notvalid.com
Issued by R3
About this certificate
This digital certificate with serial number 03:b6:7b:b1:8d:85:41:a7:b2:d8:bf:a7:b9:7a:9c:57:fe:06 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=notvalid.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b6:7b:b1:8d:85:41:a7:b2:d8:bf:a7:b9:7a:9c:57:fe:06Serial Number (int): 323432665525294464597175785856924344909318
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7d:0b:8f:c2:ca:c2:35:c0:e0:3b:7b:aa:19:dc:81:b8:2d:f9:f8:7e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 75:e6:71:2c:f5:f1:db:f2:29:8e:ff:a8:ee:20:e9:a2:ef:05:4a:7c
Fingerprint (sha256): 4d:c2:ca:3a:3a:80:2d:6c:ea:78:60:02:be:3e:f8:3c:dc:4f:c0:fe:57:c4:2d:85:95:3e:77:2f:07:28:a7:14
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate notvalid.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for notvalid.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
notvalid.com
Other certificates including the domain name notvalid.com
(limited to 100 certificates)
qh.org
www.notvalid.com
al-karama.com
www.notvalid.com
www.notvalid.com
notvalid.com
notvalid.com
notvalid.com
notvalid.com
www.orlandosportsdoctor.com
notvalid.com
www.culturepeace.net
www.notvalid.com
www.esportscanberra.com
notvalid.com
notvalid.com
bilocali.org
newyorksportsmedicine.org
www.notvalid.com
notvalid.com
casinolist.co.za
notvalid.com
www.notvalid.com
www.notvalid.com
www.notvalid.com
al-karama.com
www.notvalid.com
www.notvalid.com
notvalid.com
notvalid.com
notvalid.com
notvalid.com
www.orlandosportsdoctor.com
notvalid.com
www.culturepeace.net
www.notvalid.com
www.esportscanberra.com
notvalid.com
notvalid.com
bilocali.org
newyorksportsmedicine.org
www.notvalid.com
notvalid.com
casinolist.co.za
notvalid.com
www.notvalid.com
www.notvalid.com
Certificate
The complete raw certificate details for notvalid.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5jCCBM6gAwIBAgISA7Z7sY2FQaey2L+nuXqcV/4GMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjUyMDE2MzVaFw0yNDA0MjQyMDE2MzRaMBcxFTATBgNVBAMT DG5vdHZhbGlkLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMIw kUCoapqqIqV0A3y7LaHm8RlqR6xdm4an4nNWVFQPlTabSSEs+deA5QRxnJc6VBV6 gISsf1gC9/MY5I83cogcsUuUQtwG7+MdPjscneJ7Ueyosp9Rnj/DHyDSBgFcDq9z edNbX2+dfwBAScL7OtJgNnOKSg9J45GZmqdSCmyBra4zBi06SoplAJxYykZXnsJR Iz0l2zI8OsAMChSfYK0GbZjuZzF1XuukgCnvxklCwZLQHciPtJ2VialvjiB054WS G8S1F2fhaD3AydJlp4yTSF2pYEmHJjsjyW4ZYT5PAON4VoelwKRImxIbXi2sUX6K MR/aomqtoAAbw3xsJDtsmkb6Ofq56RXHnLtxpH26oiOtzwLL9EBM20iS9Ac6zDVW qaWPqGhOEG1acb6+JRns1kTJX4yVqlf5vFDO+4h5gR9Ftz+cYxm8n2RNcP+6cv0x nFujNz+FHJf0GnxiWyo6+ANJuPNFtt1RNGAZFJV0oIz/adt29eoaQMziNCThjfQ2 2GT1cfEUhoBxMvkGoWSHIH4UT5OCOyOGPBs/wHZgxOKKFvbBfe2jhnLnCQiXCmCi ZX6D6AwfNtuIK8rWffaGX7bNHnewXDk7AmI9Qtv8YXMSkq2w+pM94mCWyi6A+O38 ioo5fKWhdrBwnwfK4YFLek/dk50WPiKkzpDUJA6RAgMBAAGjggIPMIICCzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFH0Lj8LKwjXA4Dt7qhncgbgt+fh+MB8GA1UdIwQY MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v cjMuaS5sZW5jci5vcmcvMBcGA1UdEQQQMA6CDG5vdHZhbGlkLmNvbTATBgNVHSAE DDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ADtTd3U+LbmA ToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjUJ7VhYAAAQDAEgwRgIhALnfdfWo sexzbrA2lLr25sbl92IXC/p6FtNR6OB/Oz+SAiEA2m0+P9+6eb95Mr2tbNr1U9DR UurjAHM5BgK3jNV3sj8AdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1 mwAAAY1Ce1YYAAAEAwBHMEUCIQDEsL8gkPvOxWoD3RkA55T4+cTQaFzrfRoDxej9 jH+inwIgDtJgUNMHtxX1Cg2AODBI/ZeSQ4M9kzodFY5TFvGXAKEwDQYJKoZIhvcN AQELBQADggEBAJgNr5IbPV6YFhOozPwAcgFuwEbEFJWX+ssbJ5vlba6eDWaRU70z Bw72zTmAfwMzzIU9tKPHotkhEGujO0kMz4mqrdYKtds16qdujHpTmwyocBGN79pf 7F+Efy2l1/KmFJuZ7c+A3IPnJ6FJP/DropWPYnZpW9rDR/daloUbI5lv2wtIgq+g 3cVFiJex47G+wDSKGlqHZtebYnoutQoiGuTpEBQv+uly5ca4JcmY9nMcT8Xn75l5 xcoo4Ul3fsyPTTuZeC1vf1efKJeQRjxtkEfwylmMcMa6rn1unBHlgnbshf2khgMt wNfOir5iXsmILMV/vcOhm7pB7IYRsB93AqU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwjCRQKhqmqoipXQDfLst oebxGWpHrF2bhqfic1ZUVA+VNptJISz514DlBHGclzpUFXqAhKx/WAL38xjkjzdy iByxS5RC3Abv4x0+Oxyd4ntR7Kiyn1GeP8MfINIGAVwOr3N501tfb51/AEBJwvs6 0mA2c4pKD0njkZmap1IKbIGtrjMGLTpKimUAnFjKRleewlEjPSXbMjw6wAwKFJ9g rQZtmO5nMXVe66SAKe/GSULBktAdyI+0nZWJqW+OIHTnhZIbxLUXZ+FoPcDJ0mWn jJNIXalgSYcmOyPJbhlhPk8A43hWh6XApEibEhteLaxRfooxH9qiaq2gABvDfGwk O2yaRvo5+rnpFcecu3GkfbqiI63PAsv0QEzbSJL0BzrMNVappY+oaE4QbVpxvr4l GezWRMlfjJWqV/m8UM77iHmBH0W3P5xjGbyfZE1w/7py/TGcW6M3P4Ucl/QafGJb Kjr4A0m480W23VE0YBkUlXSgjP9p23b16hpAzOI0JOGN9DbYZPVx8RSGgHEy+Qah ZIcgfhRPk4I7I4Y8Gz/AdmDE4ooW9sF97aOGcucJCJcKYKJlfoPoDB8224grytZ9 9oZfts0ed7BcOTsCYj1C2/xhcxKSrbD6kz3iYJbKLoD47fyKijl8paF2sHCfB8rh gUt6T92TnRY+IqTOkNQkDpECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 323432665525294464597175785856924344909318 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 20:16:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-24 20:16:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'notvalid.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 792224924493339718115808800557484754395076688514486773898194996436088294678651982921077431636898811609641710828624974061109878319243758077767675837979303122430964175367641454460861812483392799304630277486446571809953972309021850321861537144371181337896347382649336976088107451537667258388029369522196968761382823410255701789886485661331437463622910320750776461104795898316956055409742649071717077660724989143583317181144491087264553034599242986766651741022910493838734111039130390970947163790899660199475174585004748083123613028021582102418426353907094753677493593569567987347937234695110826065415881962519157215893782823379790489218486134187155266110192169457771621917627861658046379593044503733884094708023709601359446452335471594241580964849675991351478702853670146069796718050965464685980802973363729389872738765158399977138553513150653903111996016451082295407732628235183724677140445792972667069084578864324990536314083993096376605025091314107622397123382927919852726823065721886965474679436418393357516239184284739938864138388791778193897571689848217014672364043390888888203020732652422090354918490356742851311723166458290854916821763442760285637048629799805373536986834677146014380230974592886506600136230655860520155783368337 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7d0b8fc2cac235c0e03b7baa19dc81b82df9f87e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'notvalid.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d427b56160000040300483046022100b9df75f5a8b1ec736eb03694baf6e6c6e5f762170bfa7a16d351e8e07f3b3f92022100da6d3e3fdfba79bf7932bdad6cdaf553d0d152eae30073390602b78cd577b23f007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d427b56180000040300473045022100c4b0bf2090fbcec56a03dd1900e794f8f9c4d0685ceb7d1a03c5e8fd8c7fa29f02200ed26050d307b715f50a0d80383048fd979243833d933a1d158e5316f19700a1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00980daf921b3d5e981613a8ccfc0072016ec046c4149597facb1b279be56dae9e0d669153bd33070ef6cd39807f0333cc853db4a3c7a2d921106ba33b490ccf89aaadd60ab5db35eaa76e8c7a539b0ca870118defda5fec5f847f2da5d7f2a6149b99edcf80dc83e727a1493ff0eba2958f6276695bdac347f75a96851b23996fdb0b4882afa0ddc5458897b1e3b1bec0348a1a5a8766d79b627a2eb50a221ae4e910142ffae972e5c6b825c998f6731c4fc5e7ef9979c5ca28e149777ecc8f4d3b99782d6f7f579f289790463c6d9047f0ca598c70c6baae7d6e9c11e58276ec85fda486032dc0d7ce8abe625ec9882cc57fbdc3a19bba41ec8611b01f7702a5