pandc.design

Issued by R3

About this certificate

This digital certificate with serial number 04:05:31:03:62:ba:14:28:93:c9:d6:17:d1:85:3e:b9:7f:cb was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=pandc.design

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:05:31:03:62:ba:14:28:93:c9:d6:17:d1:85:3e:b9:7f:cb
Serial Number (int): 350215705312748533526724818580575759204299
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 48:6a:ca:ea:0f:48:d8:7c:bb:75:c2:3a:b5:03:d5:11:98:d3:2c:0b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 0b:50:47:26:02:00:86:47:6a:6f:5d:ec:19:a0:51:78:82:22:98:02
Fingerprint (sha256): 40:68:51:00:bd:fe:e3:3d:1d:ca:99:e6:c2:04:72:fa:e6:78:bc:04:07:07:c5:68:6b:f0:1c:de:2e:ae:48:54

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate pandc.design

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for pandc.design

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pandc.design

Other certificates including the domain name pandc.design

(limited to 100 certificates)
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
www.pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
www.pandc.design
pandc.design
pandc.design
www.pandc.design
pandc.design
www.pandc.design
pandc.design
pandc.design
pandc.design
pandc.design
www.pandc.design

Certificate

The complete raw certificate details for pandc.design in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgISBAUxA2K6FCiTydYX0YU+uX/LMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMzExOTEwMzRaFw0yNDA2MjkxOTEwMzNaMBcxFTATBgNVBAMT
DHBhbmRjLmRlc2lnbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI4T
Yl97tOWNLmkQONyVLx3hySwUbNkEOz1l8jFWKT5BMy6+W5JrVcuSxlgZJBk7TWO4
WYmKQGe5X4zwsxYO6G7epCf/RhkHtiKEeIwWuryIyGi+ijqWS6h38b28Wc/Ko6y8
bF6q/5wghaIghMFK3VBQ+le6wvu5d4F64GXZAHpI1CUwtfEBX4ksMVNbMzMXAvJV
Fot6rFwXeMEO7mOpK30wteMO4pkO2zcOyDrW4AWT3n5AiDiFJ8gLfrOzn1M+uuET
lSU2vI5JiBP095I9882JXazsWnM1WmQ7+6nkLqts/ltFd1/doBaRQPRkQrdJWzp4
mzIRZ47vo5FY7i7LaKcCAwEAAaOCAg0wggIJMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUSGrK6g9I2Hy7dcI6tQPVEZjTLAswHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA
5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu
by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w
FwYDVR0RBBAwDoIMcGFuZGMuZGVzaWduMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB
AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrr
wb8ohez4ZG4AAAGOliKdeQAABAMARzBFAiB6/jqSh2qNrGI2EEfeftFWR3nFx1qJ
QsQ1bwYufdN4GwIhALQhS0HyjKEY27N+VwpfDNlUY497fiUMBq08ApvhrEwMAHUA
ouK/1h7eLy8HoNZObTen3GVDsMa1LqLat4r4mm31F9gAAAGOliKdiQAABAMARjBE
AiBwnaVepQkKoj1JIEPQjXs7sDQ3CgYdVcWOXebTcREn7wIgF59JPWgQK8yE3bB5
gwda+o+bUshKvzxcvQp44voGJlAwDQYJKoZIhvcNAQELBQADggEBAKbiR+7qSCgg
4EfgnzaidCWINGuYNg7LGjC1bPu9wro3VzpkScKgW4Eps/H1T1TjmXhTXPCaLMWx
iny46yCl/4lEK83FPO+Er+Q3xtUxLJbl1sI0C//7Z+ItB6SgHEoNllv5me0NOGqi
HtyfporTVuk/PNhzz7RsHeVNmIz7uQSmfoFu/Ap0g3lS+wRTKxwz4iLXwuhaMng8
5In9dKM9fv9rW0MWPFAPTDdAfpXEMHXQqVrc5domt7gtX3DvY6rn26k9pNKugA97
vHhi1OA1mlYqQEPXlOufoheZUX6ukyICVrPSO6NMb/iNG7zNaATXjpegrLBMkDL+
GgkNiGwiTVc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhNiX3u05Y0uaRA43JUv
HeHJLBRs2QQ7PWXyMVYpPkEzLr5bkmtVy5LGWBkkGTtNY7hZiYpAZ7lfjPCzFg7o
bt6kJ/9GGQe2IoR4jBa6vIjIaL6KOpZLqHfxvbxZz8qjrLxsXqr/nCCFoiCEwUrd
UFD6V7rC+7l3gXrgZdkAekjUJTC18QFfiSwxU1szMxcC8lUWi3qsXBd4wQ7uY6kr
fTC14w7imQ7bNw7IOtbgBZPefkCIOIUnyAt+s7OfUz664ROVJTa8jkmIE/T3kj3z
zYldrOxaczVaZDv7qeQuq2z+W0V3X92gFpFA9GRCt0lbOnibMhFnju+jkVjuLsto
pwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 350215705312748533526724818580575759204299
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-31 19:10:34 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-29 19:10:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pandc.design'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17935398044709387388889682206506531499913726744410083136607328683482109109834215934333790965656728623075882189006983633067069471934695644779140114246320984426651776687922339595374679082353485206201259348820185540571289692239635046400177942795090756334542652535256080448623463695045095183506905373671859536286626837469308796759192995350275103004373112272841730604813994413051886869486969476738510460481085340541928254421995992573053125393527266076675281128803207349225265444192349694959547490665879810222448156682875336181769311858423633872210280639889539944573917024458898654956649087741905588570030461450941289425063
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							486acaea0f48d87cbb75c23ab503d51198d32c0b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pandc.design'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018e96229d79000004030047304502207afe3a92876a8dac62361047de7ed1564779c5c75a8942c4356f062e7dd3781b022100b4214b41f28ca118dbb37e570a5f0cd954638f7b7e250c06ad3c029be1ac4c0c007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e96229d8900000403004630440220709da55ea5090aa23d492043d08d7b3bb034370a061d55c58e5de6d3711127ef0220179f493d68102bcc84ddb07983075afa8f9b52c84abf3c5cbd0a78e2fa062650
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a6e247eeea482820e047e09f36a2742588346b98360ecb1a30b56cfbbdc2ba37573a6449c2a05b8129b3f1f54f54e39978535cf09a2cc5b18a7cb8eb20a5ff89442bcdc53cef84afe437c6d5312c96e5d6c2340bfffb67e22d07a4a01c4a0d965bf999ed0d386aa21edc9fa68ad356e93f3cd873cfb46c1de54d988cfbb904a67e816efc0a74837952fb04532b1c33e222d7c2e85a32783ce489fd74a33d7eff6b5b43163c500f4c37407e95c43075d0a95adce5da26b7b82d5f70ef63aae7dba93da4d2ae800f7bbc7862d4e0359a562a4043d794eb9fa21799517eae93220256b3d23ba34c6ff88d1bbccd6804d78e97a0acb04c9032fe1a090d886c224d57