mesk.io
Issued by R3
About this certificate
This digital certificate with serial number 04:4e:8f:ff:d7:23:e6:88:99:73:8f:3b:1e:58:fb:53:41:e2 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mesk.io
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:4e:8f:ff:d7:23:e6:88:99:73:8f:3b:1e:58:fb:53:41:e2Serial Number (int): 375182576349532753251441875319671022109154
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d7:10:19:55:e8:59:82:74:c2:fe:db:1e:18:1b:8b:f8:fb:77:7b:c1
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): cd:da:7d:6c:64:47:9c:cb:de:24:81:ac:81:11:3b:aa:ec:71:59:91
Fingerprint (sha256): 1f:b3:38:be:43:ee:e1:bf:3c:fb:98:a8:35:de:25:7c:68:0b:19:64:8f:4d:a9:ec:c5:f1:0e:6e:06:1d:26:81
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mesk.io
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mesk.io
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mesk.io
www.mesk.io
www.mesk.io
Other certificates including the domain name mesk.io
(limited to 100 certificates)
Certificate
The complete raw certificate details for mesk.io in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6TCCBNGgAwIBAgISBE6P/9cj5oiZc487Hlj7U0HiMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MTAwMjA0MThaFw0yNDA4MDgwMjA0MTdaMBIxEDAOBgNVBAMT B21lc2suaW8wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMsf/wTx5O KCX425WF+aIcdtB0dodLmL4Q2xJi2KEzZqq+0ht3st/VXTPFcbSx37Jm+fw25eDq Lz/Dmr0MSq3L20mqauaBdtQpm0dh9tch5fIj37e6rBgBzUbRjIvhZljwtPj5FqBQ kGUx3bVFt8WRXuyOQd4rVfK+j6dXVaztZOAaDR85ktTBANW2mtp29e0VYCKrKuxO BuRyhT6ssCX3kDyZz9FDy4U+xjJybYXUFvMpKKx14J2iRfcUIh/Dgw3YvKqqdSUk OA/AXx3NZQPnO435lgjwxa+dA3zp0JSC11CeH4TqJFMWRmJVOHzqPHXydK2Cppum Y89acKYOEA714Fy7i39esSmFPk8DRp9VtjGuVDsplJsPnS4CZuYNgqc5gU2r74Wt TslV7pGUaEVfLMuCVe2KnB3D+pkRYEFrU3uBtuE65kofuuArYgTd637++cO4bUVQ t3KRBcHk4GCpK+j6mYscvZzE12fnMa5SBJjMUWOhFd9Oz7W6mtYKi6EpWt4HhPZA lUQ/KPSjhUji3lcd98WNpvvVH1UPECA0lMrSAnZIwQ5Vpfy6xGxpJabukB1c3C+9 HU5ywvlD+q/wJnlu3uLkQ28AEFmgyn9Datz6VyuTQi0SY3JjCofEd16QdMCH5FBY 3xjk+2OxgftmNLgp6xxyFd69knGKgLKWbQIDAQABo4ICFzCCAhMwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBTXEBlV6FmCdML+2x4YG4v4+3d7wTAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzAfBgNVHREEGDAWggdtZXNrLmlvggt3d3cubWVzay5pbzATBgNV HSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AD8XS0/X IkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABj2B1ahQAAAQDAEgwRgIhALRl cCyuanvXh3OMlr49Rnru8DwKaxgSwYb0CBBCrEVWAiEAmR5MOXEZEW4kwnrq12mW gfWkg5492D4alZOhBL/F3OUAdgAZmBBxCfDWUi4wgNKeP2S7g24ozPkPUo7u385K Pxa0ygAAAY9gdWopAAAEAwBHMEUCIQCct5sUM4VIGW5uMDO/HacqCllGICaqCZrf NuyrHVnjPwIgE/2oyfXMgJPXrNCGPO/vu66Oym8SxCVhnOV4fX5Hu/8wDQYJKoZI hvcNAQELBQADggEBALK5SCBKOl/iqriZ2NKbSWw9/GQZeV6ZDpos2kBIgmSlku88 HbfwLKopHEdb8CrrrUkmTyRzXUgeD94vNPO624JfEXcI2e8vNkKlctaEEXPVw+v0 BelCBB/REpNV9Tm8y9jfenjPDqg9rRXSk0sqgcRpmLMHl1FswgnBTR48/nID/HQo k2h5DVlxeMkfhDOYJsSMrKsZQQD4iMwJn/SgPo1TzC8BMcNUTnzLhFpOr2YamSIj P8OOTGUYHCI3+K5fd9gs2u7+Y6VS10cnfY/x92+n5ePZ1p9VpX/3kYu7egqN0VLx NA6L37NGV8JARy+pnBdfEJ0Vus5vHrY+zOFiPFY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzLH/8E8eTigl+NuVhfmi HHbQdHaHS5i+ENsSYtihM2aqvtIbd7Lf1V0zxXG0sd+yZvn8NuXg6i8/w5q9DEqt y9tJqmrmgXbUKZtHYfbXIeXyI9+3uqwYAc1G0YyL4WZY8LT4+RagUJBlMd21RbfF kV7sjkHeK1Xyvo+nV1Ws7WTgGg0fOZLUwQDVtpradvXtFWAiqyrsTgbkcoU+rLAl 95A8mc/RQ8uFPsYycm2F1BbzKSisdeCdokX3FCIfw4MN2LyqqnUlJDgPwF8dzWUD 5zuN+ZYI8MWvnQN86dCUgtdQnh+E6iRTFkZiVTh86jx18nStgqabpmPPWnCmDhAO 9eBcu4t/XrEphT5PA0afVbYxrlQ7KZSbD50uAmbmDYKnOYFNq++FrU7JVe6RlGhF XyzLglXtipwdw/qZEWBBa1N7gbbhOuZKH7rgK2IE3et+/vnDuG1FULdykQXB5OBg qSvo+pmLHL2cxNdn5zGuUgSYzFFjoRXfTs+1uprWCouhKVreB4T2QJVEPyj0o4VI 4t5XHffFjab71R9VDxAgNJTK0gJ2SMEOVaX8usRsaSWm7pAdXNwvvR1OcsL5Q/qv 8CZ5bt7i5ENvABBZoMp/Q2rc+lcrk0ItEmNyYwqHxHdekHTAh+RQWN8Y5PtjsYH7 ZjS4KescchXevZJxioCylm0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 375182576349532753251441875319671022109154 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-10 02:04:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-08 02:04:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mesk.io' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 835084013576651251974955456047982776020485376685286242667987427436661985311207939045306577874164366930330347230404103634485114957714024678718327042373146374851947492957900740386735202120460695653986915952764824309496568056203765746236552920097061207376726983372453353400808363299601563563145315066888719812949614828166253103376102189295052001677777154455121988047207416388549321646799006634184464598590740339384687331081785556663573734420749113635105268654259301457664570592050196969408317045722248229177116932679361790147945766337114848485610779857181408211469056733136334549682313179362084755150927093995149741695279040838609387907293570398343466910333821974286463193525306351116274449646462371411860842036965236745203818631686227029264374332547323588347145290207987992602376691303775812437209612680744628450462877218234053139288324011878248278509209272134908734818492360055994982690196990881290142955141123473833872429235365841572495184360405097006383678057620494539504822887284472317681448070757819346655747348375389837927733491335085142817835746248988532840302604825883387207788666341032902056164714805859199343644592399369560341080039951733246339236691368384959002211919397402647118490616943176790861710560287911650946001835629 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d7101955e8598274c2fedb1e181b8bf8fb777bc1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mesk.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mesk.io' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f60756a140000040300483046022100b465702cae6a7bd787738c96be3d467aeef03c0a6b1812c186f4081042ac4556022100991e4c397119116e24c27aead7699681f5a4839e3dd83e1a9593a104bfc5dce50076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f60756a2900000403004730450221009cb79b14338548196e6e3033bf1da72a0a59462026aa099adf36ecab1d59e33f022013fda8c9f5cc8093d7acd0863cefefbbae8eca6f12c425619ce5787d7e47bbff . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b2b948204a3a5fe2aab899d8d29b496c3dfc6419795e990e9a2cda40488264a592ef3c1db7f02caa291c475bf02aebad49264f24735d481e0fde2f34f3badb825f117708d9ef2f3642a572d6841173d5c3ebf405e942041fd1129355f539bccbd8df7a78cf0ea83dad15d2934b2a81c46998b30797516cc209c14d1e3cfe7203fc74289368790d597178c91f84339826c48cacab194100f888cc099ff4a03e8d53cc2f0131c3544e7ccb845a4eaf661a9922233fc38e4c65181c2237f8ae5f77d82cdaeefe63a552d747277d8ff1f76fa7e5e3d9d69f55a57ff7918bbb7a0a8dd152f1340e8bdfb34657c240472fa99c175f109d15bace6f1eb63ecce1623c56