potterhands.com

Issued by R3

About this certificate

This digital certificate with serial number 03:69:9d:1d:49:1e:3e:57:0f:50:8a:fe:64:fb:73:85:54:e2 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=potterhands.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:69:9d:1d:49:1e:3e:57:0f:50:8a:fe:64:fb:73:85:54:e2
Serial Number (int): 297275347176938447167049510646339906917602
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 34:fd:0d:fc:a3:69:1a:b0:85:ed:41:b5:9a:a6:01:b0:af:90:8d:ac
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 1d:e9:ba:67:8d:91:a4:e4:09:a6:73:04:8d:91:ca:8c:32:f8:d4:54
Fingerprint (sha256): 55:89:2f:f0:6b:18:f0:f3:fd:a0:1d:8f:40:be:ff:03:09:35:4a:00:3f:0b:e9:87:4d:58:f4:76:3d:da:83:3d

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate potterhands.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for potterhands.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

potterhands.com
www.potterhands.com

Other certificates including the domain name potterhands.com

(limited to 100 certificates)
ww16.potterhands.com
potterhands.com
potterhands.com
potterhands.com
potterhands.com
www.soapstonecarvings.com
nekbat.com
kehlet.com
bellevoci.com

Certificate

The complete raw certificate details for potterhands.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISA2mdHUkePlcPUIr+ZPtzhVTiMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA4MjQyMjMyMjNaFw0yMzExMjIyMjMyMjJaMBoxGDAWBgNVBAMT
D3BvdHRlcmhhbmRzLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AL9OPyhEveO6Yj6kNvH/nIG+fODci8KUh2cNGl6Wrjdgvy61s2vu/J0n/c6ml9qF
JangI8vA53LjOb/WXycCw4EsrechB80jHs8aFQKNqd2JM3J0HkPFTGvRIVMNqNpW
uxw/zXU7FaDee37jvHHGfroE2HiJotORuiCXkREoDnV4gBGyNqfh15pdmDMnXHNd
pDKwkoJXTVpsz0Kaw0SdH3sUZaZ5LoBG2SEua4Xt3c5swD1NBHsS8WMtMBZFjhQ3
blCaOJP9kq5Rdvd3EXWTAsksdkJ5XdnFCrC7KLhdKQ6I4KCgK6qGDqwre3THqnr3
SnL8rEMuClbXHYe4ca8TE+ppmZmOOHp6Nd31x5QNL6B3yRvMeUCUlqQ4m7RopjND
wY/UvuQEee/HLN1fTnAQduPAN8DF0b2JWaxVxX/m97bVFy9jiklsD4ZvO+3NiLW/
gWuS4STLdGnZcKiHom9HxGFFaCr/3Z7NQv7buyc/G8IaqmbrFj33nsqKjtAhbqaq
KLLH/bN982VpZok1/nCBc67eg4XSDY1OjtErIJu2TWQlTXm/4Bpiql7f4QCcc3I9
J73cHo+vXm+VtYfZZWq76w1FRtlrmhcSZ8drYPO+SK4znLGTwWmNqSx+aqmw12l0
icHseLc4X6X5hFM4wmE1bih4stQj7wK5pyzUj+jD5n0JAgMBAAGjggImMIICIjAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFDT9DfyjaRqwhe1BtZqmAbCvkI2sMB8GA1Ud
IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr
BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw
Oi8vcjMuaS5sZW5jci5vcmcvMC8GA1UdEQQoMCaCD3BvdHRlcmhhbmRzLmNvbYIT
d3d3LnBvdHRlcmhhbmRzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisG
AQQB1nkCBAIEgfUEgfIA8AB2ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl
7bSZAAABiinkUSQAAAQDAEcwRQIgbqSU40U17NZmF2LhhbrkHiwsg0HW0g5FJiB3
MN4dbW0CIQDsFRCO9rmPg0ovV6uuYmNBl4M3e2SUwQPd4QdEGuJlegB2AK33vvp8
/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABiinkUWUAAAQDAEcwRQIgObpH
kUkWkPg3hcMv/XX/UfMnoDGX/exsII7iLvVC4c8CIQD+sckRuDOwbZQvrEYHYmsJ
XcrQYaTQfJ/NGVkBy+Rk5zANBgkqhkiG9w0BAQsFAAOCAQEAgqGsJF5JxZreiWi0
/zErBMP7R5uCxWa9plZb0jR2VnDwqPNrCRfCdyXwph9t4fY/x2CWFiw39U/CO1lW
1LoSUX7mDu1Itq2dsB3rP49fnlNcPRf4A2X45uaK+6/WhgCDpLtCuTb7vNkWl8my
xf6oIFdE1Mi/kc9un2OOdVwrmFh0Mu0jKb8gKuJfjc9PjVBV3DN0Yw/WL9+LKynz
znW9WQQ+oBP/H5kdZkdlK9b2fOxC9MMuavrUFRvbAp+m5tk0hleHE0bBNB4QAZcv
nFavTpNPlC4mGZaDC44zU7BurPo7YpsAxaoTfRmEVmQbI1oYzx1qgoAUT5Zls9Rj
zxjbbw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv04/KES947piPqQ28f+c
gb584NyLwpSHZw0aXpauN2C/LrWza+78nSf9zqaX2oUlqeAjy8DncuM5v9ZfJwLD
gSyt5yEHzSMezxoVAo2p3YkzcnQeQ8VMa9EhUw2o2la7HD/NdTsVoN57fuO8ccZ+
ugTYeImi05G6IJeRESgOdXiAEbI2p+HXml2YMydcc12kMrCSgldNWmzPQprDRJ0f
exRlpnkugEbZIS5rhe3dzmzAPU0EexLxYy0wFkWOFDduUJo4k/2SrlF293cRdZMC
ySx2Qnld2cUKsLsouF0pDojgoKArqoYOrCt7dMeqevdKcvysQy4KVtcdh7hxrxMT
6mmZmY44eno13fXHlA0voHfJG8x5QJSWpDibtGimM0PBj9S+5AR578cs3V9OcBB2
48A3wMXRvYlZrFXFf+b3ttUXL2OKSWwPhm877c2Itb+Ba5LhJMt0adlwqIeib0fE
YUVoKv/dns1C/tu7Jz8bwhqqZusWPfeeyoqO0CFupqoossf9s33zZWlmiTX+cIFz
rt6DhdINjU6O0Ssgm7ZNZCVNeb/gGmKqXt/hAJxzcj0nvdwej69eb5W1h9llarvr
DUVG2WuaFxJnx2tg875IrjOcsZPBaY2pLH5qqbDXaXSJwex4tzhfpfmEUzjCYTVu
KHiy1CPvArmnLNSP6MPmfQkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 297275347176938447167049510646339906917602
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-24 22:32:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-22 22:32:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'potterhands.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 780458965112725914266402517998408720759746062622627653144684701652622995206920089350869495423798778672647093060865397857463011605198981184569292292492761431803212108554250721594567327175110186491456726742823337664135777319424474870416447609326785991004562272387921961569804598669892999899122032175491452221912267239340188785708222468496141808730326747778044170895020386357097160520164894013437498862105287297970525810022881581964182295112441730640105370705458478775272732055958635116712967390602436132938123428292600277576235613360032724418947277962944452240571728447942912342097001536756266293523802241708846899556447795119537717511225433997391168824658228902047765348961610808427367216623579749071811071315216523385009023425245899401963523836709654945635585632013722251160399826386114553831356715549048821611743804109404519967041863864632297736334049411102563020866188082922973876647122726856222121567325581245518856490601118884545127834830438822132429762641034898257477920223730482972975201548925488601348659963978617293067630704531749592943601145323419043136797843557197472735424772283709835409981151491793075414489708771604256845429024425166995581018290274561695963114359407703646662100442638911199785545048268666173783835835657
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							34fd0dfca3691ab085ed41b59aa601b0af908dac
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'potterhands.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.potterhands.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a29e45124000004030047304502206ea494e34535ecd6661762e185bae41e2c2c8341d6d20e4526207730de1d6d6d022100ec15108ef6b98f834a2f57abae6263419783377b6494c103dde107441ae2657a007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018a29e451650000040300473045022039ba4791491690f83785c32ffd75ff51f327a03197fdec6c208ee22ef542e1cf022100feb1c911b833b06d942fac4607626b095dcad061a4d07c9fcd195901cbe464e7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0082a1ac245e49c59ade8968b4ff312b04c3fb479b82c566bda6565bd234765670f0a8f36b0917c27725f0a61f6de1f63fc76096162c37f54fc23b5956d4ba12517ee60eed48b6ad9db01deb3f8f5f9e535c3d17f80365f8e6e68afbafd6860083a4bb42b936fbbcd91697c9b2c5fea8205744d4c8bf91cf6e9f638e755c2b98587432ed2329bf202ae25f8dcf4f8d5055dc3374630fd62fdf8b2b29f3ce75bd59043ea013ff1f991d6647652bd6f67cec42f4c32e6afad4151bdb029fa6e6d9348657871346c1341e1001972f9c56af4e934f942e261996830b8e3353b06eacfa3b629b00c5aa137d198456641b235a18cf1d6a8280144f9665b3d463cf18db6f