gitlab.ldbar.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:98:ff:92:20:35:77:f2:31:5c:a6:f8:56:58:8f:7b:a6:79 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=gitlab.ldbar.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:98:ff:92:20:35:77:f2:31:5c:a6:f8:56:58:8f:7b:a6:79
Serial Number (int): 313399489434803207458160514929007485757049
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 54:98:ef:a1:de:98:85:fc:88:96:14:54:b5:ef:69:60:cf:60:5f:43
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 22:b4:0c:7a:ff:e7:6f:08:68:1e:94:65:41:aa:52:5f:c2:7e:4b:ab
Fingerprint (sha256): ed:1d:f2:c9:f7:3c:4a:6e:b2:57:3f:4c:e8:90:16:db:24:66:22:df:6c:37:fb:26:7f:db:d3:3f:74:ba:f8:dc

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate gitlab.ldbar.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gitlab.ldbar.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gitlab.ldbar.ch
interactivethings.ldbar.ch

Other certificates including the domain name ldbar.ch

(limited to 100 certificates)
trifid-lindas.int.cluster.ldbar.ch
trifid-lindas.int.cluster.ldbar.ch
gitlab.ldbar.ch
gitlab.ldbar.ch
studio.cluster.ldbar.ch
stardog-int.cluster.ldbar.ch
gitlab.ldbar.ch
trifid-lindas.test.cluster.ldbar.ch
studio.cluster.ldbar.ch
trifid-lindas.int.cluster.ldbar.ch
graylog1.sbar.cust.vshn.net
trifid-lindas.cluster.ldbar.ch
trifid-lindas.cluster.ldbar.ch
trifid-lindas.test.cluster.ldbar.ch
stardog-int.cluster.ldbar.ch
gitlab.ldbar.ch
studio.cluster.ldbar.ch
gitlab.ldbar.ch
trifid-lindas.int.cluster.ldbar.ch
trifid-lindas.cluster.ldbar.ch
trifid-lindas.int.cluster.ldbar.ch
graylog1.sbar.cust.vshn.net
trifid-lindas.cluster.ldbar.ch
studio.cluster.ldbar.ch
trifid-lindas.cluster.ldbar.ch
trifid-lindas.test.cluster.ldbar.ch
stardog-int.cluster.ldbar.ch
gitlab.ldbar.ch
gitlab.ldbar.ch
stardog-int.cluster.ldbar.ch
trifid-lindas.test.cluster.ldbar.ch
studio.cluster.ldbar.ch
studio.cluster.ldbar.ch
gitlab.ldbar.ch
stardog.cluster.ldbar.ch
trifid-lindas.test.cluster.ldbar.ch
stardog-int.cluster.ldbar.ch
gitlab.ldbar.ch
trifid-lindas.int.cluster.ldbar.ch
stardog-int.cluster.ldbar.ch
trifid-lindas.cluster.ldbar.ch
stardog.cluster.ldbar.ch
trifid-lindas.int.cluster.ldbar.ch

Certificate

The complete raw certificate details for gitlab.ldbar.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISA5j/kiA1d/IxXKb4VliPe6Z5MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMjIwOTI3MDRaFw0x
OTA1MjMwOTI3MDRaMBoxGDAWBgNVBAMTD2dpdGxhYi5sZGJhci5jaDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBANyiNLDeNuG5bCwC9dFJiU51J5bl1N+I
vOUC5oWk2FjS1VgkAE14swkH1GBKWYcnpk93t3xdSb5yANQGjpORuWGlxcNz3K5y
mp/JGD1R9amqEEKkUvgMgFhOsZksw+MxIhWWJXrVVkxZbF2aIDpoxoOMto5HZBJx
BVrmDBm8npZQwjuO5+7Yb9y9DpvZNuaLddLz2Io5N+0G3y9wEdlvMJYJk3lOiYb0
JkJGaTKU2byf/ITQLpTaORyA0zNQC8v59M/L1q8J61x4GkobPQ2ilv1GURhtw/Wh
+Rk+OZ5aDOSAcyDMEB9mZO7dvqVKzzJqdsV6YC4vHLGlYycSMORu5uUCAwEAAaOC
An8wggJ7MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUVJjvod6YhfyIlhRUte9pYM9g
X0MwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE
YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzA2BgNVHREELzAtgg9naXRsYWIubGRiYXIuY2iCGmludGVyYWN0aXZldGhp
bmdzLmxkYmFyLmNoMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB
MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYK
KwYBBAHWeQIEAgSB9ASB8QDvAHYAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV5
5hB7zFYAAAFpFL6JEAAABAMARzBFAiAkR0lRO0cKjNKYIvMXULea29X7mVxMEuII
XRGyUKoI0gIhAJuUPgx458XRvSzXgW7UOn4KvYIou1CUTsbbgziT8qVFAHUAKTxR
llTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFpFL6HHwAABAMARjBEAiAp
W5NcGXHON3+s2UnuYUNop2VVfF//YZKfW6TnKjpLrgIgVg3Rucudjmjl3tVx35Mc
DAAWfYRHcOIP7yZEsqZHB5cwDQYJKoZIhvcNAQELBQADggEBAEam7eo/IZp6/281
EPGXbABj4SQmsMkLV+0gI1rkMdLYScDD5KlNYVO0MFZbTw/ngAUN9buPBVckI2n6
Gk9Zo8F/Y2TiGiNmz0kyUZj754I/ziCCUuaRq/Sd4y2uJnTbwC30TzP5+abM22w/
x1b8lc1G5488M0feGB6eOPoCg3jb43Cv3vTpDi5v9RAXN8YdJnykcsHkF7wog42X
l59v/eGtPc0XpDPkvj+sxAUeCt6s9GddFCmpZ4g6FYVzglKaBX2iGAQGtWjWgqK0
Wz+g4jk4/BhO8AL/Ko5eRCjFojb9V400S281x7BmL3Mm9tjZEd0uRRyiL/BneA38
D6isu5c=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KI0sN424blsLAL10UmJ
TnUnluXU34i85QLmhaTYWNLVWCQATXizCQfUYEpZhyemT3e3fF1JvnIA1AaOk5G5
YaXFw3PcrnKan8kYPVH1qaoQQqRS+AyAWE6xmSzD4zEiFZYletVWTFlsXZogOmjG
g4y2jkdkEnEFWuYMGbyellDCO47n7thv3L0Om9k25ot10vPYijk37QbfL3AR2W8w
lgmTeU6JhvQmQkZpMpTZvJ/8hNAulNo5HIDTM1ALy/n0z8vWrwnrXHgaShs9DaKW
/UZRGG3D9aH5GT45nloM5IBzIMwQH2Zk7t2+pUrPMmp2xXpgLi8csaVjJxIw5G7m
5QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 313399489434803207458160514929007485757049
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-22 09:27:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-23 09:27:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gitlab.ldbar.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27852413765388797900553734128324200131072132368946218576158718162877023836175910932394454531960294260246991701802350679914302172866947257916933906837408836935510077103005514161144419008318474703500975303091647770744486972149056511581184545002742091267440045917410202357114315492404870313838717210808055737628653193624111459786091568175609485350704831768227328613442825345285901375687262759330935314322901430095533374154145520266386284401454816802814509344214000729350810666075713392191191770462779039801218269521862119021010051991580366708493252895906971877630247283078236181703118299901612438670064098283407622989541
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5498efa1de9885fc88961454b5ef6960cf605f43
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gitlab.ldbar.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'interactivethings.ldbar.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016914be891000000403004730450220244749513b470a8cd29822f31750b79adbd5fb995c4c12e2085d11b250aa08d20221009b943e0c78e7c5d1bd2cd7816ed43a7e0abd8228bb50944ec6db833893f2a545007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016914be871f00000403004630440220295b935c1971ce377facd949ee614368a765557c5fff61929f5ba4e72a3a4bae0220560dd1b9cb9d8e68e5ded571df931c0c00167d844770e20fef2644b2a6470797
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0046a6edea3f219a7aff6f3510f1976c0063e12426b0c90b57ed20235ae431d2d849c0c3e4a94d6153b430565b4f0fe780050df5bb8f0557242369fa1a4f59a3c17f6364e21a2366cf49325198fbe7823fce208252e691abf49de32dae2674dbc02df44f33f9f9a6ccdb6c3fc756fc95cd46e78f3c3347de181e9e38fa028378dbe370afdef4e90e2e6ff5101737c61d267ca472c1e417bc28838d97979f6ffde1ad3dcd17a433e4be3facc4051e0adeacf4675d1429a967883a15857382529a057da2180406b568d682a2b45b3fa0e23938fc184ef002ff2a8e5e4428c5a236fd578d344b6f35c7b0662f7326f6d8d911dd2e451ca22ff067780dfc0fa8acbb97