www.okwco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:fc:5a:45:2b:66:93:61:35:bd:4e:bc:5c:48:76:00:68:e6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.okwco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:fc:5a:45:2b:66:93:61:35:bd:4e:bc:5c:48:76:00:68:e6Serial Number (int): 347208003927731611413812373561600469133542
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f7:e6:7c:2f:1c:8b:ef:dc:bc:5b:36:b5:42:08:15:b2:89:21:aa:ea
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 9e:63:8a:ca:62:02:ae:a3:e7:2b:cb:bf:be:e5:71:54:70:d8:19:76
Fingerprint (sha256): 24:88:bf:a1:42:a6:4b:df:2a:b3:39:e8:5d:e6:71:32:25:b0:74:db:f9:30:e6:2a:aa:2d:a7:27:cd:f9:2a:21
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.okwco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.okwco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.okwco.com
Other certificates including the domain name okwco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.okwco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISA/xaRStmk2E1vU68XEh2AGjmMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTIyMTE1MjdaFw0y MDAxMTAyMTE1MjdaMBgxFjAUBgNVBAMTDXd3dy5va3djby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnxkBfJF+PZSYyvZ4mjOaYbYx2iuqIKCqo whSkUmCZ1cuVjtWyvAPkQDvz1cmCMDtv+iTr0q/TPlBdBZ/zLDQNbOVSXZbjXc3o PQbgfSVbqMH3Jg8tH2f8uDm+CPqRmCYKLGk7wNLT3s5JlR+5M23EoX72vicM8Pzy qDkzyTfOuM/lPrLP18aG4iptMNngepxzvCKlSWHWk0RaQwmw0S0zt7q6Kjw35euV 2Qix+EvXYj7EIoQ/3vg/okph/aLV7VyQmfPfBPBNhejMX3aA3Hc77JD5KhbA9uHc YDo3P6uxkTgmOGtRrzFrQx8V/I1C0SoZFuGhyz5+OA8/xHvZbQbWDww8WLO3WOuQ cmxZByXb1bwz9OPF0JYC/0qrecoj0gL8kPXZS27JNRsQw8FvFCSRa8Rg+LzPRY8Q hznpQXxcKFyF9MtY90u2p6i5XcfACulDbyyAcmOXMTPD1+ibq+AxzGs+5AhfqFm6 hdpKrME6hplEi3VsayFLfi53vGz0/A/AYWDHAOf2xwzH0501PH4PK+Z+MfGwkJmy NUXyFVrgkL8CW6/70K1g3TK9kguDhPZERB3SATZJKCZkWTsPMwtGgXQVIUXWjIsy a4GtvbzrFY7USrFuiCJYvDopVh70HPrRe3mY+JD5UqsYJ/Z4jCh4kJH3Klg/SxKz YSf/dK+LTQIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT35nwv HIvv3LxbNrVCCBWyiSGq6jAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5va3djby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHx AO8AdgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAW3CCnHWAAAE AwBHMEUCIBBm+adYjKAbGbsDxukUrfFC3T8Y+QfRJyk/qlM9DnQoAiEA5Hez/y3t Aedh7iDZTpKLxURbSuhpm46O5l8GVOavVA8AdQBvU3asMfAxGdiZAKRRFf93FRwR 2QLBACkGjbIImjfZEwAAAW3CCnPkAAAEAwBGMEQCIFWbv7ua5IUujaL5zlIV0S3t QXsOqjohWVvPANgbvz+NAiAv6yMCB+RPdtUBIBvCvaMRqzEZFLIWV5iC75F/CXlX rzANBgkqhkiG9w0BAQsFAAOCAQEAFj1eFA1mMkjRiztqdQ6qfJ1PFQ1epdG98Nmk wHPO+T2R1eTD1fJuUiZwb4McyKt0X3aOvkyDb33oUu93syRow4uhBLdWGbOcJO3k 4nFbbh5GpWg6mOQgdQAarrwxzy20E4cS3euiv4I4DKm7pe5f9UXeIoxGNt4cmL8E WMWDH3GC4v8FbjBKOzC8IsN4Hkry9saL/mYinFGo1CAzWFbxocX2OBdVMik5jHX3 R8q2erKNEdQ792uyJWviaJz6ZIeIJBjpTTqgzWAaoWkgEKB1mUbB/v8FXDgLjR1a 5QilijFRL6yOM8kbVGq+vAAYgyHu1/G9QTYhyWNZ+3hbWD//EA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8ZAXyRfj2UmMr2eJozm mG2MdorqiCgqqMIUpFJgmdXLlY7VsrwD5EA789XJgjA7b/ok69Kv0z5QXQWf8yw0 DWzlUl2W413N6D0G4H0lW6jB9yYPLR9n/Lg5vgj6kZgmCixpO8DS097OSZUfuTNt xKF+9r4nDPD88qg5M8k3zrjP5T6yz9fGhuIqbTDZ4Hqcc7wipUlh1pNEWkMJsNEt M7e6uio8N+XrldkIsfhL12I+xCKEP974P6JKYf2i1e1ckJnz3wTwTYXozF92gNx3 O+yQ+SoWwPbh3GA6Nz+rsZE4JjhrUa8xa0MfFfyNQtEqGRbhocs+fjgPP8R72W0G 1g8MPFizt1jrkHJsWQcl29W8M/TjxdCWAv9Kq3nKI9IC/JD12UtuyTUbEMPBbxQk kWvEYPi8z0WPEIc56UF8XChchfTLWPdLtqeouV3HwArpQ28sgHJjlzEzw9fom6vg McxrPuQIX6hZuoXaSqzBOoaZRIt1bGshS34ud7xs9PwPwGFgxwDn9scMx9OdNTx+ DyvmfjHxsJCZsjVF8hVa4JC/Aluv+9CtYN0yvZILg4T2REQd0gE2SSgmZFk7DzML RoF0FSFF1oyLMmuBrb286xWO1EqxbogiWLw6KVYe9Bz60Xt5mPiQ+VKrGCf2eIwo eJCR9ypYP0sSs2En/3Svi00CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 347208003927731611413812373561600469133542 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-12 21:15:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-10 21:15:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.okwco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 684459916230925318704864260479119919169305281531043394049859371357644278883934029593239207655947520224643235896434691550338882527994223677025977276032245126233428427928986870912951223369937766953910662579410101138267918228287025000716527991544010451745802183859312819951185494738199828376927631146735860534489618147890288775641341409719168787150209277296319631474594192858829196973049014999276613370097321872828397622443482303921206184106017856822918760247067201470172193570073418337371884517645587855065805703488322159866869359972023731714470520040829498876833409424502519286995442663777154441103187075850247268012380566266750285141715928405381892129136542024553331857938429788472064101750317405183754421888857109040441393079608729003178292091577440360860501848716382180469042849030962850110993186132557693751409817653086691624337124070293496835811541990193271552001698927782931651211405815451448073001872859116448232388542087411786913767395667991561173150529191537407672891517690092164532704097538325756421242566482195156706166007934793164791882393412543556828919973540436294995698464263641032099907133977700115122867056421903412158455978669786329072119854686456063338584891628814316225804698478241688596832828215532399148586208077 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f7e67c2f1c8befdcbc5b36b5420815b28921aaea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.okwco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016dc20a71d6000004030047304502201066f9a7588ca01b19bb03c6e914adf142dd3f18f907d127293faa533d0e7428022100e477b3ff2ded01e761ee20d94e928bc5445b4ae8699b8e8ee65f0654e6af540f0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016dc20a73e400000403004630440220559bbfbb9ae4852e8da2f9ce5215d12ded417b0eaa3a21595bcf00d81bbf3f8d02202feb230207e44f76d501201bc2bda311ab311914b216579882ef917f097957af . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00163d5e140d663248d18b3b6a750eaa7c9d4f150d5ea5d1bdf0d9a4c073cef93d91d5e4c3d5f26e5226706f831cc8ab745f768ebe4c836f7de852ef77b32468c38ba104b75619b39c24ede4e2715b6e1e46a5683a98e42075001aaebc31cf2db4138712ddeba2bf82380ca9bba5ee5ff545de228c4636de1c98bf0458c5831f7182e2ff056e304a3b30bc22c3781e4af2f6c68bfe66229c51a8d420335856f1a1c5f63817553229398c75f747cab67ab28d11d43bf76bb2256be2689cfa6487882418e94d3aa0cd601aa1692010a0759946c1feff055c380b8d1d5ae508a58a31512fac8e33c91b546abebc00188321eed7f1bd413621c96359fb785b583fff10