DV SSL/TLS Certificate for www.heilklaenge.ch

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the www.heilklaenge.ch DV SSL/TLS Certificate

This certificate with serial number 05:1b:da:90:c2:d4:42:b2:1d:79:33:61:70:37:39:d3:0e:bf for www.heilklaenge.ch was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.heilklaenge.ch provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:1b:da:90:c2:d4:42:b2:1d:79:33:61:70:37:39:d3:0e:bf
Serial Number (int): 445039576911099787322178738637950313238207
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 97:b4:d5:60:14:3c:cb:8b:0b:44:c6:0c:8e:62:ce:a4:4f:19:f4:4c
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): bc:5d:11:ce:20:e3:e6:59:e6:bf:5b:39:93:01:73:3f:8b:44:fa:7f
Fingerprint (SHA-256): 15:ed:75:30:af:db:57:88:d6:f1:6c:f4:73:96:05:67:d9:15:64:7f:8e:e9:be:48:3f:cc:f0:fc:41:a5:bb:29

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/64.crl

Check the revocation status for certificate www.heilklaenge.ch
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.heilklaenge.ch

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.heilklaenge.ch

X.509 Certificate

The complete raw X.509 certificate details for www.heilklaenge.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISBRvakMLUQrIdeTNhcDc50w6/MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwODAyMDA0MzM2WhcNMjUxMDMxMDA0MzM1WjAdMRswGQYDVQQD
ExJ3d3cuaGVpbGtsYWVuZ2UuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhehXQScnkvhpYjm4IFiUsp43V1gSPuHMmAx9lE1InWdBPitftYQRj+LF4
V2gUIcQSh6fhEGvgWgJo1TY4kzgvZRsHdZ/5eDZHy6xnsM2j5r//L4v8Lz7xmPeb
kzuFpDTM/ecJrKLLoi3SM+4cwKzQw8pigPI2CQAiQDMJ3NPkgnNVyQTD1LWis8QS
FAFUINHU1XxfL4UJVijTk34jHOfOlktkCWNV3fqlGbqT2dlcrPi42bJMa/q/J7NU
sfiTiTwNa4Dt272L7mD92nRcv3Q9Vnf0KD1IjbY5ORH1tYEsG4czlmGE+4es+wU9
YgCfXgkZ7QoKghs6dVAnNiLWFe5dAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFJe01WAUPMuLC0TGDI5izqRPGfRMMB8GA1UdIwQYMBaAFLu8w0el
5LypxsOkcgwQjaI14cjoMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0
cDovL3IxMC5pLmxlbmNyLm9yZy8wHQYDVR0RBBYwFIISd3d3LmhlaWxrbGFlbmdl
LmNoMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6
Ly9yMTAuYy5sZW5jci5vcmcvNjQuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv
AHUA7TxL1ugGwqSiAFfbyyTiOAHfUS/txIbFcA8g3bc+P+AAAAGYaHGELQAABAMA
RjBEAiBUkzWj/Oy2j3ANDeJP1zbfvdLaR5AtbafgH3Q19SDT/gIgZHLWqeDKYhYI
wh2WaDclev7RtXvb2iGsdql119PwrG0AdgDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2X
jbapflTA/kwNsAAAAZhocYwUAAAEAwBHMEUCIBHDU8TQnR/3k06j5fn91BAMaFFY
GVEBhZpmHpi+4hgeAiEAhKA28w2COCVhowGH1Jz4Vv1Ho9BBDM9MfEzt4PgLxbww
DQYJKoZIhvcNAQELBQADggEBAL+ob5bYH2yVpg5z38xleQas8REI3ztu8khQqQoI
BwR2D2YlVtKAniW5ZHzoqgRv73CI9RQRjamjbRWcb+P+4kbuOztJc8tDQN7oX7C4
IDgClU2y7H5utPRFaf2rI1qoI8PQFDRfuYCouk8xF8HwJmZiVT6zA1HR1w6uxPvR
wkSvnZcA22ECvLvQ19H0ai9cF1oFKsN6o1FvfgHu9eNykvtdEDwZabkIhzFwJyRX
RXueRChPfkhrcqqbxX4Xt9dWPm8caLi3qiIbJQNjnznzSnCl4Z7rK/BqSGKe7yto
iZZwLrJ3oMAkPdv3i7BJpXimEwjbzND73/iveDa0mct2kkg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XoV0EnJ5L4aWI5uCBYl
LKeN1dYEj7hzJgMfZRNSJ1nQT4rX7WEEY/ixeFdoFCHEEoen4RBr4FoCaNU2OJM4
L2UbB3Wf+Xg2R8usZ7DNo+a//y+L/C8+8Zj3m5M7haQ0zP3nCayiy6It0jPuHMCs
0MPKYoDyNgkAIkAzCdzT5IJzVckEw9S1orPEEhQBVCDR1NV8Xy+FCVYo05N+Ixzn
zpZLZAljVd36pRm6k9nZXKz4uNmyTGv6vyezVLH4k4k8DWuA7du9i+5g/dp0XL90
PVZ39Cg9SI22OTkR9bWBLBuHM5ZhhPuHrPsFPWIAn14JGe0KCoIbOnVQJzYi1hXu
XQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 445039576911099787322178738637950313238207
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-02 00:43:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-31 00:43:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.heilklaenge.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28463821077932372264900456699871027606381363072582965906022728266816963834522793173754196288424556004623890858075767538185068599712126164513270171774831465906323635421251018780556089537128333019736109042345621614271319959251335065058177300745833808344732025741554632446640303212639050687104851733088501300785135798943019175644873209446758685112207366276461308520257090015910581583700556243317170575197666871483242677987962130039823221386791644954108944515187188624119692370986378593041098199131181879393506771278958967618055900223192679316447108696188911971302048010214258026835822246055429394998433033092312849575517
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							97b4d560143ccb8b0b44c60c8e62cea44f19f44c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.heilklaenge.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/64.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe0000001986871842d00000403004630440220549335a3fcecb68f700d0de24fd736dfbdd2da47902d6da7e01f7435f520d3fe02206472d6a9e0ca621608c21d966837257afed1b57bdbda21ac76a975d7d3f0ac6d007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000019868718c140000040300473045022011c353c4d09d1ff7934ea3e5f9fdd4100c685158195101859a661e98bee2181e02210084a036f30d82382561a30187d49cf856fd47a3d0410ccf4c7c4cede0f80bc5bc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00bfa86f96d81f6c95a60e73dfcc657906acf11108df3b6ef24850a90a080704760f662556d2809e25b9647ce8aa046fef7088f514118da9a36d159c6fe3fee246ee3b3b4973cb4340dee85fb0b8203802954db2ec7e6eb4f44569fdab235aa823c3d014345fb980a8ba4f3117c1f0266662553eb30351d1d70eaec4fbd1c244af9d9700db6102bcbbd0d7d1f46a2f5c175a052ac37aa3516f7e01eef5e37292fb5d103c1969b908873170272457457b9e44284f7e486b72aa9bc57e17b7d7563e6f1c68b8b7aa221b2503639f39f34a70a5e19eeb2bf06a48629eef2b688996702eb277a0c0243ddbf78bb049a578a61308dbccd0fbdff8af7836b499cb769248