hajoscho.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:f1:af:8e:a4:51:be:cc:82:2e:eb:9d:bd:77:c5:5d:b4:88 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=hajoscho.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f1:af:8e:a4:51:be:cc:82:2e:eb:9d:bd:77:c5:5d:b4:88Serial Number (int): 343578263761434887407862185219454438061192
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 56:e3:7e:f4:12:ee:f5:a1:dc:a4:66:05:d6:3d:20:71:2f:10:f6:c3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 91:b9:fe:e1:0d:a6:13:96:1d:8e:26:c2:c8:f3:b3:53:a3:cf:af:71
Fingerprint (sha256): f5:c1:8b:24:fb:5e:c6:6a:0a:28:66:97:cb:28:4b:bd:3b:13:33:ea:e0:74:a7:0f:c4:94:44:a0:b2:75:c6:53
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate hajoscho.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hajoscho.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hajoscho.de
www.hajoscho.de
www.hajoscho.de
Other certificates including the domain name hajoscho.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for hajoscho.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXjCCBUagAwIBAgISA/GvjqRRvsyCLuudvXfFXbSIMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMjYwMjA3MTBaFw0x OTA0MjYwMjA3MTBaMBYxFDASBgNVBAMTC2hham9zY2hvLmRlMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAy4FJBBeIY/1Jl+xwvQATHXKvWgbKluAKhFcq h+4+mS+Lp4YFalPWg7bEnxxArNOPb3o3Ot8Gn52QAyjB0L78NdQ02Mn2IgpfFELw OJS7QejkQTQjhKQ0P0r8VOR8JW+ZHiLm8a5/F4VEWArV0UzAqU13+dX1O+crLs22 hL0eC+W0J726v1izKGm7Hr8FPUSOq0dbV4+DIEDXevpR79rITWQLN1sTJqwu8A43 2QEOv+9ENi90BTAp2VmHcDIX0hdoMLVTyb/Yged3XfRZrWg7NsOn1fkmx4jk1wtc 3UUyfKfoO9Z7dEwZtWejjF2Irsj4HGxVswme8tWEObbBIrZHAHQ52H+44y6v02su Wab4IK6tsbYAXiWx97YaW7tpMbUj/Rrg6CE0CTUmdqAKO44a4V7m0uBjQ4t7EPCx ES0RxXvx+Msnawh2PowSpZC+YsK0e5f4RqXKz8aTraOAMvgcyYuebEcTcLeFUuMH bEPjZvH9HWO/o/2fNVByGyZ2xLy7fDeyAHR1oBgaITM0ja0mE6a4uSxzZBafol/b nPIcA812zb+EOemDVveuoIcI3R4zM38Jn5lHi6hXxptkW0SKXGR5/Cku5K8rICz7 BGLYCSgy2qC6dUCiOcC+7poNkAvf2gc1qXbUiVJmu0tqj0jhVLfX8Bep62knxKDQ HfJZ84UCAwEAAaOCAnAwggJsMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUVuN+9BLu 9aHcpGYF1j0gcS8Q9sMwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAnBgNVHREEIDAeggtoYWpvc2Noby5kZYIPd3d3Lmhh am9zY2hvLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgw JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYB BAHWeQIEAgSB9ASB8QDvAHUAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7 zFYAAAFoiCAVWwAABAMARjBEAiBBUbU/EWYXkhnRhjCkQheatJ3x98vGlyETvtsB EuLK+AIgc+8JGCSmCD3MCijufcg52x0I7WTcKOYxzHVl0/hdKUAAdgApPFGWVMg5 ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWiIIBVXAAAEAwBHMEUCIQDHfyEa dNbarVEeYTX8fEIlP9VrOXQpSR5uW9pDatijKQIgQljQ8qZDrDnJuCYIVo+WETtt DVWtCxmQcHEDWYRA874wDQYJKoZIhvcNAQELBQADggEBAEYhID2T7oPbwt15uNV2 lIzz6lwrlfGaqT07gavbXsyjYS5KI6r7ao6jmf2LRH5sY+/MJGatRSqe5Fr7i40Q CULWnZ3Z5cileaGurrjHGgcuoia4MsLnNe/Q7HxVGHP0XAcdO+bjYeo+obQajGnD OiaNg4sUX/nM0j3nYTcp75XuKyOtY8MsK2aqK+Gsh0rNwg+oM8PCEt3akUjHcPUx /Qf79I5JdrW9skFn0bEv+d8YleNPXDaYByStsnGudoV5h6ZaJgbmiJgMVSid1mzQ vNRweKTWDpPuZVcNqPLGi2njuaTQYa7U/LgcDtuwRMytK1M33lYTtaXmal0feNBE QKo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAy4FJBBeIY/1Jl+xwvQAT HXKvWgbKluAKhFcqh+4+mS+Lp4YFalPWg7bEnxxArNOPb3o3Ot8Gn52QAyjB0L78 NdQ02Mn2IgpfFELwOJS7QejkQTQjhKQ0P0r8VOR8JW+ZHiLm8a5/F4VEWArV0UzA qU13+dX1O+crLs22hL0eC+W0J726v1izKGm7Hr8FPUSOq0dbV4+DIEDXevpR79rI TWQLN1sTJqwu8A432QEOv+9ENi90BTAp2VmHcDIX0hdoMLVTyb/Yged3XfRZrWg7 NsOn1fkmx4jk1wtc3UUyfKfoO9Z7dEwZtWejjF2Irsj4HGxVswme8tWEObbBIrZH AHQ52H+44y6v02suWab4IK6tsbYAXiWx97YaW7tpMbUj/Rrg6CE0CTUmdqAKO44a 4V7m0uBjQ4t7EPCxES0RxXvx+Msnawh2PowSpZC+YsK0e5f4RqXKz8aTraOAMvgc yYuebEcTcLeFUuMHbEPjZvH9HWO/o/2fNVByGyZ2xLy7fDeyAHR1oBgaITM0ja0m E6a4uSxzZBafol/bnPIcA812zb+EOemDVveuoIcI3R4zM38Jn5lHi6hXxptkW0SK XGR5/Cku5K8rICz7BGLYCSgy2qC6dUCiOcC+7poNkAvf2gc1qXbUiVJmu0tqj0jh VLfX8Bep62knxKDQHfJZ84UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 343578263761434887407862185219454438061192 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-26 02:07:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-26 02:07:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hajoscho.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 830228049228017204899793707216068827430743008654480377098217099734745456444529855826236637818623434315884736861125110821533234722705271686438919275781831802331845831883293120898374574871890113286523055222169804067778091921086407242625854473680540716302484098555585114851320811351195029416012404391553527345678852368142350281838314247592603183964412764379411748267425838439907218487535689324177293203099293803433222703966300472185160431836205173307998368590982981805161197512576968129189383145531228417547737746803700252226131526751329073540002732136083888706178067348133614122086985212523973932152914754469838124614205568014659861174387987658953148928286634191574720388185351918731482990253363314119105299701453935084190130015559725319875582166574869021050432830418117475368903182674598306445022066905014335093466127947896829160395844481057332369559284396633279311863961702140027592580131372287649839331983948679771526947411461435045738944092011984289583773663199179468240145096238908646542808339061931761776668420595775461469606922934449312466065438139548814380149894608459454940200434437333989325139402633272197219677271589812500081073795678963653740293146041205318738046274656690575502441836688893854612837279460518149020796449669 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 56e37ef412eef5a1dca46605d63d20712f10f6c3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hajoscho.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hajoscho.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001688820155b000004030046304402204151b53f1166179219d18630a442179ab49df1f7cbc6972113bedb0112e2caf8022073ef091824a6083dcc0a28ee7dc839db1d08ed64dc28e631cc7565d3f85d2940007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000168882015570000040300473045022100c77f211a74d6daad511e6135fc7c42253fd56b397429491e6e5bda436ad8a32902204258d0f2a643ac39c9b82608568f96113b6d0d55ad0b1990707103598440f3be . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004621203d93ee83dbc2dd79b8d576948cf3ea5c2b95f19aa93d3b81abdb5ecca3612e4a23aafb6a8ea399fd8b447e6c63efcc2466ad452a9ee45afb8b8d100942d69d9dd9e5c8a579a1aeaeb8c71a072ea226b832c2e735efd0ec7c551873f45c071d3be6e361ea3ea1b41a8c69c33a268d838b145ff9ccd23de7613729ef95ee2b23ad63c32c2b66aa2be1ac874acdc20fa833c3c212ddda9148c770f531fd07fbf48e4976b5bdb24167d1b12ff9df1895e34f5c36980724adb271ae76857987a65a2606e688980c55289dd66cd0bcd47078a4d60e93ee65570da8f2c68b69e3b9a4d061aed4fcb81c0edbb044ccad2b5337de5613b5a5e66a5d1f78d04440aa