merch.shopify.com

Issued by R3

About this certificate

This digital certificate with serial number 03:05:c6:88:4e:c1:5e:72:95:5a:87:07:b7:90:23:94:84:c7 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=merch.shopify.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:05:c6:88:4e:c1:5e:72:95:5a:87:07:b7:90:23:94:84:c7
Serial Number (int): 263302164522771820900433501079379392103623
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 2c:c9:a8:25:9d:7b:9d:d2:8d:3f:1d:7e:97:05:d4:cf:07:41:bc:de
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): be:65:34:a6:98:f9:10:8c:5f:a7:1b:8e:96:2e:82:bc:ba:68:09:f5
Fingerprint (sha256): 02:c1:d8:2d:4c:c5:7c:a6:16:f5:8c:f4:79:d8:72:6d:8d:c4:50:eb:64:0c:ce:30:4d:45:37:eb:3a:c3:ac:bf

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate merch.shopify.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for merch.shopify.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

merch.shopify.com

Other certificates including the domain name shopify.com

(limited to 100 certificates)
f4.shared.global.fastly.net
zh.shopify.com
ingress-imagery-us-central1-2.shopifycloud.com
statuspage.io
themes.shopify.com
l.ssl.shopify.com
merchandise.shopify.com
events.shopify.com
press.shopify.com
statuspage.io
dns-vetting1-jeffg-noah.map.fastly.net
statuspage.io
shopify-app-store.shopifycloud.com
o.ssl.shopify.com
statuspage.io
brochure2-staging12.shopifycloud.com
plusinfo.shopify.com
status.3dcart.com
savage-sign-on.shopifycloud.com
accounts.shopify.com
investor.shopify.com
meetups.shopify.com
shopify.com
linkpop.com
chat.shopify.com
commerceplus.shopify.com
marketplace.shopify.com
next.shopify.com
shopify-classifieds.shopifycloud.com
ir.shopify.com
ssl.shopify.com
marketplace.shopify.com
store.shopify.com
secure03.lithium.com
dev.shopify.com
somethingorother.shopify.com
commerceplus.shopify.com
pins.shopify.com
statuspage.io
ssl.cdngc.net
sourcing-admin.shopify.com
cardreader.shopify.com
www.shopify.com
www.shopify.com
secure03.stage.lithium.com
p.ssl.shopify.com
pointofsale.shopify.com
bourgeois.shopifycloud.com
unicorn.shopify.com
upcoming12.shopify.com
sl.shopify.com
tashboard.shopify.com
growthcenter.shopify.com
secure03.stage.lithium.com
statuspage.io
*.b.ssl.fastly.net
gtm.shopify.com
secure03.lithium.com
statuspage.io
analytics.shopify.com
collabs.shopify.com
unite-registration.shopify.com
photos.shopify.com
data-portal.shopifycloud.com
merch.shopify.com
plusacademy.shopify.com
www.shopify.com
shopify-plus-meet-up.shopify.com
collabs.shopify.com
statuspage.io
privacy.shopify.com
r.ssl.fastly.net
counter.shopify.com
shopify-app-store.shopifycloud.com
statuspage.io
statuspage.io
b.ssl.shopify.com
statuspage.io
shopify-app-store-staging.shopifycloud.com
sfn.shopify.com
growthcenter.shopify.com
bcs.shopify.com
statuspage.io
smiley-staging.shopify.com
secure03.lithium.com
statuspage.io
hardware.shopify.com
upcoming-pizx.shopify.com
shopify-classifieds.shopifycloud.com
ny.shopify.com
pursuit.shopify.com
cardreader-giveaway.shopifycloud.com
auth.data.shopify.com
hardware.shopify.com
statuspage.io
ssl.shopify.com
events.shopify.com
unite.shopify.com
linkpop.shopify.com
upcoming9.shopify.com

Certificate

The complete raw certificate details for merch.shopify.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgISAwXGiE7BXnKVWocHt5AjlITHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA3MjMwMzAzMjRaFw0yMzEwMjEwMzAzMjNaMBwxGjAYBgNVBAMT
EW1lcmNoLnNob3BpZnkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt+HlADzMJzxuVa9ADjOfS1LPbP6//wKepRR59o0/edMehPhSzdfNwGj5NAWv
PxXPkAANNB3MVLsT6HdywRdfaW4FKYTdn4CNOOOeyoEo8XcFGTdfwTwzIxY/6SMK
cljPBbl4HIKm9bcLu7Xy81YTKt3FrBq0XMlxw1tpTpM4eS2QI1DG2ZnPMMZPUR/W
gVA6DgzGp1x/bKo+S8VXU+jpvqv1wPq4JcyMeo8UHVmpFRHVtwlEPM1hBkDaqmoR
Uf/ZbDtuwjoVCrb2S1uWVmPTU0pQvGkKyOQN5qjo4HEm8fk3xY/jl3zgNoFb4ce0
zLoiyAZP9aPrOsj8NvPzIsbLZQIDAQABo4ICEzCCAg8wDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBQsyaglnXud0o0/HX6XBdTPB0G83jAfBgNVHSMEGDAWgBQULrMXt1hW
y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6
Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu
b3JnLzAcBgNVHREEFTATghFtZXJjaC5zaG9waWZ5LmNvbTATBgNVHSAEDDAKMAgG
BmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AHoyjFTYty22IOo44FIe
6YQWcDIThU070ivBOlejUutSAAABiYDqlikAAAQDAEcwRQIhAL7JLRZ2VLiBWLBD
IHIUesfHhMhy7iQCG3nzgO6O5J3UAiAxqUnWQySaqF5upK3dO3XkYmcdsIlTyk20
uLrfLoRRNQB2ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABiYDq
lfcAAAQDAEcwRQIhAKiTtOBmDthzrwYvFRZQZqa13gL5lRQZ5cNH05ABR6XyAiAf
ZVihFz7/fLRMdSQJEzGkIhNhH5oWvLpKwbRc+prIoDANBgkqhkiG9w0BAQsFAAOC
AQEAK5DdfrnYOWOkFeFZZkRY77QEzcKY+NxYtcfq1otampZ824NjeZRD6LVqPNxp
68TO2anzehkArPeHRZu7NXwH1ecz/S98lANODHQHwxfiNBkPiiOF+oQu4cPsC/jI
f3JlnB+o2x9OO8UiSn+NuGOcfprFX/mAqgGqQo08ZWbxBO7DfmLq2obW1QYvdpaU
QUNbP8nFbFwE0fzS3tLFbBrBFoSrCYYgVq9EuTN4FwAO8mRUaK1xIXcAmvE+AiNI
FmUJ8iCQZ4aNHrxEuILBD57oCMdTDieDwbq4HhyVZW2/Achz3aPgai+I29/NFrN/
iA/+Kz9VgZdz4bP5Y0OrnnzagA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+HlADzMJzxuVa9ADjOf
S1LPbP6//wKepRR59o0/edMehPhSzdfNwGj5NAWvPxXPkAANNB3MVLsT6HdywRdf
aW4FKYTdn4CNOOOeyoEo8XcFGTdfwTwzIxY/6SMKcljPBbl4HIKm9bcLu7Xy81YT
Kt3FrBq0XMlxw1tpTpM4eS2QI1DG2ZnPMMZPUR/WgVA6DgzGp1x/bKo+S8VXU+jp
vqv1wPq4JcyMeo8UHVmpFRHVtwlEPM1hBkDaqmoRUf/ZbDtuwjoVCrb2S1uWVmPT
U0pQvGkKyOQN5qjo4HEm8fk3xY/jl3zgNoFb4ce0zLoiyAZP9aPrOsj8NvPzIsbL
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 263302164522771820900433501079379392103623
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-23 03:03:24 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-21 03:03:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'merch.shopify.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23213002555599533428501757757948008743838762553732701052318742884624469127443551263602497170731608663045271714733038506934188618398395494079671035846838260423433159973016831316886229721287013452047469782652245376686205554934487622409591493991052022070159040157956994232488688527396279264215102714229251917935298458555494098376465232370233054686125074904407801810135058166236479966041187784136753190367619746632172410554552660507514349159050225847592974728606078538399293675705010864257806405413677233211465774862897420005427918092448214570695650491415637668541083239354361584560043001867624837371147164610715061767013
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2cc9a8259d7b9dd28d3f1d7e9705d4cf0741bcde
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'merch.shopify.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018980ea96290000040300473045022100bec92d167654b88158b0432072147ac7c784c872ee24021b79f380ee8ee49dd4022031a949d643249aa85e6ea4addd3b75e462671db08953ca4db4b8badf2e845135007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018980ea95f70000040300473045022100a893b4e0660ed873af062f15165066a6b5de02f9951419e5c347d3900147a5f202201f6558a1173eff7cb44c7524091331a42213611f9a16bcba4ac1b45cfa9ac8a0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002b90dd7eb9d83963a415e159664458efb404cdc298f8dc58b5c7ead68b5a9a967cdb8363799443e8b56a3cdc69ebc4ced9a9f37a1900acf787459bbb357c07d5e733fd2f7c94034e0c7407c317e234190f8a2385fa842ee1c3ec0bf8c87f72659c1fa8db1f4e3bc5224a7f8db8639c7e9ac55ff980aa01aa428d3c6566f104eec37e62eada86d6d5062f76969441435b3fc9c56c5c04d1fcd2ded2c56c1ac11684ab09862056af44b9337817000ef2645468ad712177009af13e022348166509f2209067868d1ebc44b882c10f9ee808c7530e2783c1bab81e1c95656dbf01c873dda3e06a2f88dbdfcd16b37f880ffe2b3f55819773e1b3f96343ab9e7cda80