gavinnewsom.com

Issued by R3

About this certificate

This digital certificate with serial number 04:66:7f:b4:2b:eb:74:6d:b7:c3:4f:29:aa:fa:c8:e5:bd:a4 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=gavinnewsom.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:66:7f:b4:2b:eb:74:6d:b7:c3:4f:29:aa:fa:c8:e5:bd:a4
Serial Number (int): 383327692612674194494315174278848187841956
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 2d:41:c6:6a:c2:33:9b:c8:9b:7d:2c:f8:97:df:67:1c:90:2b:7b:f0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 51:62:d2:e4:3e:7a:ce:bd:b8:12:b9:68:fe:25:ef:db:a1:0d:9c:ae
Fingerprint (sha256): 50:55:d5:a2:3e:f6:f8:f7:19:c2:e5:6c:5e:08:3f:7b:b5:61:74:57:3b:0d:24:e9:d5:b6:d3:bf:7e:95:df:07

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate gavinnewsom.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gavinnewsom.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gavinnewsom.com
www.gavinnewsom.com

Other certificates including the domain name gavinnewsom.com

(limited to 100 certificates)
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
act.johnfetterman.com
gavinnewsom.com
www.gavinnewsom.com
sni32094.cloudflaressl.com
act.boldprogressives.org
act.ilhanomar.com
gavinnewsom.com
sni32094.cloudflaressl.com
act.ourrevolution.com
peoplesmillion.whitehelmets.org
act.colorofchange.org
sni32094.cloudflaressl.com
gavinnewsom.com
act.peoplesconvoy.com
act.elizabethwarren.com
sni32094.cloudflaressl.com
act.campaigntoendqualifiedimmunity.org
gavinnewsom.com
action.pollinis.org
act.jamieraskin.com
sni32094.cloudflaressl.com
gavinnewsom.com
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
gavinnewsom.com
gavinnewsom.com
gavinnewsom.com
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
act.gunsensevoter.org
www-default.actionkit.com
sni32094.cloudflaressl.com
act.realjusticepac.org
shop.gavinnewsom.com
gavinnewsom.com
act.powerthepolls.org
faithfulamerica.org
gavinnewsom.com
sni32094.cloudflaressl.com
act.abwt.org
sni32094.cloudflaressl.com
act.ruraldemocratsturnoutfund.com
shop.gavinnewsom.com
action.pollinis.org
act.defendvotingrights.org
act.jstreet.org
sni32094.cloudflaressl.com
act.democratic-strategy.org
gavinnewsom.com
gavinnewsom.com
act.progressflorida.org
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
act.gavinnewsom.com
shop.gavinnewsom.com
shop.gavinnewsom.com
sni32094.cloudflaressl.com
gavinnewsom.com
act.nuestropac.com
act.jamieraskin.com
act.dsausa.org
gavinnewsom.com
www.nowarwithiran.org
act.bcndp.ca
sni32094.cloudflaressl.com

Certificate

The complete raw certificate details for gavinnewsom.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISBGZ/tCvrdG23w08pqvrI5b2kMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA4MjcxMzM5NThaFw0yMzExMjUxMzM5NTdaMBoxGDAWBgNVBAMT
D2dhdmlubmV3c29tLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APSTetUdDhE6MnPQiGm9TXxT73vRxgxqyhmCNsSGQ49YNP2KVbx4s6D0Jo5IXIH3
8NAy7SHHaipmcFlEUJCnQD9thhgETPCy2h0xo9vwM7lOQmRjRDD3L2t2DVoEJPYW
PtLp17r/0+L3YE/9xW8Lh+11S7ruIPnM5WzM67lPmMueLNb8qdVuPza2gKvE/alV
GAS7adVL88NryeDECF3WnjUb4Eal1qUR4IMnmg/9g6ztcFwAeGGPrE7i2PxMboIf
BtOe7KBh8IkDWupsj+np3MCwJllNJad3m1vdYgI+Yw+aocCQkqesTW69dLow66v2
CitAVJvXRR99W5kAevA0JLkCAwEAAaOCAiYwggIiMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQULUHGasIzm8ibfSz4l99nHJAre/AwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wLwYDVR0RBCgwJoIPZ2F2aW5uZXdzb20uY29tghN3d3cuZ2F2aW5uZXdzb20u
Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
AHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGKN2/1xwAABAMA
RzBFAiAlEXFRF8VmuexYEDqcl4/j1vqJ2FNE6iFd7dZrhJuFIgIhAMfhI5HT9T7i
u1EqDsnsLlJoSEwkrb6YsFnZM4Igm+RKAHYA6D7Q2j71BjUy51covIlryQPTy9ER
a+zraeF3fW0GvW4AAAGKN2/1yQAABAMARzBFAiBzGxXS6Rqdv+2sJURpxuYQ6rhn
dFa1xzYDG1iWRZ6uGwIhAIQ84PLWKcKLHhwrRLJS+j/SPoHkEHLZyRZa/0g4/KHm
MA0GCSqGSIb3DQEBCwUAA4IBAQBfU0/r4D+C4YM0AX+cHEwzGOUx1d5Y+uPSVYSs
201aDistO1Rh4l4RPflffszkGkipS88VdJWaLJ7xJ0zdHOtT9PdyC2yWp+eElu0n
KqvJ+038zEH0iPbQeP2Q3S9XB6Xiv5wV/TAwil+DeJxrWnwuBCX6e0ZPeMNjSN3g
+FziemW+aDQ2N7G8FKBdB2+04x7MCEmTtVcVXEj1xjrlrbn6f1R2qkHM35N4u2HB
O4Hu5lK8gmz0CYp2udcjtUpXUfuzzqDSzF1rYhGNE//J8tyukgZ1bTsOo2ddI59e
SDLm0oRBAvmXrTvbIiTeCAh0CRqrOXnZ8qL5JYIjHvBx1yK3
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JN61R0OEToyc9CIab1N
fFPve9HGDGrKGYI2xIZDj1g0/YpVvHizoPQmjkhcgffw0DLtIcdqKmZwWURQkKdA
P22GGARM8LLaHTGj2/AzuU5CZGNEMPcva3YNWgQk9hY+0unXuv/T4vdgT/3FbwuH
7XVLuu4g+czlbMzruU+Yy54s1vyp1W4/NraAq8T9qVUYBLtp1Uvzw2vJ4MQIXdae
NRvgRqXWpRHggyeaD/2DrO1wXAB4YY+sTuLY/Exugh8G057soGHwiQNa6myP6enc
wLAmWU0lp3ebW91iAj5jD5qhwJCSp6xNbr10ujDrq/YKK0BUm9dFH31bmQB68DQk
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 383327692612674194494315174278848187841956
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-27 13:39:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-25 13:39:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gavinnewsom.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30874871418674330599856582475032938667375268619443001630863980336265595132255055319191643458111097912849518683644418268103987213994455977559607858848119842980533392049063729003920357542074988987461137585846020662431659934377838370289619002655875385799518291331039036698807426681817568646147255938646103126008097680224992782780625624378043298116774876838353123724342507002380006971784078794529182989372683470709944523843444459913842097363110245276310289984800758291731507727636966622104526315616493280025870076217545288249244971934789372294783507838417764757756356243493322858302549568740438214483485562672125977044153
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2d41c66ac2339bc89b7d2cf897df671c902b7bf0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gavinnewsom.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gavinnewsom.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a376ff5c7000004030047304502202511715117c566b9ec58103a9c978fe3d6fa89d85344ea215dedd66b849b8522022100c7e12391d3f53ee2bb512a0ec9ec2e5268484c24adbe98b059d93382209be44a007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018a376ff5c900000403004730450220731b15d2e91a9dbfedac254469c6e610eab8677456b5c736031b5896459eae1b022100843ce0f2d629c28b1e1c2b44b252fa3fd23e81e41072d9c9165aff4838fca1e6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005f534febe03f82e18334017f9c1c4c3318e531d5de58fae3d25584acdb4d5a0e2b2d3b5461e25e113df95f7ecce41a48a94bcf1574959a2c9ef1274cdd1ceb53f4f7720b6c96a7e78496ed272aabc9fb4dfccc41f488f6d078fd90dd2f5707a5e2bf9c15fd30308a5f83789c6b5a7c2e0425fa7b464f78c36348dde0f85ce27a65be68343637b1bc14a05d076fb4e31ecc084993b557155c48f5c63ae5adb9fa7f5476aa41ccdf9378bb61c13b81eee652bc826cf4098a76b9d723b54a5751fbb3cea0d2cc5d6b62118d13ffc9f2dcae9206756d3b0ea3675d239f5e4832e6d2844102f997ad3bdb2224de080874091aab3979d9f2a2f92582231ef071d722b7