red-rag.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:d1:52:ae:5e:8b:82:f6:58:b7:6e:2a:1a:75:7a:d7:1d:86 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=red-rag.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:d1:52:ae:5e:8b:82:f6:58:b7:6e:2a:1a:75:7a:d7:1d:86Serial Number (int): 419678060486424621810646473127332601601414
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: dd:e9:01:66:d1:71:e5:d6:a3:1d:0b:96:47:94:4d:7c:69:ec:c3:ee
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 76:66:91:43:d9:40:b2:4c:45:29:d0:51:cb:a8:ea:ad:67:35:01:d8
Fingerprint (sha256): e3:12:0a:55:af:fd:c8:ef:f3:fa:a0:9b:04:6f:93:f4:07:40:93:cc:f1:88:62:65:3a:85:5f:17:99:5c:e0:9e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate red-rag.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for red-rag.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
red-rag.ch
Other certificates including the domain name red-rag.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for red-rag.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISBNFSrl6LgvZYt24qGnV61x2GMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEyMjMxNDA2NDJaFw0x OTAzMjMxNDA2NDJaMBUxEzARBgNVBAMTCnJlZC1yYWcuY2gwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCrJ+W/1GQACsOzPirIjMpDDk8OMqyJF4v9wgYc 7kq/s7zvXByvlw07d2uBWrbdllAsOA1pTZN6g+t6GXtuHmcoCHyS9oi7XtlrKW+3 oyjJhBW9mE2tJ6FddaHhJUqn8aapfVCE/pSmfiuSoJYC5KyZDcYixMxTdaX4rx6J EQjSYm3gbwcjaJPIUefdVEuk1QaOxXoSdNBAkBHSusuRqYmgqlEBtjzk3Y0s+JMO 7rfT7TIFSAQS8rmdmJx3d/12ZZt51DsNtuKBfw7PiTcH98C/3eYKC0/TBDjz4noU fhtrAj/AbM+ImQ58DhWjsOHoRBDDg/uXWO4IVU7TPQ6pNYmVAgMBAAGjggJeMIIC WjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFN3pAWbRceXWox0LlkeUTXxp7MPuMB8G A1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAu BggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAv BggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w FQYDVR0RBA4wDIIKcmVkLXJhZy5jaDBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AFWB1MIWkDYBSuoLm1c8U/DA 5Dh4cCUIFy+jqh0HE9MMAAABZ9uanjYAAAQDAEcwRQIgXnXXr1fVJRK5Xel/+wv+ ar7T3YnmypBR+U1afGufWSMCIQC7mFdNS57zoNVM0n06B7BhlrlO0dcY683E3cOX HxRZHwB1ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABZ9uanv8A AAQDAEYwRAIgefkeOqGBBHNiFlxrQVNrBqOGh9xBjY1tYbYXdjTeZdYCIFZ/b1PW RX+YLDGLZ5d0Njzzna+sozGubHG3UQstnitCMA0GCSqGSIb3DQEBCwUAA4IBAQA9 r4oqAfvMZWYQ6NWzNamJbkxansWGSli40N1OZkzstMmcjJpUp7WaKZVnW+6beoSm pC9uyLwKyxqdaS/aqn+ZhSEs2MO6B3lR92yVI+08u/rkxQ2/LCjqHI8F/nJIMUVv VR7UpEtvv5wkjM4mgew/+Klgw9Su7kgaaS6M1Rzd69IVrxheV+gU0kUA8d6s5RB/ 2iZMS4XkMTHWcnLT81OMIg7Qb8859BYYNXKuAtI3swH3qvozd4lTxVgm6lXzZuSi 755e9fWCTcZkXI2kLnBRXAuFpr6ZrlfFS7csD81QR0kJbgbROUzS03h+u800H+Jd 3r0fal0V+RFsA01kLoKb -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyflv9RkAArDsz4qyIzK Qw5PDjKsiReL/cIGHO5Kv7O871wcr5cNO3drgVq23ZZQLDgNaU2TeoPrehl7bh5n KAh8kvaIu17Zaylvt6MoyYQVvZhNrSehXXWh4SVKp/GmqX1QhP6Upn4rkqCWAuSs mQ3GIsTMU3Wl+K8eiREI0mJt4G8HI2iTyFHn3VRLpNUGjsV6EnTQQJAR0rrLkamJ oKpRAbY85N2NLPiTDu630+0yBUgEEvK5nZicd3f9dmWbedQ7DbbigX8Oz4k3B/fA v93mCgtP0wQ48+J6FH4bawI/wGzPiJkOfA4Vo7Dh6EQQw4P7l1juCFVO0z0OqTWJ lQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 419678060486424621810646473127332601601414 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-23 14:06:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-23 14:06:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'red-rag.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21606424319168937006621085785971816091726578551053876127847289529280250322464598935566196408117519241716273192940766855411632142137387775251835927731633102139959169512230391237235592476131920458116089070771871763526153339170571687552989182504814499140653001861261588264843976184213285317063927050945624815537574240608432433014592587913850117419292166683990517017156182466151535072274412628465464221666795627627972372814573532178811255192015120959498217986225437335979530343700175183273775840878650029719992062995923543782707643088734877932479094923001869868965173958253288594971091707670369011220827193171839678777749 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dde90166d171e5d6a31d0b9647944d7c69ecc3ee . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'red-rag.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000167db9a9e36000004030047304502205e75d7af57d52512b95de97ffb0bfe6abed3dd89e6ca9051f94d5a7c6b9f5923022100bb98574d4b9ef3a0d54cd27d3a07b06196b94ed1d718ebcdc4ddc3971f14591f007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000167db9a9eff0000040300463044022079f91e3aa181047362165c6b41536b06a38687dc418d8d6d61b6177634de65d60220567f6f53d6457f982c318b679774363cf39dafaca331ae6c71b7510b2d9e2b42 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003daf8a2a01fbcc656610e8d5b335a9896e4c5a9ec5864a58b8d0dd4e664cecb4c99c8c9a54a7b59a2995675bee9b7a84a6a42f6ec8bc0acb1a9d692fdaaa7f9985212cd8c3ba077951f76c9523ed3cbbfae4c50dbf2c28ea1c8f05fe724831456f551ed4a44b6fbf9c248cce2681ec3ff8a960c3d4aeee481a692e8cd51cddebd215af185e57e814d24500f1deace5107fda264c4b85e43131d67272d3f3538c220ed06fcf39f416183572ae02d237b301f7aafa33778953c55826ea55f366e4a2ef9e5ef5f5824dc6645c8da42e70515c0b85a6be99ae57c54bb72c0fcd504749096e06d1394cd2d3787ebbcd341fe25ddebd1f6a5d15f9116c034d642e829b