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI
KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0
cDovL3IzLmkubGVuY3Iub3JnLzApBgNVHREEIjAgggxob2x6LXd1cm0uZGWCEHd3
dy5ob2x6LXd1cm0uZGUwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5
AgQCBIH0BIHxAO8AdQA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAA
AY0SAerxAAAEAwBGMEQCIHB1Zk4vhvlReXkLaS8JjYZQxbZ7FchMHjvobWVZyfvv
AiAgsi/vDCgKJx4hyDoCGzRAkmAVJX3pf79TNjzZMVPmwAB2AEiw42vapkc0D+Vq
AvqdMOscUgHLVt0sgdm7v6s52IRzAAABjRIB6vgAAAQDAEcwRQIgEgFqJdH6+uvk
wW3oKxcHarL7rJkJyFJnttc53fQsrCkCIQCFDkAPYBNGpyXAurB+om2JdEDGbf0z
CsNlqpifyNSbXzANBgkqhkiG9w0BAQsFAAOCAQEABsS3kQ9qXb8GUZGwIlswrcky
ySdGBTs2iRr7fUbSsWSmOj22smklcshgj6Y4W5WdFmMNr2+4c2s30fZaY2yLdXJw
Iu96mkXcWJ+DoOGzx3Iq1nMiRfOxOK5XAEXCFmwWV3dm5znydKWJaj+8apa6d5IM
gU09M20AU6/1MUKexNwPqJ8tzfkCPNGLn6ZvBvByQJ8R0zoooXY593slVwVDvc8b
X4DUHgKw79kpdg8rA9E2bvxeDbNZav7OArFXXlQr7ZY9o+2L5U79pbDIbs9TxmVM
pKKlht0ksSpGFNXPN8i9Wf26DcJi0k0g7qmbkeBUogukmJ+YC5i6QeSA75qpYw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA17xYohqLwP/xFEMDqfnx
U/lE3zlEIqEaeTXNsLnpzrHU+9nb5/HhP5jZeNjL+0KgdQyrhJgATaWFLUtepaKd
01W32Y1DcYxvVaTTtCZ3lzSj3TCD5tq6JQ5CPGw2AEDRrxVDfvvO2X0goV9JJnAC
E6rD9n4XpCfwQcLag/yL2vobXsk0kWaCf34BzD7JzS/FDk/IOUqVtLWQ8RkW3itf
xIC+uO5BqdipsEGkq8/KTIGL9q6vI8He/JhSAB5MIJHxh6u86qIldrzRhEf+kVaG
NfYUcQ1oKdPoaomjsU4ngp0JG025n+DOVeCEZlo7NqETJnIWs05BdpIggLGeRxMA
giHDtDieP508YpgD8LAWr40Ny4L1PCzEshqt3L4PSyamBPDDSKn09uyBgl33ISdi
1T3R7BytxPDjMXRaXrcCiXBGdZM2rhXAbXbXxA8jQtj4BjW2npe8yM0Z9JSr+AmA
X7uVs4lcfd3TrQgyIIyxqpLAhkfKGiMlZ8ozOxVFxCX5ajI42JS2EDtPh0QM6jdv
QbLIWjMGVUXAfl/V3rCXnAKS6kAaNJ7blIidRQSlGZglvghn6gyMwwwfnqr+XFR4
V4p7Ug6X3ozy2U1F6M1ZsutBpKDm6e5sMdVisBQAcIiYZ851VqRluhouP3xAfFai
ncYtzW2X9JQ++xqtp30qHXcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 351488471161541605799268550537242673663232
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-16 10:22:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-15 10:22:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.holz-wurm.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 880124980692532786579905615944690157499540576479801888934066565319572966021243225931122661755818583444245921963427450142969218120777420432040455634137002484349411714402925912954514566555466703486009441347226659607148687978760816184956770174558808224068270239526645140406047567235511017186652734463391710826372031931063583567139737825545735075259434588189756727943714264142273679560179108831065905694090417916831867507353224489928534453822976379426111787630764877333302633137767652221769625181225255405136879924045048447415984411529937662465752279409389497119816024259177356546494629681611932457664751424034236384248728082292984110835639868992510841729252389068929452558106018152128809278425738490958356354650501759857727194902188774049893725858540657878544363487734302372253685658111377458024040785681217559142672722798466774549223552379994993842265488920009445620009167807154753178866515831848955381461031467069732023536410564493993822962634937725290479761309644059066504737236943132529585937044155328772118853437224361473511677232959470248658318674859218901269012402980397040970607557046779705229847853968249902583326284290859289723694596431464398943977795762509407756276609390812469276600690312270016552818259193091491141494906231
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9517f5f7936de744540c84077cabb1bcbeee2e1e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'holz-wurm.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.holz-wurm.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d1201eaf1000004030046304402207075664e2f86f95179790b692f098d8650c5b67b15c84c1e3be86d6559c9fbef022020b22fef0c280a271e21c83a021b3440926015257de97fbf53363cd93153e6c000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d1201eaf80000040300473045022012016a25d1fafaebe4c16de82b17076ab2fbac9909c85267b6d739ddf42cac29022100850e400f601346a725c0bab07ea26d897440c66dfd330ac365aa989fc8d49b5f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0006c4b7910f6a5dbf065191b0225b30adc932c92746053b36891afb7d46d2b164a63a3db6b2692572c8608fa6385b959d16630daf6fb8736b37d1f65a636c8b75727022ef7a9a45dc589f83a0e1b3c7722ad6732245f3b138ae570045c2166c16577766e739f274a5896a3fbc6a96ba77920c814d3d336d0053aff531429ec4dc0fa89f2dcdf9023cd18b9fa66f06f072409f11d33a28a17639f77b25570543bdcf1b5f80d41e02b0efd929760f2b03d1366efc5e0db3596afece02b1575e542bed963da3ed8be54efda5b0c86ecf53c6654ca4a2a586dd24b12a4614d5cf37c8bd59fdba0dc262d24d20eea99b91e054a20ba4989f980b98ba41e480ef9aa963