www.holz-wurm.de
Issued by R3
About this certificate
This digital certificate with serial number 03:ba:9e:cf:48:27:57:99:1f:d1:93:e8:b4:4e:54:ed:91:68 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.holz-wurm.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ba:9e:cf:48:27:57:99:1f:d1:93:e8:b4:4e:54:ed:91:68Serial Number (int): 324840472334809527674038109014895404880232
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 63:07:ac:02:21:39:36:14:aa:3b:e0:1f:40:df:03:78:72:cc:77:50
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f7:f1:18:9b:53:f7:d6:eb:32:d0:30:eb:6f:38:fe:ab:c5:a3:13:ff
Fingerprint (sha256): da:ea:5a:e6:db:2c:e5:76:6b:87:f7:bf:1e:26:62:4f:bb:72:df:c6:4f:63:bc:79:38:c2:18:15:ab:7b:75:fc
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.holz-wurm.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.holz-wurm.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
holz-wurm.de
www.holz-wurm.de
www.holz-wurm.de
Other certificates including the domain name holz-wurm.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.holz-wurm.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISA7qez0gnV5kf0ZPotE5U7ZFoMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTcwMjMxNDBaFw0yNDA2MTUwMjMxMzlaMBsxGTAXBgNVBAMT EHd3dy5ob2x6LXd1cm0uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQCRLT1bdgpvgwd3xzi3TMycAGlF8sfykbeZ6wIdrjKyVV2wEnP/8ZBQ1grnDShJ EA40zr9FfQMstAGB4s3/edW2jmppoli5gPjGI/HA0G08QKal2ktrqKhc3Q7XIQFd 48wbFYdPnKuStaBwF/lTupSgmVRH1E1Kx0ZzruTqGhjN3U/5zor6g3HLtv8fJ4G7 QbZCPxpzZIA4WmhbJai7VS4gKU9VBmP2lMfG2Xaj1+XfvHbbqsOal2J5MRjYS9Jx ERjWy1eomk01dYKAP4ZjVBMxFuBpPJKZjjF1TuybyoVCm9WbVFeQ7xzrH7Pp0xSA OCpu7tZr88w6Buums/yJGKVhDW+27GBgZtHZ1pwD7E99KyrkgnfHXs9OuJ7EcjwC DlsYAMQtUCx0cUaVuD6W4uJJErrAjkd/w74vICO+jYBaahRPAd8kE+rEZy/4L3rO 1fVjPuPE2mXjkme0BETg3msy+k61QLWBM0G00Szp3ps/EGM9YCzoqfe6r1SOjowq eVVnXAnlBOag9lf3eIFIMR2keO6R0FDS738pAr329muUq3MKp/mQsioYsjaipQGz SrEQY7KYhUMKT+oYjVz/5uLGvNODCEmVgFa2Gl2q7YG9Whd8dgnDRScdbkqfcBtN eXc7Rsdll/G6Qcgw39mjatyRsvK+45hHJL3eZarfgfffwQIDAQABo4ICITCCAh0w DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRjB6wCITk2FKo74B9A3wN4csx3UDAfBgNV HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0 cDovL3IzLmkubGVuY3Iub3JnLzApBgNVHREEIjAgggxob2x6LXd1cm0uZGWCEHd3 dy5ob2x6LXd1cm0uZGUwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5 AgQCBIH2BIHzAPEAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AY5KdxBMAAAEAwBHMEUCIQDtp3Pqg3suIab5mmXr2vQgP+2MeV38H9E1NulQJULd IQIgTdhUmOROsY/hpPY2x8GaKaN2I9PG3BK4b2ONsKgpcuEAdwCi4r/WHt4vLweg 1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY5KdxBZAAAEAwBIMEYCIQD5xnZrSAyD ilYSFEOcbyv9WPi9cZNats6OIcBvRANNWwIhALhBJeUIhhZcc7vUUiK8NyL+wHb2 YziciI89eQX1Ja27MA0GCSqGSIb3DQEBCwUAA4IBAQBFH/D25T/N2UluBbgcFfYM ytRYmXCdo6Zy53XpDGWVJ6W5o1Wj+B1Zrvu0mTrp3MT9YTrYSPeLDbN+fsZ/r5WJ a5zNbfMWHtay2+NCuhZuzIo7X8ngL/63vJHOREs3kS1DrsXJ/ceRhDsFWW3RVecd e59zagJQza11BL6sqSjtO1M2wmugT37Otj9qL75u/7UiaZ10CPxuK+O+RfiMdBbN N5yMC2dMh23mPWQ1OOHYprndbe2IjlirPSYVwliawKnUqozGpL2RNxwC4AjlFDKj IlFQO8seUZIKhqkPUvKtRhgkfSW0DgKLOLQsM0gt2aRWJ9Ja0LjhWkxDX6prvHfx -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkS09W3YKb4MHd8c4t0zM nABpRfLH8pG3mesCHa4yslVdsBJz//GQUNYK5w0oSRAONM6/RX0DLLQBgeLN/3nV to5qaaJYuYD4xiPxwNBtPECmpdpLa6ioXN0O1yEBXePMGxWHT5yrkrWgcBf5U7qU oJlUR9RNSsdGc67k6hoYzd1P+c6K+oNxy7b/HyeBu0G2Qj8ac2SAOFpoWyWou1Uu IClPVQZj9pTHxtl2o9fl37x226rDmpdieTEY2EvScREY1stXqJpNNXWCgD+GY1QT MRbgaTySmY4xdU7sm8qFQpvVm1RXkO8c6x+z6dMUgDgqbu7Wa/PMOgbrprP8iRil YQ1vtuxgYGbR2dacA+xPfSsq5IJ3x17PTriexHI8Ag5bGADELVAsdHFGlbg+luLi SRK6wI5Hf8O+LyAjvo2AWmoUTwHfJBPqxGcv+C96ztX1Yz7jxNpl45JntARE4N5r MvpOtUC1gTNBtNEs6d6bPxBjPWAs6Kn3uq9Ujo6MKnlVZ1wJ5QTmoPZX93iBSDEd pHjukdBQ0u9/KQK99vZrlKtzCqf5kLIqGLI2oqUBs0qxEGOymIVDCk/qGI1c/+bi xrzTgwhJlYBWthpdqu2BvVoXfHYJw0UnHW5Kn3AbTXl3O0bHZZfxukHIMN/Zo2rc kbLyvuOYRyS93mWq34H338ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 324840472334809527674038109014895404880232 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-17 02:31:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-15 02:31:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.holz-wurm.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 592269334313080254503732073302218427705729388359718089734154291114678003300787850258765249347719769982705560398985248916880791316298755976418855427189170599506402688099886093739645912299064038604600071775919589127622774897382396151673844502672416294566168855490486474987010057637028768978131091191399851657203292950758557972503704372175525868773422652296857171250700520938596044530649019000854070016146946658497114862277081801677193496156687975360837919339624710569493468479414103274863605980860541335409955396902658194331778474858751125606645592506437253714211353296121155054660451635947365603565965171171988206418928886484403621461345629094575522382739991701157332340596388143170043554740698247289647609170067805865612295170157619629173401288625313174650068356104470888875756249251703127675859242278446696510114270044637289021722803043932331377709160678131879370215392258558536645730276386075004440844506617760142648729358743185312655304155027678031077755317883247248235714225483773292241302455661266360165312741563726813580747225581523544604471027926782689811255321674170816797078763348254102940662671247945463640512559676319098560185075977021565145026825529748071667713519996514299213226762303354844370597329486293533620734255041 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6307ac0221393614aa3be01f40df037872cc7750 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'holz-wurm.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.holz-wurm.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e4a77104c0000040300473045022100eda773ea837b2e21a6f99a65ebdaf4203fed8c795dfc1fd13536e9502542dd2102204dd85498e44eb18fe1a4f636c7c19a29a37623d3c6dc12b86f638db0a82972e1007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e4a7710590000040300483046022100f9c6766b480c838a561214439c6f2bfd58f8bd71935ab6ce8e21c06f44034d5b022100b84125e50886165c73bbd45222bc3722fec076f663389c888f3d7905f525adbb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00451ff0f6e53fcdd9496e05b81c15f60ccad45899709da3a672e775e90c659527a5b9a355a3f81d59aefbb4993ae9dcc4fd613ad848f78b0db37e7ec67faf95896b9ccd6df3161ed6b2dbe342ba166ecc8a3b5fc9e02ffeb7bc91ce444b37912d43aec5c9fdc791843b05596dd155e71d7b9f736a0250cdad7504beaca928ed3b5336c26ba04f7eceb63f6a2fbe6effb522699d7408fc6e2be3be45f88c7416cd379c8c0b674c876de63d643538e1d8a6b9dd6ded888e58ab3d2615c2589ac0a9d4aa8cc6a4bd91371c02e008e51432a32251503bcb1e51920a86a90f52f2ad4618247d25b40e028b38b42c33482dd9a45627d25ad0b8e15a4c435faa6bbc77f1