exterso.com
Issued by R3
About this certificate
This digital certificate with serial number 03:99:34:70:76:a0:e2:0e:b9:05:1a:3c:34:d0:d0:28:0e:dc was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=exterso.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:99:34:70:76:a0:e2:0e:b9:05:1a:3c:34:d0:d0:28:0e:dcSerial Number (int): 313469763733284097019945832953732854714076
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 56:38:4d:67:f8:d1:42:82:a8:54:aa:8b:cd:87:aa:8a:62:35:1c:9e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 57:28:1d:c8:3a:a8:05:76:17:f9:4c:d5:f0:15:1d:d8:a8:e8:04:e6
Fingerprint (sha256): 13:a8:51:06:8d:aa:2c:f8:7a:02:fe:a0:8a:64:7c:47:c6:36:1e:94:40:f5:fc:81:48:35:74:17:cb:ca:bd:8a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate exterso.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for exterso.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
exterso.com
Other certificates including the domain name exterso.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for exterso.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4zCCBMugAwIBAgISA5k0cHag4g65BRo8NNDQKA7cMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTIwODM4MDFaFw0yNDAyMTAwODM4MDBaMBYxFDASBgNVBAMT C2V4dGVyc28uY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5IMq Zjao+NG3h4GbGRJU3qHTD/FS9TlHima0WRGELV4kn+VlvqCDEXqSXc0rw8QSwOa3 mQuIkNz7vIVQFxRq0Y5ioJHWzMVJGKkeTBmP7pYDSarbDnhIqhF6qtOcURGkQsfJ /4WCgRVMMMnBM9pmH64ELPSUqq5C8g0+Mz3jPYqSjMkCuibyenLbGOYLSiH0npXA ZA+C+lX+dS6IGIFbRq7NkWQYGkLova/YHqtp8tcR9e5mb+CY+bX9E8HRIbY4qoIf opiDeXBOD9tmsCp+PilbgEXGzw4NVnPsMIPtDEl+CTCCbQU+87f1ZM2LtemwI0G7 4RnrSqLVSfOSjD09SA6raK1z928hzVOl7/3/qjGUyFq2bMPIgYqmUqMh5cLXKAU7 hF4j9DBl68Y90WAzsTuFp6haOIPlV+vHbvxdQmshUMzW621EPJ+s0YZ3tklf+dsZ w/l+KkS+XJsaDobLjCCjeSZ5qkiQTx4zX12x1jKORcFiLQcFraoxR7CAxmo4qgYw 6oOnvPCWdsCFsPRkbAW3pTYE8C0DYs/A+xLPIzqPjJ8U3HzTx1q/F8EzFpL32+l9 1+7J/Zz5BkwRWTzAfqbL6vbCJXsL2Ogf+xl6IaHNXwGsa1zb49z5ycqgdAreXjzk av9VByIhDJTa/9/dG5J53myXiA2IewXz6/Cm/CsCAwEAAaOCAg0wggIJMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUVjhNZ/jRQoKoVKqLzYeqimI1HJ4wHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wFgYDVR0RBA8wDYILZXh0ZXJzby5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBIsONr2qZHNA/l agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYvC5TBuAAAEAwBHMEUCIEZoqwcjCpGP Z8eRx4IBIamP3H1p/XqVvAK9MwUxqxkGAiEA1FjWYbBsrD7d+tzSinK1k5pb78J/ /PgF3liCSnwaky8AdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAA AYvC5TCBAAAEAwBHMEUCIAt16nj7PZ8EAM+Q8w/DArmFyvRoq3OB79gV9PmzalAM AiEA8NV3C1uxMvl206LKeMSkUsV3GbBOS0cBF6salKGnKG4wDQYJKoZIhvcNAQEL BQADggEBAHsRRaEBFzd0Bt79h8edElXTN46yi/dCTb9uzHMu2MsSA6MGLPODAXFB v8TuR6sWJ1gEMw3lfWvLu+Sn1+St8gjs3/tUWKmuEd6iEBe+hloY/pwnmgADL+2Y d0b5wK3p+HACsE55f+RvqlafH6AmTvN5qOZEHz59lv+kjk07kEdv5IZ0KvwIxLvX Qj6Hqitpo6FeEdfIPdW55RAm5Ky50RIzHt+MyXiXuPgzp4l8ISLY3gp8T2ldBvyo cuezSsrXT/MKvn17AUlzdXzV7L9hRDdSXo2CkaQchYRxHV39XJj8jTfHU+oEwPTd 9FvD1qMdAJA5jw233R4j8kyLKgZRgoo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5IMqZjao+NG3h4GbGRJU 3qHTD/FS9TlHima0WRGELV4kn+VlvqCDEXqSXc0rw8QSwOa3mQuIkNz7vIVQFxRq 0Y5ioJHWzMVJGKkeTBmP7pYDSarbDnhIqhF6qtOcURGkQsfJ/4WCgRVMMMnBM9pm H64ELPSUqq5C8g0+Mz3jPYqSjMkCuibyenLbGOYLSiH0npXAZA+C+lX+dS6IGIFb Rq7NkWQYGkLova/YHqtp8tcR9e5mb+CY+bX9E8HRIbY4qoIfopiDeXBOD9tmsCp+ PilbgEXGzw4NVnPsMIPtDEl+CTCCbQU+87f1ZM2LtemwI0G74RnrSqLVSfOSjD09 SA6raK1z928hzVOl7/3/qjGUyFq2bMPIgYqmUqMh5cLXKAU7hF4j9DBl68Y90WAz sTuFp6haOIPlV+vHbvxdQmshUMzW621EPJ+s0YZ3tklf+dsZw/l+KkS+XJsaDobL jCCjeSZ5qkiQTx4zX12x1jKORcFiLQcFraoxR7CAxmo4qgYw6oOnvPCWdsCFsPRk bAW3pTYE8C0DYs/A+xLPIzqPjJ8U3HzTx1q/F8EzFpL32+l91+7J/Zz5BkwRWTzA fqbL6vbCJXsL2Ogf+xl6IaHNXwGsa1zb49z5ycqgdAreXjzkav9VByIhDJTa/9/d G5J53myXiA2IewXz6/Cm/CsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 313469763733284097019945832953732854714076 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-12 08:38:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-10 08:38:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'exterso.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 932249117244333801298577307220334903517569317574739236607602151445716880003870558212606084907699278535960187888576014263723691886376048052805157136118154445150435872448809900670338083721217231503142296571895685236397500020116865391309801972617276931562603113674291870875048518862868138213788106794899224221541879833033889969510877473083204269377126187219353619776841352079378249310800406698002363440976057818442700796137136544501625129169561630432024108925240538463646861560459123803453021336471155437185311534728926953177356972077457695360217448025777151644778357315374071217290799709709551304457847616835982250801920686995439928155706285036895327497321087394838255271803864196341527411447095302648785676020938557857273619090972982119717002153349939966502947355234527512268430193487901411734641501765702981067459256483183009001345119981030250375490265265188413924981408982522412582178482002148854325618588690897793099704649086630670677098881817770293334191233024287020422212600086741338203455996870576129779380714496584988509917498345691814599761559393994907936884208688485466514567573625288415202140397819315790763885104517776202951807032057314076167645584870358674249841366879240287149130177998913780926335123410344366586630437931 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 56384d67f8d14282a854aa8bcd87aa8a62351c9e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exterso.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bc2e5306e000004030047304502204668ab07230a918f67c791c7820121a98fdc7d69fd7a95bc02bd330531ab1906022100d458d661b06cac3eddfadcd28a72b5939a5befc27ffcf805de58824a7c1a932f0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bc2e53081000004030047304502200b75ea78fb3d9f0400cf90f30fc302b985caf468ab7381efd815f4f9b36a500c022100f0d5770b5bb132f976d3a2ca78c4a452c57719b04e4b470117ab1a94a1a7286e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007b1145a10117377406defd87c79d1255d3378eb28bf7424dbf6ecc732ed8cb1203a3062cf383017141bfc4ee47ab16275804330de57d6bcbbbe4a7d7e4adf208ecdffb5458a9ae11dea21017be865a18fe9c279a00032fed987746f9c0ade9f87002b04e797fe46faa569f1fa0264ef379a8e6441f3e7d96ffa48e4d3b90476fe486742afc08c4bbd7423e87aa2b69a3a15e11d7c83dd5b9e51026e4acb9d112331edf8cc97897b8f833a7897c2122d8de0a7c4f695d06fca872e7b34acad74ff30abe7d7b014973757cd5ecbf614437525e8d8291a41c8584711d5dfd5c98fc8d37c753ea04c0f4ddf45bc3d6a31d0090398f0db7dd1e23f24c8b2a0651828a