canadaslandtrust.ca

Issued by R3

About this certificate

This digital certificate with serial number 04:e3:54:b8:b8:fc:b4:1b:6f:7d:52:94:ec:68:dd:de:46:e5 was issued on by Let's Encrypt.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=canadaslandtrust.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:e3:54:b8:b8:fc:b4:1b:6f:7d:52:94:ec:68:dd:de:46:e5
Serial Number (int): 425805855304346525629050619337442766767845
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 35:38:22:b2:01:69:ca:be:cf:d1:48:c7:8a:9a:d6:96:fa:ef:d4:ce
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): d5:55:56:e5:99:31:f3:dd:79:48:2e:48:87:a9:5a:d3:fa:ae:c8:ee
Fingerprint (sha256): 06:01:af:29:b2:b4:7d:dc:98:6b:93:ac:07:e8:6a:da:1e:ff:ce:d9:1e:6f:16:0b:29:87:87:66:29:67:db:d7

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate canadaslandtrust.ca

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for canadaslandtrust.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

buyorleaseit.com
canadaslandtrust.ca
diskret-ohne-rezept.info
dotetx.com
gustofino.com.rentlittlecamper.com
mikelindellbook.org.speechlessdj.com.flagstickcams.com
peerlesswindows.com
revx2.com
tvp5.cz
www.abuse.epik.com
www.alpacacoats.com.dinardoforstaterep.org

Other certificates including the domain name canadaslandtrust.ca

(limited to 100 certificates)
canadaslandtrust.ca
arbitrager.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
writeathon.com.handpiecerepair.co.canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
norwoodwaterworks.ca
canadaslandtrust.ca
hombresparahombres.com.canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca

Certificate

The complete raw certificate details for canadaslandtrust.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISBONUuLj8tBtvfVKU7Gjd3kblMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjUyMzM4NTRaFw0yNDAzMjQyMzM4NTNaMB4xHDAaBgNVBAMT
E2NhbmFkYXNsYW5kdHJ1c3QuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/A4HQIoBMvFMMv23hOKeMmvgQELQgqWhXSvSf0kSdhZ1ExArUyOLG9yCQ
4xzH4KVinvt3SPIaG7JDkGvdr9rRiBVz8JVJqwHQiqefudG6btgzf7JDAKg9xnuN
HZ1QexJOMQHqwuQ3Pzj9rz0KhYra6uRj4FwKKAWFbI24wB+jq3cKyChRa//Of5Qw
wBi7tszdWLlnZgAyMe4KJQRqUUzQaPuCWa0d37ALPyvbA5wZJCFm4yVV5E9YYkDE
Cqv4/CKKiBuNmPjhSahbw+ge6PmXqGCISZYPUPA8a++BVv54YL6/bbG4TavD3LbJ
47ldmB5vI0x6gO7rjGYeNmkCSaT3AgMBAAGjggMaMIIDFjAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFDU4IrIBacq+z9FIx4qa1pb679TOMB8GA1UdIwQYMBaAFBQusxe3
WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0
cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j
ci5vcmcvMIIBHwYDVR0RBIIBFjCCARKCEGJ1eW9ybGVhc2VpdC5jb22CE2NhbmFk
YXNsYW5kdHJ1c3QuY2GCGGRpc2tyZXQtb2huZS1yZXplcHQuaW5mb4IKZG90ZXR4
LmNvbYIiZ3VzdG9maW5vLmNvbS5yZW50bGl0dGxlY2FtcGVyLmNvbYI2bWlrZWxp
bmRlbGxib29rLm9yZy5zcGVlY2hsZXNzZGouY29tLmZsYWdzdGlja2NhbXMuY29t
ghNwZWVybGVzc3dpbmRvd3MuY29tgglyZXZ4Mi5jb22CB3R2cDUuY3qCEnd3dy5h
YnVzZS5lcGlrLmNvbYIqd3d3LmFscGFjYWNvYXRzLmNvbS5kaW5hcmRvZm9yc3Rh
dGVyZXAub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBgYKKwYBBAHWeQIEAgSB
9wSB9ADyAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMo49q
wgAABAMASDBGAiEA9N/v4SCxjCk7L2ybPEhq+xwaE2QK3HtXoPZUlQUMv8ICIQC0
9GQz6oyg1HRcq6VUwHbar054vGW4mUWnTzgzgYBoRAB3AHb/iD8KtvuVUcJhzPWH
ujS0pM27KdxoQgqf5mdMWjp0AAABjKOPaxgAAAQDAEgwRgIhAK8LB4mdmRRhqsvT
ZcQSgsEvSztjA443O/tAXtusj0UeAiEAnDOobKSVsVOUOpVyvZHPNA9ZBgaGl/y1
shcYbBcIMzkwDQYJKoZIhvcNAQELBQADggEBADulMsqRaD9hNcur+5kTGzn5W6c0
aaDzRZ7+RdtUzmB3pi3YfgRi/ncFT1sbz9ZnJ+yr5i0b/ptaifeCVYeimjOt/6Da
DsW8icses4P18vXq2AFQtldVGFK+nXRkWZWapL5XSC5gyUhoBbpvnSyEMy3MCzQH
faSd2zaPqvr3hQECosQD2u3lhtAOuOp9VtBTWthqOX2UNkR9rzklu82k1zg/zv9O
DaKa3WpGSSO3dUgNgFe+4Xm+iy4qkGPctHb4YyygzZybxzNiOqQyRM95KNxO+DIw
swls/jJ7tXD70N8jNkVPJyv24EFyxQ0v2uz35HyA3TAwGOUz5W9rDDTOT/E=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwOB0CKATLxTDL9t4Tin
jJr4EBC0IKloV0r0n9JEnYWdRMQK1MjixvcgkOMcx+ClYp77d0jyGhuyQ5Br3a/a
0YgVc/CVSasB0Iqnn7nRum7YM3+yQwCoPcZ7jR2dUHsSTjEB6sLkNz84/a89CoWK
2urkY+BcCigFhWyNuMAfo6t3CsgoUWv/zn+UMMAYu7bM3Vi5Z2YAMjHuCiUEalFM
0Gj7glmtHd+wCz8r2wOcGSQhZuMlVeRPWGJAxAqr+PwiiogbjZj44UmoW8PoHuj5
l6hgiEmWD1DwPGvvgVb+eGC+v22xuE2rw9y2yeO5XZgebyNMeoDu64xmHjZpAkmk
9wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 425805855304346525629050619337442766767845
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-25 23:38:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-24 23:38:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canadaslandtrust.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24113245655173614722017891726751527281097444928160103072622730285532816708716231565099908471991569127331088337315436022449092980625287715923123260431977705391794476126916611971668137290336387929017594142702439914305059426431294770047258270720164639018344832228668584614898613212132631454759870766381872299274929668615516256150289278121621461989314890623634700092015456538172370150392291060282638895147878109109700008963154398406155723688266214710108591372164295202376706805601248565787675530401981266042650370360963153922274120833581675395932549733862804298179542208914401336784370580086607653655696000063419655496951
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							353822b20169cabecfd148c78a9ad696faefd4ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (278 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buyorleaseit.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canadaslandtrust.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diskret-ohne-rezept.info'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dotetx.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gustofino.com.rentlittlecamper.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mikelindellbook.org.speechlessdj.com.flagstickcams.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'peerlesswindows.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'revx2.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tvp5.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abuse.epik.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.alpacacoats.com.dinardoforstaterep.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ca38f6ac20000040300483046022100f4dfefe120b18c293b2f6c9b3c486afb1c1a13640adc7b57a0f65495050cbfc2022100b4f46433ea8ca0d4745caba554c076daaf4e78bc65b89945a74f38338180684400770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ca38f6b180000040300483046022100af0b07899d991461aacbd365c41282c12f4b3b63038e373bfb405edbac8f451e0221009c33a86ca495b153943a9572bd91cf340f5906068697fcb5b217186c17083339
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003ba532ca91683f6135cbabfb99131b39f95ba73469a0f3459efe45db54ce6077a62dd87e0462fe77054f5b1bcfd66727ecabe62d1bfe9b5a89f7825587a29a33adffa0da0ec5bc89cb1eb383f5f2f5ead80150b657551852be9d746459959aa4be57482e60c9486805ba6f9d2c84332dcc0b34077da49ddb368faafaf7850102a2c403daede586d00eb8ea7d56d0535ad86a397d9436447daf3925bbcda4d7383fceff4e0da29add6a464923b775480d8057bee179be8b2e2a9063dcb476f8632ca0cd9c9bc733623aa43244cf7928dc4ef83230b3096cfe327bb570fbd0df2336454f272bf6e04172c50d2fdaecf7e47c80dd303018e533e56f6b0c34ce4ff1