pennlaw.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a1:24:34:5d:40:6b:c5:a3:5b:81:04:96:c3:a4:a7:6b:89 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=pennlaw.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a1:24:34:5d:40:6b:c5:a3:5b:81:04:96:c3:a4:a7:6b:89Serial Number (int): 316170442968204782706325533121231595203465
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 68:5b:9e:ed:8d:89:21:5e:1c:14:4f:a1:f8:dc:89:0a:2c:f8:83:bd
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ca:fa:ae:21:9a:5f:76:28:db:e5:ad:ce:53:71:0d:ac:06:8b:ad:e4
Fingerprint (sha256): 58:80:0f:79:77:05:b8:e5:22:25:d3:e7:7d:6e:c5:00:a2:7f:b7:2b:83:30:3a:c1:a8:5c:87:f8:97:35:d5:0e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate pennlaw.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pennlaw.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pennlaw.org
Other certificates including the domain name pennlaw.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for pennlaw.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTDCCBTSgAwIBAgISA6EkNF1Aa8WjW4EElsOkp2uJMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MTcyMzQ2MjhaFw0x OTA4MTUyMzQ2MjhaMBYxFDASBgNVBAMTC3Blbm5sYXcub3JnMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAvXHEyrSTr4TyNPUqMjugRrP8s7ChDQrVnMvv /zFhZquhOhrHXSkmk6x5ZqQDjJkDdbOSgQ6vtyThZ4rwo/Kq6khe2lONPahVrByX WXvGcdkqCm11R1Mu9leFhXSWCHYNfquO6bKZ2fi1uivO2qx+ibDVPpZxqA4W+3hg ulL7sdfL+I3HS0iyNwKxJoUmdwWyFpj2LIHKqCEikvZy9w7E1iWX71Pk7F+mEaNC Y1VsZkuQMayosoVEykl1FooVtY4wT7Al2yeL4+lyluvLmdhGG7vbGDuagohzeUVH RbEk+Wa82vYwonKpeeoE4aD9PzBGinXI1J8jNkjyEvPDoIYak65em43RAAdfGzh6 He5P/iXNv0mQUlTplEHLNi3AONFTFb7++99jsrGEOAYodeRLEgjVeNCzB/sHZfph 9kiFGrbzTi2Uwuvom3eLUho6x1CazFu/byDLT5/dljykDrhjYRwsR3augu34zDTg aSSUoHiNnXmrLUZSrqSryWHvOpFbnkb2Vp2RXay87DF71GIJVYQmhwyLP9saapGN uCHT3ktRriALhy5tk1uH1zGLAYLB/kJaJP66gywD9ZhCS1Pn3PpzwRViZ/W0H8VC fXSCy9eCtHMXbil+aWEN54Vp7TV8/5hYJcPgVElqAiIeIWBloec6YDnJMNUJI5w1 nfmZrt0CAwEAAaOCAl4wggJaMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUaFue7Y2J IV4cFE+h+NyJCiz4g70wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAWBgNVHREEDzANggtwZW5ubGF3Lm9yZzBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1 AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABashng8EAAAQDAEYw RAIgWSmnGYtKhu//Z9MkdWNmKV+I+fMv5QX71mk2x09+1YYCIFCKA4xxoc2czpCe QeE24Hi+WQTuOav+Gi04ECt3yxjlAHUAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWm OLHHaFRL2I0AAAFqyGeD5QAABAMARjBEAiBQj2vCzxQpFCOh0sZmxa8BvgoF5pOH 5RGELEU0Lre9AQIgK908iM1w0GeRPV7QbAtwgOJZkTzNSWxOkcrP9uv4BIkwDQYJ KoZIhvcNAQELBQADggEBAGQHp7uLay9E1Nx2e4DTnrE8XsvKpzj2vY4UHplTJlcj EVbbmHbCSpDjnc8Re7dNy6pc/0W/s+M11PQezAb8PbSbIXoZF3bALd1rPmhLhlbG 7QcYOK5xXV+XX4y1IvCX++Y01OM0EEcpeC7WBC9XJmOphffARv/vqkXj1ZVQiYZ/ EStR/oGqZgesnbddmX9x/PFsH4yl1l1x71HNX369/BC2t9nTWUoKyg/akrnbZlaq cmIu5aSFhP1dtwXFLsdFH9Rs+ayORB9EXGCExSKLnOX1vV1s+542uOY+u89fUja2 adrOrI+0MvZmUJ8pGXj7e35a7+S2aRQ9AzO9cLkVVDc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvXHEyrSTr4TyNPUqMjug RrP8s7ChDQrVnMvv/zFhZquhOhrHXSkmk6x5ZqQDjJkDdbOSgQ6vtyThZ4rwo/Kq 6khe2lONPahVrByXWXvGcdkqCm11R1Mu9leFhXSWCHYNfquO6bKZ2fi1uivO2qx+ ibDVPpZxqA4W+3hgulL7sdfL+I3HS0iyNwKxJoUmdwWyFpj2LIHKqCEikvZy9w7E 1iWX71Pk7F+mEaNCY1VsZkuQMayosoVEykl1FooVtY4wT7Al2yeL4+lyluvLmdhG G7vbGDuagohzeUVHRbEk+Wa82vYwonKpeeoE4aD9PzBGinXI1J8jNkjyEvPDoIYa k65em43RAAdfGzh6He5P/iXNv0mQUlTplEHLNi3AONFTFb7++99jsrGEOAYodeRL EgjVeNCzB/sHZfph9kiFGrbzTi2Uwuvom3eLUho6x1CazFu/byDLT5/dljykDrhj YRwsR3augu34zDTgaSSUoHiNnXmrLUZSrqSryWHvOpFbnkb2Vp2RXay87DF71GIJ VYQmhwyLP9saapGNuCHT3ktRriALhy5tk1uH1zGLAYLB/kJaJP66gywD9ZhCS1Pn 3PpzwRViZ/W0H8VCfXSCy9eCtHMXbil+aWEN54Vp7TV8/5hYJcPgVElqAiIeIWBl oec6YDnJMNUJI5w1nfmZrt0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316170442968204782706325533121231595203465 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-17 23:46:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-15 23:46:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pennlaw.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 772865759620149622469291292479417212207169439000053067865226142037250432333899189992435446232462886938909234400439504042951812210153838071308482574458388658008042130639569976132946790997274491326043794372724372854941839175263885140525782748911384866884814407745189131060727233551471793670720779932645625525271731224039529180003580889437747499566966178291918741470027568533384603978038307036571080046106959847464328228709385684796426397044845233695980013542339081310732731732043913212365110159469982840669267358357350833576146319670903109910845317566923116285947271040297008861311634635963159107703555077705434738239688086126954374844648504200785525282134419293527142278190582942632912942530118127029475699997476736190037607555545317262962684351926031475941531835029339752295628598992378609262015931232312775695025444763480606043309236314987360088480350949878203440309151251397620171730841634358404600250466115169832801032482674963020213182434221869852578359287363592756040517676471592772639884592223424451265609240691284273778389369545969509519649726907918442738974395019494091968453717878158152062539200070419267656508988527778452903587828520393165867449451537304255076707148359751842946477454115415737778924107216130206100843245277 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 685b9eed8d89215e1c144fa1f8dc890a2cf883bd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pennlaw.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016ac86783c1000004030046304402205929a7198b4a86efff67d324756366295f88f9f32fe505fbd66936c74f7ed5860220508a038c71a1cd9cce909e41e136e078be5904ee39abfe1a2d38102b77cb18e500750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016ac86783e500000403004630440220508f6bc2cf14291423a1d2c666c5af01be0a05e69387e511842c45342eb7bd0102202bdd3c88cd70d067913d5ed06c0b7080e259913ccd496c4e91cacff6ebf80489 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006407a7bb8b6b2f44d4dc767b80d39eb13c5ecbcaa738f6bd8e141e99532657231156db9876c24a90e39dcf117bb74dcbaa5cff45bfb3e335d4f41ecc06fc3db49b217a191776c02ddd6b3e684b8656c6ed071838ae715d5f975f8cb522f097fbe634d4e334104729782ed6042f572663a985f7c046ffefaa45e3d5955089867f112b51fe81aa6607ac9db75d997f71fcf16c1f8ca5d65d71ef51cd5f7ebdfc10b6b7d9d3594a0aca0fda92b9db6656aa72622ee5a48584fd5db705c52ec7451fd46cf9ac8e441f445c6084c5228b9ce5f5bd5d6cfb9e36b8e63ebbcf5f5236b669daceac8fb432f666509f291978fb7b7e5aefe4b669143d0333bd70b9155437