www.hess-gruppe.de

Issued by R3

About this certificate

This digital certificate with serial number 04:f8:7f:36:02:3c:d0:f3:27:8c:d6:ea:c4:85:6f:44:34:f8 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.hess-gruppe.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:f8:7f:36:02:3c:d0:f3:27:8c:d6:ea:c4:85:6f:44:34:f8
Serial Number (int): 433008263108311946517909755437939438138616
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: df:a8:7c:41:1a:31:7b:aa:63:f3:29:4f:94:cb:ea:db:c8:05:14:4f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 23:53:3a:0c:98:01:c8:a8:09:36:22:03:52:6f:07:9e:0f:1b:49:9e
Fingerprint (sha256): f9:5c:97:dd:e8:3e:c1:16:02:21:60:f6:85:ab:41:3a:82:db:e5:6a:ac:82:ef:a4:ed:7d:c1:69:52:6a:1a:9c

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.hess-gruppe.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.hess-gruppe.de

Public Key Algorithm

RSA

Key Size

3072

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hess-gruppe.de
www.hess-gruppe.de

Other certificates including the domain name hess-gruppe.de

(limited to 100 certificates)
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
ssgd.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
vpn.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de

Certificate

The complete raw certificate details for www.hess-gruppe.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISBPh/NgI80PMnjNbqxIVvRDT4MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAyMTkwNzEwMDdaFw0yMzA1MjAwNzEwMDZaMB0xGzAZBgNVBAMT
End3dy5oZXNzLWdydXBwZS5kZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoC
ggGBAIgHgnwY7/5yIbbKpWKBKPKq6dcZXQi7oAHq2iA9LGvTM4m1SimAI4oH2rsd
qRavfo97mz5I1Pc8HX40YhA4WzSQL+dJI9DAUwADgydR9jShDZzfRPY2SAhAYf/y
CoOhv38MnRWAxIpVc8bYu8m5iZ++UkLXYl7EaO0K24nhIX7/n46W2kHBQS0I4RjU
CCdQL82rtcUpmObCTGVf9Da4eTkNYQxwIkViZ7tBxDEgsY4CNufTR8r8Sfzsq4iq
TYJLwnqXi7JuXbpIvp10SQCXAyI78kx+TQFieczm6+blM7T9O0TAYf07El0drpGL
CDXUrFA8Lk8EFXo4Z2CCD4wgxr9+ua8xAj4YYV4x3ucsyTjbGsCyKsPA9b9O8sk7
3rXscv6AMl0UlFbujYYThyJbvR9uXgAxbRvH+VPqTowo4eBuYJK8kcWNcAh+Zxhv
i0YXKK6k4/mwRfGNTMaAZiCzDarU5vPxcAE6PGMvOlLXcGmzLzrTMKKE3elKaH7x
Ssd06wIDAQABo4ICXDCCAlgwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTfqHxBGjF7
qmPzKU+Uy+rbyAUUTzAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBV
BggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9y
ZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAtBgNVHREEJjAk
gg5oZXNzLWdydXBwZS5kZYISd3d3Lmhlc3MtZ3J1cHBlLmRlMEwGA1UdIARFMEMw
CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j
cHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAtz77
JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGGaLketwAABAMARjBEAiBG
RSW89ujkF0+36vpDzjSvWjNeAiYjzTwudzEhHmVoFAIgC8khEaKYjIJgAf1STNa2
NiUFOQhBlf7hREy30ctGOUYAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpX
o1LrUgAAAYZouR7NAAAEAwBHMEUCIQC3PrDYCKKvcq9l0T8Webqw7otf/TxLI1KQ
RYxtAMn3RAIgLit5IHqR+in8vWr3ykgvLcU+ctpeCR9CCQO+hQe0usgwDQYJKoZI
hvcNAQELBQADggEBAETRJHqkdTXDGXg+kiRcfu+03XSXqlnFjAen/E3nQfBatKyK
JP9Xn8MgctEumrVlVQ3TO1oInoC7fUFqcKCK4x6ydUiKPwtSzUzXnL9S1xWU0TE3
cGdI1d83X8ZoBKlP0IU0wu3hIFomdPSofma1jYNUXribQrL/Cu/TWOY1mzFQf41e
sxUAqjR+j7Ndw/iokGSQpCq5JmlsjDzIT05LZF7skeZQl7eN7gR32CJsI11dkGSl
mcIqPLuxzVvKDGtKfp+6ULBHZ3i2nGJJDKr5EI6kQUreTq1hM+4h1S2hkjSngCnc
NbTJmeLOrt8r2iHjbEO4XxxvTSUaIbGUX4BWmF4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAiAeCfBjv/nIhtsqlYoEo
8qrp1xldCLugAeraID0sa9MzibVKKYAjigfaux2pFq9+j3ubPkjU9zwdfjRiEDhb
NJAv50kj0MBTAAODJ1H2NKENnN9E9jZICEBh//IKg6G/fwydFYDEilVzxti7ybmJ
n75SQtdiXsRo7QrbieEhfv+fjpbaQcFBLQjhGNQIJ1Avzau1xSmY5sJMZV/0Nrh5
OQ1hDHAiRWJnu0HEMSCxjgI259NHyvxJ/OyriKpNgkvCepeLsm5duki+nXRJAJcD
IjvyTH5NAWJ5zObr5uUztP07RMBh/TsSXR2ukYsINdSsUDwuTwQVejhnYIIPjCDG
v365rzECPhhhXjHe5yzJONsawLIqw8D1v07yyTvetexy/oAyXRSUVu6NhhOHIlu9
H25eADFtG8f5U+pOjCjh4G5gkryRxY1wCH5nGG+LRhcorqTj+bBF8Y1MxoBmILMN
qtTm8/FwATo8Yy86UtdwabMvOtMwooTd6UpofvFKx3TrAgMBAAE=
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 433008263108311946517909755437939438138616
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-19 07:10:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-20 07:10:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.hess-gruppe.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 3087018902103338780495702728631826897789707684259072039396351631682418918817341468620555485942172558642369298611632075123775816265243905862523964440446895799088634277715167453740753122872594348242488940875871718746978586773547615966705318239309021873565284592526074831702613701534537524061264079097374090599464968901699911596394965962940923858063695342339547327585170571504618923053990063964715026792923564612142854129454865695080815270599499079302488825759589578273329940468409575172113780146153714958194601932038016579326859013686843384715442004289759275151815421345326687136056022442798916864174430469980638255521848025713309566420159506631039870550495836008386041606125208579157998636524266083789497197637069202973150898708334767462635452730505117550385965726247516519048204613578074266407709957288795979329406017891296718907693347014313086507322104383094238772430205022395034610200087978857130377048095037375115816301803
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dfa87c411a317baa63f3294f94cbeadbc805144f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hess-gruppe.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hess-gruppe.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018668b91eb700000403004630440220464525bcf6e8e4174fb7eafa43ce34af5a335e022623cd3c2e7731211e65681402200bc92111a2988c826001fd524cd6b636250539084195fee1444cb7d1cb4639460076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018668b91ecd0000040300473045022100b73eb0d808a2af72af65d13f1679bab0ee8b5ffd3c4b235290458c6d00c9f74402202e2b79207a91fa29fcbd6af7ca482f2dc53e72da5e091f420903be8507b4bac8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0044d1247aa47535c319783e92245c7eefb4dd7497aa59c58c07a7fc4de741f05ab4ac8a24ff579fc32072d12e9ab565550dd33b5a089e80bb7d416a70a08ae31eb275488a3f0b52cd4cd79cbf52d71594d13137706748d5df375fc66804a94fd08534c2ede1205a2674f4a87e66b58d83545eb89b42b2ff0aefd358e6359b31507f8d5eb31500aa347e8fb35dc3f8a8906490a42ab926696c8c3cc84f4e4b645eec91e65097b78dee0477d8226c235d5d9064a599c22a3cbbb1cd5bca0c6b4a7e9fba50b0476778b69c62490caaf9108ea4414ade4ead6133ee21d52da19234a78029dc35b4c999e2ceaedf2bda21e36c43b85f1c6f4d251a21b1945f8056985e