percussionexcerpts.org

Issued by R3

About this certificate

This digital certificate with serial number 03:fd:80:e4:16:a3:1e:22:8e:17:e1:fd:bb:84:43:35:ce:53 was issued on by Let's Encrypt.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=percussionexcerpts.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:fd:80:e4:16:a3:1e:22:8e:17:e1:fd:bb:84:43:35:ce:53
Serial Number (int): 347599622112558914463487410107944485113427
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: a5:27:bc:11:a9:93:1c:3b:1b:39:ed:ac:02:b4:3a:9f:e4:a8:5e:65
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 9b:52:e0:e2:5e:19:99:e3:35:78:4a:fa:b8:34:b9:05:b4:8e:1a:39
Fingerprint (sha256): 59:5e:2e:fe:61:a2:02:11:76:83:4f:00:54:1a:f3:06:10:c8:5d:eb:1b:fe:43:8e:7e:a9:ca:6e:d6:f5:39:32

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate percussionexcerpts.org

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for percussionexcerpts.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cheshirecounty.com
gayhombres.com
percussionexcerpts.org
truhaiku.com

Other certificates including the domain name percussionexcerpts.org

(limited to 100 certificates)
percussionexcerpts.org
percussionexcerpts.org
percussionexcerpts.org
percussionexcerpts.org
mygrinder.ca
chrisburns.ca

Certificate

The complete raw certificate details for percussionexcerpts.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISA/2A5BajHiKOF+H9u4RDNc5TMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTcxMDQ0MzZaFw0yNDA0MTYxMDQ0MzVaMCExHzAdBgNVBAMT
FnBlcmN1c3Npb25leGNlcnB0cy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC8X1X00WVF/mBOb9eUoKmM2hrJeXPFOLI+ZCZ1APzywasstP+woL1D
ulyB5wv2u4GnFIXUkwTc7GNat1vlDNuC49JNJ0jhLWz2wmtqDIYtpaS9hgQFAwW1
lxEqSp5ftYKpwJalz/DEosWFxC5jyLfJzYzOAwIY5rtkgJpLVGDO6jlm0SK8KG59
Z9wtktIvHWyatYjc1A+7MUVgNJdB4oW7ai4vb759uTuQgFeqRK6jfrZY/9hJCB+8
0ozLEEgxZrE2ZPxb2mzByEk3wyZ4rnYNWtv0E/viKntt/pYdEMEGSYabVEg0k9tc
LWhEDqnSnyZLA8MaDR+0rqqg0klrPhQpAgMBAAGjggJMMIICSDAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwHQYDVR0OBBYEFKUnvBGpkxw7GzntrAK0Op/kqF5lMB8GA1UdIwQYMBaAFBQu
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
ZW5jci5vcmcvMFMGA1UdEQRMMEqCEmNoZXNoaXJlY291bnR5LmNvbYIOZ2F5aG9t
YnJlcy5jb22CFnBlcmN1c3Npb25leGNlcnB0cy5vcmeCDHRydWhhaWt1LmNvbTAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3ADtT
d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjRc8zD4AAAQDAEgwRgIh
AK9TAlhDc/iFckGNI31RCZ9IVWNgNak/IIy0cECVB4r0AiEAyBva41Q4O1YJrZGI
UZ31zThKJ1zAQtB8VyOShijnLR0AdwCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3
iviabfUX2AAAAY0XPMxNAAAEAwBIMEYCIQDR1w1HfYHFdwuA7MZHAFPvtvEDAbpC
0RZSzhmZ3eK3pwIhAL+Nn2BVjEWWD1Em2Gm0zZrQiKmk9SpqKy0fEnKcBgppMA0G
CSqGSIb3DQEBCwUAA4IBAQAASahyv7IgTAiRNSM/hv6KgyBxmRfIRGdZU0flZbbF
fY06Xc6B+Z//OQBAjnJH0Kxo9o4wWbR0ZcmxK9Igpft8FW9Z8a3W9RYL37yknVoX
A4n1q5jGPLzYA0YPrmAz18KzB+tUgaFnd80Goxz7i6QqHWhgiQWsDWegyiULoqy7
AgGI4Q5LvzIvQLOo6c2i2txudIKYzlZ7udWfGX+laZxVgyyUvtg5f4riD8y5bQdq
wr7tpuBx6oNbtOPJ3mK6CpLJ5BAcUSVrF7K5Wildg+vj+174VcpouyCCyd+MNVhh
DQfr9cU0SwEdI1xtdfARX0ZYGV1Kw96wP4r+76qcXuBe
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF9V9NFlRf5gTm/XlKCp
jNoayXlzxTiyPmQmdQD88sGrLLT/sKC9Q7pcgecL9ruBpxSF1JME3OxjWrdb5Qzb
guPSTSdI4S1s9sJragyGLaWkvYYEBQMFtZcRKkqeX7WCqcCWpc/wxKLFhcQuY8i3
yc2MzgMCGOa7ZICaS1Rgzuo5ZtEivChufWfcLZLSLx1smrWI3NQPuzFFYDSXQeKF
u2ouL2++fbk7kIBXqkSuo362WP/YSQgfvNKMyxBIMWaxNmT8W9pswchJN8MmeK52
DVrb9BP74ip7bf6WHRDBBkmGm1RINJPbXC1oRA6p0p8mSwPDGg0ftK6qoNJJaz4U
KQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 347599622112558914463487410107944485113427
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-17 10:44:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-16 10:44:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'percussionexcerpts.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23779813152419802670686812082517702730689143883944872523525497281017959593117951411082813911772990080822792254529943121914456256272136340906761463557257109314585054952025399457262607001626658881806196028245438414989364521182436782590667310088341590033691855838935896486747520335993228792212410917444768260490674634268902910505123533763050411935546700483934699285728186940319652958918972544855119135472957100870395045738434256069319172464941088175446943025152519025255004077392160813251258919040028204448107149549240521207091542920274237751852959711442914646525054461855780207710500244439629707138676467944263119672361
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a527bc11a9931c3b1b39edac02b43a9fe4a85e65
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cheshirecounty.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gayhombres.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'percussionexcerpts.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'truhaiku.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f20077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d173ccc3e0000040300483046022100af5302584373f88572418d237d51099f4855636035a93f208cb4704095078af4022100c81bdae354383b5609ad9188519df5cd384a275cc042d07c5723928628e72d1d007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d173ccc4d0000040300483046022100d1d70d477d81c5770b80ecc6470053efb6f10301ba42d11652ce1999dde2b7a7022100bf8d9f60558c45960f5126d869b4cd9ad088a9a4f52a6a2b2d1f12729c060a69
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000049a872bfb2204c089135233f86fe8a8320719917c84467595347e565b6c57d8d3a5dce81f99fff3900408e7247d0ac68f68e3059b47465c9b12bd220a5fb7c156f59f1add6f5160bdfbca49d5a170389f5ab98c63cbcd803460fae6033d7c2b307eb5481a16777cd06a31cfb8ba42a1d68608905ac0d67a0ca250ba2acbb020188e10e4bbf322f40b3a8e9cda2dadc6e748298ce567bb9d59f197fa5699c55832c94bed8397f8ae20fccb96d076ac2beeda6e071ea835bb4e3c9de62ba0a92c9e4101c51256b17b2b95a295d83ebe3fb5ef855ca68bb2082c9df8c3558610d07ebf5c5344b011d235c6d75f0115f4658195d4ac3deb03f8afeefaa9c5ee05e