*.mariesaltos.com
Issued by R3
About this certificate
This digital certificate with serial number 04:3a:6c:24:91:fd:e7:75:4b:94:a5:01:8c:7f:4f:27:d3:d1 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.mariesaltos.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:3a:6c:24:91:fd:e7:75:4b:94:a5:01:8c:7f:4f:27:d3:d1Serial Number (int): 368329267515752846119549772284660311118801
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d0:5e:69:cb:86:c3:d3:78:51:20:fc:c1:dc:7e:48:81:e0:e1:4b:87
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ca:e9:38:96:59:9c:92:21:2d:5b:c3:ab:66:a2:64:99:fc:6f:e4:39
Fingerprint (sha256): 38:d8:25:7f:2e:63:ce:15:8b:21:d8:89:29:8f:dc:31:59:53:6f:ff:ea:ef:42:ce:ce:9d:f1:59:aa:32:bb:f2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.mariesaltos.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.mariesaltos.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.mariesaltos.com
mariesaltos.com
mariesaltos.com
Other certificates including the domain name mariesaltos.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.mariesaltos.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISBDpsJJH953VLlKUBjH9PJ9PRMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjcwNjE2MjlaFw0yNDA0MjYwNjE2MjhaMBwxGjAYBgNVBAMM ESoubWFyaWVzYWx0b3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuCT277xV9oUEGhsa5euDzgkhJ3wOVVqiboJD478awP0+lPrJP1DNuXNwUlLU RTkqiSsRSnt+aj+Kk9VFaNjK6VFDhoPYddh/2ukX8/SKkYgkmT4zOhkPNvnTUOTT cYweL2RtZ5NXeOTxTbPEdzp2ZllDNeT1XG4SwCMhbiBZ/rHj060XXnC3hG0jopvZ qsm9bEG5FV9KFL+NvmzrUwHSQU+QW1TqpsU2MfOBjChLTRZ0ELfhJxuF23xwhAMU bnSQUOdZQeck6/YHcjwFfXjqWo7jgwsr7J5Ftv19J3nN8SjjdXpUQtsv5Wbxm9bc C8t3svYLAid42r2IuAth17VliwIDAQABo4ICIzCCAh8wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBTQXmnLhsPTeFEg/MHcfkiB4OFLhzAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzAtBgNVHREEJjAkghEqLm1hcmllc2FsdG9zLmNvbYIPbWFyaWVzYWx0b3Mu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv AHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGNScbrFQAABAMA RjBEAiB/Ff4V06QlWbDWhnzdgxLII2VnWrCpQ6seA/09nt9iWAIgaRQVkxy/wBa6 XWxYz88yJOqsEsR2VP2FzLNUg9L2duoAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bd LIHZu7+rOdiEcwAAAY1Jxu0LAAAEAwBHMEUCIQDCVE9GzUzohFYVXjoW38YOJxts z8r7Eud1JwLt2pnmogIgfHFYG1xRtQKE1Mk7+FzbtxHxKq9vKcltmvmxFC9YiWEw DQYJKoZIhvcNAQELBQADggEBAJRfuQAqZUIdl5/bJGCQlM0B/0KcY8b8EF3TYQaU o+xW5nMNcKieKoGCb/yB3m7vi4tlen2SGBhM6OvhcVB3HGqr4s9XCQ9gbceEgwBi A9NR/YZSlqkJmGG2qnHAcruKhm59K8+wuOMHvzK9i81rw3rY8JsutDjmEts3kbPb i25epp86qPDLgRET9/60yHJpG2GUkGc0xaRzXV1RezUwvxN/oJC4MX7J/rM3vl54 3DbrhpM7CgjEHIgvCfKwBwFThv946YIgvxIqbzU2W2V39f2+Pyo0eF0tFsvUgs8k 37Ltgw53iZ7FdhXFhuZy5Ybmm3K03ZXie/E7XisC9DRfzCo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCT277xV9oUEGhsa5euD zgkhJ3wOVVqiboJD478awP0+lPrJP1DNuXNwUlLURTkqiSsRSnt+aj+Kk9VFaNjK 6VFDhoPYddh/2ukX8/SKkYgkmT4zOhkPNvnTUOTTcYweL2RtZ5NXeOTxTbPEdzp2 ZllDNeT1XG4SwCMhbiBZ/rHj060XXnC3hG0jopvZqsm9bEG5FV9KFL+NvmzrUwHS QU+QW1TqpsU2MfOBjChLTRZ0ELfhJxuF23xwhAMUbnSQUOdZQeck6/YHcjwFfXjq Wo7jgwsr7J5Ftv19J3nN8SjjdXpUQtsv5Wbxm9bcC8t3svYLAid42r2IuAth17Vl iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 368329267515752846119549772284660311118801 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-27 06:16:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 06:16:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.mariesaltos.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23246076035197382960928523604172857916122222523730331059921262753904306895424980688152994565659585299861306303467460970089570576724660353402388022078984805579822129544965579469106062646715957920202964063789342389604717546686666785050083447660434320173958201324802608535650340610612967777798592396700619800103643958029122804833297080581179658680750260442607915400320971097829152248398744350272294265071138123577965927122144667768531842388034373866707193252419504672428159346036997233154629015370799276886064437506631059534335780910855403499201721802265382178023930931900601051754598835881332921768416612822480628049291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d05e69cb86c3d3785120fcc1dc7e4881e0e14b87 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mariesaltos.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mariesaltos.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d49c6eb15000004030046304402207f15fe15d3a42559b0d6867cdd8312c82365675ab0a943ab1e03fd3d9edf62580220691415931cbfc016ba5d6c58cfcf3224eaac12c47654fd85ccb35483d2f676ea00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d49c6ed0b0000040300473045022100c2544f46cd4ce88456155e3a16dfc60e271b6ccfcafb12e7752702edda99e6a202207c71581b5c51b50284d4c93bf85cdbb711f12aaf6f29c96d9af9b1142f588961 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00945fb9002a65421d979fdb24609094cd01ff429c63c6fc105dd3610694a3ec56e6730d70a89e2a81826ffc81de6eef8b8b657a7d9218184ce8ebe17150771c6aabe2cf57090f606dc78483006203d351fd865296a9099861b6aa71c072bb8a866e7d2bcfb0b8e307bf32bd8bcd6bc37ad8f09b2eb438e612db3791b3db8b6e5ea69f3aa8f0cb811113f7feb4c872691b6194906734c5a4735d5d517b3530bf137fa090b8317ec9feb337be5e78dc36eb86933b0a08c41c882f09f2b007015386ff78e98220bf122a6f35365b6577f5fdbe3f2a34785d2d16cbd482cf24dfb2ed830e77899ec57615c586e672e586e69b72b4dd95e27bf13b5e2b02f4345fcc2a