mygesika.com
Issued by R3
About this certificate
This digital certificate with serial number 04:ca:59:1a:81:a6:65:ce:25:8b:fe:aa:3d:bf:49:99:7e:75 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mygesika.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ca:59:1a:81:a6:65:ce:25:8b:fe:aa:3d:bf:49:99:7e:75Serial Number (int): 417304620766027956674758218367838199578229
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 3b:45:0e:26:07:7c:ed:28:c3:7c:b4:38:c5:88:3c:a9:2e:b3:28:02
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 25:de:09:bb:e4:3e:55:de:5f:18:3b:56:df:82:16:53:dd:46:6e:07
Fingerprint (sha256): 2d:b3:83:30:17:2b:cc:71:f2:b2:2e:cb:04:d5:aa:6d:6f:db:93:9c:c9:76:b7:e6:56:59:eb:07:42:0b:fe:44
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mygesika.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mygesika.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gesika.fr
mygesika.com
www.gesika.fr
www.mygesika.com
mygesika.com
www.gesika.fr
www.mygesika.com
Other certificates including the domain name mygesika.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for mygesika.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISBMpZGoGmZc4li/6qPb9JmX51MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMDEyMjIwMTRaFw0yNDAyMjkyMjIwMTNaMBcxFTATBgNVBAMT DG15Z2VzaWthLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJts 52oxSZ+eNHy1W+yADY8IdbioPi6mhA4bIUGwXWfBfzPCRb7BxQ1U6iH1y0znklKX TyFdgc/apncUUSOOS3/4+xdH3GTW72jzBSRAFkQc8YrtIa6nSwTnTa9tC5fsBpIB FoQfR9HpXPL8IXItB+k9An40BApSbCuin5kW9XhjhgJmRdwbFYAgXlan1+lZO2B+ irROOlh07ucIw8cqZr1Ffp3b4CQmAw4kgFm4uSzxVCLOEk8NTfa9Y/x3GB2Di8vO OTUoMUpMuy+g9SwLw5P0cNMh4Khy8Fz+BuPmM1ZnC2frL0IF7qaj0G0V5WD4c9N8 hTo/cnqqlHDEAnBTFF0CAwEAAaOCAjswggI3MA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUO0UOJgd87SjDfLQ4xYg8qS6zKAIwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w QwYDVR0RBDwwOoIJZ2VzaWthLmZyggxteWdlc2lrYS5jb22CDXd3dy5nZXNpa2Eu ZnKCEHd3dy5teWdlc2lrYS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgor BgEEAdZ5AgQCBIH2BIHzAPEAdwA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv 4frUFwAAAYwnrsgvAAAEAwBIMEYCIQClP+Gn7fqCl5Y8w3N+X5I8zBSp9kBJIm1u ykRooDKQ1wIhAOo3w8oaYgNGYuY20GrWuPdfvWzNckMjC5lJGG2ZPg8pAHYASLDj a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMJ67KJQAABAMARzBFAiAR OxJqf1MAgyrwXCYIY+nJQZ1erKXBIN9EfKtUHhaxhQIhAPMFOnFMcEN9LxlRm9xA YAaJ5wmhoaFKhmMflY3QIJ7xMA0GCSqGSIb3DQEBCwUAA4IBAQA5QrhevL5y4SCm +b/8lJSDpTQ5+iHdUrfVvSTefBwouk6gRzZqAVOojc16IkuvcW7XrZt7sOOsaEAe ReRGYLKcffGR+9FmcKT3es4JyXgIGTG5fffAcy92/vkHjP0HlbmNftEnzHw4oAyV u+nEz3+W/oDgo4+fAaC3FBJ1itDx6W6QcmN9YL+OfgyNVrSt0DI1EBHbYnfgrTOx xg98A9tihNDqiyCKfcILZNY/0CapH/MSNOcvj3qUbhTTHKvLsUt1L6LrERo5CEKO Zo0sh5XsCestQFw8Z3zaV6pnn3v1UxPk7poHTvL+4DoD5w6vZE2G8EvH0aLxAyCQ N6ZS/GGp -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2znajFJn540fLVb7IAN jwh1uKg+LqaEDhshQbBdZ8F/M8JFvsHFDVTqIfXLTOeSUpdPIV2Bz9qmdxRRI45L f/j7F0fcZNbvaPMFJEAWRBzxiu0hrqdLBOdNr20Ll+wGkgEWhB9H0elc8vwhci0H 6T0CfjQEClJsK6KfmRb1eGOGAmZF3BsVgCBeVqfX6Vk7YH6KtE46WHTu5wjDxypm vUV+ndvgJCYDDiSAWbi5LPFUIs4STw1N9r1j/HcYHYOLy845NSgxSky7L6D1LAvD k/Rw0yHgqHLwXP4G4+YzVmcLZ+svQgXupqPQbRXlYPhz03yFOj9yeqqUcMQCcFMU XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 417304620766027956674758218367838199578229 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-01 22:20:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 22:20:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mygesika.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19620639815967675470798674292013722820974323311214533666587209080609112693351812446018659609253975637388361150477112838852800645104205218781259575855301796490542903147337990198992487572899299570996775450905671594058649653860800377111792894468548959037232799605967483164899732865310440485351947632112099219357166738757524993548652166865796416668052889299980669951632138596566264258619405342926608718507437361921142187945399175375632660122275662059114725075852724895439463448442170614587545412229187967212798688969228398885110181225590135684837629448095470794113254730396788949937142247164879396254176346112378365219933 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3b450e26077ced28c37cb438c5883ca92eb32802 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gesika.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mygesika.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gesika.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mygesika.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c27aec82f0000040300483046022100a53fe1a7edfa8297963cc3737e5f923ccc14a9f64049226d6eca4468a03290d7022100ea37c3ca1a62034662e636d06ad6b8f75fbd6ccd7243230b9949186d993e0f2900760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c27aeca2500000403004730450220113b126a7f5300832af05c260863e9c9419d5eaca5c120df447cab541e16b185022100f3053a714c70437d2f19519bdc40600689e709a1a1a14a86631f958dd0209ef1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003942b85ebcbe72e120a6f9bffc949483a53439fa21dd52b7d5bd24de7c1c28ba4ea047366a0153a88dcd7a224baf716ed7ad9b7bb0e3ac68401e45e44660b29c7df191fbd16670a4f77ace09c978081931b97df7c0732f76fef9078cfd0795b98d7ed127cc7c38a00c95bbe9c4cf7f96fe80e0a38f9f01a0b71412758ad0f1e96e9072637d60bf8e7e0c8d56b4add032351011db6277e0ad33b1c60f7c03db6284d0ea8b208a7dc20b64d63fd026a91ff31234e72f8f7a946e14d31cabcbb14b752fa2eb111a3908428e668d2c8795ec09eb2d405c3c677cda57aa679f7bf55313e4ee9a074ef2fee03a03e70eaf644d86f04bc7d1a2f103209037a652fc61a9