necada.com
Issued by R3
About this certificate
This digital certificate with serial number 04:25:04:d5:d7:fd:55:a5:48:fa:c6:70:97:b9:26:5d:19:94 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=necada.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:25:04:d5:d7:fd:55:a5:48:fa:c6:70:97:b9:26:5d:19:94Serial Number (int): 361046018555119013260866391894226609445268
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ed:4f:02:03:3f:4e:d5:65:e7:87:b1:72:dc:dd:06:9b:57:af:22:80
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 86:25:cf:7e:00:78:19:10:73:a0:14:93:d2:31:d1:de:e7:b2:f3:b8
Fingerprint (sha256): 01:02:00:7f:5f:80:20:c1:af:bc:66:84:1b:be:23:b9:e5:dc:cb:49:77:06:8e:51:b1:1a:d3:89:6b:e3:8c:f2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate necada.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for necada.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
necada.com
necada.upc.edu
run.sdlps.com
necada.upc.edu
run.sdlps.com
Other certificates including the domain name necada.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for necada.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISBCUE1df9VaVI+sZwl7kmXRmUMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMDExODEzNTJaFw0yNDAyMjkxODEzNTFaMBUxEzARBgNVBAMT Cm5lY2FkYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwol3d Z9j3cKugVXEoRHq7J7IoZqeDdZE9syWTm3Sw5pWGndOF2G+kld0W8YhhRB7Y6PHC 53e6yQz8nfmPCVnEUl9j0UuqU+IHBZ3Zv7ujV1sqUVW9wecAkctfDYKqJth3HL0n F3dHp6HwOiiAj3bUbECG0VtFuBkHijvlNC1VDFI3pi2FhOzorE3F5ZlPn9MA4XXe ItmspFE19DFOWUuMqmD7rSc9tYSbPTlk/MS9WbO+5vsRkzpcHFA3X/v2JNR285vn GdC7Cw2EpLscxAW7ADNJcNvR2z2SX26bTF3g4EEiHhkAoLfCCHqig5yh/ChshN3+ 1aCT9ky/kkdznZzXAgMBAAGjggIqMIICJjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FO1PAgM/TtVl54exctzdBptXryKAMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMDQG A1UdEQQtMCuCCm5lY2FkYS5jb22CDm5lY2FkYS51cGMuZWR1gg1ydW4uc2RscHMu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv AHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMJs02oQAABAMA RzBFAiBvZSQBxiRc4DA8CHCTwYYOR9MG7MvIGiYXU+1lyTMEwwIhAPuZEpXAT/0m 2Dfqa7T33iTHA7WyEcCRHpZK6DmpV56JAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp 3GhCCp/mZ0xaOnQAAAGMJs027gAABAMARjBEAiB05GuhnNQzpew/CQxCLDlD5dhW sqMCPCos6PiY5DkyXQIgIZkKHQ9IU4PTXD3Eg+iCzhEZRbLzKIoWskfX3tPSCF4w DQYJKoZIhvcNAQELBQADggEBAKfWeZDkgjkzi+ldHbeo3NDAtNxsOKGgVeJaLejr tfvMk5HggiVxg+43R4NlXzlsZs/AN4UGq+Ei1fenPFZnKhJZOlXAlJcWc6JfF63a z2ttM6r/xNZLRhv/bS7TbDdECngvy2+kjL2UxVyrVnLQgC1zFPTcTlD+gNWMfweV THXRnjlo7R9crcr7AjQhWL76ObO6p/1hTIOOUauUnefkVe+TN5z953Mi8PNRoXj+ zNPRbLTi81919J3fQ0QwORJjf5aYWivTMWJ3TSozBH4cJt5e1cVmRteF0Ma1k7pN pWEYNI0I4Pkaur+6H43ZgJjwWErG+fSG/hPwu4cFjj6Ej64= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKJd3WfY93CroFVxKER6 uyeyKGang3WRPbMlk5t0sOaVhp3ThdhvpJXdFvGIYUQe2Ojxwud3uskM/J35jwlZ xFJfY9FLqlPiBwWd2b+7o1dbKlFVvcHnAJHLXw2CqibYdxy9Jxd3R6eh8DoogI92 1GxAhtFbRbgZB4o75TQtVQxSN6YthYTs6KxNxeWZT5/TAOF13iLZrKRRNfQxTllL jKpg+60nPbWEmz05ZPzEvVmzvub7EZM6XBxQN1/79iTUdvOb5xnQuwsNhKS7HMQF uwAzSXDb0ds9kl9um0xd4OBBIh4ZAKC3wgh6ooOcofwobITd/tWgk/ZMv5JHc52c 1wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 361046018555119013260866391894226609445268 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-01 18:13:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 18:13:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'necada.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22298007657991032701961668069817005765430729185897595997488123819950796895220104299170916797553212231682775751504117491892714774684088995579240526072634595491643656776140199989599408120104587919457575299188201638778034869400058556781967430083774084523566555421207532309620212366518730601673066605945536540129497767699065058179544633607671635701201889006391080293133474002509823756347622671572602686169541271146033377975345088729426396130812343074752911989740819624609408539463047017407118622096678701308438846352552750138984169554603105288197648215484918167361388343606458917769264927622601191334463909423169792744663 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ed4f02033f4ed565e787b172dcdd069b57af2280 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'necada.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'necada.upc.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'run.sdlps.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c26cd36a1000004030047304502206f652401c6245ce0303c087093c1860e47d306eccbc81a261753ed65c93304c3022100fb991295c04ffd26d837ea6bb4f7de24c703b5b211c0911e964ae839a9579e8900750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c26cd36ee0000040300463044022074e46ba19cd433a5ec3f090c422c3943e5d856b2a3023c2a2ce8f898e439325d022021990a1d0f485383d35c3dc483e882ce111945b2f3288a16b247d7ded3d2085e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a7d67990e48239338be95d1db7a8dcd0c0b4dc6c38a1a055e25a2de8ebb5fbcc9391e082257183ee374783655f396c66cfc0378506abe122d5f7a73c56672a12593a55c094971673a25f17addacf6b6d33aaffc4d64b461bff6d2ed36c37440a782fcb6fa48cbd94c55cab5672d0802d7314f4dc4e50fe80d58c7f07954c75d19e3968ed1f5cadcafb02342158befa39b3baa7fd614c838e51ab949de7e455ef93379cfde77322f0f351a178feccd3d16cb4e2f35f75f49ddf4344303912637f96985a2bd33162774d2a33047e1c26de5ed5c56646d785d0c6b593ba4da56118348d08e0f91ababfba1f8dd98098f0584ac6f9f486fe13f0bb87058e3e848fae