heroflex.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:5b:57:ed:69:1e:3c:ba:b4:8b:4f:c0:c8:bb:b0:ad:a7:06 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=heroflex.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5b:57:ed:69:1e:3c:ba:b4:8b:4f:c0:c8:bb:b0:ad:a7:06Serial Number (int): 379531714658883795268994145052328396171014
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: b8:86:13:75:fc:00:1d:35:87:7e:f3:75:b9:bb:44:5c:84:0e:52:09
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): c5:cb:ef:e5:45:78:2e:39:6b:85:1c:3a:8f:24:22:68:c5:c4:ef:ec
Fingerprint (sha256): 4d:93:04:9c:e3:d1:87:21:e0:f2:b6:ba:49:1e:3b:92:52:0e:51:a5:d4:4e:76:9e:31:df:33:62:e6:63:ec:46
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate heroflex.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for heroflex.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
heroflex.com
Other certificates including the domain name heroflex.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for heroflex.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISBFtX7WkePLq0i0/AyLuwracGMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTEwNTM3MTlaFw0y MDAzMTAwNTM3MTlaMBcxFTATBgNVBAMTDGhlcm9mbGV4LmNvbTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAKrNXBAFlhdVxHpUTxMzYvdx1zpa13BMeN9I vfoCnwpT0Icx4brxgPE8ZHhuIaj41TM3XC33OocnhKPmTAVTHtFLhlEx9PO/n8cb TWKs1xZ6e8DMSNAITOyHmpH8ajGAiron3zOe4Aj/zNWo4jVSVAf7XT4xXffuCX2I u7N/5lXYvdPkGLDgHrTsH7vDoBk9Z5VDumQbx4Rjfu1HPxGOsiTWIuSOKnfNM9Nv Oxfi+MYLwKvd5ys2a3jDBQVvFBhPoBfLbnZi30cXjovX2i1kfZY3LLHLF0lXnjja Q11SWPgVqDQ4S3a3nUAovaNIy0ATMxiwm2X6AzHnLnwBV57VQVM0U6DFW5iQT5Lv hgSKFpfdsTNHIxBHXHiQA27CmCnWo58OUWY5JqRo9VeacSjOVR+fZcqTmttuuzIg SyqHKZJkZu3NaqemTTNztA3Hif+fsnFr1cETGCpCbEsUCFPMfyPdB8LWZlAJ79x8 ZKcEbwL+uza5ZZE54fJmO2AD1RQCXy6XRPa8NtdpYSg58bdfz6K84/rLniVEm+vl hxU8dHsjeqzYrMXJ735lGrXCqRi1Mv/8Owq5MiWjFjAOl5HY42cbbLtBVR/q9R8p Twn6BCtS/uGBZdXkmcLJLiia66dvA9qRr8UjPLp1RsF76bN6TcpiL+lS50+n1b6Z ATyI8gr7AgMBAAGjggJiMIICXjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLiGE3X8 AB01h37zdbm7RFyEDlIJMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMaGVyb2ZsZXguY29tMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDx AHcA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFu860eBgAABAMA SDBGAiEA4DYo5MffblViXesiWdWyQ4SVsa/qRqkPVpDBex5nq44CIQDhTuf/P80S V0leR9+MA+wGeMLex1kYe7VvCVRXr3snugB2AAe3XBvlfWj/8bDGHSMVx7rmV3xX lLdq7rxhOhpp06IcAAABbvOtHi0AAAQDAEcwRQIgUnLnm2VJ3hBAqk8ZfbcOiGjc bm6zTBPppC2MwE4tk4QCIQCXahaW5eiuGud/E2UsYiEdJhkEUUdW+T7rBC7SC26Q 1DANBgkqhkiG9w0BAQsFAAOCAQEAmpYYxNl8JEh7pcjevVqW3pcaxQwtBYelH5h8 Wt7hFCF0GTqinpMzJjDbLD3cR8yssQfhthqyox7zlxwzjL4cz6VuygvLQaiZzEi4 U1JhYLSQCjR4pEo5x62lfcuLOhY+AcACdT1bF6t5XRkTcTc9uUaFlsl79V0g4F7X ZIXCiN+mafxwRn9vLhlskmfgmjvXX6p95fdeUPaZuk9H5d6hYKtiWUzar8WLo3CA /FXafNIcmLfg1EARs5xC8ocRCSikF8CqaZtNf0Q9r7jctrU1nxlppqJzahRcDGio 0qZSoQMPaLP0A11AFHyKsg+Sqdgr8wk/zMY7WnSqR6FHH0G8Dw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqs1cEAWWF1XEelRPEzNi 93HXOlrXcEx430i9+gKfClPQhzHhuvGA8TxkeG4hqPjVMzdcLfc6hyeEo+ZMBVMe 0UuGUTH087+fxxtNYqzXFnp7wMxI0AhM7IeakfxqMYCKuiffM57gCP/M1ajiNVJU B/tdPjFd9+4JfYi7s3/mVdi90+QYsOAetOwfu8OgGT1nlUO6ZBvHhGN+7Uc/EY6y JNYi5I4qd80z0287F+L4xgvAq93nKzZreMMFBW8UGE+gF8tudmLfRxeOi9faLWR9 ljcsscsXSVeeONpDXVJY+BWoNDhLdredQCi9o0jLQBMzGLCbZfoDMecufAFXntVB UzRToMVbmJBPku+GBIoWl92xM0cjEEdceJADbsKYKdajnw5RZjkmpGj1V5pxKM5V H59lypOa2267MiBLKocpkmRm7c1qp6ZNM3O0DceJ/5+ycWvVwRMYKkJsSxQIU8x/ I90HwtZmUAnv3HxkpwRvAv67NrllkTnh8mY7YAPVFAJfLpdE9rw212lhKDnxt1/P orzj+sueJUSb6+WHFTx0eyN6rNisxcnvfmUatcKpGLUy//w7CrkyJaMWMA6Xkdjj Zxtsu0FVH+r1HylPCfoEK1L+4YFl1eSZwskuKJrrp28D2pGvxSM8unVGwXvps3pN ymIv6VLnT6fVvpkBPIjyCvsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 379531714658883795268994145052328396171014 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-11 05:37:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-10 05:37:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'heroflex.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 696812124975125955580659024583880872028899134208925296173878822530628818623847638846633182530778660710045616764189732787715146028952807593535133709784054964818966894099791998642532176046573014656676202054229286638554911379519877970152052709732172463495916257402035059075391304394258688822603648882807000399912504252030023880608276281757209496171025770111579800509357418589283155288932404655087401816985404955719687200849520889935495338833182558727589748581135510121252154506636749969588857656128910891759928380025439844403156388728445551866340461242859270701996684396511518902891351602577984936470300375587768539644359048742048993003887486751745211892951605311803525113524015025414815788551806983633764293786822902681781036197972408272669701594395547726761129111611459022846932422845855411771456288405460384995299148757221533493269603543332118360307763081549240378949771769005859513623906147686681959854144897894892245315569333418534208732290044007610222881895152566523653652366525188618035137269791543867447666204029826513480007423381910411965276216958658514270994506203798580554542596853872540723112907276266866022882402734106730185974359968552684807293093167795971410747384788691275292131010541450106796933170866101252148052495099 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b8861375fc001d35877ef375b9bb445c840e5209 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heroflex.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016ef3ad1e060000040300483046022100e03628e4c7df6e55625deb2259d5b2438495b1afea46a90f5690c17b1e67ab8e022100e14ee7ff3fcd1257495e47df8c03ec0678c2dec759187bb56f095457af7b27ba00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ef3ad1e2d000004030047304502205272e79b6549de1040aa4f197db70e8868dc6e6eb34c13e9a42d8cc04e2d9384022100976a1696e5e8ae1ae77f13652c62211d261904514756f93eeb042ed20b6e90d4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009a9618c4d97c24487ba5c8debd5a96de971ac50c2d0587a51f987c5adee1142174193aa29e93332630db2c3ddc47ccacb107e1b61ab2a31ef3971c338cbe1ccfa56eca0bcb41a899cc48b853526160b4900a3478a44a39c7ada57dcb8b3a163e01c002753d5b17ab795d191371373db9468596c97bf55d20e05ed76485c288dfa669fc70467f6f2e196c9267e09a3bd75faa7de5f75e50f699ba4f47e5dea160ab62594cdaafc58ba37080fc55da7cd21c98b7e0d44011b39c42f287110928a417c0aa699b4d7f443dafb8dcb6b5359f1969a6a2736a145c0c68a8d2a652a1030f68b3f4035d40147c8ab20f92a9d82bf3093fccc63b5a74aa47a1471f41bc0f