secure.services.ikea.com

Issued by R3

About this certificate

This digital certificate with serial number 03:7c:b3:0b:dc:9d:0d:ce:b2:f7:8f:8e:22:d6:a8:30:e4:38 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=secure.services.ikea.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:7c:b3:0b:dc:9d:0d:ce:b2:f7:8f:8e:22:d6:a8:30:e4:38
Serial Number (int): 303769864694561260740785281479174706488376
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 82:70:ff:32:de:6c:65:89:7f:a5:2a:fa:a0:7a:b5:59:c9:02:b0:48
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): fc:34:c6:bb:a4:d9:be:4e:19:b4:c5:3f:ed:a4:eb:a7:78:f9:67:60
Fingerprint (sha256): 04:31:a7:f1:ea:45:e7:00:4a:36:e4:07:0b:50:18:45:f3:17:04:e4:6d:18:60:8f:e3:b7:df:45:56:61:72:2a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate secure.services.ikea.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.services.ikea.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.services.ikea.com

Other certificates including the domain name ikea.com

(limited to 100 certificates)
ikea.com
optiva.food.inter.ikea.com
support.home-design.ikea.com
ja-int-jobs.about.ikea.com
ikea.com
sso.qa.journeys.ikea.com
*.credential-provider.dh3-2.nebula.ikea.com
sv-int-jobs.about.ikea.com
ikea.com
fr-jobs.about.ikea.com
prod.6.slot.cdn.salesforce-communities.com
secure06.stage.lithium.com
ikea.com
franchisor.ikea.com
en-int-jobs.about.ikea.com
gfutils.com
ikea.com
*.glinux.dh3-1.nebula.ikea.com
ikea.com
everyday.ikea.com
es-int-jobs.about.ikea.com
*.om-performancetest-lab1.dh2-2.nebula.ikea.com
franchisor.ikea.com
ikea.com
ikea.com
sso.journeys.ikea.com
hub01.api.ikea.com
no-jobs.about.ikea.com
ikea.com
remote.ap-northeast-2.api.homesmart.ikea.com
ikea.com
*.s3.eun.nebula.ikea.com
hubble.lab.nebula.ikea.com
lt-int-jobs.about.ikea.com
sl-jobs.about.ikea.com
review.symfonisk.ikea.com
publications-ca-fr.ikea.com
sts.ikea.com
ikea.com
eu-west-3.iot.homesmart.ikea.com
sr-jobs.about.ikea.com
isfabdp.ikea.com
*.servicemesh.dh3-1.nebula.ikea.com
filewave.ikea.com
ms-jobs.about.ikea.com
de-ch-jobs.about.ikea.com
ikea.com
www.highlights.ikea.com
filewave.ikea.com
checkout.ua.staging.ikea.com
prod.6.slot.cdn.salesforce-communities.com
ikea.com
dev.t.qr.ikea.com
ikea.com
formularios.ikea.com
sustainableliving.ikea.com
ikea.com
ikea.com
en-global-jobs.about.ikea.com
goto.ikea.com
en-jobs.about.ikea.com
ae.accounts.ikea.com
da-jobs.about.ikea.com
*.credential-provider.dc8-1.nebula.ikea.com
*.ikea.com
*.demo-table1.dc7-1.nebula.ikea.com
secure.services.ikea.com
no-int-jobs.about.ikea.com
api.analytics.homesmart.ikea.com
qr.ikea.com
sr-int-jobs.about.ikea.com
eu-central-1.iot.homesmart.ikea.com
hr-int-jobs.about.ikea.com
dnstrd.ikea.com
api.nebulademo.spitzer.dev.nebula.ikea.com
ru-int-jobs.about.ikea.com
publications-jo-ar.ikea.com
publications-ext.ikea.com
pam-iig.ikea.com
idam.inter.ikea.com
oos.insideworkspaces.ikea.com
ikea.com
ikea.com
ikea.com
ikea.com
ikeadt.com
ikea.com
akamai-san41.exacttarget.com
usinincontact.ikea.com
secure.services.ikea.com
ikea.com
publications-ua-uk.ikea.com
everyday.ikea.com
ar-jobs.about.ikea.com
goto.ikea.com
Mail15.ikea.com
rana03.ikea.com
franchisor.ikea.com
ikea.com
ikea.com

Certificate

The complete raw certificate details for secure.services.ikea.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIECjCCAvKgAwIBAgISA3yzC9ydDc6y94+OItaoMOQ4MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMDIwMDI5MDdaFw0yNDAxMzEwMDI5MDZaMCMxITAfBgNVBAMT
GHNlY3VyZS5zZXJ2aWNlcy5pa2VhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKK6rtqSEpmyF/PeZg1EwtwrMhfAI5B8PEDiGjRNS6M3taeOuat/
wISyAYzCaWa5+e+UlQ3783Zg0pt013yYAjxhDEQG74ubLxnsdH1t1iTfwN3MU2ee
bArdNjJ4VUGoDRZlH7xtR18akXd4piDPhyUQpw3sGyGi3i1qIs66w0MLhUsCeu8+
Bi7W5Z2s8Mwg/5TkusVpIIFmqeoVpi3Z4dMgJ+X8bX8k3pqYaF8Rbd/brgyvgYmM
3rmefWdb//zNb5eRxzTvU+RgV9SsBHYigy97Y45aHR57zupTZET2YOgDt9eEgt6u
6aKkXUb4PLbWFdWwynOYGiYLKDUngW420XMCAwEAAaOCAScwggEjMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQUgnD/Mt5sZYl/pSr6oHq1WckCsEgwHwYDVR0jBBgwFoAU
FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB
hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p
LmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYc2VjdXJlLnNlcnZpY2VzLmlrZWEuY29t
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG
SIb3DQEBCwUAA4IBAQBad6XgkwHYy2XxwScQuIZBqJteuGLWFM6KFsraVQAbjXIj
d/71DLPR1C6+hr5Mc4vbxAf3Q9tVd4dLqzfuUPXw88TcDgjdFGCgJc75XBP6M7yR
ceFYwJffMZASbx9G28h27lRa6YcD8MhiB+4xMmTUFRC33rgLqS7zyMuWtaI3Iq2+
eNOV95RJsti/w7pSuMSOtNNVV9OvUKPm85F17fX2AAz4bPaUnDGn9SCOpBC88o4k
FQ4ojaSNItQTaiWRVfx9mUc2RoF2A1sTNBGFZk0hfGJXBf9sw+RoNDnOKxkcXAmo
9iG8IbVxdAbp08s495LIzwyhHH8E4KUQzqtaYrDJ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorqu2pISmbIX895mDUTC
3CsyF8AjkHw8QOIaNE1Loze1p465q3/AhLIBjMJpZrn575SVDfvzdmDSm3TXfJgC
PGEMRAbvi5svGex0fW3WJN/A3cxTZ55sCt02MnhVQagNFmUfvG1HXxqRd3imIM+H
JRCnDewbIaLeLWoizrrDQwuFSwJ67z4GLtblnazwzCD/lOS6xWkggWap6hWmLdnh
0yAn5fxtfyTemphoXxFt39uuDK+BiYzeuZ59Z1v//M1vl5HHNO9T5GBX1KwEdiKD
L3tjjlodHnvO6lNkRPZg6AO314SC3q7poqRdRvg8ttYV1bDKc5gaJgsoNSeBbjbR
cwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 303769864694561260740785281479174706488376
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-02 00:29:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-31 00:29:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.services.ikea.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20542662233961733106090167571933517748247643035386733822264804833701411573671268933491190585532738074439649626074723324299297462606988749577150988407028569804552144838163452123168849466426784646399424423864655356988141102753293239160346892408585808996547800103028161357605540580015806783151444749736990286431193179543339866278273962902200878256316533251620272802029018703907282747818176495263618098839486038836742112450997105349766630403294468152019679456720165244074787496284307370571381771710727054067400104392918308834501088833701297240751104432829958043577602492582465510000317690604615785157595822740545681674611
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8270ff32de6c65897fa52afaa07ab559c902b048
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.services.ikea.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005a77a5e09301d8cb65f1c12710b88641a89b5eb862d614ce8a16cada55001b8d722377fef50cb3d1d42ebe86be4c738bdbc407f743db5577874bab37ee50f5f0f3c4dc0e08dd1460a025cef95c13fa33bc9171e158c097df3190126f1f46dbc876ee545ae98703f0c86207ee313264d41510b7deb80ba92ef3c8cb96b5a23722adbe78d395f79449b2d8bfc3ba52b8c48eb4d35557d3af50a3e6f39175edf5f6000cf86cf6949c31a7f5208ea410bcf28e24150e288da48d22d4136a259155fc7d994736468176035b13341185664d217c625705ff6cc3e4683439ce2b191c5c09a8f621bc21b5717406e9d3cb38f792c8cf0ca11c7f04e0a510ceab5a62b0c9