nuffield.dk
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:d6:2e:45:13:44:5e:ea:af:aa:31:88:d0:20:3c:f3:9a:dc was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nuffield.dk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d6:2e:45:13:44:5e:ea:af:aa:31:88:d0:20:3c:f3:9a:dcSerial Number (int): 334218787463433588983764167824321876826844
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 00:0a:f7:fc:d4:2e:0f:b4:ba:de:6e:09:90:21:fb:4c:39:ca:7f:1b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ee:8c:29:f9:10:10:73:e2:d5:43:46:1d:ae:f7:f4:c9:c6:fe:2d:0d
Fingerprint (sha256): 02:5a:51:af:4e:49:13:62:61:a6:74:7a:6b:35:6b:2e:56:67:f0:3b:f5:50:ca:db:56:db:98:8c:b1:f8:e1:f3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate nuffield.dk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nuffield.dk
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nuffield.dk
www.nuffield.dk
www.nuffield.dk
Other certificates including the domain name nuffield.dk
(limited to 100 certificates)
Certificate
The complete raw certificate details for nuffield.dk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCjCCBPKgAwIBAgISA9YuRRNEXuqvqjGI0CA885rcMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA5MDExOTU5MDBaFw0x NzExMzAxOTU5MDBaMBYxFDASBgNVBAMTC251ZmZpZWxkLmRrMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAuO+uiJguHhLz+vZQUzEotcH3YUAzdd1gG4PO FAT1Rt6DnVl3UY47FjpgXwsKM8tEqxXUPeEAWn4/U5YmCj0zx0ujU2GCOzzRREbX HOLB0tcxlKWO5EtvzYX6VulyqMxSmkNq+NduJ5wHfafT2waAKx7Eiy/4aoqDQwdV 9oTTM0X0QvSG2MMdImy35VdbiRj0qfzyR2Hwsp4IVyL8Sr3tvE5tfTfEu67Ci90M fPGpAQBih9bM3yjANMN6PT1+sVS/yC7DlYy2mgAgwbDamsP+gsUA+RHqXh9ais5L xjpeNtaV7FxSj+rv5IbUkuxJBrw0rvl39Hw8WdqKgNqB8n+qJMYyaUOGSpgrFMRt naB//8ig8E3PpeT1ayRbWku7q9LoW2dx0rDvRu+Zy5/Hcwg6CLMMrjruYWAK/9Zt +4aD5+3RCLlnpED5Pt/D2FVRhphHY3sd4TNmGmXR1Yua6cwqh3QTsmcJg5qJqXXn RxNNUNRpMAciykIoWxq5X8XNKgxml/3VnHjNXuQf7l7i1Tl88goAl5gsuMIBL9JV XFjIFYcfFKQoEfg5IUsv2HkPrHiFNOgIDpcJ5JebVzV0ElNSa5e2hOmyalpde6cT D++zJ3QpqEO2CK8wp9c6w18DPdxASkuBQoY4uPl1z0ng988ejn3hAOFMQ4iwoYHP HFueJDECAwEAAaOCAhwwggIYMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUAAr3/NQu D7S63m4JkCH7TDnKfxswHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAnBgNVHREEIDAeggtudWZmaWVsZC5ka4IPd3d3Lm51 ZmZpZWxkLmRrMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEB ATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasG CCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxp ZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5j ZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9s ZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAI/1 YbQ+jiY1zZ81a4MiLt2MUebSSRpR3gwuq/KJZ1kvd8AS+VkvunApP/2LOkHQARMX rIzcS/yxE/iq3Fzd3SOvCjfXVhANZt7Y6xea1VguPG4qhtKSkKqBTvGkRzeOS6KF iSPMo7AhfsXmZf25IAB0ZZI6T7ECMV5X6scTu033k8Vi6diN1jgi0q+mrg7sF3xT 7s2rNzoJyIHS/ejxTe3VYdg6i4as2FtVJdxTNYeagRYaJ4Qzw+Z/WT/RIeUNzYpK XZyO6QiipGJUpFqPtAY2e7uSevYkgV4iyhL0VVxWiHx0S+Xl50FlIRnrySrpf+7Z OxNWOGasg3TrxcMmKhs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuO+uiJguHhLz+vZQUzEo tcH3YUAzdd1gG4POFAT1Rt6DnVl3UY47FjpgXwsKM8tEqxXUPeEAWn4/U5YmCj0z x0ujU2GCOzzRREbXHOLB0tcxlKWO5EtvzYX6VulyqMxSmkNq+NduJ5wHfafT2waA Kx7Eiy/4aoqDQwdV9oTTM0X0QvSG2MMdImy35VdbiRj0qfzyR2Hwsp4IVyL8Sr3t vE5tfTfEu67Ci90MfPGpAQBih9bM3yjANMN6PT1+sVS/yC7DlYy2mgAgwbDamsP+ gsUA+RHqXh9ais5LxjpeNtaV7FxSj+rv5IbUkuxJBrw0rvl39Hw8WdqKgNqB8n+q JMYyaUOGSpgrFMRtnaB//8ig8E3PpeT1ayRbWku7q9LoW2dx0rDvRu+Zy5/Hcwg6 CLMMrjruYWAK/9Zt+4aD5+3RCLlnpED5Pt/D2FVRhphHY3sd4TNmGmXR1Yua6cwq h3QTsmcJg5qJqXXnRxNNUNRpMAciykIoWxq5X8XNKgxml/3VnHjNXuQf7l7i1Tl8 8goAl5gsuMIBL9JVXFjIFYcfFKQoEfg5IUsv2HkPrHiFNOgIDpcJ5JebVzV0ElNS a5e2hOmyalpde6cTD++zJ3QpqEO2CK8wp9c6w18DPdxASkuBQoY4uPl1z0ng988e jn3hAOFMQ4iwoYHPHFueJDECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 334218787463433588983764167824321876826844 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-01 19:59:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-30 19:59:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nuffield.dk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 754474103509443741629071794528389723383236874143574319532231645488896814446362326106230494043176329590335174123125812256826664823512925592647527766554261857730504429536678972301528885402953234567239265502527183168695761946507646282437619923701868344649756110261485615542958051494864683829647128978363785735359049630689273862168924232491415370130103853314045745370779298110020575227952123691580863672280058997232631664088395004694466516459464937649271316478656583261292778742031083940383619602868299940550623175386616870825107045602522821034784645172400682203422766681494660403422716003320034479417349904982368217054790788244528070061703386640190169840558074753334871784571477370766409938457042288849903691919790107691530524377812530483381793882095618930177573568284050852596890829006860135968591284946802092679977884979243735623885803675087559394462646600622599496045502141549695479566206840430704787879502125590202990528282591471884633255494518785498054487832503708650389854831050211318032343437779754693702470880320160684768040739412837084634061751638148332400137893686234175135666736070410718685034707492713574693570170391253553519089096653791057365037295777496383290521786726728469635328604750701175365216951222449816292061750321 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 000af7fcd42e0fb4bade6e099021fb4c39ca7f1b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nuffield.dk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nuffield.dk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008ff561b43e8e2635cd9f356b83222edd8c51e6d2491a51de0c2eabf28967592f77c012f9592fba70293ffd8b3a41d0011317ac8cdc4bfcb113f8aadc5cdddd23af0a37d756100d66ded8eb179ad5582e3c6e2a86d29290aa814ef1a447378e4ba2858923cca3b0217ec5e665fdb920007465923a4fb102315e57eac713bb4df793c562e9d88dd63822d2afa6ae0eec177c53eecdab373a09c881d2fde8f14dedd561d83a8b86acd85b5525dc5335879a81161a278433c3e67f593fd121e50dcd8a4a5d9c8ee908a2a46254a45a8fb406367bbb927af624815e22ca12f4555c56887c744be5e5e741652119ebc92ae97feed93b13563866ac8374ebc5c3262a1b