tns-nikkoo.com
Issued by R3
About this certificate
This digital certificate with serial number 03:fe:d4:f9:91:da:08:05:1e:fa:e4:c8:0b:67:58:4c:7b:10 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tns-nikkoo.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:fe:d4:f9:91:da:08:05:1e:fa:e4:c8:0b:67:58:4c:7b:10Serial Number (int): 348051671168446901025312631830563435346704
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: cb:ee:f7:35:a4:31:49:fa:60:fc:16:ab:82:2e:a1:1d:d9:9a:3d:d0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fc:0e:55:af:ad:b1:6a:b8:ff:c6:98:48:e8:be:ce:8b:25:48:4b:ae
Fingerprint (sha256): 1f:c7:34:72:e0:0b:da:28:6c:7b:4c:a4:74:74:76:2d:8b:19:03:14:1d:ae:b9:66:4a:d4:ea:05:67:94:1d:96
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate tns-nikkoo.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tns-nikkoo.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.tns-nikkoo.com
tns-nikkoo.com
tns-nikkoo.com
Other certificates including the domain name tns-nikkoo.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for tns-nikkoo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISA/7U+ZHaCAUe+uTIC2dYTHsQMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTkxMDEyMjhaFw0yNDA3MTgxMDEyMjdaMBkxFzAVBgNVBAMT DnRucy1uaWtrb28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA ujyCk3RP+ecBkzkXpRWPcaVkJ5sdwT7+SV/nOi7nRaUMwvCLFGl0BidCRXUewc3u h6aa8VQspnBtQ/kX1L9vtnqBN+qf4vdQIDvshQZIactjlMY1/YUGO5l+szo2TRQp Oy+s1L6GvAktw/WQs6M0EGZHZJp4NDc5urKId/l8ulvw1LtVLlvUDOS0H5E3RvuB AjQ547LxDPWBytG8t9XpUd79p0UOzpqCJtpBM5AslNu0UllvJXoKSd3RagXEZG9D m3mGEReA7P9MsMdB0ZJqvJZU7YM7dfHsa5sNOVi7GimlzjjkxnQoHQOlXEh/8Meg H1nBHZa1cQLSNAQXH88VUQIDAQABo4ICIzCCAh8wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBTL7vc1pDFJ+mD8FquCLqEd2Zo90DAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzArBgNVHREEJDAighAqLnRucy1uaWtrb28uY29tgg50bnMtbmlra29vLmNvbTAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AD8X S0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABjvYOye8AAAQDAEgwRgIh AJjxmpSdXZY9zs71zZ9S6YcJAcKzMR/sRpW/wRrKzhbeAiEArLnAFlxhq/7V7aM/ ETcxJkZJzVwEq1WPqvBNfSK+TZQAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIK n+ZnTFo6dAAAAY72DsoyAAAEAwBHMEUCIEmnWDPRkGZ7FwaidX82QI63AWn7H4XZ pFGb8Kejct9PAiEAgsMuLh9dJeAAejVx6dEczVTc/weKBTcrIyQkAvLxhBwwDQYJ KoZIhvcNAQELBQADggEBADz9W/MJFbry6DQsOFW9jfF1dlPuPY2mxUXQSMTX1GAa yb+5z59fycL9wgKQH7R0KOQz0ijh2pOeQADpfyQHuihiwjtBbQhqMp7DOneaT2hg Pm0CKGUot/k0SoJeMeCMFM3e/bTO2AY+nCL/oiLsvV1tBZ3c6mG72MZ8kXmrdGue D2KhO1Vzo9A3gjzYTwQEVCPJH6wUFly6uwiGBD0de1trF9sfrSBjmR+pJ0PyMkEs 72dI9FdLgH8HFiUiRNNt7fQkkPiFRKhvjzhRnXAdFUR+voDB7lyHPUFmYEtgBzxK C2+DDsHrqrqTF0RKxeHxv6bt4XdoATHYcULrNv3HnSI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujyCk3RP+ecBkzkXpRWP caVkJ5sdwT7+SV/nOi7nRaUMwvCLFGl0BidCRXUewc3uh6aa8VQspnBtQ/kX1L9v tnqBN+qf4vdQIDvshQZIactjlMY1/YUGO5l+szo2TRQpOy+s1L6GvAktw/WQs6M0 EGZHZJp4NDc5urKId/l8ulvw1LtVLlvUDOS0H5E3RvuBAjQ547LxDPWBytG8t9Xp Ud79p0UOzpqCJtpBM5AslNu0UllvJXoKSd3RagXEZG9Dm3mGEReA7P9MsMdB0ZJq vJZU7YM7dfHsa5sNOVi7GimlzjjkxnQoHQOlXEh/8MegH1nBHZa1cQLSNAQXH88V UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 348051671168446901025312631830563435346704 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-19 10:12:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-18 10:12:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tns-nikkoo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23510163347593946666321385445588845491791909672477586778498721318533643996089081936023731521226867170306056063256081274786743549105518342858167183936680463777913178958205479729861957671723269498584471708978912156332868734420693085284638186092632710290436799529610962919341710661252694715333318761985715477395908827792807203139904916119553696823892311511450155603343220587317770627764888779788078731108975621957913690478323880062719410074776978194072949495632845768164685521701241153899592398322986004622430043411620913568653487597228867996539749637343692677581511491701455814947775352500783209277264473813892574680401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cbeef735a43149fa60fc16ab822ea11dd99a3dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tns-nikkoo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tns-nikkoo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ef60ec9ef000004030048304602210098f19a949d5d963dcecef5cd9f52e9870901c2b3311fec4695bfc11acace16de022100acb9c0165c61abfed5eda33f113731264649cd5c04ab558faaf04d7d22be4d9400760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ef60eca320000040300473045022049a75833d190667b1706a2757f36408eb70169fb1f85d9a4519bf0a7a372df4f02210082c32e2e1f5d25e0007a3571e9d11ccd54dcff078a05372b23242402f2f1841c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003cfd5bf30915baf2e8342c3855bd8df1757653ee3d8da6c545d048c4d7d4601ac9bfb9cf9f5fc9c2fdc202901fb47428e433d228e1da939e4000e97f2407ba2862c23b416d086a329ec33a779a4f68603e6d02286528b7f9344a825e31e08c14cddefdb4ced8063e9c22ffa222ecbd5d6d059ddcea61bbd8c67c9179ab746b9e0f62a13b5573a3d037823cd84f04045423c91fac14165cbabb0886043d1d7b5b6b17db1fad2063991fa92743f232412cef6748f4574b807f0716252244d36dedf42490f88544a86f8f38519d701d15447ebe80c1ee5c873d4166604b60073c4a0b6f830ec1ebaaba9317444ac5e1f1bfa6ede177680131d87142eb36fdc79d22