saintjohnthebaptistparish.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:5b:13:ba:7e:50:62:6b:06:19:11:f2:37:40:52:58:15:fa was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=saintjohnthebaptistparish.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5b:13:ba:7e:50:62:6b:06:19:11:f2:37:40:52:58:15:faSerial Number (int): 292328776846174062970636338453098373060090
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 5f:35:93:42:4f:5c:cf:9b:ba:46:4e:f2:8e:40:bf:07:b4:4e:c1:a5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ec:e7:f5:63:2a:44:71:eb:04:2c:a1:fc:2b:a9:00:1c:52:a7:b2:f8
Fingerprint (sha256): 27:24:8c:a5:1e:24:cd:b8:93:e9:36:3c:e5:b2:a9:fa:54:74:2e:fd:3c:bb:a0:e8:b2:50:68:bf:80:13:af:b6
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate saintjohnthebaptistparish.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for saintjohnthebaptistparish.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
saintjohnthebaptistparish.com
Other certificates including the domain name saintjohnthebaptistparish.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for saintjohnthebaptistparish.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGczCCBVugAwIBAgISA1sTun5QYmsGGRHyN0BSWBX6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDgyMjI3NDBaFw0x OTEwMDYyMjI3NDBaMCgxJjAkBgNVBAMTHXNhaW50am9obnRoZWJhcHRpc3RwYXJp c2guY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoa0K6tTX2nTe q9KdtTaegmb5qRcDQKqeeRpvKKvbw71u2m6cyb6uQ9NLBbrGlTS18IflQHht7TqJ S+kmDZ/+aPqTX9Mzu9arfiGyNAiUqRiiqT+Ab9/xYJKRvZ+zYpR9pTGOMZrYMZ86 Ud7/R7uGkf9Okrlo037l1X4HaXkp8UymRZuFN03Q6kNTK2gfjSuNVW03NXvrm+XL UbNNE5IPWwoYEdCMx31O/mUcqMb9y6+f/o9YMhxBo5a2pAjz1fDBWDHd1dHGecFb Of3iFhVqZ4pZMHgHmUgK7FVj11yMqNSN4Pei753Qkj6T8a0m4erVfXGBf88e4Wpo BqtU/Qb3HqXTaVYzlhVZfVfatLWaVOiyB3/SFgclYqXViegU9OICM31pDwNbJijx 27IKLUh9HIGvLdIa644ql3eLx2UJzp2glc1HljODu37XH+7X2641gdh416urZeEk Mz2DXkB4gnFrFZQ7JWEECHPb1CiG9mNW/Sw+xjBXL1RGyJf9HyuklXreVpiV6z4v gCTeqKzxi1vs98p3Hn77Iqb5ewCF7d49HvrixsFm8kUHisAVDJnVzBwGGpLrBaKl VQj0GHaxwDHfA/xzrsqxtz2+CgsZK4Y76P1kOLPgEEKdmxZ3sFMMoFxJPV1H9Agc Z8ifzk4kSmuEhsVRql/PTNjcDgEH4O0CAwEAAaOCAnMwggJvMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUXzWTQk9cz5u6Rk7yjkC/B7ROwaUwHwYDVR0jBBgwFoAUqEpq YwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJo dHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNo dHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAoBgNVHREEITAfgh1z YWludGpvaG50aGViYXB0aXN0cGFyaXNoLmNvbTBMBgNVHSAERTBDMAgGBmeBDAEC ATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl bmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AG9Tdqwx8DEZ2JkA pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa9PqEIAAAAQDAEcwRQIgYeSP3HxAeTra sOAox9mEjSsF2RkCiek/6mzxSflpGUMCIQC3r4w2Dt0qPLbCAR1pqZTOATAjBblQ bSA//zzPRtZCqQB3ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAAB a9PqD4sAAAQDAEgwRgIhAOmAJEEMAPGNSAAN82dYUGG2miPPRUKztRf2mO81DU6d AiEA89OV+CtHX2U4CxrQX7SW1YFHVbG1/mfQoJUUL9PEfagwDQYJKoZIhvcNAQEL BQADggEBADkxz1mKmn5cV90zpYhly+6qNjaBa+6FnZ3PwGQ9rSh1MGvd7yKfmU6O 9ejrQBxA11nJEz0wvl9LAAUGdNaABR3REVirO6mhasElvKRk3wfvYw7lAOo85d/s cOkWwQiCtu8kIBHVovL798JlHxVLxXJh66Mvdc27ZOsTSmB0HDa05RTCimJfOVFC /D6br7s3EhVx8bam6nyJAzvJaUrbyNOXSkEYUzDPUZHeArSYwog3on3DhmGufDHm 8SFrNyooOZVFktr9r4WV+KgaEghJrcxMEDBO4hPUKvpfluWU7bWxaKht4s5ky2dF Xzu7ONmUAKngPa7sH1kJNc6Fi3lVpI0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoa0K6tTX2nTeq9KdtTae gmb5qRcDQKqeeRpvKKvbw71u2m6cyb6uQ9NLBbrGlTS18IflQHht7TqJS+kmDZ/+ aPqTX9Mzu9arfiGyNAiUqRiiqT+Ab9/xYJKRvZ+zYpR9pTGOMZrYMZ86Ud7/R7uG kf9Okrlo037l1X4HaXkp8UymRZuFN03Q6kNTK2gfjSuNVW03NXvrm+XLUbNNE5IP WwoYEdCMx31O/mUcqMb9y6+f/o9YMhxBo5a2pAjz1fDBWDHd1dHGecFbOf3iFhVq Z4pZMHgHmUgK7FVj11yMqNSN4Pei753Qkj6T8a0m4erVfXGBf88e4WpoBqtU/Qb3 HqXTaVYzlhVZfVfatLWaVOiyB3/SFgclYqXViegU9OICM31pDwNbJijx27IKLUh9 HIGvLdIa644ql3eLx2UJzp2glc1HljODu37XH+7X2641gdh416urZeEkMz2DXkB4 gnFrFZQ7JWEECHPb1CiG9mNW/Sw+xjBXL1RGyJf9HyuklXreVpiV6z4vgCTeqKzx i1vs98p3Hn77Iqb5ewCF7d49HvrixsFm8kUHisAVDJnVzBwGGpLrBaKlVQj0GHax wDHfA/xzrsqxtz2+CgsZK4Y76P1kOLPgEEKdmxZ3sFMMoFxJPV1H9AgcZ8ifzk4k SmuEhsVRql/PTNjcDgEH4O0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 292328776846174062970636338453098373060090 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-08 22:27:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-06 22:27:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'saintjohnthebaptistparish.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 659580321526319643542113736888312098837862321096354378800128229249039550271342295361132811769576362329235988821774056810896135446200777315819908859206835782273159590735127821250334153911399259935881373231422017176215814411755064127132466237843354270386750795665050984375866088464823042313840755106614913460063801229809025512576035827674409943507852743227743923498918546866937834978925169001639919129773106403448826064150779169408733330526391831711112680176547624080656150128102926081916268277838667608801920662275083950061981658166236336428824749862580810770222274853854986233752294125261988327079417553571952239382893813179764551616213580847894334941961438123516223929659958645417433899623757526230297051883037289559598343579542870873774053027093280841617682018402892353703719270752823839803278784810133791603756351677563986489303830592965171634466663525547223958735684218294882999119903412965443432244924927960286290579390059021039325793017417940181129897820674844653528462409527679129529679869909178367641892469204039743159325800801789668046013322979820961320017435369931782914721809664410588887552627667337348172348846430937590183780641808315760510151892895724720083303684777658120352115953256347241765697107035732741182655553773 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5f3593424f5ccf9bba464ef28e40bf07b44ec1a5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saintjohnthebaptistparish.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016bd3ea10800000040300473045022061e48fdc7c40793adab0e028c7d9848d2b05d9190289e93fea6cf149f9691943022100b7af8c360edd2a3cb6c2011d69a994ce01302305b9506d203fff3ccf46d642a9007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016bd3ea0f8b0000040300483046022100e98024410c00f18d48000df367585061b69a23cf4542b3b517f698ef350d4e9d022100f3d395f82b475f65380b1ad05fb496d5814755b1b5fe67d0a095142fd3c47da8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003931cf598a9a7e5c57dd33a58865cbeeaa3636816bee859d9dcfc0643dad2875306bddef229f994e8ef5e8eb401c40d759c9133d30be5f4b00050674d680051dd11158ab3ba9a16ac125bca464df07ef630ee500ea3ce5dfec70e916c10882b6ef242011d5a2f2fbf7c2651f154bc57261eba32f75cdbb64eb134a60741c36b4e514c28a625f395142fc3e9bafbb37121571f1b6a6ea7c89033bc9694adbc8d3974a41185330cf5191de02b498c28837a27dc38661ae7c31e6f1216b372a2839954592dafdaf8595f8a81a120849adcc4c10304ee213d42afa5f96e594edb5b168a86de2ce64cb67455f3bbb38d99400a9e03daeec1f590935ce858b7955a48d