www.jaquan.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ee:69:42:3e:5b:68:49:91:a5:64:f8:ff:3b:79:6f:90:96 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.jaquan.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ee:69:42:3e:5b:68:49:91:a5:64:f8:ff:3b:79:6f:90:96Serial Number (int): 342463974018365607305035239225354749972630
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6a:63:b4:69:8c:27:fd:bf:f2:c2:9b:98:f6:ab:98:18:f7:f6:5e:08
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ec:8f:bf:b0:b6:2c:43:a7:fe:4e:c5:11:d5:ac:dc:e4:f0:94:25:d2
Fingerprint (sha256): 30:39:49:b2:0b:89:51:d2:64:e0:0e:b3:84:b1:69:d8:22:de:5e:69:ba:35:57:20:75:66:15:08:16:fe:ea:65
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.jaquan.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.jaquan.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.jaquan.org
Other certificates including the domain name jaquan.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.jaquan.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVDCCBTygAwIBAgISA+5pQj5baEmRpWT4/zt5b5CWMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMjUxMTE1NTRaFw0y MDAzMjQxMTE1NTRaMBkxFzAVBgNVBAMTDnd3dy5qYXF1YW4ub3JnMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzqqBmvShn2AbOMtlyoh4atL5RklWOZoq uLyr69FaNFnC9NumEkVf0xh+TDxL8PKcZuM44T1H8eYUjTjOYcH+moWefD6PUmS7 6g03xx9LAW2nGm2cYPK71mik7W3hfrYLV/2UoTaRVfSTGbSExXvKGIveZw8iQ4sK H4wCXtsj1fgsica0k+ERR0LaLFGNzX7VzUy+xrCwkjF34aTYAZUD9M5maYlxIrsB mUimYr8AYF8C3xWEpw1yoPYVQba1lIuIqovNLoHYRD0xS1svxZK5Lv7avUFFkLQ4 I1ScD8XousHD5OG8/r6vK1PAsnfeHEGsbNS8/v1A20jM1sq96BThOTlXMLYjLiCa olu8UaDfRExRBpC5DZM6QFi5f3mUVqOy9vYRncYVVmEMXMGxo8WZAGK7g6t3qWRF 2C9AmEwpvXZNEWvQXWQBLg0z+KJp5QDX0Qi1YGm0/MVn6mrFRoVQp1kPvfkIHTNY cieECpFMN+9WgM58kU7o/fOPZM+7Gy4GrSXD8ubX12ftjI01sEmihRUHoo0yJWjb 3M4P4Hbn00gKR1jqcew1HKA04tYVvkhBcjb2LYjPnX+91IRM2St4n4A3cx1NzodS lhGdPpI6kDol7AD9tfCr0tRb7qzPDPeAc1bSxuRFJORnVQ/wdpsTY5YxoU6UHs6d VZbX7jaxRrUCAwEAAaOCAmMwggJfMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUamO0 aYwn/b/ywpuY9quYGPf2XggwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAZBgNVHREEEjAQgg53d3cuamFxdWFuLm9yZzBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUE gfIA8AB1APCVpFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABbzz8IiAA AAQDAEYwRAIgTSlameDK67VmMvWLSBAjz0Dd+nNWLUkFQAjb64fnrKICIGA/Odlj fdfmKFkVowIzfHIaODVD8NGwd3RB3LWotLw8AHcAB7dcG+V9aP/xsMYdIxXHuuZX fFeUt2ruvGE6GmnTohwAAAFvPPwiQQAABAMASDBGAiEAyXB80IZ1kQ4XZyLC85H5 oxYD/AUzypFYGHPtnl7hczcCIQCwuBZvb5yRSJaYteHBDdvCgBnahRWTQXa4S/5I Du4PyDANBgkqhkiG9w0BAQsFAAOCAQEAGdeGpaZpV/K9Tl/ond5spEEYO/UhEKad FDI3BI8qin/L9F7FdcfDpc01Qv7PtHmAM5phG3dutyl947AhIM+nBJhr0PZGU7EW l/VuJwDeKB1qdZnQSYHABVBhIhi3Qwszs6HCSwMBjSyPnqKQrXGDd981CuelxIIr 1FKc6reJAZAj2cxHqEey2E5zYkbFOt6/F2GpsskPcRlejE1jzVqoDo8H0xTguiIs iXeGtsuWlM+/FQ+hCOzBpvYrY3h/w4uZw+VuTly0hxIoUVPYCwSyI0FTZTmqyNRZ 5GPfpLMTuJSAU52JYviAPlK08HRAJ+Qk3hmY6pGXIiujPiNYLFbZwQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzqqBmvShn2AbOMtlyoh4 atL5RklWOZoquLyr69FaNFnC9NumEkVf0xh+TDxL8PKcZuM44T1H8eYUjTjOYcH+ moWefD6PUmS76g03xx9LAW2nGm2cYPK71mik7W3hfrYLV/2UoTaRVfSTGbSExXvK GIveZw8iQ4sKH4wCXtsj1fgsica0k+ERR0LaLFGNzX7VzUy+xrCwkjF34aTYAZUD 9M5maYlxIrsBmUimYr8AYF8C3xWEpw1yoPYVQba1lIuIqovNLoHYRD0xS1svxZK5 Lv7avUFFkLQ4I1ScD8XousHD5OG8/r6vK1PAsnfeHEGsbNS8/v1A20jM1sq96BTh OTlXMLYjLiCaolu8UaDfRExRBpC5DZM6QFi5f3mUVqOy9vYRncYVVmEMXMGxo8WZ AGK7g6t3qWRF2C9AmEwpvXZNEWvQXWQBLg0z+KJp5QDX0Qi1YGm0/MVn6mrFRoVQ p1kPvfkIHTNYcieECpFMN+9WgM58kU7o/fOPZM+7Gy4GrSXD8ubX12ftjI01sEmi hRUHoo0yJWjb3M4P4Hbn00gKR1jqcew1HKA04tYVvkhBcjb2LYjPnX+91IRM2St4 n4A3cx1NzodSlhGdPpI6kDol7AD9tfCr0tRb7qzPDPeAc1bSxuRFJORnVQ/wdpsT Y5YxoU6UHs6dVZbX7jaxRrUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342463974018365607305035239225354749972630 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-25 11:15:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-24 11:15:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.jaquan.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 843123884636204702053731260272770800959618371740322402206552710406125844065672211053311855720508923580546363717356841738752382381431264761689552889350454323382279080371839063638243646064933162491158009461071114802100546327191263675213750185185459162552736359060641752300946787041744341691541085880229754176451519516144784028379555058867338285860247987327795118327201316461522438201259633927899229583258599157370372575111559240790201699750886076303664902773956746931116473432727649495512439659267529791391741853010854679033451716781566617103994343795032621954155604242358707620529712811104338241304251169347102816532531942870764364190531747174274968734596009417790798212066700153453134383430348801576693888685038795627985581438458575411993961757162825525495494792860472321156273794166029886447042088228770008047469282417357123373984138228421267599234635305553488957060012025296798409891108370412034161042219054059434405956600722998078451352040927883105107569190609583503215134985870912736404504000870987683321984263009320575128110130289788047321691396821174405845031577250188455141961763510637184706297470200769424173191652376884619093052559542821956863804525678572397084289977126996853019615102731580405546803433702634075597854295733 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6a63b4698c27fdbff2c29b98f6ab9818f7f65e08 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jaquan.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016f3cfc2220000004030046304402204d295a99e0caebb56632f58b481023cf40ddfa73562d49054008dbeb87e7aca20220603f39d9637dd7e6285915a302337c721a383543f0d1b0777441dcb5a8b4bc3c00770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f3cfc22410000040300483046022100c9707cd08675910e176722c2f391f9a31603fc0533ca91581873ed9e5ee17337022100b0b8166f6f9c91489698b5e1c10ddbc28019da8515934176b84bfe480eee0fc8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0019d786a5a66957f2bd4e5fe89dde6ca441183bf52110a69d143237048f2a8a7fcbf45ec575c7c3a5cd3542fecfb47980339a611b776eb7297de3b02120cfa704986bd0f64653b11697f56e2700de281d6a7599d04981c00550612218b7430b33b3a1c24b03018d2c8f9ea290ad718377df350ae7a5c4822bd4529ceab789019023d9cc47a847b2d84e736246c53adebf1761a9b2c90f71195e8c4d63cd5aa80e8f07d314e0ba222c897786b6cb9694cfbf150fa108ecc1a6f62b63787fc38b99c3e56e4e5cb48712285153d80b04b22341536539aac8d459e463dfa4b313b89480539d8962f8803e52b4f0744027e424de1998ea9197222ba33e23582c56d9c1