amn.life

Issued by R3

About this certificate

This digital certificate with serial number 03:f9:92:05:0e:c6:24:74:dd:ee:7b:b2:62:29:0c:1a:e5:ce was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=amn.life

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:f9:92:05:0e:c6:24:74:dd:ee:7b:b2:62:29:0c:1a:e5:ce
Serial Number (int): 346261260707115501106572673837907847079374
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: f4:e7:1a:1e:72:ad:89:48:9d:ae:00:3a:cc:ca:08:d2:1d:50:df:e1
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 8e:fc:99:6c:53:a3:1b:e9:c6:23:f4:7b:58:11:20:4f:0d:29:af:f0
Fingerprint (sha256): 16:ff:db:0c:b5:18:68:5f:50:03:37:5b:ce:d5:81:a4:77:bf:ad:69:90:be:9b:12:49:2f:57:a2:13:ee:1c:49

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate amn.life

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for amn.life

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

amn.life
www.amn.life

Other certificates including the domain name amn.life

(limited to 100 certificates)
www.amn.life
amn.life
amn.life
www.amn.life
amn.life
amn.life
amn.life
www.amn.life
www.amn.life
amn.life
www.amn.life
amn.life

Certificate

The complete raw certificate details for amn.life in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISA/mSBQ7GJHTd7nuyYikMGuXOMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMjEwMTMyNTNaFw0yNDA0MjAwMTMyNTJaMBMxETAPBgNVBAMT
CGFtbi5saWZlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzdNnHioN
8kaFxwMVXuRFTKWat/HXioS/LzwHGAh/GPheU0G2D80XAHhWteFhKC4g59/JTNvR
0lR5Iob0RKt62DLhDL4sOeWYOrVznNwvurN1uGxRKTN6RjZdzWdOubR6nVO2R/Vl
8FChzPZFum5PobgIuiYY7qZVa7JujMk6sGjDPnWTeYggtabbN/XA2JaYuG8zytnJ
jgUZPb/HOSmn2Jftwmw9ZoHw7TAfOMDJt2B83h9/sRjuQ/+1g2W5tmtuKQLd74KQ
XxU/bv7PPKaks2n5G5fywy378riYlSkd+IaNH5y5Z8Z82tlky1x3DNgXgy5dkWds
N5+gFMKx28OT+ZPWhOkrnXyworY3xRLsl5ndn0PvmY3P6QNU2Pp6HG0hDFEe5BkR
BVq8MMSUSHP469pI+s3vRBj8ID/+OLplR8GliuYgHWGKpO98OwqA2+zop29E4BpT
BcdU0JFsEjZqMqyCCzKUkFzi5AHkC1pwTfvMs3eFKUkjYcYVjIC4lo8BQlsaDFA9
35IP+4Z03d2rVIhldXy/PgYk+2Ofgi8K8CbXVG+clEjcMBDgUrwzxOIXfM9YqCBv
AnTSpYPZwSLQX6O0C0EaapqEroAe5wDpuRyRoCkOg4C5CHFsQFVkoOkCIMziOVT4
UmXABjhxAyPNEDbQS4rE877A2XaeAfP8BCMCAwEAAaOCAhgwggIUMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU9OcaHnKtiUidrgA6zMoI0h1Q3+EwHwYDVR0jBBgwFoAU
FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB
hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p
LmxlbmNyLm9yZy8wIQYDVR0RBBowGIIIYW1uLmxpZmWCDHd3dy5hbW4ubGlmZTAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AHb/
iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjSndH1EAAAQDAEYwRAIg
W7BPTRFazIcNWUmaCbrsRESo9cL0TKSmHks/wfELoZgCIFr943r7ThZgtMOhHQDU
ily5IXKpJdBU8Eoc/LMKDhmTAHcAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1y
b+H61BcAAAGNKd0hJAAABAMASDBGAiEA7UHYC9+o9ddqwHgoxySlfWfvxkvsHJbR
KVvAE5FAPxoCIQCZJMiUQj5dZNNBWIt5N1+9eLbPOmPwdtl3dRDSQrqlqzANBgkq
hkiG9w0BAQsFAAOCAQEAFYBoQj7Uf0zSoz3pw/oRiF9Igbyl85HhUQTfk7x7uJiK
X4Mw//0DXhV1q6qEbZ+QikCA29XK0iwyc0OQW8kSbCvU35l6rF3lWEOPKLLRiYUV
+VuKP1Lb44s8tiRXVUxgc58soLuk+2HF+3M1B68PIR9URYHPLU1ldtyB4t2oyISx
LS9zrhUA1Rc6uMKz8wwG0CHuDnKMGUXxR4U20YXWdMmhWtQvmmOkgulkHJTLo97d
GzZ+tU261GIBFje3HxxzA0K91kNXdIL7idpwV07Li5a3D6+rgXhDsMMg2qI6B0NK
vy5WOcHVwRVdTycpsr29AdlJKiwoZgtHRQzkaJXiew==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzdNnHioN8kaFxwMVXuRF
TKWat/HXioS/LzwHGAh/GPheU0G2D80XAHhWteFhKC4g59/JTNvR0lR5Iob0RKt6
2DLhDL4sOeWYOrVznNwvurN1uGxRKTN6RjZdzWdOubR6nVO2R/Vl8FChzPZFum5P
obgIuiYY7qZVa7JujMk6sGjDPnWTeYggtabbN/XA2JaYuG8zytnJjgUZPb/HOSmn
2Jftwmw9ZoHw7TAfOMDJt2B83h9/sRjuQ/+1g2W5tmtuKQLd74KQXxU/bv7PPKak
s2n5G5fywy378riYlSkd+IaNH5y5Z8Z82tlky1x3DNgXgy5dkWdsN5+gFMKx28OT
+ZPWhOkrnXyworY3xRLsl5ndn0PvmY3P6QNU2Pp6HG0hDFEe5BkRBVq8MMSUSHP4
69pI+s3vRBj8ID/+OLplR8GliuYgHWGKpO98OwqA2+zop29E4BpTBcdU0JFsEjZq
MqyCCzKUkFzi5AHkC1pwTfvMs3eFKUkjYcYVjIC4lo8BQlsaDFA935IP+4Z03d2r
VIhldXy/PgYk+2Ofgi8K8CbXVG+clEjcMBDgUrwzxOIXfM9YqCBvAnTSpYPZwSLQ
X6O0C0EaapqEroAe5wDpuRyRoCkOg4C5CHFsQFVkoOkCIMziOVT4UmXABjhxAyPN
EDbQS4rE877A2XaeAfP8BCMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 346261260707115501106572673837907847079374
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-21 01:32:53 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-20 01:32:52 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'amn.life'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 839695972207345936524187724045495732097357962407762219098930874000486259726168341140974581786529376826672031036790611595404645662394663649735731278278342648386143461947230516952420286186722574556829240232915620303967916536034885451543141292735366525721993846882311859194119009735786429402439501969119103525756593842596725270774677462162114913739712442237385826425847010334665093490574916828035565166746007571068841470991093714353511371062151970740397168556249364713665391438774956165050200672963932493683928673477995589614097271750349879756272869674043071023207522841993045687535294157393392377795060001975147221429978503962357944264233202044147370049551079200302256938841373363506846717777838342046014214751659050375257046397630629661148267227744700030882309290813518400051123809074126882765343510259235878468277458140481163727277203537519946608483797028626381173668897909871659622311905127115873436127568676011973241016376682082041233098759762732847937801852840063587835810109878596893258277658790042160893479807333976019780870103775179039201396921550264041635181209540708073462044727505244990702395336243552395346601265379007063133371770528689492978196737038966236681912013401670758786688381113716151665641577874831491113548514339
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f4e71a1e72ad89489dae003accca08d21d50dfe1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amn.life'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.amn.life'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d29dd1f51000004030046304402205bb04f4d115acc870d59499a09baec4444a8f5c2f44ca4a61e4b3fc1f10ba19802205afde37afb4e1660b4c3a11d00d48a5cb92172a925d054f04a1cfcb30a0e19930077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d29dd21240000040300483046022100ed41d80bdfa8f5d76ac07828c724a57d67efc64bec1c96d1295bc01391403f1a0221009924c894423e5d64d341588b79375fbd78b6cf3a63f076d9777510d242baa5ab
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00158068423ed47f4cd2a33de9c3fa11885f4881bca5f391e15104df93bc7bb8988a5f8330fffd035e1575abaa846d9f908a4080dbd5cad22c327343905bc9126c2bd4df997aac5de558438f28b2d1898515f95b8a3f52dbe38b3cb62457554c60739f2ca0bba4fb61c5fb733507af0f211f544581cf2d4d6576dc81e2dda8c884b12d2f73ae1500d5173ab8c2b3f30c06d021ee0e728c1945f1478536d185d674c9a15ad42f9a63a482e9641c94cba3dedd1b367eb54dbad462011637b71f1c730342bdd643577482fb89da70574ecb8b96b70fafab817843b0c320daa23a07434abf2e5639c1d5c1155d4f2729b2bdbd01d9492a2c28660b47450ce46895e27b