www.mechanicdurham.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a9:58:b8:d2:8a:dd:ec:e3:29:42:be:90:a4:d9:cc:e4:43 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.mechanicdurham.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a9:58:b8:d2:8a:dd:ec:e3:29:42:be:90:a4:d9:cc:e4:43Serial Number (int): 318962509521478569030502723284622639948867
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b6:9f:9e:63:79:ed:66:26:45:cc:33:a0:50:b8:de:27:ad:9f:88:f1
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 5e:66:10:69:2a:76:c9:e9:21:90:56:0d:73:5f:34:db:18:85:37:2c
Fingerprint (sha256): 43:e9:0a:30:55:dc:04:9c:82:98:34:1a:9e:f9:6b:de:2e:f3:f3:8b:c1:a4:ce:ca:db:b2:86:28:88:84:7a:69
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.mechanicdurham.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.mechanicdurham.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.mechanicdurham.com
Other certificates including the domain name mechanicdurham.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.mechanicdurham.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYzCCBUugAwIBAgISA6lYuNKK3ezjKUK+kKTZzORDMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDUxNzUyNTBaFw0y MDAyMDMxNzUyNTBaMCExHzAdBgNVBAMTFnd3dy5tZWNoYW5pY2R1cmhhbS5jb20w ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCoJqf2aJl3rw4OexuHy02g 0XjJW0EXtD648M7jYQ5KJcA1hdCGyPAX1SlFzIfJY+PdYBJakc0nAkrNyStqbfFj orjaL3vMNVlGzMAv+l6MhSP1IKWwhQd2Xn0Rh4NEqtYP+6Qsdy+zy0pD34hJUsj5 Ai9/hByrou6A1u+lmQU2bnxorzCHdEMTmnE8uMVu+6qLUKZOwga0aHEoX2g/zGds Sh2EiKwDxqSacnPtW4jcfPCSlS+oErXfS+EdjC3UhdW0XA4QRd7klOhYe1mrKNnd gHpnLAGDfQvA0vdggL9nW7WHfafaKdqVYKAx5808KzoUS3a6DBmwPfhO3SXoFObV aELLnb/s6Asy9OklnCNp5H77wSctnLT4+VIALnFhT2BZnGsx7VIf/ZTkOnUuHEj3 e8ncy/yJQHLhjj2eW4V9Dp3YqKVtt6O//QMuzxF0MRHkc/CTE6W6iB0DBlvZ8ijv cDTiROjlwS5uPDKqVE3myMnuhDFGypr6HMzdMHCFnr7m2oshnffX3UO2r/3zj6F5 e7KgxSgqf5R0IcMnhR1bLWk7UadtSl/6XA1v3epb8QHqQ7j9ca5SVVYjImrL9Seh euIRdMIDTPZ880iFkqzOMM8agqs1hG68Wz2wb2YPsqDpfN/ZHhJGFYdSW87tOvkt BLNolP4Mwf9mBDsmfqxNGQIDAQABo4ICajCCAmYwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBS2n55jee1mJkXMM6BQuN4nrZ+I8TAfBgNVHSMEGDAWgBSoSmpjBH3duubR ObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9v Y3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9j ZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEGA1UdEQQaMBiCFnd3dy5tZWNo YW5pY2R1cmhhbS5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMB AQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggED BgorBgEEAdZ5AgQCBIH0BIHxAO8AdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkG jbIImjfZEwAAAW486ZOWAAAEAwBHMEUCIBkrcI4fP9PS844uOr+hwfmNM4WDsIVC YJ5BHPXjtYfxAiEA/T6xI33hCP1CJurDY5BKF+bAjwbtpoeqIKA1P2nPlwgAdQAH t1wb5X1o//Gwxh0jFce65ld8V5S3au68YToaadOiHAAAAW486ZOHAAAEAwBGMEQC IFdEqjUH/4GiHZb3n4ksM69E0vT8WkcNpZ5wDcWbVZ5aAiBiJRFF22B02fVrAdOV jC7vcP/zpeFM6PaqeH2pKBEhsjANBgkqhkiG9w0BAQsFAAOCAQEAekvxhJ+fZ0J3 AaWdVnPF9Z3uB1wFukNt/9LZYzPV/rbnc5zXSnCTeIHwIuKod+ESZP0rgiqi9XmM dP6BwAv9pQcd3X0oshWchAQCjxGJr4gPVE0ileBOQts2DAbnfbh1AKv4Ie09UwJy uaPMf6ylZvcSC4X0MmT143kKNxlsUrHO/IusGjnoV32022saoXxzFVDr2ms4Y1e6 TlZLgFz5WaIcaPILPCv3JJFaJe79gkpAh8QcA6TNs4llvZYhDWSbFqBNDK6jkQvs XF+6RREKcqWmX5NNDMoiZmix/hmViCM8JedCdI9ryIaCKHcwSLkp6Gi3oyOc1WiG xKPM276HOA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqCan9miZd68ODnsbh8tN oNF4yVtBF7Q+uPDO42EOSiXANYXQhsjwF9UpRcyHyWPj3WASWpHNJwJKzckram3x Y6K42i97zDVZRszAL/pejIUj9SClsIUHdl59EYeDRKrWD/ukLHcvs8tKQ9+ISVLI +QIvf4Qcq6LugNbvpZkFNm58aK8wh3RDE5pxPLjFbvuqi1CmTsIGtGhxKF9oP8xn bEodhIisA8akmnJz7VuI3HzwkpUvqBK130vhHYwt1IXVtFwOEEXe5JToWHtZqyjZ 3YB6ZywBg30LwNL3YIC/Z1u1h32n2inalWCgMefNPCs6FEt2ugwZsD34Tt0l6BTm 1WhCy52/7OgLMvTpJZwjaeR++8EnLZy0+PlSAC5xYU9gWZxrMe1SH/2U5Dp1LhxI 93vJ3Mv8iUBy4Y49nluFfQ6d2Kilbbejv/0DLs8RdDER5HPwkxOluogdAwZb2fIo 73A04kTo5cEubjwyqlRN5sjJ7oQxRsqa+hzM3TBwhZ6+5tqLIZ33191Dtq/984+h eXuyoMUoKn+UdCHDJ4UdWy1pO1GnbUpf+lwNb93qW/EB6kO4/XGuUlVWIyJqy/Un oXriEXTCA0z2fPNIhZKszjDPGoKrNYRuvFs9sG9mD7Kg6Xzf2R4SRhWHUlvO7Tr5 LQSzaJT+DMH/ZgQ7Jn6sTRkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 318962509521478569030502723284622639948867 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-05 17:52:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-03 17:52:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.mechanicdurham.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 685996231333377935180863977661588516608932440704295530479638627091488903891971239226478956317315539017145615929788304933847274215584260941618216962553207607185047477153042704070338330133352261522540591215341774649283938670213532634723077607570247253262403027852123632129502391053137228024418573267987429630084919000152197586583400349134902418665299439637404059163164133630827088939771970253219661376198677069202870834092187112581512315537886561219808696623945256367659595407349588413361372745187922224977054871012053421963442771292057331168388935461542575434083972489650800113828524797218623908340028498795671089823804987170569437942578606924032613844193832711103051475125007564052137467751010100424823359746364152796018952163647150942120777069526904296456732664411008334159436457207225952243038500997034534586292693162834990542131360336270274422584964574459557180136111217170912342110736900421745415092351276556500801708184868666511308616040796456284096122677711775356436007189354428835934846397089183641501024543535957308102091886092722750833263561827932227964703562844423751835092489246147500650562513255828358643053956743241840984722335089993478464704029295212317987226713072227794575980369133222131681473447753005752408733404441 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b69f9e6379ed662645cc33a050b8de27ad9f88f1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mechanicdurham.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016e3ce9939600000403004730450220192b708e1f3fd3d2f38e2e3abfa1c1f98d338583b08542609e411cf5e3b587f1022100fd3eb1237de108fd4226eac363904a17e6c08f06eda687aa20a0353f69cf970800750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e3ce99387000004030046304402205744aa3507ff81a21d96f79f892c33af44d2f4fc5a470da59e700dc59b559e5a022062251145db6074d9f56b01d3958c2eef70fff3a5e14ce8f6aa787da9281121b2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007a4bf1849f9f67427701a59d5673c5f59dee075c05ba436dffd2d96333d5feb6e7739cd74a70937881f022e2a877e11264fd2b822aa2f5798c74fe81c00bfda5071ddd7d28b2159c8404028f1189af880f544d2295e04e42db360c06e77db87500abf821ed3d530272b9a3cc7faca566f7120b85f43264f5e3790a37196c52b1cefc8bac1a39e8577db4db6b1aa17c731550ebda6b386357ba4e564b805cf959a21c68f20b3c2bf724915a25eefd824a4087c41c03a4cdb38965bd96210d649b16a04d0caea3910bec5c5fba45110a72a5a65f934d0cca226668b1fe199588233c25e742748f6bc8868228773048b929e868b7a3239cd56886c4a3ccdbbe8738