DV SSL/TLS Certificate for www.rae-dietz.de

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the www.rae-dietz.de DV SSL/TLS Certificate

This certificate with serial number 05:83:1d:2c:89:60:11:09:6b:f4:e3:5c:a0:b1:8b:1f:f6:08 for www.rae-dietz.de was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.rae-dietz.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:83:1d:2c:89:60:11:09:6b:f4:e3:5c:a0:b1:8b:1f:f6:08
Serial Number (int): 480177198584685001976509603087662140356104
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 0f:ee:e0:82:3c:00:e0:07:c8:3f:31:1a:2d:9c:f7:5e:a2:ea:d2:24
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 24:f1:36:c2:e7:2d:29:54:09:37:96:64:8a:a1:6a:40:93:a2:d2:fe
Fingerprint (SHA-256): 8d:6d:35:9e:1c:f0:ef:ed:c0:24:15:a9:65:fb:a6:64:94:29:32:09:31:71:1e:7e:bc:2e:99:ad:ca:3a:41:09

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/9.crl

Check the revocation status for certificate www.rae-dietz.de
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.rae-dietz.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.rae-dietz.de

X.509 Certificate

The complete raw X.509 certificate details for www.rae-dietz.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgISBYMdLIlgEQlr9ONcoLGLH/YIMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTE0MjE0MTQyWhcNMjUwODEyMjE0MTQxWjAbMRkwFwYDVQQD
ExB3d3cucmFlLWRpZXR6LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8B2MyYLo+wCrH31M/5XpGXMc/HXQAdzvy5iWTi2JQPRgYd2cF2OJ6bSKkJ6W
rQs65k9NjRBtNq9Ng8QEriuwv03AD2xnegJgjz/0gHm3ASwYQs33pNc+m6zjLw5O
8vwG/pIEjetKbJ+iaKBjboSVtPgoBYLChI4nkaEJk/sKcdj4ER2por2GdB20VjYh
5NYTY4YhTUQgzQyuNntisEg8tytfnwhIxNXjEvHoYYMNOCloGXWkRuF/Hh5UdEDF
ASjX8+NaBI7DdPg0I9lj+shmpg5sCsLdUS1b/MvSrKYaW3L46lwTMferMbBzCTAJ
w7GCyuKUO/k+WRsR82Z6c6bhWwIDAQABo4ICHzCCAhswDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBQP7uCCPADgB8g/MRotnPdeourSJDAfBgNVHSMEGDAWgBS7vMNHpeS8
qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6
Ly9yMTAuaS5sZW5jci5vcmcvMBsGA1UdEQQUMBKCEHd3dy5yYWUtZGlldHouZGUw
EwYDVR0gBAwwCjAIBgZngQwBAgEwLQYDVR0fBCYwJDAioCCgHoYcaHR0cDovL3Ix
MC5jLmxlbmNyLm9yZy85LmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1ABLx
TjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABltD0lloAAAQDAEYwRAIg
Xeqc6blr0QY61dw22hfHLbb38pxeC8KMvDvTIH4JpDECIExJRk9EEQJgFlPY5ZS7
IBylHyvYTsurTY+8o8BY9Nj8AHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5U
wP5MDbAAAAGW0PSejwAABAMASDBGAiEAlS6RCbuXnLc5gKEhX5hZ5DZ9dTUQ0l03
Ky7fwjxJA9UCIQCkX4RnbUdz2HJDw4yGYPLw5cQHn2jfj8qdDxk63IefwDANBgkq
hkiG9w0BAQsFAAOCAQEAZlCSgZ2mVaIdv3SkcJu8ZDTDQJ71vdHelt9yuLKACG3a
VRLiJrbWLOJzVP/kN65ZTg4mM6H3Hq2xGNOPOxMD+VAsDKwOFh2dZ9Iy+ztPB+BV
/1rouv/yvWc1FtsxfWH+Igeugedc5F9JPpev+uws2umNNiq5sIakK2e8rbANlPYO
YLlzL1+QUdNptLcfYC4eQLPSO2UykRk5+xzXQt1DOdyS5McXirEARi4lPReIKRWW
cjJ6OajCzSwC+V3TX2cwY61rFPsUjqXBnIwAIW51nQalHiVP4a6eEuptIeiDnBfu
5SCf3QutakuYekO6pFw6hRexjUk6bw2v9EyMLnlPXQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8B2MyYLo+wCrH31M/5Xp
GXMc/HXQAdzvy5iWTi2JQPRgYd2cF2OJ6bSKkJ6WrQs65k9NjRBtNq9Ng8QEriuw
v03AD2xnegJgjz/0gHm3ASwYQs33pNc+m6zjLw5O8vwG/pIEjetKbJ+iaKBjboSV
tPgoBYLChI4nkaEJk/sKcdj4ER2por2GdB20VjYh5NYTY4YhTUQgzQyuNntisEg8
tytfnwhIxNXjEvHoYYMNOCloGXWkRuF/Hh5UdEDFASjX8+NaBI7DdPg0I9lj+shm
pg5sCsLdUS1b/MvSrKYaW3L46lwTMferMbBzCTAJw7GCyuKUO/k+WRsR82Z6c6bh
WwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 480177198584685001976509603087662140356104
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-14 21:41:42 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-12 21:41:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rae-dietz.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30311764815201879913808680783368453129325987154764675518972116924577002837028948674483743529998103062409743952482355117690839682133047000861540869004440808974381169021530023491865011825241739443280909267746166071843299481223849971714558198474260245657000320095637925328229234361706545955907708830866138895312045752140571919873730389467448434076584851358965941158817698663485689592469059754319687110772001297305783152740542730653728282482140855144511986078010191073982327040452216472680938848356431167474142688861976543308240689681401515592111137025636247366676352924597118525673214370814588159094062539516787070263643
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0feee0823c00e007c83f311a2d9cf75ea2ead224
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rae-dietz.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/9.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196d0f4965a000004030046304402205dea9ce9b96bd1063ad5dc36da17c72db6f7f29c5e0bc28cbc3bd3207e09a43102204c49464f441102601653d8e594bb201ca51f2bd84ecbab4d8fbca3c058f4d8fc007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000196d0f49e8f0000040300483046022100952e9109bb979cb73980a1215f9859e4367d753510d25d372b2edfc23c4903d5022100a45f84676d4773d87243c38c8660f2f0e5c4079f68df8fca9d0f193adc879fc0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00665092819da655a21dbf74a4709bbc6434c3409ef5bdd1de96df72b8b280086dda5512e226b6d62ce27354ffe437ae594e0e2633a1f71eadb118d38f3b1303f9502c0cac0e161d9d67d232fb3b4f07e055ff5ae8bafff2bd673516db317d61fe2207ae81e75ce45f493e97affaec2cdae98d362ab9b086a42b67bcadb00d94f60e60b9732f5f9051d369b4b71f602e1e40b3d23b6532911939fb1cd742dd4339dc92e4c7178ab100462e253d178829159672327a39a8c2cd2c02f95dd35f673063ad6b14fb148ea5c19c8c00216e759d06a51e254fe1ae9e12ea6d21e8839c17eee5209fdd0bad6a4b987a43baa45c3a8517b18d493a6f0daff44c8c2e794f5d