hengqinmall.com
Issued by R3
About this certificate
This digital certificate with serial number 04:cc:cc:db:22:9d:fc:80:55:88:2b:bb:8f:5a:fd:60:2a:11 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=hengqinmall.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:cc:cc:db:22:9d:fc:80:55:88:2b:bb:8f:5a:fd:60:2a:11Serial Number (int): 418139046905183468506136287299380183050769
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 60:bd:6e:07:40:65:59:41:51:70:51:40:e7:72:b6:8f:d3:97:ad:8a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f9:c8:7b:1f:ef:d1:97:4c:72:be:d4:e8:3e:00:aa:dc:87:e8:e9:5a
Fingerprint (sha256): 39:aa:92:cf:5c:0a:67:82:49:db:0e:ff:19:09:09:bf:8a:03:f6:09:1a:fc:0f:bc:e5:f9:63:28:a6:ba:a8:35
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate hengqinmall.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hengqinmall.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hengqinmall.com
www.hengqinmall.com
www.hengqinmall.com
Other certificates including the domain name hengqinmall.com
(limited to 100 certificates)
hengqinmall.com
funpic.co
hengqinmall.com
hengqinmall.com
www.hengqinmall.com
www.gumballmachine.com
hengqinmall.com
www.hengqinmall.com
teddybears.world
www.elementopia.com
www.hengqinmall.com
hengqinmall.com
349.me
www.hengqinmall.com
www.hengqinmall.com
hengqinmall.com
hengqinmall.com
jointpainsacramento.com
funpic.co
hengqinmall.com
hengqinmall.com
www.hengqinmall.com
www.gumballmachine.com
hengqinmall.com
www.hengqinmall.com
teddybears.world
www.elementopia.com
www.hengqinmall.com
hengqinmall.com
349.me
www.hengqinmall.com
www.hengqinmall.com
hengqinmall.com
hengqinmall.com
jointpainsacramento.com
Certificate
The complete raw certificate details for hengqinmall.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFATCCA+mgAwIBAgISBMzM2yKd/IBViCu7j1r9YCoRMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDMwNTI4MzNaFw0yNDA2MDEwNTI4MzJaMBoxGDAWBgNVBAMT D2hlbmdxaW5tYWxsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AL0hEjYx6TtgLL3DB5mNx2sKLM6VMh2ZEyYE4+Y0CYXldTggpA2iDlpDqZG3NeR+ 9vx10jQLPQV8sxbnCnBw3UqYbN+VMLtWBTbhnsITodgbPeix8Ac5ocTerJvNEwnZ WmLnvNhXzZWCs6WrrXeIz/4UrOnCkaUM/hu3W5YwAq1KrefxUTMCFQGv/4x+DAKn Fb4BzhSRE+MYvumlWXPvTv+a7EL7j3KBIaGiyAASUSNXenoOcNyNn3ugD1pfvppr gxs52Si1aYQO+5PfJ1a1Irm1ew5UV25QlZO8NV7tcAljbUXNojywV4S+4MW0b2zi /B0ZhHB4B5BT0geGIWzp9wsCAwEAAaOCAicwggIjMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUYL1uB0BlWUFRcFFA53K2j9OXrYowHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wLwYDVR0RBCgwJoIPaGVuZ3Fpbm1hbGwuY29tghN3d3cuaGVuZ3Fpbm1hbGwu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDx AHcAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGOAv/6MQAABAMA SDBGAiEAxdJvItGW7D04fibi9ozCMaLp4mI2vkrw+WbHtz2rd2YCIQCDIIQK7y5q y1K70wCE5+0R+s1TSeZGFAanNs98I1hf+wB2AKLiv9Ye3i8vB6DWTm03p9xlQ7DG tS6i2reK+Jpt9RfYAAABjgL/+lQAAAQDAEcwRQIgJgeJp2MdETWvjajM27F2VAto HuANf1H8oFmoCxFlxKsCIQDWjHPTATgSx1rzQxHaOx77q13vH30p8T4fekf1IghT 7jANBgkqhkiG9w0BAQsFAAOCAQEAjhhhiCBvEbYzK8tFR6c+pkzTR/+wkEVvXUhk xF2ewsm9Hkvzrtt6AcubELYRJcKwo+Y0Yv+IDwiuyAG6MqCF0IOdeR4df+ohMvwP 4b+lYnHW3R1rSFBjIyBZjiSlLypKZNWlWs2SvQfKO7u1jvQDQwrihcSKMgtQwWBh /ddhun7fSSs9fB0j2pW8snN7fRlsWcfMTEB7cOJ4nGzUL9agCI1680KgK6OyZJu9 t9JOMs8ZmtZSTis0jwy3RqHGLI+d3hET4apOXz5X6v/Z7SfhJlU8/ByC7fLwVztM UfgOlrsA4lMKWHHe7cDGPJKhe1pw7oQDiyv408CiGZYNaQSOJg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSESNjHpO2AsvcMHmY3H awoszpUyHZkTJgTj5jQJheV1OCCkDaIOWkOpkbc15H72/HXSNAs9BXyzFucKcHDd Sphs35Uwu1YFNuGewhOh2Bs96LHwBzmhxN6sm80TCdlaYue82FfNlYKzpautd4jP /hSs6cKRpQz+G7dbljACrUqt5/FRMwIVAa//jH4MAqcVvgHOFJET4xi+6aVZc+9O /5rsQvuPcoEhoaLIABJRI1d6eg5w3I2fe6APWl++mmuDGznZKLVphA77k98nVrUi ubV7DlRXblCVk7w1Xu1wCWNtRc2iPLBXhL7gxbRvbOL8HRmEcHgHkFPSB4YhbOn3 CwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 418139046905183468506136287299380183050769 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-03 05:28:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-01 05:28:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hengqinmall.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23875347625254634870764061145754529253061230459400392039665773259060839134209864951363945931975764318047207372401053750825263093662739010989882387570804811086835016879253314506121048421577806545910378976086450816143157089585282422384006107829346537702557027248343192221079505546271899643204900613649446680553372718089543546692733161295039309898357820318820319445415760078582431826016722494381936714706944529349884409022678540858789999053238680620832776985688602926798910115216148309216876574030516575762788943317432245949915071601101165764695327429729739627749481367118352193039851094180391230311638001849854482577163 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 60bd6e074065594151705140e772b68fd397ad8a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hengqinmall.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hengqinmall.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e02fffa310000040300483046022100c5d26f22d196ec3d387e26e2f68cc231a2e9e26236be4af0f966c7b73dab77660221008320840aef2e6acb52bbd30084e7ed11facd5349e6461406a736cf7c23585ffb007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e02fffa5400000403004730450220260789a7631d1135af8da8ccdbb176540b681ee00d7f51fca059a80b1165c4ab022100d68c73d3013812c75af34311da3b1efbab5def1f7d29f13e1f7a47f5220853ee . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008e186188206f11b6332bcb4547a73ea64cd347ffb090456f5d4864c45d9ec2c9bd1e4bf3aedb7a01cb9b10b61125c2b0a3e63462ff880f08aec801ba32a085d0839d791e1d7fea2132fc0fe1bfa56271d6dd1d6b4850632320598e24a52f2a4a64d5a55acd92bd07ca3bbbb58ef403430ae285c48a320b50c16061fdd761ba7edf492b3d7c1d23da95bcb2737b7d196c59c7cc4c407b70e2789c6cd42fd6a0088d7af342a02ba3b2649bbdb7d24e32cf199ad6524e2b348f0cb746a1c62c8f9dde1113e1aa4e5f3e57eaffd9ed27e126553cfc1c82edf2f0573b4c51f80e96bb00e2530a5871deedc0c63c92a17b5a70ee84038b2bf8d3c0a219960d69048e26