markmockensturm.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:92:af:fc:f5:03:32:eb:a3:fb:43:6a:e7:5b:ba:2f:68:ba was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=markmockensturm.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:92:af:fc:f5:03:32:eb:a3:fb:43:6a:e7:5b:ba:2f:68:baSerial Number (int): 311252011693252263164486398104192152463546
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 14:14:ba:bc:31:87:6b:6a:32:d7:19:be:c1:96:c0:84:5b:54:0f:fd
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 91:b0:26:96:b1:6d:49:ae:47:1c:6b:63:45:13:2e:62:2c:14:08:f1
Fingerprint (sha256): 0f:79:be:f3:d0:eb:45:07:d5:73:12:8d:0c:11:1b:a0:c8:1a:bd:9f:6c:12:b4:3e:92:a7:4e:b4:fd:41:3b:e0
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate markmockensturm.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for markmockensturm.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
markmockensturm.com
www.markmockensturm.com
www.markmockensturm.com
Other certificates including the domain name markmockensturm.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for markmockensturm.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGdTCCBV2gAwIBAgISA5Kv/PUDMuuj+0Nq51u6L2i6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMDgxOTAxMDBaFw0y MDAxMDYxOTAxMDBaMB4xHDAaBgNVBAMTE21hcmttb2NrZW5zdHVybS5jb20wggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVh+H7AS/cMjVuBzDP4FNI30OM N8n6nY/T9J7Mj45O8RU36GjFpAByIE2Y0p9xn6LgTsETuWG1Y1kK9+U8T7Eohy/S aUo4+zS+DI/Tfm2hG2lJkAW0rD9knaBYPRNFZwWGWqZI/2lWt4A3YiOfu7ZepPZp zGxS99rdqIbltCrc0u5TTbK3lAXZNKwbCeONeGTZLoePlAi0on262P4Jt2xadQcx O8UfEA/fwmnK/6oIw9/6RzN3HQuZIXly3pV7ne9ZEGL2xi4ox7ELr3nAA9xB79lB 0dQ71SxCHvi2tUjtRJ6IriUqQk29zQ8izlSFOOJdeXtD1nzOYCD7V3FFlWdAU6HH BYc3DR0TtFMXijXNzBzMzJVsXOZovA+YNG0q5haThS6s7GKyUF/c5nQXWxPFiG1t p5W5Qk7fBXSGRjizybc45I64UJZ3YXs9Otcq/8u/HjKNKESJmMgpZGwzCQhmJYYG bC4q59ZL2ZW/SF1NJCAwEW0Ejd72WgR5x80R/JCcFWbeZ49ovQRCZXvQ0PHq3aFd bUtuVQqhVW5T0wiZ5BKeCMn7H5/iHubAK14S6eKpvbR7j3wxFTlS2JesEDo+AIaf EI3hHJG70441jl5m7WIQik4yMO0MoDlbyQKc+pXa3vwErMgw6zKEZuyryg5yD5mx kvxnsSOAgIIQbO2ZAQIDAQABo4ICfzCCAnswDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQUFLq8MYdrajLXGb7BlsCEW1QP/TAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMDcGA1UdEQQwMC6CE21hcmttb2NrZW5z dHVybS5jb22CF3d3dy5tYXJrbW9ja2Vuc3R1cm0uY29tMEwGA1UdIARFMEMwCAYG Z4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMu bGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUAXqdz+d9W wOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFtrPXotAAABAMARjBEAiANcBvt e9K15X4B/W2f9H74gHSVMuIQ3NmvB3cC32vw9QIgNn5JY49r7kslygSOROSoA9Op U0lDNvcDhJX8uzTQx7kAdQApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0 eAAAAW2s9eiiAAAEAwBGMEQCIGxpH373wA799Qz/CuUqRAJvrAZNEXsT2iylHqv6 aGaMAiAv0yzsoDzrBQVWdWNivHwvzIoLN02YJ61oz8meqqKd3DANBgkqhkiG9w0B AQsFAAOCAQEAkXjXaOlIu3nGfdDkkwf+UDMkezPHckxhBxg2QD+A1OQMdcclMK/i iK0fYGz0MJaY0DniIdRtuai9/yUvJma3lMkpQONBXJYpwhAE0XguHduJub9MJ53d ULFXaQo46G0BDC9P7uw5GubST/dryGceWDrX5VzgUS12YR4XVPiuwbf0ggo2p1U7 uKCuH2vvoZ6tfXpTIbDrEcfgAooeknU4xC9dFUvG5uxgKXyEUKcww2LkjCty0IS6 ibtLFUKWhQYlJuFwFfYL0KynJl0BA7lDnByuW1p2jM+a7xCZNRj5wkIwInubI2EB MD8nmBtSRN6eFHjajzWhAC3JDiLW57cqCQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1Yfh+wEv3DI1bgcwz+BT SN9DjDfJ+p2P0/SezI+OTvEVN+hoxaQAciBNmNKfcZ+i4E7BE7lhtWNZCvflPE+x KIcv0mlKOPs0vgyP035toRtpSZAFtKw/ZJ2gWD0TRWcFhlqmSP9pVreAN2Ijn7u2 XqT2acxsUvfa3aiG5bQq3NLuU02yt5QF2TSsGwnjjXhk2S6Hj5QItKJ9utj+Cbds WnUHMTvFHxAP38Jpyv+qCMPf+kczdx0LmSF5ct6Ve53vWRBi9sYuKMexC695wAPc Qe/ZQdHUO9UsQh74trVI7USeiK4lKkJNvc0PIs5UhTjiXXl7Q9Z8zmAg+1dxRZVn QFOhxwWHNw0dE7RTF4o1zcwczMyVbFzmaLwPmDRtKuYWk4UurOxislBf3OZ0F1sT xYhtbaeVuUJO3wV0hkY4s8m3OOSOuFCWd2F7PTrXKv/Lvx4yjShEiZjIKWRsMwkI ZiWGBmwuKufWS9mVv0hdTSQgMBFtBI3e9loEecfNEfyQnBVm3mePaL0EQmV70NDx 6t2hXW1LblUKoVVuU9MImeQSngjJ+x+f4h7mwCteEuniqb20e498MRU5UtiXrBA6 PgCGnxCN4RyRu9OONY5eZu1iEIpOMjDtDKA5W8kCnPqV2t78BKzIMOsyhGbsq8oO cg+ZsZL8Z7EjgICCEGztmQECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 311252011693252263164486398104192152463546 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-08 19:01:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-06 19:01:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'markmockensturm.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 871129628671872988787404134537449266719721027990346451434490599829593153211405884743477364152766638204310782383361847243443188781400922490702271308575937791580373839471642881801217371701652494585665820969686485731590602125196629415939277196152171472587131658630852055980621262958198492536389378182818761278884042255064689395542435494510225063584021866213513090446752799745606462930430831140368250715143894820721464557786301306495384765774764431776846520442638269263017117262279782901288247194536129619688857726844213841091457341114636471303945434855291364721580476000943760606598772547638214447806116857254014570093198477812275671794506666447888793723603606063249845711971978561436391363143129285226075200402809986006025321149406510540215668957199969782919575264647933458481539458083608012968556860892097800157222136802154438428574130333541987620323295234247507218982216764296654750505158818663103247970691113432070442435280286430133550716843622382983068906327545253759805037044582909588960751325253774096652528545357590221125629746597193312630049189765808463248044470002593285671701376920286093466388677323482408903823268191791807409566243242558246981729794311830720935152557439611577668693300198407635655310990810635902019726842113 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1414babc31876b6a32d719bec196c0845b540ffd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'markmockensturm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.markmockensturm.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016dacf5e8b4000004030046304402200d701bed7bd2b5e57e01fd6d9ff47ef880749532e210dcd9af077702df6bf0f50220367e49638f6bee4b25ca048e44e4a803d3a953494336f7038495fcbb34d0c7b9007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016dacf5e8a2000004030046304402206c691f7ef7c00efdf50cff0ae52a44026fac064d117b13da2ca51eabfa68668c02202fd32ceca03ceb050556756362bc7c2fcc8a0b374d9827ad68cfc99eaaa29ddc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009178d768e948bb79c67dd0e49307fe5033247b33c7724c61071836403f80d4e40c75c72530afe288ad1f606cf4309698d039e221d46db9a8bdff252f2666b794c92940e3415c9629c21004d1782e1ddb89b9bf4c279ddd50b157690a38e86d010c2f4feeec391ae6d24ff76bc8671e583ad7e55ce0512d76611e1754f8aec1b7f4820a36a7553bb8a0ae1f6befa19ead7d7a5321b0eb11c7e0028a1e927538c42f5d154bc6e6ec60297c8450a730c362e48c2b72d084ba89bb4b15429685062526e17015f60bd0aca7265d0103b9439c1cae5b5a768ccf9aef10993518f9c24230227b9b236101303f27981b5244de9e1478da8f35a1002dc90e22d6e7b72a09