terra.business
Issued by R3
About this certificate
This digital certificate with serial number 04:7e:fe:a9:00:c3:17:d2:04:09:14:b3:32:68:13:db:86:7a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=terra.business
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:7e:fe:a9:00:c3:17:d2:04:09:14:b3:32:68:13:db:86:7aSerial Number (int): 391663223383634557739454121252638865196666
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ee:32:c2:22:98:77:2f:5c:5a:3f:63:5f:90:2d:0f:c7:8b:fc:41:dd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a8:4b:5b:93:ba:35:b7:12:19:47:a6:e1:1a:64:b2:07:59:5f:1d:37
Fingerprint (sha256): 4b:eb:30:85:ad:0b:7c:e7:33:33:ff:3f:a2:40:13:a2:39:2d:64:6b:f8:3f:e0:2b:bf:ce:2f:36:7d:37:f9:f4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate terra.business
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for terra.business
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
terra.business
www.terra.business
www.terra.business
Other certificates including the domain name terra.business
(limited to 100 certificates)
Certificate
The complete raw certificate details for terra.business in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/TCCBOWgAwIBAgISBH7+qQDDF9IECRSzMmgT24Z6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjAwOTEwMzJaFw0yNDAzMTkwOTEwMzFaMBkxFzAVBgNVBAMT DnRlcnJhLmJ1c2luZXNzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA uCZCnVBBQajGNyHO/qZsyYMMFn1KT0JxPEqb3EFrsZKISKGsuePsvT1KdLBUfJr9 2fEYVHXcK6NhABl6UVuv9IzzV1mlav3H6GboZNudjG5jW7AupNHiXtZwUEAxYyNh ixsFCSdO2zoVIYAGZVXnK1nt83U4ccSY/58yCcGSxBRw8AmOQrFhmku/HdkZQmxI lq+3ufjFuz8j7YGBpyZncQc7bN+CyzwCyba5uPtdydj7gBFHF0tWbg7Sam6uGK8K sC0chiruXH07Ehc3b2XgpAzAMtWc2siX3KFcW3acIu15sxtBnQpFuoMpPyRtr+hB Ha1y5/fZXL0EGZmytUU6tgG5/vaF68nqkwCMWT1KbbJQNLNH4ilOAoGxLFNiarIX cNSjAJ0986X0ZmUlo51GJV2HKwRwiv/vhqPcEl4uA0u+kd6Xejd87agZbRs6WpMc g4pDo/nWgo5Cq2kVO86BJ0Q/WQs7kUqBILfTeYKddBqU9ir/ooAa6Gq2ZbprPqTO VFoZK5vzGWMTthF5hy9bIsgwBzkbFc3S871mnzHEKqpI6un3mrEq3evhIjEuiiba VWUPEp1mhcm0Vk4Fpt+we/qiLMXSje0opb/DNEXC2JdM41X9dar2WdwBIp4fYTUJ 7LqnWeFexqhVdE10mFY83cmEmGvAU118aGQ9VZMLiy8CAwEAAaOCAiQwggIgMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQU7jLCIph3L1xaP2NfkC0Px4v8Qd0wHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIOdGVycmEuYnVzaW5lc3OCEnd3 dy50ZXJyYS5idXNpbmVzczATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB 1nkCBAIEgfUEgfIA8AB3ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQX AAABjIa0nV4AAAQDAEgwRgIhAI4ZTV0Y7lQ77RHIxdRxAfFiV9gfp5gAzA5flRRQ wW+dAiEAij2587oEuTpXnAkZdAsnsi1SJXmueI/JvJVayrC1+ZQAdQCi4r/WHt4v Lweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAYyGtJ1mAAAEAwBGMEQCICCJySJz YCKXwdPwF5TftYKvagV21jGhyc8CYuZnFYt+AiBRO7QwCptJtzK4d2wsRmMge8xz jy1jR8buGdwJKJ2cejANBgkqhkiG9w0BAQsFAAOCAQEAOA6SnDeqDMNzr/PIZMDO 0OXmqjR95mp0us0l8njSdjbBNJqZ7GavMqtK2uLqeeDRy/C6WmjoP9iFqRDAq+DR tomUGFY5+oBOjQjv9wLjIVxvzrdg8fXYlJqfcJU2+q0dXNTSmDqHjOLa6tu6JNMY 9xK2Sn+YS0bHgXxl4/WNF8q82DnXHmdd3nMehJUvPTrTRZkbDI0GsfvYXmveZOvE MMtAG5qsEipOUW5tXhxy+mO8lRHSwLk1ZZnaTfzGyHewVWVDUuodlTNCt0cSjO28 MbAG1O7RyUnkZYXJ7XVcY6Ibl0pFIx9SLngXChwTMmwrLw8D1kE/pCeL3EetVCqW vw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuCZCnVBBQajGNyHO/qZs yYMMFn1KT0JxPEqb3EFrsZKISKGsuePsvT1KdLBUfJr92fEYVHXcK6NhABl6UVuv 9IzzV1mlav3H6GboZNudjG5jW7AupNHiXtZwUEAxYyNhixsFCSdO2zoVIYAGZVXn K1nt83U4ccSY/58yCcGSxBRw8AmOQrFhmku/HdkZQmxIlq+3ufjFuz8j7YGBpyZn cQc7bN+CyzwCyba5uPtdydj7gBFHF0tWbg7Sam6uGK8KsC0chiruXH07Ehc3b2Xg pAzAMtWc2siX3KFcW3acIu15sxtBnQpFuoMpPyRtr+hBHa1y5/fZXL0EGZmytUU6 tgG5/vaF68nqkwCMWT1KbbJQNLNH4ilOAoGxLFNiarIXcNSjAJ0986X0ZmUlo51G JV2HKwRwiv/vhqPcEl4uA0u+kd6Xejd87agZbRs6WpMcg4pDo/nWgo5Cq2kVO86B J0Q/WQs7kUqBILfTeYKddBqU9ir/ooAa6Gq2ZbprPqTOVFoZK5vzGWMTthF5hy9b IsgwBzkbFc3S871mnzHEKqpI6un3mrEq3evhIjEuiibaVWUPEp1mhcm0Vk4Fpt+w e/qiLMXSje0opb/DNEXC2JdM41X9dar2WdwBIp4fYTUJ7LqnWeFexqhVdE10mFY8 3cmEmGvAU118aGQ9VZMLiy8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 391663223383634557739454121252638865196666 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 09:10:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-19 09:10:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'terra.business' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 751264227463568737676402078134445869324361170635936392563733365067645853757860552238797651877556867877298595269782805812122829810447297761527257701758497920285144404772949306710990124163076246768960154294171285048489666433457079493670351744872719034701581336153075428307021789396391536759180179917217638297864037917905516404054671440945528830046349547372588062219913141091756909227192507967977605108414549505598673573542672580782912613980135037666905901407247442648312493385155804799810375743923716394384170303889185354680774722888548536673447979598554364958772841485104147039379968432290404533908248601850108511030087867104386767243729057405286140488678000917254999798905548158185741845454375342039333210228415606972968179799105739569609861718448171965911831162338721465045155149176888534195416789423990335995160150135698321609617651468520068375791264034485577408818208557803813268759909765392600872006149948699862040097578960399960364537116452974407937582899071812019995098672468304333588382899671155596216209631465860014346839544984115738803048417895864693275479703368384615909909602504967230951347250637807987419160660031074001146208777223442385322982334712501230550876506423761384775122023060769329468371723995075891795237505839 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ee32c22298772f5c5a3f635f902d0fc78bfc41dd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'terra.business' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.terra.business' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c86b49d5e00000403004830460221008e194d5d18ee543bed11c8c5d47101f16257d81fa79800cc0e5f951450c16f9d0221008a3db9f3ba04b93a579c0919740b27b22d522579ae788fc9bc955acab0b5f994007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c86b49d66000004030046304402202089c92273602297c1d3f01794dfb582af6a0576d631a1c9cf0262e667158b7e0220513bb4300a9b49b732b8776c2c4663207bcc738f2d6347c6ee19dc09289d9c7a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00380e929c37aa0cc373aff3c864c0ced0e5e6aa347de66a74bacd25f278d27636c1349a99ec66af32ab4adae2ea79e0d1cbf0ba5a68e83fd885a910c0abe0d1b68994185639fa804e8d08eff702e3215c6fceb760f1f5d8949a9f709536faad1d5cd4d2983a878ce2daeadbba24d318f712b64a7f984b46c7817c65e3f58d17cabcd839d71e675dde731e84952f3d3ad345991b0c8d06b1fbd85e6bde64ebc430cb401b9aac122a4e516e6d5e1c72fa63bc9511d2c0b9356599da4dfcc6c877b055654352ea1d953342b747128cedbc31b006d4eed1c949e46585c9ed755c63a21b974a45231f522e78170a1c13326c2b2f0f03d6413fa4278bdc47ad542a96bf