historicpa.net

Issued by R11

About this certificate

This digital certificate with serial number 03:8b:05:6e:85:22:ae:83:10:31:00:7b:32:1d:b3:78:27:0e was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=historicpa.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:8b:05:6e:85:22:ae:83:10:31:00:7b:32:1d:b3:78:27:0e
Serial Number (int): 308643326790232793420294652614107670783758
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 9d:34:32:08:3a:67:a0:5e:23:2b:bd:ae:ac:af:6d:54:e4:5a:f0:e2
AuthorityKeyId: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (sha1): c1:4d:3f:b5:05:32:9d:eb:65:b5:c9:b6:c9:d5:1c:e5:9c:c6:e5:6f
Fingerprint (sha256): 39:80:0f:5f:e5:ea:2c:4a:de:a0:cf:43:a8:25:93:c8:e6:c9:a7:a5:7c:1c:bf:1b:96:49:51:a0:30:ab:e1:53

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation information

OCSP Server: http://r11.o.lencr.org

Check the revocation status for certificate historicpa.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for historicpa.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.historicpa.net
historicpa.net

Other certificates including the domain name historicpa.net

(limited to 100 certificates)
historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
crawford.historicpa.net
historicpa.net
historicpa.net
crawford.historicpa.net
historicpa.genkeys.com
crawford.historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
historicpa.net
crawford.historicpa.net
crawford.historicpa.net
historicpa.net
historicpa.net
crawford.historicpa.net
historicpa.net

Certificate

The complete raw certificate details for historicpa.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISA4sFboUiroMQMQB7Mh2zeCcOMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjQwNjIxMDIyMTE3WhcNMjQwOTE5MDIyMTE2WjAZMRcwFQYDVQQD
Ew5oaXN0b3JpY3BhLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKzIAzlAegFV+lrxd5L6sI581jW44L5ZDS/+ShIhBiJa1U2r25bLoDP7b6Svcbur
ApYNcE1jwGk5dNxcUoV8dYRgRyrimOajExDpIpJgGCEALbf7ej+O63v+R/xeWYFj
3io/mM07g+Wh/1V2FqZfTgwsTHhalefUqlyjf1E02qfHYstMbHbYtxY36cblsErq
JR8AU+hyTMkjtPiQBkNCYKdsw4smS40vf4RfmnNOymx7ZmVbaq0k3Kxo4ug5VXp+
uGaYE4iWRTx4eJsRFqRa+1QBHuKrISi/0jqbTc9vO2Q2NUSYhjUM0In8o6+Qzy2r
HmDBauhRrScNJpHkkZ9+GaECAwEAAaOCAiQwggIgMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUnTQyCDpnoF4jK72urK9tVORa8OIwHwYDVR0jBBgwFoAUxc9GpOr0w8B6
bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRwOi8v
cjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVuY3Iu
b3JnLzArBgNVHREEJDAighAqLmhpc3RvcmljcGEubmV0gg5oaXN0b3JpY3BhLm5l
dDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2
AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkDjQDDgAAAQDAEcw
RQIge13tZ5XUY1IDBA93vtdlrh5OWT/ptyGmqMXOtSZOk5gCIQCbWA8GgVUn7UWm
95j+PfeCkFm98zwEv7e32LFOTPw9EwB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze
w1FIWUZxH7WbAAABkDjQDEwAAAQDAEcwRQIhAK/wZSDahlGSPQZPgnsYCGXNEVZZ
+LiA/NKhZvnecIrxAiBua1M8zCfbRrW8Dhkhr/bsKwnjh7QL9IZGHRJD0cWIeDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ6P+E8Ekbx7tdUNGtg8TzgQlJD21XSvcwJNNp7Bo
Yc5PIrh/7uzWx0W8NoJ5KJWwMxuj6BBj/1rRJsJC8zh9JqWYW54G+zBRfVJJrDC/
4Le0of4UzEssPqwgBO1humIxuZ5YDYqDzfHbkCttNdZvwlwB1o1TkFYHs8lc5oI/
aNDLwlO5Cp+2jZe23rXiv+ezDYlFdI31ArhNUJwqX52IL2lPtwojzu/fQ12vmHLL
VFsl+4VvLlc9cRzQYmwGyGXHl5prr7lQmtnLzUmLAhKJRYtUNOlEzoCMuwzcR6zC
I+ndHV5bduM2lkuZrojclYXOpqVpbFmSIbp1Sewf2PyMsQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMgDOUB6AVX6WvF3kvqw
jnzWNbjgvlkNL/5KEiEGIlrVTavblsugM/tvpK9xu6sClg1wTWPAaTl03FxShXx1
hGBHKuKY5qMTEOkikmAYIQAtt/t6P47re/5H/F5ZgWPeKj+YzTuD5aH/VXYWpl9O
DCxMeFqV59SqXKN/UTTap8diy0xsdti3FjfpxuWwSuolHwBT6HJMySO0+JAGQ0Jg
p2zDiyZLjS9/hF+ac07KbHtmZVtqrSTcrGji6DlVen64ZpgTiJZFPHh4mxEWpFr7
VAEe4qshKL/SOptNz287ZDY1RJiGNQzQifyjr5DPLaseYMFq6FGtJw0mkeSRn34Z
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 308643326790232793420294652614107670783758
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-21 02:21:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-19 02:21:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'historicpa.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21811618339433114206766161517688609680180422429727750238566628502322312023432584638347280734559405534757637307987410757526260841307462649853095097292380166017349622999112354416530179423445302340769683384437969587654977598129188488687679428137470094850847477341861362562453024728382770109103849255950822587106714112683107333582770463593927008043412990022762634059839688624989714980002425898825247704491760032030168292227172623748501177437359085963076050877508858584759986400450470790412671844526367920338394336882246965746246236733620269663628710249973429573759417842512702827635868390048633106717705596903674789894561
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9d3432083a67a05e232bbdaeacaf6d54e45af0e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.historicpa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'historicpa.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000019038d00c38000004030047304502207b5ded6795d4635203040f77bed765ae1e4e593fe9b721a6a8c5ceb5264e93980221009b580f06815527ed45a6f798fe3df7829059bdf33c04bfb7b7d8b14e4cfc3d13007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000019038d00c4c0000040300473045022100aff06520da8651923d064f827b180865cd115659f8b880fcd2a166f9de708af102206e6b533ccc27db46b5bc0e1921aff6ec2b09e387b40bf486461d1243d1c58878
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0067a3fe13c1246f1eed754346b60f13ce0425243db55d2bdcc0934da7b06861ce4f22b87feeecd6c745bc3682792895b0331ba3e81063ff5ad126c242f3387d26a5985b9e06fb30517d5249ac30bfe0b7b4a1fe14cc4b2c3eac2004ed61ba6231b99e580d8a83cdf1db902b6d35d66fc25c01d68d53905607b3c95ce6823f68d0cbc253b90a9fb68d97b6deb5e2bfe7b30d8945748df502b84d509c2a5f9d882f694fb70a23ceefdf435daf9872cb545b25fb856f2e573d711cd0626c06c865c7979a6bafb9509ad9cbcd498b021289458b5434e944ce808cbb0cdc47acc223e9dd1d5e5b76e336964b99ae88dc9585cea6a5696c599221ba7549ec1fd8fc8cb1