DV SSL/TLS Certificate for www.loja.gransante.com.br

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the www.loja.gransante.com.br DV SSL/TLS Certificate

This certificate with serial number 06:5d:b7:18:dd:b2:ce:71:42:5b:07:18:e9:9b:fb:e1:80:fb for www.loja.gransante.com.br was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.loja.gransante.com.br provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:5d:b7:18:dd:b2:ce:71:42:5b:07:18:e9:9b:fb:e1:80:fb
Serial Number (int): 554563353549141027590996099247059039781115
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: df:b7:3c:f1:a8:c1:6e:ce:c7:4b:be:90:8e:04:49:24:32:f5:b4:21
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): d7:bb:ae:00:42:06:20:61:ca:a8:59:73:02:b3:e9:45:5f:de:02:f6
Fingerprint (SHA-256): cc:65:10:31:3e:8c:4c:1e:cf:03:d8:16:8f:99:9c:4f:64:c5:f1:b2:77:a3:e2:09:32:e7:21:81:2a:83:74:26

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/124.crl

Check the revocation status for certificate www.loja.gransante.com.br
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.loja.gransante.com.br

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for www.loja.gransante.com.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISBl23GN2yznFCWwcY6Zv74YD7MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjA5MTMxNDU0WhcNMjUwOTA3MTMxNDUzWjAkMSIwIAYDVQQD
Exl3d3cubG9qYS5ncmFuc2FudGUuY29tLmJyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA222MJ2EFRgjlGiMmeAzUf2pZI4K4EdM3Olytq1HhHJAyOMiF
VyvjUMAFtqXyUAsJ03McLwZZ4lNl7nNgbFUM339cUooP6usDoagrGEHo6ngvNJQx
zXW48KynENkm2gf7lckXLE1s/peZyWBltYvjFTwkBJ7e7765Frm4I/kJb3ve+ke1
j7yeUZId+bEZE5rU2gBTXcHiTLmVye8Nyku8IMdzft7HVmAazvEKf2m9gRhh2/Gm
t6OSIZm+swLA81rNVk9NrDzNvEPJgoK7ZaGqpO7R6Z0n52fAf2wY06mxKoRl+0sa
3GSdyvqr375O+JDpfN9udneu/sLAbwCsY10NMQIDAQABo4ICUjCCAk4wDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBTftzzxqMFuzsdLvpCOBEkkMvW0ITAfBgNVHSMEGDAW
gBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUH
MAKGF2h0dHA6Ly9yMTAuaS5sZW5jci5vcmcvMEoGA1UdEQRDMEGCEiouZ3JhbnNh
bnRlLmNvbS5icoIQZ3JhbnNhbnRlLmNvbS5icoIZd3d3LmxvamEuZ3JhbnNhbnRl
LmNvbS5icjATBgNVHSAEDDAKMAgGBmeBDAECATAvBgNVHR8EKDAmMCSgIqAghh5o
dHRwOi8vcjEwLmMubGVuY3Iub3JnLzEyNC5jcmwwggEGBgorBgEEAdZ5AgQCBIH3
BIH0APIAdwDtPEvW6AbCpKIAV9vLJOI4Ad9RL+3EhsVwDyDdtz4/4AAAAZdVCfFx
AAAEAwBIMEYCIQDYAIR8feu0mWgT+mu5/HU89QO5yUzQKF9yPWXU5K+KAAIhAJx/
6EZ10A1BM7opKwX0CI9fmeWuAeG+I9dOD8NdH6ovAHcAzPsPaoVxCWX+lZtTzumy
fCLphVwNl422qX5UwP5MDbAAAAGXVQnxfgAABAMASDBGAiEAsF2ViqtblFI+0Tbc
BnO9PN3iQrObxThysv40yfOOPtcCIQD4gaMY33UjjL2MIYcVX6svQ5QWv3o6S32c
/OLY1L/fXTANBgkqhkiG9w0BAQsFAAOCAQEAA/qPk03M1p84ZVnvug5TeQSdiNsr
Nb2DP7xlQGE7ZigY5ts4FkziSGuoHgJBW8jh0MOKrH4sgHwzxkqKs4sWU5zoK9Vw
4lhLXLgvF224BbX4tAkY42bji8WKu9OJnXaP4Vrs+0xogtdt9WxiEzNSrcmnO5lt
FKbdnA2UKlkpOd0yc4iP1bR/jVx645npPIrEDgY+WvATI5NulapzRHDj4au+jL1U
53JTaw1FK/wyAyUCZZDvcFvGNyx6DMkL/hrw7CQ6zuEHApI7keuSsF2Y5RaFEj9F
G7vc6kA4xdRnPPy8DT6iZdFi4VPOjIemOixP+l/YSB2A8FuEL/hrxag8VQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA222MJ2EFRgjlGiMmeAzU
f2pZI4K4EdM3Olytq1HhHJAyOMiFVyvjUMAFtqXyUAsJ03McLwZZ4lNl7nNgbFUM
339cUooP6usDoagrGEHo6ngvNJQxzXW48KynENkm2gf7lckXLE1s/peZyWBltYvj
FTwkBJ7e7765Frm4I/kJb3ve+ke1j7yeUZId+bEZE5rU2gBTXcHiTLmVye8Nyku8
IMdzft7HVmAazvEKf2m9gRhh2/Gmt6OSIZm+swLA81rNVk9NrDzNvEPJgoK7ZaGq
pO7R6Z0n52fAf2wY06mxKoRl+0sa3GSdyvqr375O+JDpfN9udneu/sLAbwCsY10N
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 554563353549141027590996099247059039781115
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-09 13:14:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-07 13:14:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.loja.gransante.com.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27700208661269387048468933957061337711124780873911818050014852038197157205616383813735906440211618425745732753850738866902743652963704902179117164501996501498058799698074818191592782077987327802962937566502226772805381459779615469274874698347903106964536757886275444117238278756129490923902988608690976669027805514561600618477073669983949385289029449669923707087827002810683590530090159578771721470078512358588523111332919058541901951197875212736217149831859399467441742579904354291510048735910508236670438753354494071367488329066205803037494528015744555204002487567851916601353626234784644727761297636719317676264753
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dfb73cf1a8c16ecec74bbe908e04492432f5b421
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gransante.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gransante.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.loja.gransante.com.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/124.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe0000001975509f1710000040300483046022100d800847c7debb4996813fa6bb9fc753cf503b9c94cd0285f723d65d4e4af8a000221009c7fe84675d00d4133ba292b05f4088f5f99e5ae01e1be23d74e0fc35d1faa2f007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001975509f17e0000040300483046022100b05d958aab5b94523ed136dc0673bd3cdde242b39bc53872b2fe34c9f38e3ed7022100f881a318df75238cbd8c2187155fab2f439416bf7a3a4b7d9cfce2d8d4bfdf5d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0003fa8f934dccd69f386559efba0e5379049d88db2b35bd833fbc6540613b662818e6db38164ce2486ba81e02415bc8e1d0c38aac7e2c807c33c64a8ab38b16539ce82bd570e2584b5cb82f176db805b5f8b40918e366e38bc58abbd3899d768fe15aecfb4c6882d76df56c62133352adc9a73b996d14a6dd9c0d942a592939dd3273888fd5b47f8d5c7ae399e93c8ac40e063e5af01323936e95aa734470e3e1abbe8cbd54e772536b0d452bfc320325026590ef705bc6372c7a0cc90bfe1af0ec243acee10702923b91eb92b05d98e51685123f451bbbdcea4038c5d4673cfcbc0d3ea265d162e153ce8c87a63a2c4ffa5fd8481d80f05b842ff86bc5a83c55