www.stretchmax.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:27:10:d8:56:0f:b2:28:39:37:a3:1c:ee:a2:c3:c4:90:0c was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.stretchmax.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:27:10:d8:56:0f:b2:28:39:37:a3:1c:ee:a2:c3:c4:90:0cSerial Number (int): 274630261034782127502417351207509482049548
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4b:d9:db:b5:da:55:db:84:64:64:2e:e7:bb:6f:2c:db:01:f8:fa:45
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 32:0a:8b:b5:79:06:24:62:a6:d5:a1:90:6e:a1:b8:84:88:e3:c7:9f
Fingerprint (sha256): 05:03:f1:45:c7:60:62:69:79:64:1d:59:59:20:36:75:39:7c:25:75:65:b5:da:bf:34:2f:20:2e:74:c3:b7:7f
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.stretchmax.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.stretchmax.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.stretchmax.com
Other certificates including the domain name stretchmax.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.stretchmax.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXDCCBUSgAwIBAgISAycQ2FYPsig5N6Mc7qLDxJAMMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTIwMDQ1NDFaFw0y MDAzMTEwMDQ1NDFaMB0xGzAZBgNVBAMTEnd3dy5zdHJldGNobWF4LmNvbTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALiqbzzjs67RFEDqUnmQB8PdSlS2 0LI3NHTZST1o1eguVrRT07K09OQR5zEzQZHClDXdn4s6eJhPV2DfY1MHo3yR4SJH +u6txJ80RCV0GIjX+IQlqPzvCMpW0Dszt9Rb4ZtS8LzNl7l2LRaTWNGaRriz9Ghf h3mvz4yimTPLEUxNnudLRBfX58WPPloq7QJ/VBghcT4yMQqjk85XdCtrTkBR0JRT gbM7gULWbXnPtC2DlgjdVd/P2JvmmNwH076LUq6/dIXpG8S0k5D/Pq5GDOrkaU3M Td5omx9MZce3wilKVouKK2syC94fhWAWFEA8E4rD6QKSNDqprciNCyKWPORuEk/9 1R/Uji7dene7NtafmBarwxCf1SRlurh7rzuQKN3Wr1dE+u72lgMK/LcT+ADFJWI9 vkMEqq49VaU413OHoMuESdZ56h8jrxxWpdQ1qJnKSfpj8kGpDvW6H3qNBbXWYn2w CVrmvS66NnUEFtl5/KH/1hJwV5+dgJ2+Uv1sT1JlJoVHGlogoUf9l5wFucFjluxm tM+AkBJJKJj3H7NVWbRNML0kyHrdPKoHQsxClhGROiIcrZ/ENNK74HjkLZZJVuEK NpeAJieKWiOgnbXWjuBZ/Oq2QCFjdrIu89g+tLHZ4yJmXsm5QRTwZE9e+yVyzk97 kDgjdUd6erl5llbFAgMBAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FEvZ27XaVduEZGQu57tvLNsB+PpFMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISd3d3LnN0cmV0Y2ht YXguY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4A AAFu98h9EQAABAMARzBFAiEA7JoddCMToqhmPaQF/DR8K8aiGUMr6/UZMzXVZbRU s18CIAZZ5Y69kCqZRSJbbkoad3YiImkcEHkOyuQ3WxACqz19AHYAXqdz+d9WwOe1 Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFu98h9tQAABAMARzBFAiA5hesDyAIG aOj1LVomnWkyVBHAeZK6lsry3OHn4smNSQIhAMixJLnHujffbZwXpP5BfsscAqEw EBLIODlGxLDvntQ4MA0GCSqGSIb3DQEBCwUAA4IBAQAo7p76t4y/Y6EtEMvnMO2v w+K6muvKS4a8dmD5HBUzcXd37E/slAoh5OfX171oloYWsBg3gL2iH/7KF10cob1T FlejsQhX05FdR0HccQMtD9UEqFkUgVsTJWDQXMtHh25AuPL8IGDyTXWgWa73KuZg gH/TJCQ70AIsGefH85+iTmKj3YkFnDWvNZ8h511QbmIlFwLgSaIL/SzAIYkM4+jm k8HtIsN9Z8xLb21dMLMjyqtuEIPcRuRHB9mvZEDxKoY85k8kee/3KtByXGBVYaFe 8qJU5t6k/AZ53UVe0mD0s/EEnq5IXHy8kw1MqjQ4Wbid6XxYvaUnIIjDIAp0RY8k -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuKpvPOOzrtEUQOpSeZAH w91KVLbQsjc0dNlJPWjV6C5WtFPTsrT05BHnMTNBkcKUNd2fizp4mE9XYN9jUwej fJHhIkf67q3EnzREJXQYiNf4hCWo/O8IylbQOzO31Fvhm1LwvM2XuXYtFpNY0ZpG uLP0aF+Hea/PjKKZM8sRTE2e50tEF9fnxY8+WirtAn9UGCFxPjIxCqOTzld0K2tO QFHQlFOBszuBQtZtec+0LYOWCN1V38/Ym+aY3AfTvotSrr90hekbxLSTkP8+rkYM 6uRpTcxN3mibH0xlx7fCKUpWi4orazIL3h+FYBYUQDwTisPpApI0OqmtyI0LIpY8 5G4ST/3VH9SOLt16d7s21p+YFqvDEJ/VJGW6uHuvO5Ao3davV0T67vaWAwr8txP4 AMUlYj2+QwSqrj1VpTjXc4egy4RJ1nnqHyOvHFal1DWomcpJ+mPyQakO9bofeo0F tdZifbAJWua9Lro2dQQW2Xn8of/WEnBXn52Anb5S/WxPUmUmhUcaWiChR/2XnAW5 wWOW7Ga0z4CQEkkomPcfs1VZtE0wvSTIet08qgdCzEKWEZE6Ihytn8Q00rvgeOQt lklW4Qo2l4AmJ4paI6CdtdaO4Fn86rZAIWN2si7z2D60sdnjImZeyblBFPBkT177 JXLOT3uQOCN1R3p6uXmWVsUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 274630261034782127502417351207509482049548 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-12 00:45:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-11 00:45:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.stretchmax.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 753370571758392947651036014663839436009428437937295779556581862854305308258721846334530239886613315631049242095058739360009377121310339584667548452851829888815378136798452243223498506505890305553084764050982981428720283581585854459195394774754789371004568822208807163847432759583519200875985778915234841199459863051434543855425362646380277191081240001019327031549571190942494956105132874289355692028195166367376564284726287297883098392962044840825230088294761846252206407150098380680668305721781517400046134078572312847657802521931490335071436255972506895833721183280460406186742909310623029826531979227498111854090399136637847006079725106627684389251715883533833439878019698844200421348057177947377751654576022356848139427428848309053919396916049272469799683476608397371534626415524217932616113106225824084836363830251014114037813665361293267222329715461870858791082590269056445976837964829248614714131026222514347683971233594352443511282788081473040950811141958318745243452673474978617212408385526660385745706810584339639105293516430191842033259804854454722043160144658057268455311068693492817236161812732867610332317225166103728937609516672418975906657396694411657144253590653833923317651261017786451459037635678712044408532260549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4bd9dbb5da55db8464642ee7bb6f2cdb01f8fa45 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stretchmax.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016ef7c87d110000040300473045022100ec9a1d742313a2a8663da405fc347c2bc6a219432bebf5193335d565b454b35f02200659e58ebd902a9945225b6e4a1a77762222691c10790ecae4375b1002ab3d7d0076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016ef7c87db5000004030047304502203985eb03c8020668e8f52d5a269d69325411c07992ba96caf2dce1e7e2c98d49022100c8b124b9c7ba37df6d9c17a4fe417ecb1c02a1301012c8383946c4b0ef9ed438 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0028ee9efab78cbf63a12d10cbe730edafc3e2ba9aebca4b86bc7660f91c1533717777ec4fec940a21e4e7d7d7bd68968616b0183780bda21ffeca175d1ca1bd531657a3b10857d3915d4741dc71032d0fd504a85914815b132560d05ccb47876e40b8f2fc2060f24d75a059aef72ae660807fd324243bd0022c19e7c7f39fa24e62a3dd89059c35af359f21e75d506e62251702e049a20bfd2cc021890ce3e8e693c1ed22c37d67cc4b6f6d5d30b323caab6e1083dc46e44707d9af6440f12a863ce64f2479eff72ad0725c605561a15ef2a254e6dea4fc0679dd455ed260f4b3f1049eae485c7cbc930d4caa343859b89de97c58bda5272088c3200a74458f24