watermarkgroup.org
Issued by R3
About this certificate
This digital certificate with serial number 04:cf:b7:04:27:c6:6c:5f:63:d4:28:9a:0a:8b:7b:71:d3:15 was issued on by Let's Encrypt.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=watermarkgroup.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:cf:b7:04:27:c6:6c:5f:63:d4:28:9a:0a:8b:7b:71:d3:15Serial Number (int): 419130863978826012688147023807405083448085
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 6d:c9:f4:66:28:15:85:5e:d3:46:b0:19:e3:31:6e:2e:91:f0:aa:24
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): d2:a9:b5:a2:3c:aa:a5:d2:eb:ae:4a:be:85:ee:0a:53:50:25:69:51
Fingerprint (sha256): 29:c4:47:50:a3:a7:21:a9:cf:9f:b2:01:99:5b:f1:fa:a3:c9:87:f3:77:a5:34:f1:46:e6:a8:b7:ac:26:12:f1
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate watermarkgroup.org
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for watermarkgroup.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cbbt.bible.mom8k.com
detour.com
gogreenlouisiana.com
nudesexy.com
protonmaail.com
rosaryexperience.com
watermarkgroup.org
wtfwebsite.com
detour.com
gogreenlouisiana.com
nudesexy.com
protonmaail.com
rosaryexperience.com
watermarkgroup.org
wtfwebsite.com
Other certificates including the domain name watermarkgroup.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for watermarkgroup.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgISBM+3BCfGbF9j1CiaCot7cdMVMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMzAxOTM5NDVaFw0yNDAzMjkxOTM5NDRaMB0xGzAZBgNVBAMT EndhdGVybWFya2dyb3VwLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMaBSI7tGKOOQapyXV+O5GYYR6WKmW5bxsrHTodtAauiBMokwwIMnY7HwIx5 eiTMIvtJvVUWs5xJuswodpkbqrItUaTgJ7RNYzrzl6rwJUwifhDL0MBo11s92K0e mpFRvOXj3FibgX5UPkhKpiqvUCsZ8MTNnNPAzGhtZ8WrI0ZNwYGfItg3mQFtwJhO hsvpNmmB4AshLM7yR769Cs2qFiL0JZ5lZW8ET6VHw92tFKxc6MDVrXFzDYLIqOed 2XCDUh9Li/DWrtz6l9TJ4qVtt+xy1GmMGLRXsLH6UOpOB7nRh1hEC7kTZX0BgjX2 Dj9fUEcKIJ/QoVbkX6ypBdZXtZcCAwEAAaOCApYwggKSMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUbcn0ZigVhV7TRrAZ4zFuLpHwqiQwHwYDVR0jBBgwFoAUFC6zF7dY VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy Lm9yZy8wgZwGA1UdEQSBlDCBkYIUY2JidC5iaWJsZS5tb204ay5jb22CCmRldG91 ci5jb22CFGdvZ3JlZW5sb3Vpc2lhbmEuY29tggxudWRlc2V4eS5jb22CD3Byb3Rv bm1hYWlsLmNvbYIUcm9zYXJ5ZXhwZXJpZW5jZS5jb22CEndhdGVybWFya2dyb3Vw Lm9yZ4IOd3Rmd2Vic2l0ZS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEGBgor BgEEAdZ5AgQCBIH3BIH0APIAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r OdiEcwAAAYy8dEVjAAAEAwBIMEYCIQCaX1mCld+5o/q8jeqG30t38kbOVSFvcj8+ N23p5BzMkQIhAKRL98Qvk1yEIQPsNKuYRAklXjg8igdxKT5y5OgIw0DjAHcA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMvHRFawAABAMASDBGAiEA pR5Z55Hp/No5gNUYsqPEMPwVwGNY5P5dtjMowU2xj4UCIQDy0cCpYp646dtgDSi2 zIZlVyh1p9AuTUnCj+wRoQwkazANBgkqhkiG9w0BAQsFAAOCAQEAadfPBv0P/E/d nggmQVquhy73TeRSu+cU9B9fT7cHPOYoBaBiWWa3vqXAY9ygUVRQ9ayUWjWkILk6 kuCIKFX8eEP2FFwv9WPCYz/623vH9xrst2dsFz9xuy6BnxcTF8zL6rru5U9RGtzk 1/CNgJ2YMJW2F8R+EKdSAwsnnick16pUAF3YMRcuhEm2dFY+vGXirJ0qFmUhFGvA kREEOTtDkhF7GJKuGLTkRoJR/5WziShoavl0yoT+BIg9Ofwd62H1upq3RQUos5So rY+qiymbcQM5vC2+Djlgwvm5PjKtXeiYTIQFikmh8mwPNXAVWhnu1olSrq6KtBie b6x03tobSg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoFIju0Yo45BqnJdX47k ZhhHpYqZblvGysdOh20Bq6IEyiTDAgydjsfAjHl6JMwi+0m9VRaznEm6zCh2mRuq si1RpOAntE1jOvOXqvAlTCJ+EMvQwGjXWz3YrR6akVG85ePcWJuBflQ+SEqmKq9Q KxnwxM2c08DMaG1nxasjRk3BgZ8i2DeZAW3AmE6Gy+k2aYHgCyEszvJHvr0KzaoW IvQlnmVlbwRPpUfD3a0UrFzowNWtcXMNgsio553ZcINSH0uL8Nau3PqX1MnipW23 7HLUaYwYtFewsfpQ6k4HudGHWEQLuRNlfQGCNfYOP19QRwogn9ChVuRfrKkF1le1 lwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 419130863978826012688147023807405083448085 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-30 19:39:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-29 19:39:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'watermarkgroup.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25058936419117491787374761173534561202941046233628236130626030067123352126183129783609696009093901168238665384972467888105041060090768418669159622361700866659408144273509390034318523452767831265885486745253686855705054639507149193955939117988831115452996320119343890395612927161186921879962297724025286000282043353694858256419496821952682347753001659487542275406460709909204080789381247730999023300370896885586844127435045489853693517543497448433815527805758612948597871807377091392165993659814506742377443279579513871009492238800485182686654397124452966532261060933649085935362884339614824198524325430696047122298263 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6dc9f4662815855ed346b019e3316e2e91f0aa24 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (148 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cbbt.bible.mom8k.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'detour.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gogreenlouisiana.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nudesexy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protonmaail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rosaryexperience.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'watermarkgroup.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wtfwebsite.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cbc74456300000403004830460221009a5f598295dfb9a3fabc8dea86df4b77f246ce55216f723f3e376de9e41ccc91022100a44bf7c42f935c842103ec34ab984409255e383c8a0771293e72e4e808c340e3007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cbc74456b0000040300483046022100a51e59e791e9fcda3980d518b2a3c430fc15c06358e4fe5db63328c14db18f85022100f2d1c0a9629eb8e9db600d28b6cc8665572875a7d02e4d49c28fec11a10c246b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0069d7cf06fd0ffc4fdd9e0826415aae872ef74de452bbe714f41f5f4fb7073ce62805a0625966b7bea5c063dca0515450f5ac945a35a420b93a92e0882855fc7843f6145c2ff563c2633ffadb7bc7f71aecb7676c173f71bb2e819f171317cccbeabaeee54f511adce4d7f08d809d983095b617c47e10a752030b279e2724d7aa54005dd831172e8449b674563ebc65e2ac9d2a166521146bc0911104393b4392117b1892ae18b4e4468251ff95b38928686af974ca84fe04883d39fc1deb61f5ba9ab7450528b394a8ad8faa8b299b710339bc2dbe0e3960c2f9b93e32ad5de8984c84058a49a1f26c0f3570155a19eed68952aeae8ab4189e6fac74deda1b4a