DV SSL/TLS Certificate for www.kahlbutz.de

Certificate is witin its validity period

Issued by DigiCert Inc (Encryption Everywhere DV TLS CA - G2)

About the www.kahlbutz.de DV SSL/TLS Certificate

This certificate with serial number 08:3c:fa:3c:9c:66:9f:cf:fd:73:c2:38:b3:70:77:41 for www.kahlbutz.de was issued on by DigiCert Inc.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.kahlbutz.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Organizational unit: www.digicert.com
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 08:3c:fa:3c:9c:66:9f:cf:fd:73:c2:38:b3:70:77:41
Serial Number (int): 10950437182285807073149005578508465985
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: c0:10:76:b1:58:9a:e9:00:63:a7:0d:48:f3:86:90:13:a1:93:2e:45
Authority Key Identifier: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6

Fingerprint (SHA-1): 11:c8:31:bb:f3:50:39:11:ad:10:08:88:73:77:f2:f3:f5:64:58:d9
Fingerprint (SHA-256): 3c:04:be:d5:4f:ca:87:5e:e2:7e:44:2a:47:13:c2:19:6a:23:aa:e2:93:2a:34:81:8e:d9:b8:8a:9b:68:1d:ca

Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt

Revocation Information

OCSP Server: http://ocsp.digicert.com

Check the revocation status for certificate www.kahlbutz.de
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.kahlbutz.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.kahlbutz.de

X.509 Certificate

The complete raw X.509 certificate details for www.kahlbutz.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgIQCDz6PJxmn8/9c8I4s3B3QTANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzIwHhcNMjUwNjI4MDAwMDAwWhcNMjYwNjI3MjM1OTU5WjAa
MRgwFgYDVQQDEw93d3cua2FobGJ1dHouZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOITCz7PRN53dulkuzmbwSfCBkGCz0ywgfTRdVlosPQlYmrWgm
K4/C9bPrF8fnP7FMCUOtTImtArJyJOt/qmMf8hH7kVDG7bf9MagtDxB6dTOXeI9v
xswHhQnPcwy8I36mHEjpQuQ3K/DjK5kTheV+Tn3IzHnV9rLyv8tP5qNT7kCH9MTq
lyRjI3QAQGfkJbUAo9IqsYLMYDHa58Zq3kfLsk0qR6hMyrRIg/ys8s8xWvj3Db46
VhRvCtRir8TV2s6BX/IXej51znxrGL9aWJEoDkT5CBj4C/TgmEuQLRjGWW2JzPli
KuRBly3/2EHVaMgKaLKhF12xzqjEL8vlRXQxAgMBAAGjggLiMIIC3jAfBgNVHSME
GDAWgBR435GQX+7erPbFdevVTFVT7yRKtjAdBgNVHQ4EFgQUwBB2sVia6QBjpw1I
84aQE6GTLkUwGgYDVR0RBBMwEYIPd3d3LmthaGxidXR6LmRlMD4GA1UdIAQ3MDUw
MwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t
L0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
Z2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQu
Y29tL0VuY3J5cHRpb25FdmVyeXdoZXJlRFZUTFNDQS1HMi5jcnQwDAYDVR0TAQH/
BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYADleUvPOuqT4zGyyZB7P3
kN+bwj1xMiXdIaklrGHFTiEAAAGXtLspeAAABAMARzBFAiBtv7wm6OsbtO0YoPL8
8+N9/WsbbGewxUz8GSeL1H9cHgIhAItWdfVyZ8HgrVG3jNzNq+QlH5H7No/dNx65
8luNDItrAHYAZBHEbKQS7KeJHKICLgC8q08oB9QeNSer6v7VA8l9zfAAAAGXtLsp
tQAABAMARzBFAiEAzqgMfXX9IT2qI7QrlPfnDGTfiAkJYLl/4JkZ4vthi7oCID+y
qONNzwRZPG7YsARdvAIqqdBT7Vq+znNcp5Q+yQ4+AHYASZybad4dfOz8Nt7Nh2Sm
uFuvCoeAGdFVUvvp6ynd+MMAAAGXtLspyAAABAMARzBFAiAq+b+qnoR4rwiFj0SJ
Y98vlnRZ0vwi4YyCXtMZvH9PawIhAJiCVcbqimAgI02Jx2XXsqOf5yYjRKO2ndRQ
dREPcPxsMA0GCSqGSIb3DQEBCwUAA4IBAQB0YcKzQ0w7mHDaEzj27jJvVw5YuTdp
ZwhQ4dD1hCaTR94Bc+NFRw9tEusfGlnk+/BwROC1pmiQhmVo/FDIrfgD66cWz8fy
E8MRC+U7KGmBWEL9y/Ffvd8HPfoMLJLhi7+UOD372MTh7/zUXfuZqZhZMQgk7PCJ
VpRyuLoTUMpiLhBCKaQiz/GbVuGTBf5Hpf7t6nhJ3Vc0DvLW6NbiZtk24Tlaik5V
aIfM3vWkJrNojsYMM9Ve7zTkgYzmpBS/luZBnMBLm3kCUIX0TgqyKYAChSSkxOhh
UTAPsLh8GxsSohA66slyRJnBtKAQzh+N03S/68B/i822axNyLpBMvgxR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziEws+z0Ted3bpZLs5m8
EnwgZBgs9MsIH00XVZaLD0JWJq1oJiuPwvWz6xfH5z+xTAlDrUyJrQKyciTrf6pj
H/IR+5FQxu23/TGoLQ8QenUzl3iPb8bMB4UJz3MMvCN+phxI6ULkNyvw4yuZE4Xl
fk59yMx51fay8r/LT+ajU+5Ah/TE6pckYyN0AEBn5CW1AKPSKrGCzGAx2ufGat5H
y7JNKkeoTMq0SIP8rPLPMVr49w2+OlYUbwrUYq/E1drOgV/yF3o+dc58axi/WliR
KA5E+QgY+Av04JhLkC0Yxllticz5YirkQZct/9hB1WjICmiyoRddsc6oxC/L5UV0
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10950437182285807073149005578508465985
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-06-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kahlbutz.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26021457543033912075033078062409414673815055870964278497658680836372593349751527696546446474754730932057170671191101215412465678318133107415156880300227351754383376299845228637407037297827253928925900406352887539497384760760035785652106915818171245329238941544051632771003625599255690300648606231871055517413028616624431048021082107292155448206839401318125290592630578845963794318482889023357378022798325154297505319839715775783059557269514902586873084335129936875116782347656880097835385907303932745543592467093718952689146115226560491075615613593320254020952518979184986108146250164189722479868959908709549000193073
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c01076b1589ae90063a70d48f3869013a1932e45
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kahlbutz.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e2100000197b4bb2978000004030047304502206dbfbc26e8eb1bb4ed18a0f2fcf3e37dfd6b1b6c67b0c54cfc19278bd47f5c1e0221008b5675f57267c1e0ad51b78cdccdabe4251f91fb368fdd371eb9f25b8d0c8b6b0076006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000197b4bb29b50000040300473045022100cea80c7d75fd213daa23b42b94f7e70c64df88090960b97fe09919e2fb618bba02203fb2a8e34dcf04593c6ed8b0045dbc022aa9d053ed5abece735ca7943ec90e3e007600499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c300000197b4bb29c8000004030047304502202af9bfaa9e8478af08858f448963df2f967459d2fc22e18c825ed319bc7f4f6b022100988255c6ea8a6020234d89c765d7b2a39fe7262344a3b69dd45075110f70fc6c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007461c2b3434c3b9870da1338f6ee326f570e58b93769670850e1d0f584269347de0173e345470f6d12eb1f1a59e4fbf07044e0b5a66890866568fc50c8adf803eba716cfc7f213c3110be53b2869815842fdcbf15fbddf073dfa0c2c92e18bbf94383dfbd8c4e1effcd45dfb99a99859310824ecf089569472b8ba1350ca622e104229a422cff19b56e19305fe47a5feedea7849dd57340ef2d6e8d6e266d936e1395a8a4e556887ccdef5a426b3688ec60c33d55eef34e4818ce6a414bf96e6419cc04b9b79025085f44e0ab22980028524a4c4e86151300fb0b87c1b1b12a2103aeac9724499c1b4a010ce1f8dd374bfebc07f8bcdb66b13722e904cbe0c51