xsa.co.za
Issued by R3
About this certificate
This digital certificate with serial number 04:4e:7e:44:86:a1:cd:66:6e:44:7d:b3:a3:b7:3c:2b:93:25 was issued on by Let's Encrypt.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=xsa.co.za
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:4e:7e:44:86:a1:cd:66:6e:44:7d:b3:a3:b7:3c:2b:93:25Serial Number (int): 375159006881191655817194558221867106931493
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: b8:4d:b1:de:0c:3d:cb:c4:9f:39:81:b2:08:fe:1b:ad:ac:69:24:3a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 7b:aa:18:fe:57:3e:17:bc:89:b4:55:ee:ac:cb:ac:35:a9:91:9c:0c
Fingerprint (sha256): 2e:5c:da:f3:72:36:7b:21:53:e2:1b:68:19:d2:4e:3b:93:2a:36:20:b0:12:d8:9a:e5:d0:86:ae:e2:e1:05:a8
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate xsa.co.za
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for xsa.co.za
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
anytimeschool.org
flote.studio8424.com
investincomicbooks.com
israel4vip.com
legalbuy.com
mantlefinancials.com
stlfund.com
theatreblogs.com
theywearunderwear.com
xsa.co.za
flote.studio8424.com
investincomicbooks.com
israel4vip.com
legalbuy.com
mantlefinancials.com
stlfund.com
theatreblogs.com
theywearunderwear.com
xsa.co.za
Other certificates including the domain name xsa.co.za
(limited to 100 certificates)
aqq3.arina-the-artist.com
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
aqq3.arina-the-artist.com
anri.tauns.com
xsa.co.za
xsa.co.za
phantom-immobiliser.com.shepherdingcenter.com.xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
anri.tauns.com
cenatti.com.xsa.co.za
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
anri.tauns.com
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
aqq3.arina-the-artist.com
anri.tauns.com
xsa.co.za
xsa.co.za
phantom-immobiliser.com.shepherdingcenter.com.xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
anri.tauns.com
cenatti.com.xsa.co.za
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
anri.tauns.com
xsa.co.za
Certificate
The complete raw certificate details for xsa.co.za in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISBE5+RIahzWZuRH2zo7c8K5MlMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjcwNDI2MzBaFw0yNDA3MjYwNDI2MjlaMBQxEjAQBgNVBAMT CXhzYS5jby56YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM7nhLNw 32pb7DErUkI238NT+k76JcYM/VrEBQHMDbOxgbvtaAe1uSw9obr8Z4BkPV1rscjH wjKRY5OmIb8gmSI6pzOTT6XEDjcTFSLKASdPrY+2qxyJ8kLJm3cRW0BbAOLGhGI6 5Dl3eMwFYBMwPhwIrY3nsCgJ4wH4hK+eD4glg0qkWsLnLg2D11gy1663s2W/ja7F 53wnaEFUL95vdKvBgOnxOUs4hCBnN+xTa/ECuyThb0ka4JpTXQnmz13e0fJjgRU4 e90spoP1dGcnQMh+tfDCR4ORHw3IXeobpSooam0Kco/A+vILqh86/SjwtluEPsrt SAE9fOqltryD9F0CAwEAAaOCArkwggK1MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU uE2x3gw9y8SfOYGyCP4braxpJDowHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgcEG A1UdEQSBuTCBtoIRYW55dGltZXNjaG9vbC5vcmeCFGZsb3RlLnN0dWRpbzg0MjQu Y29tghZpbnZlc3RpbmNvbWljYm9va3MuY29tgg5pc3JhZWw0dmlwLmNvbYIMbGVn YWxidXkuY29tghRtYW50bGVmaW5hbmNpYWxzLmNvbYILc3RsZnVuZC5jb22CEHRo ZWF0cmVibG9ncy5jb22CFXRoZXl3ZWFydW5kZXJ3ZWFyLmNvbYIJeHNhLmNvLnph MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPHgTtcQAABAMARzBF AiAXkLogGGngeVzrC6IoX3/5EGzjJTVKhYppuiXQ4JTQbQIhAO0cfmZoAgeTR30N aH89+TMURPH1pm7RQoCXKGGaArBFAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGPHgTtfAAABAMARzBFAiEArHenbBaDVqiOnj+nDzUfkOjarqDB +LKBeiFzBFDPBkICIFqGI6bW6mCpP8Ic3A5E0aUpm2xhWEBG9D7fwExME6qHMA0G CSqGSIb3DQEBCwUAA4IBAQCuKZhO80aUaLgFyv5cPMT06HDEseo3mJOgliqHaKWO of4O86bIaTImeK/LNXDXtLbHhqLi8LC13Uv2+CZvzupSokN3+8eTFEq1bwJ7Ehds EjEOgq8aTzSs5UtHOQMjhDnA6hYWfN7fxNQFXXLPZH1lTw4GNulDbU5rPGwXGrX9 MiX3eixKXubvFeS/cflNQUA0Lil+stAK2hf1HLK60KvyOHfAKKCHjjHkwMNx+Ifa lCKprR+7iR8IU/889c8omPvCad6Qo0gIFEwptaL7MMmBpYiYGL4H4nhQyiVhFruv xzPQ6128kpYM6WcRwXSz5fkkDZq+041TBUtz/cSX237t -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzueEs3DfalvsMStSQjbf w1P6Tvolxgz9WsQFAcwNs7GBu+1oB7W5LD2huvxngGQ9XWuxyMfCMpFjk6YhvyCZ IjqnM5NPpcQONxMVIsoBJ0+tj7arHInyQsmbdxFbQFsA4saEYjrkOXd4zAVgEzA+ HAitjeewKAnjAfiEr54PiCWDSqRawucuDYPXWDLXrrezZb+NrsXnfCdoQVQv3m90 q8GA6fE5SziEIGc37FNr8QK7JOFvSRrgmlNdCebPXd7R8mOBFTh73Symg/V0ZydA yH618MJHg5EfDchd6hulKihqbQpyj8D68guqHzr9KPC2W4Q+yu1IAT186qW2vIP0 XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 375159006881191655817194558221867106931493 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-27 04:26:30 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-26 04:26:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'xsa.co.za' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26119256782852108758173120916984233987641471293070391083603887488402600365538370132491371632534867364445446609926656113825774138776519833683701670500144649551106895453966310151290842097656339204265018153370222848511698874496568968394251823419199433230993657352800195591777413076472814581928882964278987512234911065777644353308139828922042282876713613343736662177725860555367653267795998584742077116237195199027279596188075703846842802154427159662396646210771987553795544292684180362670925647578850783864799227136659932831262836683872613804150801707601358210950795826207229532934606295125008185077479471552657333941341 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b84db1de0c3dcbc49f3981b208fe1badac69243a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'anytimeschool.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flote.studio8424.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'investincomicbooks.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'israel4vip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legalbuy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mantlefinancials.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stlfund.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theatreblogs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theywearunderwear.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xsa.co.za' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f1e04ed71000004030047304502201790ba201869e0795ceb0ba2285f7ff9106ce325354a858a69ba25d0e094d06d022100ed1c7e6668020793477d0d687f3df9331444f1f5a66ed142809728619a02b045007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f1e04ed7c0000040300473045022100ac77a76c168356a88e9e3fa70f351f90e8daaea0c1f8b2817a21730450cf064202205a8623a6d6ea60a93fc21cdc0e44d1a5299b6c61584046f43edfc04c4c13aa87 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ae29984ef3469468b805cafe5c3cc4f4e870c4b1ea379893a0962a8768a58ea1fe0ef3a6c869322678afcb3570d7b4b6c786a2e2f0b0b5dd4bf6f8266fceea52a24377fbc793144ab56f027b12176c12310e82af1a4f34ace54b473903238439c0ea16167cdedfc4d4055d72cf647d654f0e0636e9436d4e6b3c6c171ab5fd3225f77a2c4a5ee6ef15e4bf71f94d4140342e297eb2d00ada17f51cb2bad0abf23877c028a0878e31e4c0c371f887da9422a9ad1fbb891f0853ff3cf5cf2898fbc269de90a34808144c29b5a2fb30c981a5889818be07e27850ca256116bbafc733d0eb5dbc92960ce96711c174b3e5f9240d9abed38d53054b73fdc497db7eed