knhco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:ac:f6:1c:01:36:27:83:b2:3e:fa:52:c9:60:5b:f3:2b:69 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=knhco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ac:f6:1c:01:36:27:83:b2:3e:fa:52:c9:60:5b:f3:2b:69Serial Number (int): 407304846333290490087934282291461850606441
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ec:46:1b:23:ea:9a:38:c6:3c:9f:69:81:4f:8e:71:fd:48:91:bb:0e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e8:10:d5:fa:62:77:e8:17:24:92:09:d4:5b:1c:c9:12:a3:c5:9a:fc
Fingerprint (sha256): 26:de:d7:e8:34:65:76:cb:ee:95:a4:04:19:3f:19:9a:cc:7e:3d:6c:59:b6:f7:6a:f0:1b:68:82:7d:10:29:d1
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate knhco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for knhco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
knhco.com
Other certificates including the domain name knhco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for knhco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTDCCBTSgAwIBAgISBKz2HAE2J4OyPvpSyWBb8ytpMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTkwMDI4NDVaFw0y MDAzMTgwMDI4NDVaMBQxEjAQBgNVBAMTCWtuaGNvLmNvbTCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBAMEJ58pve4O/JVCLGPsypgcmAqpg1LaYX6un59AC olLv8ddZ5GBOXwGeLAH2JzGmZ1MuHMLFw3e6honAGzkUEhd4MQAH93exliTucGnB 97C1KxlLMeMrtKVDAkS3QvQoMNx80LnhSPVq3W1seoMgBuUcUvqDzStVKKbZiLu8 ZK1h+ET38UyjYDlX2XaKgjuBcjKnObTB9G6B3lzbqfxd7ro49MGQd8Cv/u8+cNBw HAYHbwez+MjPFGpY6vV4JrZpHSeUqnVJCxBNNQ/MClFpP8HSrqMqOL+7za+1ITwo nW5vTbJ5NlsaNZ4Rc8h12NHhl41uxCaxCDvurovi6aGkLyuUwodH9dZb91kw2pPE kEMM5dY2LdXgtyaD4KM7ahjUb6UvuVEXeB40qi9qK8QbW/0Y/jqg/QfrfdXhJF/L gdpteF2y8bZigUwiHglLoKTMIBYLzOuBlRPCwYsYCz5uvojywLrWPafhroGG+20B Jb4BkLfa7CTPk1fdYsfl9AujrrfkXeCZuIZBO9U9f+zUq3RMfC0U9tW4N7SaY5I9 N+9H7TyRW1YN59BtUSK2TywlG7oMmrKFVGZHlSaa1fuReFZfBU4r7wN3A2D8Kp3W G7xsCJ1sCOIp4ROxdToS+9Ot+VizH1loKSKmoFenepU6w2WkAi0D0TBx57K4hvKi RDOBAgMBAAGjggJgMIICXDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOxGGyPqmjjG PJ9pgU+Ocf1IkbsOMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wFAYDVR0RBA0wC4IJa25oY28uY29tMEwGA1UdIARFMEMw CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAb1N2 rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFvG8V9uwAABAMASDBGAiEA xUsIxKzWpdieETTMtIfNs11PDREmLysJiV0xbe6KD+4CIQD1R+KsQelLYHXaXiGq K8y51WwbcoB4ZbGp2a6yma2j0wB3AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxh Ohpp06IcAAABbxvFfbsAAAQDAEgwRgIhAOnpC2+28q6mhf0wgThWLPj7vuWPipHO hnvaVQC/k0uSAiEAuwcCBYCItK2CAkiFGlzc3LrEGRLioibnWGEAGz8nG+QwDQYJ KoZIhvcNAQELBQADggEBAEDhiq5YU+cGlSGzWvn0zNBx9MeMrB/b3CbM3g30+ulT cqrh3MExZSn0Wdk5E57roQ/FN+l8De3KtYoFyGy1vjgrl2Jf4nmtp87Rgo8OFgiQ 5Q6NM5Iw8C09CL7+j2rvuDRkNd+/lZqiA1BRNaTDLFlnbXJIQLcObOejl2LXkT1G mHdMXUJPbUyABq4OcrYycojFlzXQHaKkkXTLHvhe0wEjrcJKPfxLz885z8uTXcqz YgfE9b46Da3a0HHSPQSDeyWf3qCptKK6IIZYH7H8u9Bw8Uw7wPdnyO4GAyTxmCIC v3VLO82HacC8tkLpawoyrE3kpW/EhC4JaI1Zzwq016o= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwQnnym97g78lUIsY+zKm ByYCqmDUtphfq6fn0AKiUu/x11nkYE5fAZ4sAfYnMaZnUy4cwsXDd7qGicAbORQS F3gxAAf3d7GWJO5wacH3sLUrGUsx4yu0pUMCRLdC9Cgw3HzQueFI9WrdbWx6gyAG 5RxS+oPNK1UoptmIu7xkrWH4RPfxTKNgOVfZdoqCO4FyMqc5tMH0boHeXNup/F3u ujj0wZB3wK/+7z5w0HAcBgdvB7P4yM8Ualjq9XgmtmkdJ5SqdUkLEE01D8wKUWk/ wdKuoyo4v7vNr7UhPCidbm9Nsnk2Wxo1nhFzyHXY0eGXjW7EJrEIO+6ui+LpoaQv K5TCh0f11lv3WTDak8SQQwzl1jYt1eC3JoPgoztqGNRvpS+5URd4HjSqL2orxBtb /Rj+OqD9B+t91eEkX8uB2m14XbLxtmKBTCIeCUugpMwgFgvM64GVE8LBixgLPm6+ iPLAutY9p+GugYb7bQElvgGQt9rsJM+TV91ix+X0C6Out+Rd4Jm4hkE71T1/7NSr dEx8LRT21bg3tJpjkj0370ftPJFbVg3n0G1RIrZPLCUbugyasoVUZkeVJprV+5F4 Vl8FTivvA3cDYPwqndYbvGwInWwI4inhE7F1OhL70635WLMfWWgpIqagV6d6lTrD ZaQCLQPRMHHnsriG8qJEM4ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 407304846333290490087934282291461850606441 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-19 00:28:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-18 00:28:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'knhco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 787529159188956444722513555232884148462330171045967382305985976352865567929964537423535250120160721244842287786567689544338108505879744533729389630662879077206370591910504287894954270495189211552568855019998258968972668150860894143676861416728352282476237676645599827445883529274543779675832767268418801196978012655157313566948376909168080751969884033738885681682785107429856245910422805902722807993614003848099829466618077848779152829115067207306913048668801235176300693207620235323099943235367664117444477374831313837576489344314725305789509288691950812132800080889395811210407538761068287512502122493471512230539033259335387769643599023991950937453843934127033535419769543357601406885708769403377214483774980053780691292055024905009660365111531786848981054752322771498112467544123867481068572400455732347523297905102207162954078234469994801096788126436530659551075798093510001590194716326091243398180679934543591104559687827891985277782515970790289270409227267307002341949248447592046150875091241765702472765402297989286254057940956566115861443223817633699197522246028156635710355344805283207274065658939254779433464381218252814231145858764025266978484711197716893088012206548481073590426896178651503263656918441414135015857730433 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ec461b23ea9a38c63c9f69814f8e71fd4891bb0e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knhco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f20077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f1bc57dbb0000040300483046022100c54b08c4acd6a5d89e1134ccb487cdb35d4f0d11262f2b09895d316dee8a0fee022100f547e2ac41e94b6075da5e21aa2bccb9d56c1b72807865b1a9d9aeb299ada3d300770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f1bc57dbb0000040300483046022100e9e90b6fb6f2aea685fd308138562cf8fbbee58f8a91ce867bda5500bf934b92022100bb0702058088b4ad820248851a5cdcdcbac41912e2a226e75861001b3f271be4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0040e18aae5853e7069521b35af9f4ccd071f4c78cac1fdbdc26ccde0df4fae95372aae1dcc1316529f459d939139eeba10fc537e97c0dedcab58a05c86cb5be382b97625fe279ada7ced1828f0e160890e50e8d339230f02d3d08befe8f6aefb8346435dfbf959aa203505135a4c32c59676d724840b70e6ce7a39762d7913d4698774c5d424f6d4c8006ae0e72b6327288c59735d01da2a49174cb1ef85ed30123adc24a3dfc4bcfcf39cfcb935dcab36207c4f5be3a0daddad071d23d04837b259fdea0a9b4a2ba2086581fb1fcbbd070f14c3bc0f767c8ee060324f1982202bf754b3bcd8769c0bcb642e96b0a32ac4de4a56fc4842e09688d59cf0ab4d7aa