www.marienthal.snj.lu

Issued by R3

About this certificate

This digital certificate with serial number 04:cc:8a:a9:7d:ec:2a:33:bd:c7:96:e5:ce:7c:7c:94:3e:9c was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.marienthal.snj.lu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:cc:8a:a9:7d:ec:2a:33:bd:c7:96:e5:ce:7c:7c:94:3e:9c
Serial Number (int): 418051060094511951641017489115807386713756
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 71:c5:19:e6:7d:8f:cf:68:c3:b0:8c:17:dd:ab:23:2d:ed:13:a7:0d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 81:e2:94:97:1e:37:aa:ee:88:cf:45:1f:73:26:96:a3:27:82:9c:dc
Fingerprint (sha256): da:26:eb:f3:91:35:ec:b8:a5:b8:b0:54:b5:45:a0:16:d7:9a:a3:39:fe:be:bb:6f:e0:2a:b5:56:5f:de:34:b3

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.marienthal.snj.lu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.marienthal.snj.lu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.marienthal.snj.lu

Other certificates including the domain name snj.lu

(limited to 100 certificates)
snj.public.lu
basenautique.lu
basenautique.lu
test.agenda.snj.lu
snj.lu
snj.lu
snj.lu
baq.snj.lu
snj.lu
bdq.int.snj.lu
snj.public.lu
snj.lu
baq.snj.lu
baq.snj.lu
snj.lu
snj.public.lu
snj.lu
baq.snj.lu
snj.lu
snj.public.lu
snj.public.lu
europe.snj.lu
forms.snj.lu
snj.lu
*.snj.lu
baq.snj.lu
snj.lu
erpeldange.snj.lu
animateur.snj.lu
animateur.lu
baq.snj.lu
snj.lu
snj.lu
agenda.snj.lu
baq.snj.lu
snj.public.lu
larochette.snj.lu
agenda.snj.lu
baq.snj.lu
snj.lu
snj.public.lu
snj.lu
baq.snj.lu
baq.snj.lu
baq.snj.lu
marienthal.snj.lu
forum.snj.lu
civicrm-cdc.snj.lu
snj.lu
snj.lu
snj.lu
snj.lu
weicherdange.snj.lu
snj.public.lu
basenautique.lu
snj.public.lu
basenautique.lu
baq.snj.lu
snj.public.lu
snj.public.lu
snj.public.lu
snj.public.lu
snj.lu
snj.lu
snj.public.lu
snj.public.lu
snj.lu
snj.lu
basenautique.lu
seafile.snj.lu
civicrm.snj.lu
snj.public.lu
snj.public.lu
www.animateur.snj.lu
snj.lu
cloud.snj.lu
baq.snj.lu
snj.lu
snj.public.lu
snj.public.lu
baq.snj.lu
snj.lu
seafile.snj.lu
snj.lu
snj.lu
snj.lu
*.snj.lu
baq.snj.lu
freelance.snj.lu
basenautique.lu
baq.snj.lu
basenautique.lu
snj.lu
www.marienthal.snj.lu
snj.lu
baq.snj.lu
snj.lu
snj.lu
baq.snj.lu
snj.public.lu

Certificate

The complete raw certificate details for www.marienthal.snj.lu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISBMyKqX3sKjO9x5blznx8lD6cMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMDMyMTA2NTVaFw0yNDAzMDIyMTA2NTRaMCAxHjAcBgNVBAMT
FXd3dy5tYXJpZW50aGFsLnNuai5sdTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
AgoCggIBAJGC2shxS8GCgTHjPGCQdH7WcZCrOetSUp5dPYhbEBL/0OMLI15NN0Qj
Z88i8ZXlISg+h50LBJfNQiI3GR2bDq6GH5mO41DcUKjVvMVmDuFRk6vlSKejlquR
W8zF8BJaGOqkOiYlVegZH+ttK2d85tIcUDuXbVO+Uiugo6t8vL+5VNGRqthZU7tz
ul15KkQUaSAu8TQDQlUUfjUg4BNC/Zd3UMUdp375qov6zPVXFRk+Inx41bk1rssJ
rHAsPTuyEJHLt4DFcWOdf0re5mw2dDOJ6c3Y9yZByceFX7ZI4CXOL0x+EvO8wL42
YLJnXlndN8NZjDRD8NM/88KgdtOuEwQoTIym7uBRuEkzwR01rYpgoGHvcA9Xx6x5
EEaX/eo5VO/efpUHas+O7WotL8eMNZJZ2FnhzvE+iAOrO00jVqVPoiVetDdBmzqY
tacgQQTMLrbs/3Z5ghHj3cQQxU0ih+WX7MKaqeqEamAbR2j1A+oKS26jNNtIFNzb
vob44IdC/DczILRZbKkGfnAl8oq9KCF5yD+rnaKErui9Qc8tLpp4DXy8S9/Lim+a
GpEeh/mgp8lsaEIW/f18vKRthErIaIRt2XrAslK4ZWQZKbuxe8kekngBQr3vYo33
2w9uO96xBrR/5y3SAlKEXnbf0aqkMgKLlaQjh19HN3hOgNE5jxmvAgMBAAGjggEk
MIIBIDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHHFGeZ9j89ow7CMF92rIy3tE6cN
MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkw
RzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAC
hhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMCAGA1UdEQQZMBeCFXd3dy5tYXJpZW50
aGFsLnNuai5sdTATBgNVHSAEDDAKMAgGBmeBDAECATATBgorBgEEAdZ5AgQDAQH/
BAIFADANBgkqhkiG9w0BAQsFAAOCAQEALMntv6L2iOe1wyzCNRKnZwiPK0xrL05/
Ve1h9UQLBSC1pVlR2GUzoaWsBGpxbphTVDwB48w/+cFGZJfsx2TtYZjUEq84lUzk
gyiGZ1jEpM4Tpxq1rbsVHZjKxBVFU+1aRF5ejrpHRWkUkvwiFG22yanGE2hF6HD5
V0CEXZg9+6jZ/35Hr9AjZg7tpUTLnwmxChyHoxQENEZdgs+Omx0NiJbOkQSrysa0
Svxyq7eC1mLGUc+FVgQTN5spOeSMgpxn7XQgORWaYtec44jmD0LLwOnwkPpTDx7k
pIYWyEqQp4pTa/7zp2URzKcp/Omcmn1z6RYKE0xgMYcVV2xD92KVZw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkYLayHFLwYKBMeM8YJB0
ftZxkKs561JSnl09iFsQEv/Q4wsjXk03RCNnzyLxleUhKD6HnQsEl81CIjcZHZsO
roYfmY7jUNxQqNW8xWYO4VGTq+VIp6OWq5FbzMXwEloY6qQ6JiVV6Bkf620rZ3zm
0hxQO5dtU75SK6Cjq3y8v7lU0ZGq2FlTu3O6XXkqRBRpIC7xNANCVRR+NSDgE0L9
l3dQxR2nfvmqi/rM9VcVGT4ifHjVuTWuywmscCw9O7IQkcu3gMVxY51/St7mbDZ0
M4npzdj3JkHJx4VftkjgJc4vTH4S87zAvjZgsmdeWd03w1mMNEPw0z/zwqB2064T
BChMjKbu4FG4STPBHTWtimCgYe9wD1fHrHkQRpf96jlU795+lQdqz47tai0vx4w1
klnYWeHO8T6IA6s7TSNWpU+iJV60N0GbOpi1pyBBBMwutuz/dnmCEePdxBDFTSKH
5Zfswpqp6oRqYBtHaPUD6gpLbqM020gU3Nu+hvjgh0L8NzMgtFlsqQZ+cCXyir0o
IXnIP6udooSu6L1Bzy0umngNfLxL38uKb5oakR6H+aCnyWxoQhb9/Xy8pG2ESsho
hG3ZesCyUrhlZBkpu7F7yR6SeAFCve9ijffbD2473rEGtH/nLdICUoRedt/RqqQy
AouVpCOHX0c3eE6A0TmPGa8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 418051060094511951641017489115807386713756
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-03 21:06:55 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-02 21:06:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.marienthal.snj.lu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 593633703450338852498181620559971171863199727376592586143905257467240191644372852114891176473269644094264137128313941495989165462475408269241258957564640396836926029715729839540488573231125464743818518965669433397934391231461604178854081929110884740727180014442522597689494976950227635436199268873908667840293904901767155364036878650466307348840524369255028019365816431219526866138165815103891252080745452991219565226990032347716383354957087136627967772158495703727046748433008297870681630966497783110575599516086908758080664999524313611428465099942284875843447806566782714417246047352116275570058096041001022738578198094059826935364235803915993242128020733516664301834523505486358578094763108762982464462239910619645113022270441693826674652668753585955233862739730001526531770587872740189568385971532319507351883786897993213846475252168160978616836858599507421160879590423216603346668107135223513971327812742551897009842230507682668595292561208653975384510622159842821601487320095117229652647257465249193840570152106270603384417071943594173171207758004822997855605593306555809703200817270773675268500612936163807363057493789038914849310447518315246133856370162256522989727910723631448401075493289645427202237874372440524487914363311
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							71c519e67d8fcf68c3b08c17ddab232ded13a70d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.marienthal.snj.lu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002cc9edbfa2f688e7b5c32cc23512a767088f2b4c6b2f4e7f55ed61f5440b0520b5a55951d86533a1a5ac046a716e9853543c01e3cc3ff9c1466497ecc764ed6198d412af38954ce48328866758c4a4ce13a71ab5adbb151d98cac4154553ed5a445e5e8eba4745691492fc22146db6c9a9c6136845e870f95740845d983dfba8d9ff7e47afd023660eeda544cb9f09b10a1c87a3140434465d82cf8e9b1d0d8896ce9104abcac6b44afc72abb782d662c651cf85560413379b2939e48c829c67ed742039159a62d79ce388e60f42cbc0e9f090fa530f1ee4a48616c84a90a78a536bfef3a76511cca729fce99c9a7d73e9160a134c60318715576c43f7629567