www.sfoco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:12:d1:bf:97:28:ec:74:77:98:2f:f3:93:3e:4b:a7:39:e4 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.sfoco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:12:d1:bf:97:28:ec:74:77:98:2f:f3:93:3e:4b:a7:39:e4Serial Number (int): 267740743845562815766181078522673825790436
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 50:56:1c:50:11:b4:3d:5b:c3:44:ee:b8:ec:66:4c:06:fc:4c:d4:74
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 34:13:b7:fb:70:a7:d9:2e:a6:57:d0:83:7a:78:dc:ce:3f:52:13:64
Fingerprint (sha256): 24:cb:90:67:62:6c:cb:90:46:f5:ab:48:2e:82:e9:83:5a:5d:fd:94:44:00:72:9e:7f:11:28:6f:25:7e:8a:0c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.sfoco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.sfoco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.sfoco.com
Other certificates including the domain name sfoco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.sfoco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISAxLRv5co7HR3mC/zkz5LpznkMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTMwNjIwMTNaFw0y MDAxMTEwNjIwMTNaMBgxFjAUBgNVBAMTDXd3dy5zZm9jby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDNmsOTmDDE+kmQn6ia6ehI3YVB608c6TUR 6ZU0tSCfiACivC3cnEvuvIqcxGlMRpsyWfstpQoiNf9qMEXNtdqTyJksNFOoEy2b 2H2j39urGKNkxOZMkl3dHOGFkej4f/fQfrMpQfX2qSVDcqNMOKxsIdxvRNgeGMFb u0TvBA6h/ouG4O8xDPH9638nWcY/Uf4/90+sI9BPF6S8unTLip4nAkYMbllMBG0Z jiUV60vQNQYEAALYdZbMaXZn3SRotn5clI/phA5EB2/g600qAbcVMiRe+/xvp6pi vQZDgdTbbTQ+I2t09UVaSHikJ8+CGxJqcZgj0VK/pHJRdQ1ojl19LCqXCtJEUCUY GswjKaKIDics6YY77NmnH1HmRbtZh4v8wUAfQY3mvF17IUVitimhjb1g9dEqejyI eFBobrmxtCjYzAgi2VnuNA8nCAccv4uVQMcWeYGp+Q+zgpAM2NmIdd2+IBnY+Fxe zNbw82nqGVrBumIoY7r4Uco0sfdpJytfMDlhcv0tdxR249H7f5oZ7VNI60Oof8En 9Vn63yv4+xv5rdoUedO1NXySQ+6CBD80/3TrO7OVYhTGNa79ujQg7N/bXP+ABOmX dVFpnpAhC4AmMjzgdtMk07KJSKG7Ihv3U1csr87brN7lqVPNbNWxSzvhpHxFFA7n uAu7RmnwGwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRQVhxQ EbQ9W8NE7rjsZkwG/EzUdDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5zZm9jby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHx AO8AdgDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAW3D/TE5AAAE AwBHMEUCIQCTdJvqmnVAzFRBd7WfDwsfqMYeSYY/k/QYRylsoXIZ6gIgcW1zAYBt 9NykhIa7VVtgEjhT4dJ7j2WN85Q+0mfHYrsAdQApPFGWVMg5ZbqqUPxYB9S3b79Y eily3KTDDPTlRUf0eAAAAW3D/TEyAAAEAwBGMEQCIA7/jZDJXSRCLOCVpITWijUn XItZW8wKX+vJAIwF/GNAAiBmREd3g4ffI7HNe/uhfAN5x9s2uC7uGCZl5J0uz55m 5jANBgkqhkiG9w0BAQsFAAOCAQEAY8pbK2muynPk70R6DQypfrybXW/e6cgYKRba ljlOeWSYltGHNLk3rVLX18a+AzDzceKLBbKDQWTNYDLJu3F9kwRGuDhK0IzFFbqb GXKO4igGYojJ1xgDCKRkKY3m7PbrBSvQMvb02Plr7jtYHcTLgVCmSQ5AMlNOxgAB KSuuLPPlsC6FNScdybBgY16jiS1extz+7QzUNWJiS5CC4kFgF2mNGfegZFS46fk8 GDG4l3z6J/mLMRy6Abi6BezgwpDjc+HU/IIHOm2JWWpcNPexkcyXEg0TqbSDvy9j t6VQM0siDvigmfB4lUnnAp2Qry1FSf/Vzxi1ZCSwceMWP+QVhQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzZrDk5gwxPpJkJ+omuno SN2FQetPHOk1EemVNLUgn4gAorwt3JxL7ryKnMRpTEabMln7LaUKIjX/ajBFzbXa k8iZLDRTqBMtm9h9o9/bqxijZMTmTJJd3RzhhZHo+H/30H6zKUH19qklQ3KjTDis bCHcb0TYHhjBW7tE7wQOof6LhuDvMQzx/et/J1nGP1H+P/dPrCPQTxekvLp0y4qe JwJGDG5ZTARtGY4lFetL0DUGBAAC2HWWzGl2Z90kaLZ+XJSP6YQORAdv4OtNKgG3 FTIkXvv8b6eqYr0GQ4HU2200PiNrdPVFWkh4pCfPghsSanGYI9FSv6RyUXUNaI5d fSwqlwrSRFAlGBrMIymiiA4nLOmGO+zZpx9R5kW7WYeL/MFAH0GN5rxdeyFFYrYp oY29YPXRKno8iHhQaG65sbQo2MwIItlZ7jQPJwgHHL+LlUDHFnmBqfkPs4KQDNjZ iHXdviAZ2PhcXszW8PNp6hlawbpiKGO6+FHKNLH3aScrXzA5YXL9LXcUduPR+3+a Ge1TSOtDqH/BJ/VZ+t8r+Psb+a3aFHnTtTV8kkPuggQ/NP906zuzlWIUxjWu/bo0 IOzf21z/gATpl3VRaZ6QIQuAJjI84HbTJNOyiUihuyIb91NXLK/O26ze5alTzWzV sUs74aR8RRQO57gLu0Zp8BsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 267740743845562815766181078522673825790436 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-13 06:20:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-11 06:20:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sfoco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 838793369552233494603181683838177658667535946051327302368039984334652238997131320344701301744163967716999911672757832410460081388449644074669555147672050665756058905392877473121941402033182550275344954122078807172135572502595350931725352233948761911869714265375086023294386400823875220513863022840349519208118230442874998563932180129507816176287809554258726291547474507911155572710137183947410747830477145210429376993636184907860096433107201720651177249435391044549597068750451574906986537140827972896810687623925926376021136277411442366770187071762827739925471927535358046774874944401581632797030948725927806965683568146398365140823032930019294182185429994070583943373340771784610793937582898143855799537464791970291492734722922882534917943519327096965679255954515850253016128801912532405961776449749542486150047845358814134092672780715088109689159850681498836174015373367461463066434566418011810849201082056644064237373729292351620092939701120255860473795065468407091359337945914519523735437181021468696502617584680582650403759409284662574855310174408575338583507893661961112244049640194443369511305799987693655179461819954942248929579142674780530108439672115273982613700092436421283401428458031823044552255427884195700916282322971 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 50561c5011b43d5bc344eeb8ec664c06fc4cd474 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sfoco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016dc3fd3139000004030047304502210093749bea9a7540cc544177b59f0f0b1fa8c61e49863f93f41847296ca17219ea0220716d7301806df4dca48486bb555b60123853e1d27b8f658df3943ed267c762bb007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016dc3fd3132000004030046304402200eff8d90c95d24422ce095a484d68a35275c8b595bcc0a5febc9008c05fc63400220664447778387df23b1cd7bfba17c0379c7db36b82eee182665e49d2ecf9e66e6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0063ca5b2b69aeca73e4ef447a0d0ca97ebc9b5d6fdee9c8182916da96394e79649896d18734b937ad52d7d7c6be0330f371e28b05b2834164cd6032c9bb717d930446b8384ad08cc515ba9b19728ee228066288c9d7180308a464298de6ecf6eb052bd032f6f4d8f96bee3b581dc4cb8150a6490e4032534ec60001292bae2cf3e5b02e8535271dc9b060635ea3892d5ec6dcfeed0cd43562624b9082e2416017698d19f7a06454b8e9f93c1831b8977cfa27f98b311cba01b8ba05ece0c290e373e1d4fc82073a6d89596a5c34f7b191cc97120d13a9b483bf2f63b7a550334b220ef8a099f0789549e7029d90af2d4549ffd5cf18b56424b071e3163fe41585