potterhands.com
Issued by R3
About this certificate
This digital certificate with serial number 03:69:9d:1d:49:1e:3e:57:0f:50:8a:fe:64:fb:73:85:54:e2 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=potterhands.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:69:9d:1d:49:1e:3e:57:0f:50:8a:fe:64:fb:73:85:54:e2Serial Number (int): 297275347176938447167049510646339906917602
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 34:fd:0d:fc:a3:69:1a:b0:85:ed:41:b5:9a:a6:01:b0:af:90:8d:ac
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1d:e9:ba:67:8d:91:a4:e4:09:a6:73:04:8d:91:ca:8c:32:f8:d4:54
Fingerprint (sha256): 55:89:2f:f0:6b:18:f0:f3:fd:a0:1d:8f:40:be:ff:03:09:35:4a:00:3f:0b:e9:87:4d:58:f4:76:3d:da:83:3d
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate potterhands.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for potterhands.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
potterhands.com
www.potterhands.com
www.potterhands.com
Other certificates including the domain name potterhands.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for potterhands.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGADCCBOigAwIBAgISA2mdHUkePlcPUIr+ZPtzhVTiMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA4MjQyMjMyMjNaFw0yMzExMjIyMjMyMjJaMBoxGDAWBgNVBAMT D3BvdHRlcmhhbmRzLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB AL9OPyhEveO6Yj6kNvH/nIG+fODci8KUh2cNGl6Wrjdgvy61s2vu/J0n/c6ml9qF JangI8vA53LjOb/WXycCw4EsrechB80jHs8aFQKNqd2JM3J0HkPFTGvRIVMNqNpW uxw/zXU7FaDee37jvHHGfroE2HiJotORuiCXkREoDnV4gBGyNqfh15pdmDMnXHNd pDKwkoJXTVpsz0Kaw0SdH3sUZaZ5LoBG2SEua4Xt3c5swD1NBHsS8WMtMBZFjhQ3 blCaOJP9kq5Rdvd3EXWTAsksdkJ5XdnFCrC7KLhdKQ6I4KCgK6qGDqwre3THqnr3 SnL8rEMuClbXHYe4ca8TE+ppmZmOOHp6Nd31x5QNL6B3yRvMeUCUlqQ4m7RopjND wY/UvuQEee/HLN1fTnAQduPAN8DF0b2JWaxVxX/m97bVFy9jiklsD4ZvO+3NiLW/ gWuS4STLdGnZcKiHom9HxGFFaCr/3Z7NQv7buyc/G8IaqmbrFj33nsqKjtAhbqaq KLLH/bN982VpZok1/nCBc67eg4XSDY1OjtErIJu2TWQlTXm/4Bpiql7f4QCcc3I9 J73cHo+vXm+VtYfZZWq76w1FRtlrmhcSZ8drYPO+SK4znLGTwWmNqSx+aqmw12l0 icHseLc4X6X5hFM4wmE1bih4stQj7wK5pyzUj+jD5n0JAgMBAAGjggImMIICIjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFDT9DfyjaRqwhe1BtZqmAbCvkI2sMB8GA1Ud IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw Oi8vcjMuaS5sZW5jci5vcmcvMC8GA1UdEQQoMCaCD3BvdHRlcmhhbmRzLmNvbYIT d3d3LnBvdHRlcmhhbmRzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisG AQQB1nkCBAIEgfUEgfIA8AB2ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl 7bSZAAABiinkUSQAAAQDAEcwRQIgbqSU40U17NZmF2LhhbrkHiwsg0HW0g5FJiB3 MN4dbW0CIQDsFRCO9rmPg0ovV6uuYmNBl4M3e2SUwQPd4QdEGuJlegB2AK33vvp8 /xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABiinkUWUAAAQDAEcwRQIgObpH kUkWkPg3hcMv/XX/UfMnoDGX/exsII7iLvVC4c8CIQD+sckRuDOwbZQvrEYHYmsJ XcrQYaTQfJ/NGVkBy+Rk5zANBgkqhkiG9w0BAQsFAAOCAQEAgqGsJF5JxZreiWi0 /zErBMP7R5uCxWa9plZb0jR2VnDwqPNrCRfCdyXwph9t4fY/x2CWFiw39U/CO1lW 1LoSUX7mDu1Itq2dsB3rP49fnlNcPRf4A2X45uaK+6/WhgCDpLtCuTb7vNkWl8my xf6oIFdE1Mi/kc9un2OOdVwrmFh0Mu0jKb8gKuJfjc9PjVBV3DN0Yw/WL9+LKynz znW9WQQ+oBP/H5kdZkdlK9b2fOxC9MMuavrUFRvbAp+m5tk0hleHE0bBNB4QAZcv nFavTpNPlC4mGZaDC44zU7BurPo7YpsAxaoTfRmEVmQbI1oYzx1qgoAUT5Zls9Rj zxjbbw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv04/KES947piPqQ28f+c gb584NyLwpSHZw0aXpauN2C/LrWza+78nSf9zqaX2oUlqeAjy8DncuM5v9ZfJwLD gSyt5yEHzSMezxoVAo2p3YkzcnQeQ8VMa9EhUw2o2la7HD/NdTsVoN57fuO8ccZ+ ugTYeImi05G6IJeRESgOdXiAEbI2p+HXml2YMydcc12kMrCSgldNWmzPQprDRJ0f exRlpnkugEbZIS5rhe3dzmzAPU0EexLxYy0wFkWOFDduUJo4k/2SrlF293cRdZMC ySx2Qnld2cUKsLsouF0pDojgoKArqoYOrCt7dMeqevdKcvysQy4KVtcdh7hxrxMT 6mmZmY44eno13fXHlA0voHfJG8x5QJSWpDibtGimM0PBj9S+5AR578cs3V9OcBB2 48A3wMXRvYlZrFXFf+b3ttUXL2OKSWwPhm877c2Itb+Ba5LhJMt0adlwqIeib0fE YUVoKv/dns1C/tu7Jz8bwhqqZusWPfeeyoqO0CFupqoossf9s33zZWlmiTX+cIFz rt6DhdINjU6O0Ssgm7ZNZCVNeb/gGmKqXt/hAJxzcj0nvdwej69eb5W1h9llarvr DUVG2WuaFxJnx2tg875IrjOcsZPBaY2pLH5qqbDXaXSJwex4tzhfpfmEUzjCYTVu KHiy1CPvArmnLNSP6MPmfQkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 297275347176938447167049510646339906917602 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-24 22:32:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-22 22:32:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'potterhands.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 780458965112725914266402517998408720759746062622627653144684701652622995206920089350869495423798778672647093060865397857463011605198981184569292292492761431803212108554250721594567327175110186491456726742823337664135777319424474870416447609326785991004562272387921961569804598669892999899122032175491452221912267239340188785708222468496141808730326747778044170895020386357097160520164894013437498862105287297970525810022881581964182295112441730640105370705458478775272732055958635116712967390602436132938123428292600277576235613360032724418947277962944452240571728447942912342097001536756266293523802241708846899556447795119537717511225433997391168824658228902047765348961610808427367216623579749071811071315216523385009023425245899401963523836709654945635585632013722251160399826386114553831356715549048821611743804109404519967041863864632297736334049411102563020866188082922973876647122726856222121567325581245518856490601118884545127834830438822132429762641034898257477920223730482972975201548925488601348659963978617293067630704531749592943601145323419043136797843557197472735424772283709835409981151491793075414489708771604256845429024425166995581018290274561695963114359407703646662100442638911199785545048268666173783835835657 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 34fd0dfca3691ab085ed41b59aa601b0af908dac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'potterhands.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.potterhands.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a29e45124000004030047304502206ea494e34535ecd6661762e185bae41e2c2c8341d6d20e4526207730de1d6d6d022100ec15108ef6b98f834a2f57abae6263419783377b6494c103dde107441ae2657a007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018a29e451650000040300473045022039ba4791491690f83785c32ffd75ff51f327a03197fdec6c208ee22ef542e1cf022100feb1c911b833b06d942fac4607626b095dcad061a4d07c9fcd195901cbe464e7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0082a1ac245e49c59ade8968b4ff312b04c3fb479b82c566bda6565bd234765670f0a8f36b0917c27725f0a61f6de1f63fc76096162c37f54fc23b5956d4ba12517ee60eed48b6ad9db01deb3f8f5f9e535c3d17f80365f8e6e68afbafd6860083a4bb42b936fbbcd91697c9b2c5fea8205744d4c8bf91cf6e9f638e755c2b98587432ed2329bf202ae25f8dcf4f8d5055dc3374630fd62fdf8b2b29f3ce75bd59043ea013ff1f991d6647652bd6f67cec42f4c32e6afad4151bdb029fa6e6d9348657871346c1341e1001972f9c56af4e934f942e261996830b8e3353b06eacfa3b629b00c5aa137d198456641b235a18cf1d6a8280144f9665b3d463cf18db6f