www.oltoko.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:32:8d:de:3a:09:b1:06:37:6e:7f:59:59:3d:41:4e:99:c3 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.oltoko.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:32:8d:de:3a:09:b1:06:37:6e:7f:59:59:3d:41:4e:99:c3Serial Number (int): 278539551155783527819340433706866722118083
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c6:02:a3:c3:68:9b:fc:e1:21:38:89:6e:69:83:9b:a9:9c:8b:43:bd
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 2f:b1:27:a6:ba:82:9f:45:df:3a:55:0e:54:77:a4:81:28:f8:78:fd
Fingerprint (sha256): d5:ee:73:51:07:0b:0f:9e:70:41:af:61:8f:5d:07:4d:3c:61:5d:26:09:af:84:b6:cc:1a:ab:cb:10:21:fe:70
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate www.oltoko.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.oltoko.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oltoko.de
www.oltoko.de
www.oltoko.de
Other certificates including the domain name oltoko.de
(limited to 100 certificates)
www.oltoko.de
oltoko.de
www.oltoko.de
www.oltoko.de
social.oltoko.de
oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
social.oltoko.de
www.oltoko.de
social.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
oltoko.de
www.oltoko.de
www.oltoko.de
social.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
oltoko.de
www.oltoko.de
www.oltoko.de
social.oltoko.de
oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
social.oltoko.de
www.oltoko.de
social.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
oltoko.de
www.oltoko.de
www.oltoko.de
social.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
www.oltoko.de
Certificate
The complete raw certificate details for www.oltoko.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCTCCBPGgAwIBAgISAzKN3joJsQY3bn9ZWT1BTpnDMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA0MjMyMTAyMDBaFw0x NjA3MjIyMTAyMDBaMBgxFjAUBgNVBAMTDXd3dy5vbHRva28uZGUwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDGSrxPQzAetguMG2HBmFcdek/y4QMI2OTR Bob1cPSenAYlxe0u5DcLlye1hqlijMFtcXCUulooDgsgNn8Gey3q9WskQs22aW9R DQjFQlUG0NK3rgM0ibmcCA9RhFzwMSsiE7I/dH+4Oyy475ihk0V6yUyTRCIgWGSa dVtDB1t82Ty8jEysW2x8kFRSgPLjaubcEwq8vWtQF+gYUeLzDJHksbGRLzV6Ff6Z 3rsfapl+rRafe/8lQcTDN/059hlNXSd2x8zb5tDDKDKX+gxbL6j1uZYTGnzlzIN6 PCpRuxmRGC4BfxUV+bnjHwhaVPViD8JjTyUSITDs6attkyfjQCxeO9F1xhmNSmqi yM7L8RRzDrY6Igl39xP9EJS3HGoLw0PP5eYOUliTiMHEWx9eV2ImbK45Z4TH+K2j kY+p1Aw36fNQT95mP9NDM5C1Qis1KvfHvBsebhKwUxugrTuKDSztNkIXh7XNOTAS twSSck1tCCUQ4Lv9+8kJZ0x9jzVPT7jB3uyTdi0mYJ8IB3SsxDdCrExs7kAJtT7v nxny2aUYvmKQIRauaklMov+vTuQHTxyWy1pb363klu4X8/t8XTuf1ba8pAkqFKrF C1eGuGXsFPbp0QRsIA2ccKVxhFYAGtc1lw8cZX4dKoR7fH4dDebWJ9kBgQlAL47r K6N6i5Jq4wIDAQABo4ICGTCCAhUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTGAqPD aJv84SE4iW5pg5upnItDvTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAjBgNVHREEHDAagglvbHRva28uZGWCDXd3dy5v bHRva28uZGUwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEB MIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYI KwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGll ZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNl IHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xl dHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAQuVx FdU37IcyWRIpLFaloTHt3vsqgT/L1igbpFBzwGNzeb4vlTfHKhqj6T3tAxYHHjXG b0H3T5lM6gYwDTCemW6OGI4qTm6pPHVF4ewL5ApduZOiN3anv/H2zwoi5E7+BfHs n1LP2S0PNFRqwVniqX3am3ezXJY/NKTHFPRl7grUTWcS/Vl0f4WW/cjNQIwMFCQ9 x9bG5eoENhUvwiT0WmWE7AX6cpFn3XpkmF9U6RmJuz1PkEHBXytbf62/9Zbz1rWn k/ndPHRa0wR5lbDIwxf4kTTT54hyOqA1yFl8M1d9Cr9Bj4tdNma5wDr+Ffsl866q ObIvD4EtuLoSHvc77w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxkq8T0MwHrYLjBthwZhX HXpP8uEDCNjk0QaG9XD0npwGJcXtLuQ3C5cntYapYozBbXFwlLpaKA4LIDZ/Bnst 6vVrJELNtmlvUQ0IxUJVBtDSt64DNIm5nAgPUYRc8DErIhOyP3R/uDssuO+YoZNF eslMk0QiIFhkmnVbQwdbfNk8vIxMrFtsfJBUUoDy42rm3BMKvL1rUBfoGFHi8wyR 5LGxkS81ehX+md67H2qZfq0Wn3v/JUHEwzf9OfYZTV0ndsfM2+bQwygyl/oMWy+o 9bmWExp85cyDejwqUbsZkRguAX8VFfm54x8IWlT1Yg/CY08lEiEw7OmrbZMn40As XjvRdcYZjUpqosjOy/EUcw62OiIJd/cT/RCUtxxqC8NDz+XmDlJYk4jBxFsfXldi JmyuOWeEx/ito5GPqdQMN+nzUE/eZj/TQzOQtUIrNSr3x7wbHm4SsFMboK07ig0s 7TZCF4e1zTkwErcEknJNbQglEOC7/fvJCWdMfY81T0+4wd7sk3YtJmCfCAd0rMQ3 QqxMbO5ACbU+758Z8tmlGL5ikCEWrmpJTKL/r07kB08clstaW9+t5JbuF/P7fF07 n9W2vKQJKhSqxQtXhrhl7BT26dEEbCANnHClcYRWABrXNZcPHGV+HSqEe3x+HQ3m 1ifZAYEJQC+O6yujeouSauMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 278539551155783527819340433706866722118083 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-23 21:02:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-07-22 21:02:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.oltoko.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 808960519935827282194877986715018049124656569067994449965235978761545075302189739722224998591048818963414988024140583480367618750418320300261317857551292564394854641529113415344180441256703245980462092122028096678272439883694078762876848121478996946345414213424098093146429095596407951161634582118848435534644534691845504890253657675296845770846440602279858329208012321473089283672533645665554178446644563965196735315695320322031421477722459265829669646754494899284799432052584244155267227596352800471744494859809039113683462674158483119884932195995778098454986091268090648138124936743196412544794139440359827693877859186100573575451715023373060735516387088756193484983337260872650780948900078672065888915673371887776785111721207233385880791678802860132363223094332126275665429784799803799598085637168012936784718146607161176901189479393752811159538443137110779382326787190781340193982382015508396992629631995872514853870661581126081802252712819194868643599712196971791138908431830825635905262019231349363631178610979091623165404453684750330234337182723280597526669990151355673109231681917079689674231051662127217535197851769609410808099403826399681646664298303183417210424374738598851843187079279255120650203351150706656271324572387 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c602a3c3689bfce12138896e69839ba99c8b43bd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oltoko.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oltoko.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042e57115d537ec87325912292c56a5a131eddefb2a813fcbd6281ba45073c0637379be2f9537c72a1aa3e93ded0316071e35c66f41f74f994cea06300d309e996e8e188e2a4e6ea93c7545e1ec0be40a5db993a23776a7bff1f6cf0a22e44efe05f1ec9f52cfd92d0f34546ac159e2a97dda9b77b35c963f34a4c714f465ee0ad44d6712fd59747f8596fdc8cd408c0c14243dc7d6c6e5ea0436152fc224f45a6584ec05fa729167dd7a64985f54e91989bb3d4f9041c15f2b5b7fadbff596f3d6b5a793f9dd3c745ad3047995b0c8c317f89134d3e788723aa035c8597c33577d0abf418f8b5d3666b9c03afe15fb25f3aeaa39b22f0f812db8ba121ef73bef