statesman.co
Issued by R3
About this certificate
This digital certificate with serial number 03:54:c6:44:54:ec:3c:89:d0:78:fb:80:d6:d4:c4:a8:91:24 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=statesman.co
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:54:c6:44:54:ec:3c:89:d0:78:fb:80:d6:d4:c4:a8:91:24Serial Number (int): 290184118558430353349926087042359523578148
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0a:6b:e0:f7:c1:61:c9:ce:d7:7c:2d:20:11:41:1d:77:47:6f:e0:26
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5d:c7:3c:bb:08:e2:a3:69:e8:f6:55:8b:10:d8:7a:72:f5:9c:cc:48
Fingerprint (sha256): 01:83:cd:04:89:99:07:44:88:2f:98:4a:c7:42:0a:78:a9:17:b2:1c:52:20:04:be:b0:43:3a:b1:33:65:90:7b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate statesman.co
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for statesman.co
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
statesman.co
www.statesman.co
www.statesman.co
Other certificates including the domain name statesman.co
(limited to 100 certificates)
Certificate
The complete raw certificate details for statesman.co in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISA1TGRFTsPInQePuA1tTEqJEkMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA2MTYxMzAxMjBaFw0yMzA5MTQxMzAxMTlaMBcxFTATBgNVBAMT DHN0YXRlc21hbi5jbzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALKt JN0Nvs7x3Jidb4Du3NtWdS0me82jjjsirQIAAUbQkXroLlkXF2DoA+tufffxXcW8 YwLWzXR1IQ6LmvBBerfDiC3KWYnVYAJpUWESF1X1VV6MPSW6LtnTMGtTLlQXzUFQ Sdyq7XskL8G7mn7EvnRG9Kiw5u5iZoGaAbDaIWGKffD9nk5OVeiU1tDLNFl8acKk QOQv+xImkX+M04+nkfcxX1FMOiz2D9rB8XZ9VV6jayXtPKrmlCt0lp9Biuwsl8kI aRauQHXNre/xBrhr25n+YmWo8isbJqza4Hik2B6guUfM5H1m8ZfM0kUlcdVJmPDg xJOO1MALnJlX70gz9jqzcHqGmRAUmGPsLXqtigC+Z6mMylGjUj1krozh0qDPCgtn vwupEuvI4sfuGZTcMLYGrso2zQDODUehSl2uvJ6W3DxW8dSLqea+lwa2vCIKLPiU pV3jibkWRXc9mW3DKDZY+sftrzd4r+jCuwtmOjPpJyEAxqdYH1yKzHTsJLFnwXJ1 y0leY2Emou60Cb1vm0VbD7PGt+962ezo4hofcXrmpOcUModDquwzRC6uK7lx4wnW UKQjtvWhjwdUIl2KGejxipcx1OCkhbc3NMM3K/Y+ggqr2jRQ7godZZaO6gDgcAaB 8rq2O0KG5SB0t5HtyVFor//56QM+fmVWdgaWJFpRAgMBAAGjggIfMIICGzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFApr4PfBYcnO13wtIBFBHXdHb+AmMB8GA1UdIwQY MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v cjMuaS5sZW5jci5vcmcvMCkGA1UdEQQiMCCCDHN0YXRlc21hbi5jb4IQd3d3LnN0 YXRlc21hbi5jbzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIE gfQEgfEA7wB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiMSC tU8AAAQDAEYwRAIgA8UN6qIiB3j7DgeW2e2Ass07ldSzh4eZ+J3BUIPjI6YCIFfS qUKbl68H3sSUzv23DJ/o9f4Ua/eS/B1wFdQjbZU0AHYArfe++nz/EMiLnT2cHj4Y arRnKV3PsQwkyoWGNOvcgooAAAGIxIK1ZAAABAMARzBFAiEAy7bn39aq25QsBWUk kd1aBeBvjQOujWU2MqlTRazmqKcCIDDqAz++i8eYLKjUF+H/E9ylDZVEz4eWR+ns HCwb1dzmMA0GCSqGSIb3DQEBCwUAA4IBAQBLLi8QjtYf4+F51FXxYYz/ojmooY9S Z+I3gfXymATcsJreqDFgf8fHHoJbi41GkFq6VDmDVcyHrPiloRv/+DokI3DjJLT9 sTFLecKKS7hDDRLCWZvGPkvCvnFRkAfNTVsTvQxuVjpFNfQ6V/KhcbgjwuYoFN+z LGvTf9GLvSCdQJWQL6LBNMqTLvcXNzs9E1A5cBYmmvVnliKn7qmezK4c3jSzlS+t 3983Bnpmju9TvFjuShy524co1WIj8u1u+3prLD31UnDBBSzgEw9w9z0xXrV4mrIl BtVXKHt5g6fvM99DexGtEWmcCGL8OX8nGMFksg/QZhVF5AVhqvyc77r/ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsq0k3Q2+zvHcmJ1vgO7c 21Z1LSZ7zaOOOyKtAgABRtCReuguWRcXYOgD62599/FdxbxjAtbNdHUhDoua8EF6 t8OILcpZidVgAmlRYRIXVfVVXow9Jbou2dMwa1MuVBfNQVBJ3KrteyQvwbuafsS+ dEb0qLDm7mJmgZoBsNohYYp98P2eTk5V6JTW0Ms0WXxpwqRA5C/7EiaRf4zTj6eR 9zFfUUw6LPYP2sHxdn1VXqNrJe08quaUK3SWn0GK7CyXyQhpFq5Adc2t7/EGuGvb mf5iZajyKxsmrNrgeKTYHqC5R8zkfWbxl8zSRSVx1UmY8ODEk47UwAucmVfvSDP2 OrNweoaZEBSYY+wteq2KAL5nqYzKUaNSPWSujOHSoM8KC2e/C6kS68jix+4ZlNww tgauyjbNAM4NR6FKXa68npbcPFbx1Iup5r6XBra8Igos+JSlXeOJuRZFdz2ZbcMo Nlj6x+2vN3iv6MK7C2Y6M+knIQDGp1gfXIrMdOwksWfBcnXLSV5jYSai7rQJvW+b RVsPs8a373rZ7OjiGh9xeuak5xQyh0Oq7DNELq4ruXHjCdZQpCO29aGPB1QiXYoZ 6PGKlzHU4KSFtzc0wzcr9j6CCqvaNFDuCh1llo7qAOBwBoHyurY7QoblIHS3ke3J UWiv//npAz5+ZVZ2BpYkWlECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 290184118558430353349926087042359523578148 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-16 13:01:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-14 13:01:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'statesman.co' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 728935885843526332945678008286691877621427542281815712521573823231840213225883234565213892697935409852342160892040284839884786895216420947853058471017046508168033603509464690520622396141730175316761431477389854848709215178311847250090753499943152317315451950148336259702248580099656923346110517158300486573617655380602858825490128176064225330012569801476346075581157834331491112912511182704869765921573220077933188223561285051562394188777071478129858539768816945213302843199797911021029518624686123761491442934958540903371691464912618625727948682346425695439661464909119445134870279187681351520752344239694786480927977722148032037085869300580869710524954338596053190260125425869574187465131960639384882716432516626688547277415582838614044013889000772336255207103479014619122952286651315343492428409205905516280024176479113824848649796618662368007344433822170899995286836400150004820993733833642250673122820255861642971624955645877804140260749782668224080299814596033717621302376047321449050473476514569232631771973758634878360429239382696056294406604585861245086087692607557592286901704485643496485641140268098708868724484546873453716202209281618440995293158598782398271613070532059229193949677977360874063180685812436685655101430353 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0a6be0f7c161c9ced77c2d2011411d77476fe026 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'statesman.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.statesman.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000188c482b54f0000040300463044022003c50deaa2220778fb0e0796d9ed80b2cd3b95d4b3878799f89dc15083e323a6022057d2a9429b97af07dec494cefdb70c9fe8f5fe146bf792fc1d7015d4236d9534007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000188c482b5640000040300473045022100cbb6e7dfd6aadb942c05652491dd5a05e06f8d03ae8d653632a95345ace6a8a7022030ea033fbe8bc7982ca8d417e1ff13dca50d9544cf879647e9ec1c2c1bd5dce6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004b2e2f108ed61fe3e179d455f1618cffa239a8a18f5267e23781f5f29804dcb09adea831607fc7c71e825b8b8d46905aba54398355cc87acf8a5a11bfff83a242370e324b4fdb1314b79c28a4bb8430d12c2599bc63e4bc2be71519007cd4d5b13bd0c6e563a4535f43a57f2a171b823c2e62814dfb32c6bd37fd18bbd209d4095902fa2c134ca932ef717373b3d1350397016269af5679622a7eea99eccae1cde34b3952faddfdf37067a668eef53bc58ee4a1cb9db8728d56223f2ed6efb7a6b2c3df55270c1052ce0130f70f73d315eb5789ab22506d557287b7983a7ef33df437b11ad11699c0862fc397f2718c164b20fd0661545e40561aafc9cefbaff