kurbelix.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:44:44:d9:8a:4f:1b:0c:87:d8:b3:21:c2:28:16:de:d2:72 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kurbelix.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:44:44:d9:8a:4f:1b:0c:87:d8:b3:21:c2:28:16:de:d2:72Serial Number (int): 284567575783276153178783314396584869810802
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 75:ce:ad:1f:d5:94:34:7c:f7:cc:07:21:ed:4c:43:d5:e5:a1:56:57
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0a:8a:81:6d:c7:17:19:0f:52:e5:40:85:1c:e1:df:94:c9:44:95:c9
Fingerprint (sha256): da:7e:19:61:c0:8d:b1:80:2d:d1:63:7e:ff:d3:b5:dc:14:76:2b:f4:6c:e0:0c:7f:31:dc:8c:b9:3a:14:fc:7e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate kurbelix.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kurbelix.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kurbelix.de
www.kurbelix.de
www.kurbelix.de
Other certificates including the domain name kurbelix.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for kurbelix.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYDCCBUigAwIBAgISA0RE2YpPGwyH2LMhwigW3tJyMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MTYwMDM3MjBaFw0x OTEyMTUwMDM3MjBaMBYxFDASBgNVBAMTC2t1cmJlbGl4LmRlMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAlgRYB8fyj5kBDKCBew2zGmFE7YZ93X6fYxmF I2xXRuECpfyYX3Kc6OaGJxehzfQYlKFPbwKmEorVtOLGUBirb8XdMMYpm2mmonLp rUfo3H5+RIyRi1WIkyPbcWzxg56++3qmawSP1oVL0Qv4MHcR1WGoJjeoJZjO6nNQ pcdzUmZOdEftljEZzSdWewvQY09yXpkv92nfXhF1Ub+GAnCzgPLjWlCeAaBr/236 hmE+to0XeAjJywpLjIQmckK9VnPigitx2R+NblDRp2eMta5A9Qnls8vv64qBqNeq ZejJdtzKWTS7lZlyozbWo38FjCOXPj13Y9Q/B4PvDLiADQNtqMF+4O4YE5A8irkK 7m9kWRt/fpGIHAmuzatRAKCl9CUAh0nG8s2XfIlvjTdQSgBlQgdIk/gXggHguWUY XuS8dQ96PpMFby5RbRIogFE12BE6dB6AE1H6OLUngPwrLERzga7PpqT++Ww+EIvV O7psR6GwXU/jIPsRd5fkS1QNvAKslhirWOmD6O8W+LgEBJyBJeT3Oh9THJ+6dhQE IeAOrQfvjznDR+V+QwSHMm8duHng0axFgrikuxEySccih8TtrbwCFp8KihcEaJiE VYEriCcY7a8JZCHKphhaa2OVDoP+3t7H93D5dy5jj4r2VpQA4uG6hHE6UYyzKGw7 5uzz2vECAwEAAaOCAnIwggJuMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUdc6tH9WU NHz3zAch7UxD1eWhVlcwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAnBgNVHREEIDAeggtrdXJiZWxpeC5kZYIPd3d3Lmt1 cmJlbGl4LmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgw JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYB BAHWeQIEAgSB9gSB8wDxAHcA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x 2/4AAAFtN7eUWgAABAMASDBGAiEAvJzI5nBgI3ceX7gHucut6yoIGrFQl283X9et QH5WjNYCIQCwJpYZoKOroufjMDiRTAx9qn76+epBGI8b7tQbYOVp5AB2AGPy283o O8wszwtyhCdXazOkjWF3j711pjixx2hUS9iNAAABbTe3lmwAAAQDAEcwRQIgXbc+ tC6LXoGG8AFdml6QdBqRt5KBghidKuKaSGJiOjMCIQDyNeB6ZYcoo5hCzHvl7817 K3OcdJgs0zfkdjHcpZYpnTANBgkqhkiG9w0BAQsFAAOCAQEAdLhOdll807hjAff3 eLQ7Px57+NTf4rkYUMY9jiGJUM9o75gefkF7T7jaKMCy+tf9IXS5/0Ky/s5bstlA 9pubP9mGiCVwcjyC+v2Uz97Y8tc6sQL5ZNoiAoY9LJwFi17L2l1kSXftMEH2FSD+ Xbvpfrd5AVTHkIkbe08LwIyXVrQjwWLPFqlXdlp4e8GCEFo0XjoXXbMd/199A/j6 lks6YoMUufBUDr8T5/4DaHkeajHiKUBRv+D3OQEpKmjHp9CsLpqfplm0Uj1GRGTJ zBQAX1Ek3pOY5/KwDa4zy376e0YB4pwy4silZyghQnYpCOaAbQVjZAzex2cM2nom XfJeUg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlgRYB8fyj5kBDKCBew2z GmFE7YZ93X6fYxmFI2xXRuECpfyYX3Kc6OaGJxehzfQYlKFPbwKmEorVtOLGUBir b8XdMMYpm2mmonLprUfo3H5+RIyRi1WIkyPbcWzxg56++3qmawSP1oVL0Qv4MHcR 1WGoJjeoJZjO6nNQpcdzUmZOdEftljEZzSdWewvQY09yXpkv92nfXhF1Ub+GAnCz gPLjWlCeAaBr/236hmE+to0XeAjJywpLjIQmckK9VnPigitx2R+NblDRp2eMta5A 9Qnls8vv64qBqNeqZejJdtzKWTS7lZlyozbWo38FjCOXPj13Y9Q/B4PvDLiADQNt qMF+4O4YE5A8irkK7m9kWRt/fpGIHAmuzatRAKCl9CUAh0nG8s2XfIlvjTdQSgBl QgdIk/gXggHguWUYXuS8dQ96PpMFby5RbRIogFE12BE6dB6AE1H6OLUngPwrLERz ga7PpqT++Ww+EIvVO7psR6GwXU/jIPsRd5fkS1QNvAKslhirWOmD6O8W+LgEBJyB JeT3Oh9THJ+6dhQEIeAOrQfvjznDR+V+QwSHMm8duHng0axFgrikuxEySccih8Tt rbwCFp8KihcEaJiEVYEriCcY7a8JZCHKphhaa2OVDoP+3t7H93D5dy5jj4r2VpQA 4uG6hHE6UYyzKGw75uzz2vECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 284567575783276153178783314396584869810802 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-16 00:37:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-15 00:37:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kurbelix.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 612015834571354367952899542156919269422544506998417039500824047184626204213621442249277264129480835413332050216337866491562561120564881304618263266867660324864538973089200603741469026432908775226072479554975518783447978755933463141852010447806540643431507325758693114055160011045231564510131674116036588858880143436539514665275546476441755069823553625788601571467850450263325168327076046464884503233994798760060304095921926893143163016292126846986817763689966802712101423487525418656811009669259904739125816429808335002415490452880166982179319117769098897575608026623098193489800004661777787798974342265555744601547743234372397277694940237402982446147877523857759465485274181236171743552868417174640525368059129629514590835858839489410088601099977539993021001773987213161689874327416008528635605861925038350900704112974025877928606434805160951371754245288199715470947800465554902689940039127551102909234684971667928033844094976698063639478927073775381648755843464812439407443015905688692241101559390125059328573692346205399716097542889754152293302267828855117680604504147223917045167840996451510035319932001548356317980636784091917273916907396437391393142137779512153994923474611422084540911816166886835609556927148323810025586023153 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 75cead1fd594347cf7cc0721ed4c43d5e5a15657 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kurbelix.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kurbelix.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016d37b7945a0000040300483046022100bc9cc8e6706023771e5fb807b9cbadeb2a081ab150976f375fd7ad407e568cd6022100b0269619a0a3aba2e7e33038914c0c7daa7efaf9ea41188f1beed41b60e569e400760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d37b7966c000004030047304502205db73eb42e8b5e8186f0015d9a5e90741a91b7928182189d2ae29a4862623a33022100f235e07a658728a39842cc7be5efcd7b2b739c74982cd337e47631dca596299d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0074b84e76597cd3b86301f7f778b43b3f1e7bf8d4dfe2b91850c63d8e218950cf68ef981e7e417b4fb8da28c0b2fad7fd2174b9ff42b2fece5bb2d940f69b9b3fd986882570723c82fafd94cfded8f2d73ab102f964da2202863d2c9c058b5ecbda5d644977ed3041f61520fe5dbbe97eb7790154c790891b7b4f0bc08c9756b423c162cf16a957765a787bc182105a345e3a175db31dff5f7d03f8fa964b3a628314b9f0540ebf13e7fe0368791e6a31e2294051bfe0f73901292a68c7a7d0ac2e9a9fa659b4523d464464c9cc14005f5124de9398e7f2b00dae33cb7efa7b4601e29c32e2c8a567282142762908e6806d0563640cdec7670cda7a265df25e52