contrera.com

Issued by R3

About this certificate

This digital certificate with serial number 03:d8:0a:eb:3f:e5:e4:45:69:cc:79:c6:d5:03:6b:13:a5:2d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=contrera.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:d8:0a:eb:3f:e5:e4:45:69:cc:79:c6:d5:03:6b:13:a5:2d
Serial Number (int): 334852362815928753634745337980264922719533
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: ca:35:a7:9c:70:83:b6:63:22:58:a3:98:4c:66:b3:86:02:3c:44:93
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 32:7c:d5:bb:67:b2:0c:34:f4:27:2c:11:d8:9a:31:84:98:d2:8c:db
Fingerprint (sha256): 4f:bc:9d:f7:94:0d:07:a0:fc:77:38:79:27:fe:bc:51:b7:9c:64:12:6e:0c:6f:48:b3:91:1f:3f:ae:87:82:bf

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate contrera.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for contrera.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

contrera.com

Other certificates including the domain name contrera.com

(limited to 100 certificates)
boatsafety.online
contrera.com
contrera.com
contrera.com
contrera.com
www.eleased.com
contrera.com
contrera.com
www.contrera.com
www.contrera.com
www.contrera.com
www.contrera.com
www.ab2c.com
aashyana.com
contrera.com
www.profootballtv.com
www.continuidad.com
www.contrera.com

Certificate

The complete raw certificate details for contrera.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISA9gK6z/l5EVpzHnG1QNrE6UtMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjYwNDIzMzJaFw0yNDAzMjUwNDIzMzFaMBcxFTATBgNVBAMT
DGNvbnRyZXJhLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL+H
n4X7bE/qKHH57yAfoTXaGlt+AHc0GjeaooqgqwUxehUe+/fDhv88KAfrgQAbwIXG
qtJS2aTI5OBBYMvgS1sff7nolRllxFp8xgnp+kjZzls0VeWQXsSjvt0CQO0ELqWQ
FUjn2CQIITVOruiYBGr2OdYmFzTF3k6YLl/NMA87Wv/47QqU4cwQK0UY0MwMFkIx
ZvFwQLEobmB68ETuKUf1geYt9gRtU1Qm1HOHJEOK8sDFGQciKfmmI6LKjcLoMck0
6D/rFYep9ELAlCaqR9pQgdkNN+h4EyH1AaeN0LARAe6kHgOhsWV+enMF0u83c8Kd
+N5mTXqYXs04isoXJytfrJaymGsC1xQTIpkKMt9bbLOwjp8dH7YtKrcNP1IbLd2w
YruRgH9/9IAunZSgOyUN1UcO1uCGGLeSQu6f6DoaJAcc8ll4lb6zCVkf8N0eU1ol
bD1lyy0cszNHs9GCAJvU2fOffkMUas3jyaFMha7iPTtI6/gcyFeECH/bQlp+JZPV
Lg97QSsAyF0HYbeLbUUqqyvTi2cTYooDlwwEoLbCh0wmlGCEMF63Igb2MM0jPQBU
+w0Z4+W2ehL+aWJcNEoLvjQVQztUMP86XwPLcFhXkoGSwV4wQ2ZzP7339SD6qVwJ
VbPmeTQwZ2FRdxkwHx0KlhKMPefL2us0+KwD/CUBAgMBAAGjggIPMIICCzAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHQYDVR0OBBYEFMo1p5xwg7ZjIlijmExms4YCPESTMB8GA1UdIwQY
MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF
BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v
cjMuaS5sZW5jci5vcmcvMBcGA1UdEQQQMA6CDGNvbnRyZXJhLmNvbTATBgNVHSAE
DDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ADtTd3U+LbmA
ToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjKSUA/MAAAQDAEcwRQIgOZoIbkD9
iErSFMR6UzyfeNsDuoivH4u83pZTy8r2Fi4CIQCp770CSExtIeHlv0jznUQh+nF7
NtFd6f4GUklCbNwuZwB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABjKSUBd8AAAQDAEgwRgIhAJfjBP+khfQFwIgks7nCCxQ6OX2Uvf8hTvGOUxwZ
yyJaAiEAj4Aq3yFNHURyKrjht+lGC44DGGxuYqH3IU2PpbgB2mUwDQYJKoZIhvcN
AQELBQADggEBAGQw8qeKYipDg9RvfiG1yC6LhgzHuKWdzhoOfpwgh+ojPrSfGtua
zbswlvs++YD5OwLvkX9ZBQFGrrJUSwgyA0U30+yj6VuTTUtpfwv2IvqrZ70vTNwN
szLShA6pD9mUsNbPtGDd3jgP8QsoW3UJ6hpKHXg/OryPOnk5scqC4ljGDpRaLTlB
nBKNm4zkPm3w4/NrIjA7BkI/2NVDVXu8Bi/jKhrm8NzHpKkKldwKimBoL/dLtFbq
HwsHDrCbZ1gVm6c1aism8EwTDbgpMb22i08624vuEWOOzQq2KhDjKmkBT1TYt0j0
WTmMLmXh1aOnxe4/OwgCUlVw25PtFEmbGN8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv4efhftsT+oocfnvIB+h
NdoaW34AdzQaN5qiiqCrBTF6FR7798OG/zwoB+uBABvAhcaq0lLZpMjk4EFgy+BL
Wx9/ueiVGWXEWnzGCen6SNnOWzRV5ZBexKO+3QJA7QQupZAVSOfYJAghNU6u6JgE
avY51iYXNMXeTpguX80wDzta//jtCpThzBArRRjQzAwWQjFm8XBAsShuYHrwRO4p
R/WB5i32BG1TVCbUc4ckQ4rywMUZByIp+aYjosqNwugxyTToP+sVh6n0QsCUJqpH
2lCB2Q036HgTIfUBp43QsBEB7qQeA6GxZX56cwXS7zdzwp343mZNephezTiKyhcn
K1+slrKYawLXFBMimQoy31tss7COnx0fti0qtw0/Uhst3bBiu5GAf3/0gC6dlKA7
JQ3VRw7W4IYYt5JC7p/oOhokBxzyWXiVvrMJWR/w3R5TWiVsPWXLLRyzM0ez0YIA
m9TZ859+QxRqzePJoUyFruI9O0jr+BzIV4QIf9tCWn4lk9UuD3tBKwDIXQdht4tt
RSqrK9OLZxNiigOXDASgtsKHTCaUYIQwXrciBvYwzSM9AFT7DRnj5bZ6Ev5pYlw0
Sgu+NBVDO1Qw/zpfA8twWFeSgZLBXjBDZnM/vff1IPqpXAlVs+Z5NDBnYVF3GTAf
HQqWEow958va6zT4rAP8JQECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 334852362815928753634745337980264922719533
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 04:23:32 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-25 04:23:31 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'contrera.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 781373322191297504826965128868018600651084504716770390955673780946260503555258948041200428961036016661120069611809219848611530245262625911491306383349030229371879990982982227936577911882281627220526542678401382877631825550500948016518808508376217703317034359784898679433195760320990937030289335515253022933599181182645374722423617624668563320725027270106054655884660475741474498841168290321637238340910033335270342265167384926970397111697347115516907117954043319762201047022541132184367808784933225309702998853737668086778920573072362516662244325193111249965746836652279483753364977478310478940803691307528472131909081318902264598077386030875631235351913077650695163566067313385463086326927347338056549297841180339486156446404759215727459293357553734495230441024438353919605918551101665954612685396452719876748998148999668303408392429428899041277513972806546487489562110636279196246318297969848359108460668773755408348716850741583246646130262083981876816464215720744504139571997053143109391563565373729125030278318953872639958982204389014575298997675301960670265301539045634238287011743677859023048463661857183985890409062060798861289200323111199082172347487659797062163567735597503925835418974695847342893362226679859827481962620161
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ca35a79c7083b6632258a3984c66b386023c4493
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'contrera.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ca49403f300000403004730450220399a086e40fd884ad214c47a533c9f78db03ba88af1f8bbcde9653cbcaf6162e022100a9efbd02484c6d21e1e5bf48f39d4421fa717b36d15de9fe065249426cdc2e6700770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ca49405df000004030048304602210097e304ffa485f405c08824b3b9c20b143a397d94bdff214ef18e531c19cb225a0221008f802adf214d1d44722ab8e1b7e9460b8e03186c6e62a1f7214d8fa5b801da65
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006430f2a78a622a4383d46f7e21b5c82e8b860cc7b8a59dce1a0e7e9c2087ea233eb49f1adb9acdbb3096fb3ef980f93b02ef917f59050146aeb2544b0832034537d3eca3e95b934d4b697f0bf622faab67bd2f4cdc0db332d2840ea90fd994b0d6cfb460ddde380ff10b285b7509ea1a4a1d783f3abc8f3a7939b1ca82e258c60e945a2d39419c128d9b8ce43e6df0e3f36b22303b06423fd8d543557bbc062fe32a1ae6f0dcc7a4a90a95dc0a8a60682ff74bb456ea1f0b070eb09b6758159ba7356a2b26f04c130db82931bdb68b4f3adb8bee11638ecd0ab62a10e32a69014f54d8b748f459398c2e65e1d5a3a7c5ee3f3b0802525570db93ed14499b18df