DV SSL/TLS Certificate for kairos-palaestina.ch

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the kairos-palaestina.ch DV SSL/TLS Certificate

This certificate with serial number 05:19:e2:7f:5b:b8:01:c4:87:e8:64:7b:14:9e:db:ca:3d:0e for kairos-palaestina.ch was issued on by Let's Encrypt.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for kairos-palaestina.ch provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:19:e2:7f:5b:b8:01:c4:87:e8:64:7b:14:9e:db:ca:3d:0e
Serial Number (int): 444369555640850922641292419191914778737934
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: a4:c7:e1:28:02:6d:39:cf:f4:38:e3:2b:71:4a:81:c2:59:5f:39:6f
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): ec:3b:c0:a6:6b:a9:e7:f7:07:4a:30:d2:f7:84:c7:85:c7:6f:a7:7e
Fingerprint (SHA-256): b7:c1:b4:a8:50:db:4f:04:d4:94:a8:ce:f9:e1:f4:09:6a:16:42:b0:78:84:5c:1e:02:0d:12:98:21:e5:7c:c9

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/15.crl

Check the revocation status for certificate kairos-palaestina.ch
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for kairos-palaestina.ch

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for kairos-palaestina.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISBRnif1u4AcSH6GR7FJ7byj0OMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTI2MjMwMDAxWhcNMjUwODI0MjMwMDAwWjAfMR0wGwYDVQQD
ExRrYWlyb3MtcGFsYWVzdGluYS5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAIMdk4VLDxkQhfAtSkmBckqUS8Ho0r7IjbiucaWKlSMf3eIgC0xgIkkT
QxUhw9RlEbpO8GdQI3SPgUGlyAmNXThT9/XVdhccSHBuNW5WNSyE9EjQpIRy6NE1
QF7bpF+77e0BWe+3bNOoBcp9xvOXtm3aNeopwkmxZLDiu2G1GyEEP0IcTbMp0W2d
DMK+7R5VVx73cb4zJ+WbST8hoqrfk6NQn+QXierzG8NVaLl04yh2+7MjNb10eloy
Sio7YiLfUxMiXEp/+7xLnEZAVNKqYivnyJU6KHq4pVw2DLAtgpk0N8ZZt/ilyxK/
uLJPakn/RcSRgvIPNPBWx+575S0tFc8CAwEAAaOCAmwwggJoMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADAdBgNVHQ4EFgQUpMfhKAJtOc/0OOMrcUqBwllfOW8wHwYDVR0jBBgwFoAUxc9G
pOr0w8B6bJXELbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdo
dHRwOi8vcjExLmkubGVuY3Iub3JnLzBnBgNVHREEYDBeghRrYWlyb3MtcGFsYWVz
dGluYS5jaIITa2Fpcm9zLXBhbGVzdGluZS5jaIIYd3d3LmthaXJvcy1wYWxhZXN0
aW5hLmNoghd3d3cua2Fpcm9zLXBhbGVzdGluZS5jaDATBgNVHSAEDDAKMAgGBmeB
DAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjExLmMubGVuY3Iub3JnLzE1
LmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AMz7D2qFcQll/pWbU87psnwi
6YVcDZeNtql+VMD+TA2wAAABlw8ImtAAAAQDAEcwRQIhANvBtZvQUoZol2DrqndD
Gj2lc0ffx2JDHletUOaJ/+DvAiAHiwO+hv3GihA6hlMPfGRE/snMMSh6yI7PzhU6
kT0dOwB2ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABlw8ImsUA
AAQDAEcwRQIhAIvd4zi6L4phmWlNefTBBQpMAg4WAt0bSeM5KHnRlSysAiA4R6qn
Ghtgysfs21lFoW06DR3FZV39OlcTNu3TRETNnDANBgkqhkiG9w0BAQsFAAOCAQEA
UWJ4wEoy7A2LYQ80p6TMnj4SbOAioyW0iOjk1fiiavQGQgApsFUa8Czz09uxMpaJ
6uwZYglEsQZXg1c8I8jOwbsn7WOP0utzgaGwZi/ILA7E+6Ci+8tNQxTIxE3IbJiZ
dh7DXtxzGcwGcFUiABr4u7KZuHlDq6b815Q19qGu6f/KKROKpd61leZUw/4DC7zs
z/2Bu6miGfuhVKbow3t+jTTvyx8affWGbvXll1Ru98d6q9aUOHaU5hA0fc55U7K3
w8n2jny0Uwb61jdZJ40og8JFwZgJhsozvlEZqGsE5XWD/EmEJG0PaBN8lq93sSsF
i/uRrX4lCKFt220nKNAcyA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx2ThUsPGRCF8C1KSYFy
SpRLwejSvsiNuK5xpYqVIx/d4iALTGAiSRNDFSHD1GURuk7wZ1AjdI+BQaXICY1d
OFP39dV2FxxIcG41blY1LIT0SNCkhHLo0TVAXtukX7vt7QFZ77ds06gFyn3G85e2
bdo16inCSbFksOK7YbUbIQQ/QhxNsynRbZ0Mwr7tHlVXHvdxvjMn5ZtJPyGiqt+T
o1Cf5BeJ6vMbw1VouXTjKHb7syM1vXR6WjJKKjtiIt9TEyJcSn/7vEucRkBU0qpi
K+fIlTooerilXDYMsC2CmTQ3xlm3+KXLEr+4sk9qSf9FxJGC8g808FbH7nvlLS0V
zwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 444369555640850922641292419191914778737934
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-26 23:00:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-24 23:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kairos-palaestina.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16551802544307101823967766922271271342713622491085795160648665150052066402517793209705299644764377145600699579409561187841436792690858309828694260486414980571560253521213468934401588027122311276657312693549079150148100133637520550025490297062547977565625152274424120658559337311657745935096941523478601899366526832600460970559913470150037106903269207892452508407375455215886653657195846019803040153213214407299952610261605635098058815336636664415053678326385853887548926806960592600138850081877904083163769043391810554016154933897328145391785536991497755810665654170042977591924656473002274511055024466643418432214479
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a4c7e128026d39cff438e32b714a81c2595f396f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kairos-palaestina.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kairos-palestine.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kairos-palaestina.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kairos-palestine.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/15.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001970f089ad00000040300473045022100dbc1b59bd05286689760ebaa77431a3da57347dfc762431e57ad50e689ffe0ef0220078b03be86fdc68a103a86530f7c6444fec9cc31287ac88ecfce153a913d1d3b00760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a000001970f089ac500000403004730450221008bdde338ba2f8a6199694d79f4c1050a4c020e1602dd1b49e3392879d1952cac02203847aaa71a1b60cac7ecdb5945a16d3a0d1dc5655dfd3a571336edd34444cd9c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00516278c04a32ec0d8b610f34a7a4cc9e3e126ce022a325b488e8e4d5f8a26af406420029b0551af02cf3d3dbb1329689eaec19620944b1065783573c23c8cec1bb27ed638fd2eb7381a1b0662fc82c0ec4fba0a2fbcb4d4314c8c44dc86c9899761ec35edc7319cc06705522001af8bbb299b87943aba6fcd79435f6a1aee9ffca29138aa5deb595e654c3fe030bbceccffd81bba9a219fba154a6e8c37b7e8d34efcb1f1a7df5866ef5e597546ef7c77aabd694387694e610347dce7953b2b7c3c9f68e7cb45306fad63759278d2883c245c1980986ca33be5119a86b04e57583fc4984246d0f68137c96af77b12b058bfb91ad7e2508a16ddb6d2728d01cc8