lyman.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:76:68:75:f9:79:ca:cd:1f:23:7c:32:59:9b:c5:8f:4e:c9 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=lyman.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:76:68:75:f9:79:ca:cd:1f:23:7c:32:59:9b:c5:8f:4e:c9Serial Number (int): 301629029362214921376481235626907862519497
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 13:5a:47:ad:40:5f:12:e7:bc:d1:35:de:0c:c8:04:0f:5e:19:33:8f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0f:a2:c0:b7:32:b5:ab:17:e5:91:86:14:4f:54:8d:30:a0:c4:02:54
Fingerprint (sha256): 48:65:2e:3f:b7:6f:77:75:55:c8:71:d0:6f:cf:34:3a:9e:e3:8b:01:9e:3d:e7:ec:2f:85:ae:39:75:0c:76:e0
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate lyman.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lyman.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lyman.org
Other certificates including the domain name lyman.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for lyman.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSTCCBTGgAwIBAgISA3Zodfl5ys0fI3wyWZvFj07JMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjEyMDEyMzZaFw0x OTEyMjAyMDEyMzZaMBQxEjAQBgNVBAMTCWx5bWFuLm9yZzCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBANhq0+LviQH81YMtJuhe9vaN/2LhTJHGV25nUm28 +u8QjwWYh7ppdF3eP3sTDWO9VSNNUQEeIaqDS/dYUqaEAQzr3lkeBcAalAPrEiJz 6q1MgLIkgK7Tff02J4BFR+p6v2BBT5g3LMX4kkAtBI8NNFNRghSeX2Avue0pWuZe 0fVeM3MbJ+Hexoc+aglj3RyOdAUUF+vlngXBigbgmvjCNHfAg4KdYy9zrxqJ+nxq yoEfgdGPLoBT2g8GVm3gLsqXKMj6B/kmyEQ/QNF04mEdqgqCyhHcHgXP/XA319NM HvFKNAzstmOhoZS8XZEG0NrrlxouVgDtyhigMfJ57WMb+M3HwmOXUOeT7rtGuqKE Kw6AWC5q9vIC58nF+i9PIas7pfvb41vY3ZHgy57U5wtRW5cm3CRLWAYugOrsS9bl yuaRl2705kWQ8yUVwR6ivZtci0txmYp4oXDuKMhI8w97w8CyKfpcMN2ObBfHnYEq G/r2xFGclfB5wNa8j6YIU0R5tz69adXzU9hncn6HX55d49SREjULgiYwVuL5jC3x tFC28UwZI57kUA1X5hrON2zYW4gRzwgQm6fiPCpook9e0RxtuyypmheSoXJYGUp+ ffNdgBrgYAfJyD8GMWhlCvUlnRO7SkNT1P2LlJiknx6zGg+e2xu1hV0mGIHrvIGd lnnLAgMBAAGjggJdMIICWTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBNaR61AXxLn vNE13gzIBA9eGTOPMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wFAYDVR0RBA0wC4IJbHltYW4ub3JnMEwGA1UdIARFMEMw CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAdH7a gzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYAAAFtVatbxgAABAMARzBFAiEA wHHNHL3+rhSVz9klMt3NeIufpHWRvyC2BqDZqAI7U4kCIEmqzsuI5+p+HAm+4ANY rR/O6Xj5fJanHLlDUiKESVyyAHUAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHH aFRL2I0AAAFtVatbuAAABAMARjBEAiARXysSpGX1pVeOx1DtXoF4NlMh1PqWX3jQ X3YM6gK9swIgfNPLNxcZkzegk+hbeGnZ7+rGVcQlgvxAgxJEB1GipuowDQYJKoZI hvcNAQELBQADggEBAGqaP/NflBosRJWK7xR/KkJa2rgqffCv7uokMvevut+Jrt5U 6QUMg0R6dEdgEqsS906nenn+1CBBpRLr4SW2sjxBT55oX3HeXXGd0fXtqgSXAg4C 7Okz4yxNcXRLrgybKqWpom7oI4bqvDX8O3I7xIGzFGuyldgjqB/mCcRbwlZPHaco bTZex9k4H6f3NWIPPcjzgerDvwxrYUZoHlgTgijIjPjNizH4SoIX/StPR8q1i+vf iSvIAFHbXVTviyMihi050JNEmLsPfuDU8t313gzPUmiS0xG363nFEczMD86YmEM4 4vpuE2511M7lwRubRJYzzRcVmLTYt+0AYxOrgb0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2GrT4u+JAfzVgy0m6F72 9o3/YuFMkcZXbmdSbbz67xCPBZiHuml0Xd4/exMNY71VI01RAR4hqoNL91hSpoQB DOveWR4FwBqUA+sSInPqrUyAsiSArtN9/TYngEVH6nq/YEFPmDcsxfiSQC0Ejw00 U1GCFJ5fYC+57Sla5l7R9V4zcxsn4d7Ghz5qCWPdHI50BRQX6+WeBcGKBuCa+MI0 d8CDgp1jL3OvGon6fGrKgR+B0Y8ugFPaDwZWbeAuypcoyPoH+SbIRD9A0XTiYR2q CoLKEdweBc/9cDfX00we8Uo0DOy2Y6GhlLxdkQbQ2uuXGi5WAO3KGKAx8nntYxv4 zcfCY5dQ55Puu0a6ooQrDoBYLmr28gLnycX6L08hqzul+9vjW9jdkeDLntTnC1Fb lybcJEtYBi6A6uxL1uXK5pGXbvTmRZDzJRXBHqK9m1yLS3GZinihcO4oyEjzD3vD wLIp+lww3Y5sF8edgSob+vbEUZyV8HnA1ryPpghTRHm3Pr1p1fNT2Gdyfodfnl3j 1JESNQuCJjBW4vmMLfG0ULbxTBkjnuRQDVfmGs43bNhbiBHPCBCbp+I8KmiiT17R HG27LKmaF5KhclgZSn59812AGuBgB8nIPwYxaGUK9SWdE7tKQ1PU/YuUmKSfHrMa D57bG7WFXSYYgeu8gZ2WecsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 301629029362214921376481235626907862519497 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-21 20:12:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-20 20:12:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lyman.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 882905536337612520983424677566054683065152639510212796574318517137279134242394341288608109133818590539710435458417233617449276052802541776937222716751240871727709349183755266257143979255206313811554631258801378012241012119493914806422183526606234957202370547830401326703707735430165479924650076489992769302344542202532605366005988634267076837775638124417483365706518132722113607926314179739195390934093304704650851098716213130939320080399447902306936303991163177051303518675711735647107678016050967268056460142814923102489119577884312550185751568278134448745374074089941091813140073496604128282031104270293794278758667446528024759779589623378109882549293121591006331236392562655719799059386509086379165658092880504284563377505580347178898285525999479974640979393578982749502953325526179301154896778131901320575348526022416982910641823357500669480831123753553534261251486961874688354284921859633463833772123545264676462132687954064365019439873397633109561631737944322701863319647696104153633857498141310551567692884125913106285436433117452287164323612214077021511707530332887848594888196159865275266749384446630801186639550953022661915501564841022582456483016319894494408581953699768883309950353991324748656693119205645894670024604107 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 135a47ad405f12e7bcd135de0cc8040f5e19338f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lyman.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d55ab5bc60000040300473045022100c071cd1cbdfeae1495cfd92532ddcd788b9fa47591bf20b606a0d9a8023b5389022049aacecb88e7ea7e1c09bee00358ad1fcee978f97c96a71cb943522284495cb200750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d55ab5bb800000403004630440220115f2b12a465f5a5578ec750ed5e8178365321d4fa965f78d05f760cea02bdb302207cd3cb3717199337a093e85b7869d9efeac655c42582fc408312440751a2a6ea . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006a9a3ff35f941a2c44958aef147f2a425adab82a7df0afeeea2432f7afbadf89aede54e9050c83447a74476012ab12f74ea77a79fed42041a512ebe125b6b23c414f9e685f71de5d719dd1f5edaa0497020e02ece933e32c4d71744bae0c9b2aa5a9a26ee82386eabc35fc3b723bc481b3146bb295d823a81fe609c45bc2564f1da7286d365ec7d9381fa7f735620f3dc8f381eac3bf0c6b6146681e58138228c88cf8cd8b31f84a8217fd2b4f47cab58bebdf892bc80051db5d54ef8b2322862d39d0934498bb0f7ee0d4f2ddf5de0ccf526892d311b7eb79c511cccc0fce98984338e2fa6e136e75d4cee5c11b9b449633cd171598b4d8b7ed006313ab81bd