khm.imsma-core.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:18:af:57:fc:01:d5:15:95:84:ff:96:1d:be:95:2b:76:48 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=khm.imsma-core.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:18:af:57:fc:01:d5:15:95:84:ff:96:1d:be:95:2b:76:48
Serial Number (int): 269736706341784710554109900159579400664648
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: a2:6f:e9:10:0a:a3:62:14:a2:1f:ff:64:bf:57:85:49:3f:16:1e:80
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): dc:a0:bd:7c:f2:74:26:08:b2:10:a0:76:d7:86:19:8a:b6:5c:9a:db
Fingerprint (sha256): 10:3a:00:75:6c:60:de:c4:a4:0e:5d:f9:d5:83:4a:12:9c:57:90:ea:6f:b3:ee:6f:77:6a:75:65:86:51:ef:00

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate khm.imsma-core.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for khm.imsma-core.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

khm.imsma-core.org

Other certificates including the domain name imsma-core.org

(limited to 100 certificates)
mod-ukr.imsma-core.org
demo.imsma-core.org
mod-ukr.imsma-core.org
demo.imsma-core.org
khm.imsma-core.org
mod-ukr.imsma-core.org
dev.imsma-core.org
khm.imsma-core.org
mod-ukr.imsma-core.org
demo.imsma-core.org
khm.imsma-core.org
mod-ukr.imsma-core.org
demo.imsma-core.org
demo.imsma-core.org
community.imsma-core.org
demo.imsma-core.org
khm.imsma-core.org
imsma-core.org
dev-cf.imsma-core.org
dev.imsma-core.org
demo.imsma-core.org
khm.imsma-core.org
dev.imsma-core.org
tnmac.imsma-core.org
sy.imsma-core.org
dev.imsma-core.org
demo.imsma-core.org
mod-ukr.imsma-core.org
imsma-core.org
dev.imsma-core.org
khm.imsma-core.org
scd.imsma-core.org
demo.imsma-core.org
mod-ukr.imsma-core.org
dev.imsma-core.org
khm.imsma-core.org
mod-ukr.imsma-core.org
khm.imsma-core.org
dev-cf.imsma-core.org
demo.imsma-core.org
dev.imsma-core.org
dev.imsma-core.org
khm.imsma-core.org
hi-wos.imsma-core.org
demo.imsma-core.org
dev.imsma-core.org
khm.imsma-core.org
demo.imsma-core.org
dev.imsma-core.org
imsma-core.org
mod-ukr.imsma-core.org
dev.imsma-core.org
dev-cf-dist.imsma-core.org
demo.imsma-core.org
demo.imsma-core.org
demo.imsma-core.org
dev-cf-dist.imsma-core.org
khm.imsma-core.org
ly.imsma-core.org
mod-ukr.imsma-core.org
demo.imsma-core.org

Certificate

The complete raw certificate details for khm.imsma-core.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAxivV/wB1RWVhP+WHb6VK3ZIMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MDEwODU0MTdaFw0x
OTExMzAwODU0MTdaMB0xGzAZBgNVBAMTEmtobS5pbXNtYS1jb3JlLm9yZzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjpBIv9hhyNEgqTV9pHsuMc3gck
Cqq0eC4YRZFQFZ0UdrgOT7ucRz4ANOdz0cyib4wmv/fPjM8vzFk5m5pr2nADZOXF
ClNxtBrDre9S/jQ+/KgRz1WqU7opaKkwQE94UrVCsdBs63EXjKkY7eC0nXNb03MK
4tf3xiavRUR9TYVfcz3MP3W6JQx7aUkj2F2O5jjR+WJoOj6vgjmcnjjHq+ParyQI
EaCuytT67VdLhcaNClSA5mjdQmqWT9Xng4F8i7DDBf2EJMiK5CTfRJT4GS72tJEF
05VDc2bO7QyBtbaFGndN4W4zsM6vuRaDP8exV3ObNs8+OhFDsHPVW7SyouMCAwEA
AaOCAmgwggJkMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUom/pEAqjYhSiH/9kv1eF
ST8WHoAwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH
AQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5
cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5
cHQub3JnLzAdBgNVHREEFjAUghJraG0uaW1zbWEtY29yZS5vcmcwTAYDVR0gBEUw
QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov
L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgB0
ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWzsPyfqAAAEAwBHMEUC
IQCnE7uxKNbf41/OQ8d1wCKVyZHHYaePaH83dE6nw7qvHwIgZ6q4mSBuoUWIDB9Q
fdSxYooSawYnZGrjYA5jAwhFhOMAdwBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4
scdoVEvYjQAAAWzsPynMAAAEAwBIMEYCIQCA23n66hXpC2pQWUhRjHVlBTCr46xq
nfx6qdbRZ4c1mQIhAMFT5LmNTaiDfosoarTbGGC34ImtpPlyJ1e8urIe+p49MA0G
CSqGSIb3DQEBCwUAA4IBAQCTpXgYtauD6nTTmmc31hPDtEkYD0c/2fTdzHCg1BHk
3mg2E4iZY/w1t/gPjXEMa7Q9pmutpmavXCgucR2tG9rlv9U7p6qcmZ5cLEcJB/6U
LXUUSuVidMB0uln/sYXShpxnLOHLCp72+LhvW+zB9Pt9/aLMDjbWzUAm1Z3pLdW0
NaYA+SO9BvNb/362EBEyd9KqDuydroH+PKyXvYvvQX536A2h/iZMJfX8US+dFRvR
L8AEy/tCJ7YIjCKTtEiXQytI/weIWTr+oisL0ApZXelZHGVeM1KL873MRiiK6ksK
qF7045RYDID0ulpllVO47IAFazwKmFMT6+aaSSrJWHyF
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOkEi/2GHI0SCpNX2key
4xzeByQKqrR4LhhFkVAVnRR2uA5Pu5xHPgA053PRzKJvjCa/98+Mzy/MWTmbmmva
cANk5cUKU3G0GsOt71L+ND78qBHPVapTuiloqTBAT3hStUKx0GzrcReMqRjt4LSd
c1vTcwri1/fGJq9FRH1NhV9zPcw/dbolDHtpSSPYXY7mONH5Ymg6Pq+COZyeOMer
49qvJAgRoK7K1PrtV0uFxo0KVIDmaN1CapZP1eeDgXyLsMMF/YQkyIrkJN9ElPgZ
Lva0kQXTlUNzZs7tDIG1toUad03hbjOwzq+5FoM/x7FXc5s2zz46EUOwc9VbtLKi
4wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 269736706341784710554109900159579400664648
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-01 08:54:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-30 08:54:17 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'khm.imsma-core.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19303127695411569971913668537635002731678786562550178215005222174481161762282167310196816711377164705321310852270269013351891185400663778127691919505758371981733256846828307075672936635215626393767802860343728767221556138105413305642876027741287995496012353863186544091940524781384948014146108889282735353534139702956162603152068529493985185524315153882121931618316760234609064773408861758782441646729290857619132365748922776267038263338303329321066716396731228267029488855427356703830370369195030242227852010825130366658318597766423808255166353136778380867567195393141328838604527298905446952203702036205079650018019
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a26fe9100aa36214a21fff64bf5785493f161e80
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khm.imsma-core.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016cec3f27ea0000040300473045022100a713bbb128d6dfe35fce43c775c02295c991c761a78f687f37744ea7c3baaf1f022067aab899206ea145880c1f507dd4b1628a126b0627646ae3600e6303084584e300770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016cec3f29cc000004030048304602210080db79faea15e90b6a505948518c75650530abe3ac6a9dfc7aa9d6d167873599022100c153e4b98d4da8837e8b286ab4db1860b7e089ada4f9722757bcbab21efa9e3d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0093a57818b5ab83ea74d39a6737d613c3b449180f473fd9f4ddcc70a0d411e4de683613889963fc35b7f80f8d710c6bb43da66bada666af5c282e711dad1bdae5bfd53ba7aa9c999e5c2c470907fe942d75144ae56274c074ba59ffb185d2869c672ce1cb0a9ef6f8b86f5becc1f4fb7dfda2cc0e36d6cd4026d59de92dd5b435a600f923bd06f35bff7eb610113277d2aa0eec9dae81fe3cac97bd8bef417e77e80da1fe264c25f5fc512f9d151bd12fc004cbfb4227b6088c2293b44897432b48ff0788593afea22b0bd00a595de9591c655e33528bf3bdcc46288aea4b0aa85ef4e394580c80f4ba5a659553b8ec80056b3c0a985313ebe69a492ac9587c85