geofon.com
Issued by R3
About this certificate
This digital certificate with serial number 04:f7:5d:86:14:49:d4:fd:9e:8c:d0:9d:92:c7:8c:27:36:6f was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=geofon.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:f7:5d:86:14:49:d4:fd:9e:8c:d0:9d:92:c7:8c:27:36:6fSerial Number (int): 432623202739397593270652076764156433741423
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d5:cf:57:71:cf:b1:a2:6f:58:05:44:55:4a:0c:31:fc:a9:84:03:86
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fa:06:01:df:e5:7d:6e:2e:a1:ec:92:e4:88:11:85:56:a2:fa:87:be
Fingerprint (sha256): 5b:a5:0c:d0:11:09:c4:b8:fe:da:21:13:63:25:29:37:e8:c8:2c:4d:ba:e8:a2:04:e7:50:17:77:ed:ca:24:23
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate geofon.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for geofon.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
geofon.com
Other certificates including the domain name geofon.com
(limited to 100 certificates)
ooospecials.com
zain26.com
columbusjointpain.com
www.jointpainburlington.com
organicnightcream.com
geofon.com
geofon.com
www.progettiformativi.com
christmaslightinghuntington.com
segmenti.com
geofon.com
www.geofon.com
cyklone.com
www.playtimemusic.com
blockconversion.com
www.geofon.com
tallahasseestemcell.com
potdating.com
leilabekhti.com
www.marcfaber.com
www.latinoamericani.com
www.noidcasino.com
www.kimmorgan.com
akyba.com
timetravelxr.com
geofon.com
zain26.com
columbusjointpain.com
www.jointpainburlington.com
organicnightcream.com
geofon.com
geofon.com
www.progettiformativi.com
christmaslightinghuntington.com
segmenti.com
geofon.com
www.geofon.com
cyklone.com
www.playtimemusic.com
blockconversion.com
www.geofon.com
tallahasseestemcell.com
potdating.com
leilabekhti.com
www.marcfaber.com
www.latinoamericani.com
www.noidcasino.com
www.kimmorgan.com
akyba.com
timetravelxr.com
geofon.com
Certificate
The complete raw certificate details for geofon.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4TCCBMmgAwIBAgISBPddhhRJ1P2ejNCdkseMJzZvMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMjIwMjQwMTBaFw0yNDAyMjAwMjQwMDlaMBUxEzARBgNVBAMT Cmdlb2Zvbi5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDNfMSb uMIeOy81Ve9DU5lB91zaQ50SYHeMNonXp8m+qlF1iYA+UrnCN4dl26WtADFoVyB/ FaMGnLHxa0KAdHRCzRvXbbxypbJcG51K2WkmIp7CpOlejDv56WkndBZi05hXUExN WwTxNd5DnVc56k1sGb7d7kA59FruncEMU6ko0chVDB+uNPiYg1lC1fkIhca3c6UG IFHBsm72sgaXR0miEIaCiJgCpB73UstXiSlmXlIYMaGtO9RbtvQrI0OP+7ZHIIgb 3jxKre2MzbvEDZwGin7mVOkpx3HKjuyxuhhO9J9hgavNvEr6pPMiTYv5xokagbF4 9bZbeMuSkmRmQsFJW0ML/Zua7pPlu+dK5y8R52LdnoQUtoOz1s9tr3b2OwPXyQMJ GallpCBF3b+BEfGLyCjZ1rdj+WSjSSaR/af/7xXweRC6FUYYzEPcsnjHl4w8yQB1 OkGE0Sj7rB8aJO5miEg65EmrwQd0p0y9JusiD3N+B7OAsigWn+SeV7b1PWpMNYE6 /ARC3FTkQKykJEQXfnxVXdTp8YiXW+izkUhgF6banhGY/X3UZdtpj3+S37olGDOY pj+V4JZCz1e4gjlvVz+dI28PwkSaMaGVYIlYuDmBV8Jol46Rx/miUlPeJasYSJao w2xnxJkFrPHTjjpkWjVwZiFQM5NMA9VshdVkcQIDAQABo4ICDDCCAggwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBTVz1dxz7Gib1gFRFVKDDH8qYQDhjAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggpnZW9mb24uY29tMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAO1N3dT4tuYBOizBb Bv5AO2fYT8P0x70ADS1yb+H61BcAAAGL9R0pLwAABAMARzBFAiAHfRh2FYLqtPi3 kdhzzUXxBaB4uZTCQ+D6EaH01B9Z6AIhANFiuKeDN5G9KyA77WHTagWdDGnNHEZo PcpIMVGEiaVVAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGL 9R0pOAAABAMARzBFAiEAs5e8yuaItX8MCNFzhT+vf6sd391umIS1VQl/3kyO5sgC IATRdJrziqZId9Lqi53nUqe6IrgOTDOy+dTrJHk03HwwMA0GCSqGSIb3DQEBCwUA A4IBAQCaCottE5XDPw2NFhrFghFBV0/eM7vvTcd8OW+0GHiiQLhojo31r+5zpk/L Ix10W+mWQR8rQ4NS8JPV1Y5VOu8FHOqjFLb3od4N8g68qNNYJrV8agWj4qRCAyAB 98WW3P2GQNgsBTdvoSchtyDJJ4kY0UWQXQVO4Or7tqYOhGtyUTT0mT56phtWEHSv EJwZc6Mvng6ZE6i+h37vmLP7e7CsiidWguQpVd6tJZewvvsE6i76rDtKqwKK+oJk 7qgsSYBVz8Tpp18W6HM+Iq76bivQYGaddPID6Abdx8HSxqH31u7AiwAUpHbPWALv 4WRVmhJV7omRPuchgt2ly0Bnv3+4 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzXzEm7jCHjsvNVXvQ1OZ Qfdc2kOdEmB3jDaJ16fJvqpRdYmAPlK5wjeHZdulrQAxaFcgfxWjBpyx8WtCgHR0 Qs0b1228cqWyXBudStlpJiKewqTpXow7+elpJ3QWYtOYV1BMTVsE8TXeQ51XOepN bBm+3e5AOfRa7p3BDFOpKNHIVQwfrjT4mINZQtX5CIXGt3OlBiBRwbJu9rIGl0dJ ohCGgoiYAqQe91LLV4kpZl5SGDGhrTvUW7b0KyNDj/u2RyCIG948Sq3tjM27xA2c Bop+5lTpKcdxyo7ssboYTvSfYYGrzbxK+qTzIk2L+caJGoGxePW2W3jLkpJkZkLB SVtDC/2bmu6T5bvnSucvEedi3Z6EFLaDs9bPba929jsD18kDCRmpZaQgRd2/gRHx i8go2da3Y/lko0kmkf2n/+8V8HkQuhVGGMxD3LJ4x5eMPMkAdTpBhNEo+6wfGiTu ZohIOuRJq8EHdKdMvSbrIg9zfgezgLIoFp/knle29T1qTDWBOvwEQtxU5ECspCRE F358VV3U6fGIl1vos5FIYBem2p4RmP191GXbaY9/kt+6JRgzmKY/leCWQs9XuII5 b1c/nSNvD8JEmjGhlWCJWLg5gVfCaJeOkcf5olJT3iWrGEiWqMNsZ8SZBazx0446 ZFo1cGYhUDOTTAPVbIXVZHECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 432623202739397593270652076764156433741423 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-22 02:40:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-20 02:40:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'geofon.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 838315350489701574531328866615422801231253309144042770407807273159265496759224418007859495322913870858398318296094599944547369269958689578428393849686178978755770955376604974119533366277138862605370184484292712797948297643325972907726524604562368058280860450378456977197523493766430889239259617974440824565245624556301418844222354792313786965724457249938798937444791621874906469711981746390288897988265172344575590277777221336511907095224911926451055032202639602978690110102598067628270444827972307459597483695943721247660025237030176916770928468067817826569090822946258928036724501821386890445895498873731194151512779398926384708813737512788220756188480489556416514687685347591639034975378416170385818536998456771400044127970902069909560860484145110305904044658424472632552354130076842793725849768938286041514206332251935888020666627502645319337690145623440266223409752023388135591596778661232410900717974725482104105887416034102370422300832018802154710527200409980769070133143982851213922953083491941606794814999140001718679631921418609359968846827747736248531467597593883504589506944138200555382337073054510315415987535116406174727455293786799191161611658194487816571108910089771647378404572810329987027310748586987217666394383473 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d5cf5771cfb1a26f580544554a0c31fca9840386 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'geofon.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bf51d292f00000403004730450220077d18761582eab4f8b791d873cd45f105a078b994c243e0fa11a1f4d41f59e8022100d162b8a7833791bd2b203bed61d36a059d0c69cd1c46683dca4831518489a555007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bf51d29380000040300473045022100b397bccae688b57f0c08d173853faf7fab1ddfdd6e9884b555097fde4c8ee6c8022004d1749af38aa64877d2ea8b9de752a7ba22b80e4c33b2f9d4eb247934dc7c30 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009a0a8b6d1395c33f0d8d161ac5821141574fde33bbef4dc77c396fb41878a240b8688e8df5afee73a64fcb231d745be996411f2b438352f093d5d58e553aef051ceaa314b6f7a1de0df20ebca8d35826b57c6a05a3e2a442032001f7c596dcfd8640d82c05376fa12721b720c9278918d145905d054ee0eafbb6a60e846b725134f4993e7aa61b561074af109c1973a32f9e0e9913a8be877eef98b3fb7bb0ac8a275682e42955dead2597b0befb04ea2efaac3b4aab028afa8264eea82c498055cfc4e9a75f16e8733e22aefa6e2bd060669d74f203e806ddc7c1d2c6a1f7d6eec08b0014a476cf5802efe164559a1255ee89913ee72182dda5cb4067bf7fb8