applegal.com.br
Issued by R3
About this certificate
This digital certificate with serial number 03:f5:6d:c0:17:06:83:cf:df:be:0a:2a:ce:3f:35:09:d1:7b was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=applegal.com.br
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f5:6d:c0:17:06:83:cf:df:be:0a:2a:ce:3f:35:09:d1:7bSerial Number (int): 344851920930459641705048272040433086484859
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 49:03:66:af:0a:0a:17:e6:77:62:e9:a0:2a:98:76:32:cc:cc:1b:96
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 88:e5:19:f8:20:57:bc:1c:72:63:99:f3:85:f1:aa:2e:15:1e:65:2d
Fingerprint (sha256): 38:7e:ac:cf:d6:11:10:69:5b:34:7d:1a:5a:05:d3:2e:a9:b3:d6:da:4e:b9:68:eb:47:14:cc:a3:76:cb:e4:e2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate applegal.com.br
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for applegal.com.br
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.applegal.com.br
applegal.com.br
applegal.com.br
Other certificates including the domain name applegal.com.br
(limited to 100 certificates)
Certificate
The complete raw certificate details for applegal.com.br in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISA/VtwBcGg8/fvgoqzj81CdF7MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMDMwNTM1NDlaFw0yNDAxMDEwNTM1NDhaMBoxGDAWBgNVBAMT D2FwcGxlZ2FsLmNvbS5icjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALd6qhu64AfEbd7L28dsCGdmEXaW28sHKNTeWBmlE2wRXOTFkX9z9/b7Oy8jtRfe plpmv/UPNrUsyKpWiMqKa5pFRytIljkhADgbSOG6fUoON6gW+BbON5U7NQHf0rxA diFcigWDFgjoP6c0oHaJzdZZYhB9ZaTycWrvjj8PbDb6taryfwvn90uyK1VnLw2x aZSomeXfIOA8G3UQOEZzxGvhkVXsl8QCgnn4g+f1nXHf8GGQAMbdrBntGVr5Ml2H BA197zDk6dhbXtxx8D9wOmkYRmJLXZmYK14AUbOCrUoE+sMYEnzHvhuuJciT+e44 k6zIaMhhtSwcoKu5spBllYcCAwEAAaOCAiUwggIhMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUSQNmrwoKF+Z3YumgKph2MszMG5YwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wLQYDVR0RBCYwJIIRKi5hcHBsZWdhbC5jb20uYnKCD2FwcGxlZ2FsLmNvbS5i cjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2 ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABivQ//mUAAAQDAEcw RQIhAKMeeyB4lid4MiKcWVQ4Yapf+q64tICZF9B42WKZl4e4AiAV20rar7dgPr6r gUyvstz9EMXwuV6fw7pX71BBWrs6WgB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze w1FIWUZxH7WbAAABivQ//vwAAAQDAEgwRgIhAO1jG7Cc4g645EDRnnew8XRpBGYB sJJTUuKCjUm3yjd5AiEAqTm3bqdNyIGwLGul0XUNHdIblmnKW1zhBXSEUkWhUYkw DQYJKoZIhvcNAQELBQADggEBAJWdTrOZQo27qQVX6u1WyrJ7ygYh4fagq64oWsSO YNHGOVA4Hr21pkcJX3mAOQTgV1Z34Eesijn3jmxnDLizNaS1pxkQSWHhesDoOA3o gbLLi3LvtUkk8UdS3/A+kYIlB7Fi6GaE4FpARFPv9TEHMrQWUbWLpFalz3WopyDq 4GyQRGCQt6wnlbyybSKJgSj9fQW/a99amx2soAQhi/JF2bhyZA4+lnqlE+H/iuOW 6sGRi546Mx+Qt0vSdFBsVUOsAuMX+xXLtlAKxzXLyxtjiz3mstQT/duZsRF0O0sS Dc+kTAUBd3AyepBevqRTkaHMZFDPFyEp7DxzGiN4rh2N6KA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3qqG7rgB8Rt3svbx2wI Z2YRdpbbywco1N5YGaUTbBFc5MWRf3P39vs7LyO1F96mWma/9Q82tSzIqlaIyopr mkVHK0iWOSEAOBtI4bp9Sg43qBb4Fs43lTs1Ad/SvEB2IVyKBYMWCOg/pzSgdonN 1lliEH1lpPJxau+OPw9sNvq1qvJ/C+f3S7IrVWcvDbFplKiZ5d8g4DwbdRA4RnPE a+GRVeyXxAKCefiD5/Wdcd/wYZAAxt2sGe0ZWvkyXYcEDX3vMOTp2Fte3HHwP3A6 aRhGYktdmZgrXgBRs4KtSgT6wxgSfMe+G64lyJP57jiTrMhoyGG1LBygq7mykGWV hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 344851920930459641705048272040433086484859 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-03 05:35:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-01 05:35:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'applegal.com.br' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23162097921073692067771264874764532375950900464759286609584920048776310237286457727801107931488802347771473433625257745471035454919289769905228261477721440084414638376098706107894257733715318069242765808193752004825825963055622288128933444679257335401685690509001289477993548977099408328437981640594919281536239924164704526454473125819637409465565907164075989666697013408574897000815391924628678111475621296369202193322752050165582101827378225786609767042730837127424969591250728917674304145186613047671752547072043594288099686048563155769559891063509799944427981840303356838533697423449123126459588120841408701896071 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 490366af0a0a17e67762e9a02a987632cccc1b96 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.applegal.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'applegal.com.br' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018af43ffe650000040300473045022100a31e7b207896277832229c59543861aa5ffaaeb8b4809917d078d962999787b8022015db4adaafb7603ebeab814cafb2dcfd10c5f0b95e9fc3ba57ef50415abb3a5a007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018af43ffefc0000040300483046022100ed631bb09ce20eb8e440d19e77b0f17469046601b0925352e2828d49b7ca3779022100a939b76ea74dc881b02c6ba5d1750d1dd21b9669ca5b5ce10574845245a15189 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00959d4eb399428dbba90557eaed56cab27bca0621e1f6a0abae285ac48e60d1c63950381ebdb5a647095f79803904e0575677e047ac8a39f78e6c670cb8b335a4b5a719104961e17ac0e8380de881b2cb8b72efb54924f14752dff03e91822507b162e86684e05a404453eff5310732b41651b58ba456a5cf75a8a720eae06c90446090b7ac2795bcb26d22898128fd7d05bf6bdf5a9b1daca004218bf245d9b872640e3e967aa513e1ff8ae396eac1918b9e3a331f90b74bd274506c5543ac02e317fb15cbb6500ac735cbcb1b638b3de6b2d413fddb99b111743b4b120dcfa44c05017770327a905ebea45391a1cc6450cf172129ec3c731a2378ae1d8de8a0