natureandfun.com

Issued by R3

About this certificate

This digital certificate with serial number 03:98:17:7e:ac:6b:55:ec:cb:1f:bf:97:15:cd:69:84:8a:c1 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=natureandfun.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:98:17:7e:ac:6b:55:ec:cb:1f:bf:97:15:cd:69:84:8a:c1
Serial Number (int): 313091007537649072548330512282891629923009
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 6a:96:9f:3e:3a:65:07:e0:46:b4:bb:d6:da:05:cd:17:38:4c:bf:b7
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): cf:0c:8e:f9:89:7a:42:43:8c:81:6e:96:99:f9:50:a5:f4:f7:6e:29
Fingerprint (sha256): 5a:fe:db:a5:e0:28:cf:ac:ea:aa:16:4c:b0:45:2d:7f:cd:b7:cb:23:3d:b7:d2:f6:f1:02:53:3f:87:06:94:a0

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate natureandfun.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for natureandfun.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

natureandfun.com
www.natureandfun.com

Other certificates including the domain name natureandfun.com

(limited to 100 certificates)
mail.natureandfun.com
natureandfun.com
natureandfun.com

Certificate

The complete raw certificate details for natureandfun.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISA5gXfqxrVezLH7+XFc1phIrBMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMjYxNjAzNDVaFw0yNDA0MjUxNjAzNDRaMBsxGTAXBgNVBAMT
EG5hdHVyZWFuZGZ1bi5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQC7eZLhJvfIbEIJHhDs+g09hlOuxzYeUR/Hy2z5C8UM84/TcsXfhqLr1ZTYsKT3
NXf9DyXtTvTZ5YBlF28OR5Zc4IrvyqTmbObmUK4nQAHRuWkTYQPeZ7/q1eunX/ee
/vYgmGOygyx1trXIz8U+wJQPF60K0jTo0g6y9yky2pSKmephS9VLuGoQ8NBekhI2
WYDOlwThGYrdbXshyRINHVusLSrWoOtGcxIQLC1aBN9oV3mZeCPPXMXBiM6CN3c4
pFauM7ztT+FA0+UH8SJKoB7ErXLzrjEgw0I6Gejlbud0BEs2j9efTngs3PUWN88d
MG3ov/KjBCe29pfZsiX2TD/4xxotCLcJKIHRDKlfcBxoLO0ZjO354VANPTOItCZt
hMdjhrNeWfTT1wgzvA6DUIn+WI1wjeDNjPA9n8uOzz5fbKDGdTxAkHH638qD30BN
TUwAaJnYmAeZ+34KIx2D4f81D/p9PvP/Y3rEsgQrlfN9fN9hbZvTeeSXvzjR9upr
Sb4A83R73zmhf+7SVwwNdoqWNQEAxUwZh+qPfPvJBjZCywctIOd6fRwF8lnMfbXT
QlwAOyJHUfuhMX/5Wdm3AP0ZAymsVDsBkShoDpOOtAFbhwtUZzGZD0W2q7blQpu9
V1a7um8ar5kHk+rrLyom+fMMH22IfQftTNw9xO8+ZwWIOQIDAQABo4ICKTCCAiUw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRqlp8+OmUH4Ea0u9baBc0XOEy/tzAfBgNV
HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI
KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0
cDovL3IzLmkubGVuY3Iub3JnLzAxBgNVHREEKjAoghBuYXR1cmVhbmRmdW4uY29t
ghR3d3cubmF0dXJlYW5kZnVuLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUG
CisGAQQB1nkCBAIEgfYEgfMA8QB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7
v6s52IRzAAABjUa6NdYAAAQDAEgwRgIhAPMQeoURfnBFqqX/osvwZOp+ZCARlJCt
ld+Pe1ck3/toAiEA83Ry9R7knxaPmHoUwyp2LUm85dGfiIWIn2WZJw1SOz8AdgCi
4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY1GujXfAAAEAwBHMEUC
IGpMT1hNS27Y7LLdM2KWLoyBeBSoibkCghiJgDc+te+qAiEA6LgSG8GF+Pu12M4q
JzwwjmS7guMDZCC4snVsZTVp2QQwDQYJKoZIhvcNAQELBQADggEBACPjIx7aryHU
lJ2EIJ9hnUqXef0nEIGJsgK+x3SoHxpt6F418ru/yCSu6SZX3U1UEMUI9Zu6uycn
sIgkvJIXZ5Uz6Fs8ZHMUsK30c8TirIbpSBsPSxBbvOM7vRUK3BMcPtiwwN4hAxla
Dz9yg8NaVer07wk1pDE4JVxYBaFgd9I/Og1gBb00XvkcBILSwBDYhCz59UiaDFdH
/s/TZU+iSEiq9vuOGI8Pw4IGhjxotDEmELRCzT6VHO8sUGwZCHjH6EtCyQTP/4M0
aUp10GZ6HxaUTNkxpJTgV4A+7ueRNHeGNINlP+NWXb08K2yCPQqX5EEl8aPghz0G
2cDCV7DhH4M=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu3mS4Sb3yGxCCR4Q7PoN
PYZTrsc2HlEfx8ts+QvFDPOP03LF34ai69WU2LCk9zV3/Q8l7U702eWAZRdvDkeW
XOCK78qk5mzm5lCuJ0AB0blpE2ED3me/6tXrp1/3nv72IJhjsoMsdba1yM/FPsCU
DxetCtI06NIOsvcpMtqUipnqYUvVS7hqEPDQXpISNlmAzpcE4RmK3W17IckSDR1b
rC0q1qDrRnMSECwtWgTfaFd5mXgjz1zFwYjOgjd3OKRWrjO87U/hQNPlB/EiSqAe
xK1y864xIMNCOhno5W7ndARLNo/Xn054LNz1FjfPHTBt6L/yowQntvaX2bIl9kw/
+McaLQi3CSiB0QypX3AcaCztGYzt+eFQDT0ziLQmbYTHY4azXln009cIM7wOg1CJ
/liNcI3gzYzwPZ/Ljs8+X2ygxnU8QJBx+t/Kg99ATU1MAGiZ2JgHmft+CiMdg+H/
NQ/6fT7z/2N6xLIEK5XzfXzfYW2b03nkl7840fbqa0m+APN0e985oX/u0lcMDXaK
ljUBAMVMGYfqj3z7yQY2QssHLSDnen0cBfJZzH2100JcADsiR1H7oTF/+VnZtwD9
GQMprFQ7AZEoaA6TjrQBW4cLVGcxmQ9Ftqu25UKbvVdWu7pvGq+ZB5Pq6y8qJvnz
DB9tiH0H7UzcPcTvPmcFiDkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 313091007537649072548330512282891629923009
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-26 16:03:45 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-25 16:03:44 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'natureandfun.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 764830853298123122205815273368114734433539440246326053192306683925111677162340973994368067085819547805719863836926383132617066749283825993136442969012321019748011537256611441810711350464411094194106789627979941572036607815647580527473265306151100654073001372409443767503055032115474746420456868816561791514108215117470346140404684879855637310017575176888186498218554320502256698450730007789840177791878600792815404698248378034217570851786118510253498057938847707205880664950510102403698536414267243881567909154103030961581039320061898096245476743669331817837073143911869701653787228104754220123521508275252231560616560424547638190642503102844088769531390699890281012485737173920788399518863935672500955043240853826519883987709963596598970238027027310130169510912973442172845478779849667223579158955677467132658083293702413302988826080406380043377527004100042751154720671442308323130487773674861257851669603952028317939697513719388587473914534574957118340865429879882781948607578046837330478784374798784760001229440296683990916114665654033965431929592245122176215517300965209279019282862607058001469066489200641124787896086625431323924909441206190170538976029695274826433861191337704652357572462886095783167779686368221733421301729337
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6a969f3e3a6507e046b4bbd6da05cd17384cbfb7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'natureandfun.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.natureandfun.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d46ba35d60000040300483046022100f3107a85117e7045aaa5ffa2cbf064ea7e6420119490ad95df8f7b5724dffb68022100f37472f51ee49f168f987a14c32a762d49bce5d19f8885889f6599270d523b3f007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d46ba35df000004030047304502206a4c4f584d4b6ed8ecb2dd3362962e8c817814a889b90282188980373eb5efaa022100e8b8121bc185f8fbb5d8ce2a273c308e64bb82e3036420b8b2756c653569d904
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0023e3231edaaf21d4949d84209f619d4a9779fd27108189b202bec774a81f1a6de85e35f2bbbfc824aee92657dd4d5410c508f59bbabb2727b08824bc9217679533e85b3c647314b0adf473c4e2ac86e9481b0f4b105bbce33bbd150adc131c3ed8b0c0de2103195a0f3f7283c35a55eaf4ef0935a43138255c5805a16077d23f3a0d6005bd345ef91c0482d2c010d8842cf9f5489a0c5747fecfd3654fa24848aaf6fb8e188f0fc38206863c68b4312610b442cd3e951cef2c506c190878c7e84b42c904cfff8334694a75d0667a1f16944cd931a494e057803eeee7913477863483653fe3565dbd3c2b6c823d0a97e44125f1a3e0873d06d9c0c257b0e11f83