nasci.com
Issued by R3
About this certificate
This digital certificate with serial number 03:6d:7e:15:18:86:8a:d3:23:e9:1a:0d:78:47:7c:43:bc:60 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nasci.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:6d:7e:15:18:86:8a:d3:23:e9:1a:0d:78:47:7c:43:bc:60Serial Number (int): 298595228052803329537583200824667775679584
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b3:83:f7:9b:38:2b:e5:a5:99:d0:d9:5b:e2:f6:11:a3:9a:6f:0f:c1
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5b:e5:ca:01:af:fd:25:b3:b3:50:16:dc:a0:c3:ac:1f:ca:50:b4:15
Fingerprint (sha256): 54:aa:c9:6d:5d:d6:d4:af:96:a9:7a:3a:d8:75:c5:61:0d:86:97:f9:d8:99:7e:5d:e1:46:a0:56:d1:2b:a5:c3
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate nasci.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nasci.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nasci.com
Other certificates including the domain name nasci.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for nasci.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3zCCBMegAwIBAgISA21+FRiGitMj6RoNeEd8Q7xgMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjgyMDIyMzlaFw0yNDA0MjcyMDIyMzhaMBQxEjAQBgNVBAMT CW5hc2NpLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM7Yud4M 2fvxgRN59H5QW7HlgUEG5rn+3H7ghWxaM9WI/Xp6Xu+arzW4O4NPFRolt7hMInCH HxZIafVC/FnYV2niYR19Jq1aFJXGRwo5ZXWc9DKyJtSzqie4MaVzPM8eHEtG/baO LrLj85G7mWJNYOjj4r0aZh63QzNFSR/LvJi0PGVeiaibxfaSiWxGKJ+mgQ2zUmfM casPpshZXKSGq1bkjF+Meh3kn+4KmVQliJXVnZu+TgmBd5yo9D0IkV79yhMqOqjp s6WAQGcuoxd+D7NtuUAUtsvysD6ZXH8fvrr41FZhY9A/vmbMohrs1mCJ63yvieIm il9puD0ByTtGTarNOpk+VO+0OM7R7LxumSxXMI8Zk9PV7HpYvRClsYDKD6zqoZcO VW9vI2q/rQgH7Kv4/fsc8TNKioKbH9jicXhzEO/mZosjUPkdyY7LM5iZDKGNqlER b/wNYG66u8EDnz9pU+B3kLj/ZZxg1t8MD0Zm5bC+/yhY/Fz4uYq9FfSvWMkjxNn2 0DPWvCiGqzPJGT0gUtJYoc4HJiM7sVcwD51s+adQLedv/hW9SBI8VVXWijyDr/rG kqxt+dJbHTwPzS981eLyyJAY3CJVUSakeE91kLRnaCRn55xsPIBCCrxCv4qTNGvH XAqrAu41BowyAQWiI2Szu4OOP7kN+qnIqQixAgMBAAGjggILMIICBzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFLOD95s4K+WlmdDZW+L2EaOabw/BMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCW5hc2NpLmNvbTATBgNVHSAEDDAKMAgG BmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtTd3U+LbmAToswWwb+ QDtn2E/D9Me9AA0tcm/h+tQXAAABjVHz9mcAAAQDAEcwRQIgSdZ0fpOL67I4bvk7 jyZJZi8WkQFz8Gn4HPkGK4n3swoCIQDYypGNxH6Po6uf6bHaGErG5Aw/Zq4QnUHg AW7A3unDfgB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjVHz 9v4AAAQDAEcwRQIgZH8xHXwlQH0NuJhtlaDYARcg4vwxe3fUNsA2zmjOSB0CIQDc Lt0bDCdBcP15Eaoj+XxoOm+zIPHii3l7kNCGHy0drjANBgkqhkiG9w0BAQsFAAOC AQEAEnABsUH4LZIX6xfD0gRvwNmabf117O+qug7QhucO1HI7TNM1x+Ohm/cTM/3/ 2COrvT+fsgSlHgbPuq4/qA2muUd6kv+8bGAxtGApDFHCRNs0yQ7durAID3qKItvn bf4nDVVALjDH9w4pibxMKxIJ2CFK23BiZJDP8uK9NJedVIc/ljUaxs5ApRg9D9/+ NVBwM+zwOJLiVAeq1TUG3sof/8T/ASdYs+xLL4ey5DpC3CBJNWhR+mWSimtoz9IB N0PuKQRVNuplf3ajTLz1We9OY/E1jsCrPHfAboIPGjRVZiF4bjeNllVtn1HneDeL wD36u+YUtsJ5c5iV/RRaISSpEQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzti53gzZ+/GBE3n0flBb seWBQQbmuf7cfuCFbFoz1Yj9enpe75qvNbg7g08VGiW3uEwicIcfFkhp9UL8WdhX aeJhHX0mrVoUlcZHCjlldZz0MrIm1LOqJ7gxpXM8zx4cS0b9to4usuPzkbuZYk1g 6OPivRpmHrdDM0VJH8u8mLQ8ZV6JqJvF9pKJbEYon6aBDbNSZ8xxqw+myFlcpIar VuSMX4x6HeSf7gqZVCWIldWdm75OCYF3nKj0PQiRXv3KEyo6qOmzpYBAZy6jF34P s225QBS2y/KwPplcfx++uvjUVmFj0D++ZsyiGuzWYInrfK+J4iaKX2m4PQHJO0ZN qs06mT5U77Q4ztHsvG6ZLFcwjxmT09Xseli9EKWxgMoPrOqhlw5Vb28jar+tCAfs q/j9+xzxM0qKgpsf2OJxeHMQ7+ZmiyNQ+R3JjsszmJkMoY2qURFv/A1gbrq7wQOf P2lT4HeQuP9lnGDW3wwPRmblsL7/KFj8XPi5ir0V9K9YySPE2fbQM9a8KIarM8kZ PSBS0lihzgcmIzuxVzAPnWz5p1At52/+Fb1IEjxVVdaKPIOv+saSrG350lsdPA/N L3zV4vLIkBjcIlVRJqR4T3WQtGdoJGfnnGw8gEIKvEK/ipM0a8dcCqsC7jUGjDIB BaIjZLO7g44/uQ36qcipCLECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 298595228052803329537583200824667775679584 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-28 20:22:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-27 20:22:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nasci.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 843860448018771162575229796760607135470317809442215239442001950434296652375831607264800508010668145042443314876120055331355129609202480698826336818683451440382602804534809745126493415493864857204768376916990709425085167598051768295494327068393051458612296551857558485982018404335078662835778581194236815632258784883164936294692928824503837887888435742084453004819164052378066978478039619225166509495261345408566080482630917833290525858826748499936678007107765583459270541919208705457809618493903834603202135055588300173447038248809473371860903044634776577005826967437322212502090862182428626643423517811982513169860996714214288475402046219732729279421922220566083400304478223640065214660525742472929156682149613319602648435268331803990698656194565467410125145672339183843376536095645438523536454233981406360318897395523572725565244526074354501677708395973244569965953098867422405466934164073139024481763330125763705305596113187641475365544052344787505376346042404141717022908924529305127023983752481202736903056780644921466798425141607732651875168322171974240803239899248349897724821937549893805161328502185712889446342380123728782813583969310059814760281660535625581899579683968536051169503703986209725623572610026934355157540473009 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b383f79b382be5a599d0d95be2f611a39a6f0fc1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nasci.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d51f3f6670000040300473045022049d6747e938bebb2386ef93b8f2649662f16910173f069f81cf9062b89f7b30a022100d8ca918dc47e8fa3ab9fe9b1da184ac6e40c3f66ae109d41e0016ec0dee9c37e00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d51f3f6fe00000403004730450220647f311d7c25407d0db8986d95a0d8011720e2fc317b77d436c036ce68ce481d022100dc2edd1b0c274170fd7911aa23f97c683a6fb320f1e28b797b90d0861f2d1dae . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00127001b141f82d9217eb17c3d2046fc0d99a6dfd75ecefaaba0ed086e70ed4723b4cd335c7e3a19bf71333fdffd823abbd3f9fb204a51e06cfbaae3fa80da6b9477a92ffbc6c6031b460290c51c244db34c90eddbab0080f7a8a22dbe76dfe270d55402e30c7f70e2989bc4c2b1209d8214adb70626490cff2e2bd34979d54873f96351ac6ce40a5183d0fdffe35507033ecf03892e25407aad53506deca1fffc4ff012758b3ec4b2f87b2e43a42dc2049356851fa65928a6b68cfd2013743ee29045536ea657f76a34cbcf559ef4e63f1358ec0ab3c77c06e820f1a34556621786e378d96556d9f51e778378bc03dfabbe614b6c279739895fd145a2124a911