*.comprehensivesleep.com
Issued by R3
About this certificate
This digital certificate with serial number 03:37:a1:40:95:03:1a:79:3f:a7:ee:1f:78:ed:a0:de:6a:6c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.comprehensivesleep.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:37:a1:40:95:03:1a:79:3f:a7:ee:1f:78:ed:a0:de:6a:6cSerial Number (int): 280266729012577581737391108574817950788204
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 78:f5:72:8a:cb:78:56:cf:5f:bd:e8:41:ae:df:d7:85:ca:85:ed:69
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c9:d7:77:ef:26:9e:48:4d:87:c5:d2:76:7d:6b:7c:89:8e:df:b9:cf
Fingerprint (sha256): 5e:79:23:c3:79:c6:e7:ab:44:86:75:ad:bf:b3:76:1c:8e:ea:a1:36:2b:77:94:5f:b4:00:6b:0a:58:8e:87:e6
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.comprehensivesleep.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.comprehensivesleep.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.comprehensivesleep.com
comprehensivesleep.com
comprehensivesleep.com
Other certificates including the domain name comprehensivesleep.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.comprehensivesleep.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAzehQJUDGnk/p+4feO2g3mpsMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjUwMDMxNDBaFw0yNDA0MjQwMDMxMzlaMCMxITAfBgNVBAMM GCouY29tcHJlaGVuc2l2ZXNsZWVwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMYPQnwf8NYlw9P0eaCC6GynqAnpEd8gHJW7cChR/wpFj9OBT3+E hg5iQD/qQq85yxum1LzW4mx8aV8hVT2+XRUtjrAJ8Eh6MIL9ufG/Z9WrRrRtyo58 Ved4zKtnB5ZZu6tq3hSwMWMSL7/IiIk8338/fr0b7a1luJrr95ZtoeOI7RZLmKzI NWogHOQgytHuB/bXinNkPjGYNKuEKfD54ITZDaZDEDIolNlXm55bDC7cJrt5j2xi oAh4ZnH/fwkLimA5+ojC67ehRH9G6rIGtwkfrLGnf/8GTL6XtHZ6yF560sF1YL7z AOqN+nitsbESmWR7MxOIGzN9S3FuMlT97n0CAwEAAaOCAjIwggIuMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUePVyist4Vs9fvehBrt/XhcqF7WkwHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wOwYDVR0RBDQwMoIYKi5jb21wcmVoZW5zaXZlc2xlZXAuY29t ghZjb21wcmVoZW5zaXZlc2xlZXAuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB 2bu/qznYhHMAAAGNPj6D1AAABAMARzBFAiEA439HSA3yQCQV07xIjV4xM5VAQaNt rMEyxqe0WwOxBhECIAgSfJO5qIA0jeMgt+9aRgSyVQNMh1NuUYXb4tC2XzxxAHYA O1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGNPj6D3QAABAMARzBF AiEArFDcqcEhjxEKVSeuQM+k24Y8tdzQLI+/kI+DZ1mIeegCIFXK74yD70QldfNe u8+VY4Ym3SycPEvElw+9JNUMNNiuMA0GCSqGSIb3DQEBCwUAA4IBAQCEZRPHmjZY 6dVSBTS3xdRcpXT5c6+KJf+74nIBb+UOtrGkoi4arPlO7/jvbRYDe379BF/vf3oU GQWz1l7Ykcbyt+bw3YMCHR44/BRLR28Fty7P27A3E3uoZCiC3TDl/JTJex0YSTby WYrKuWejQbOX8hHSrzFL7Q8Fa0Ez9w1xokSHelSEzuaMCH+j2tG/1ON21h4Au3+n edfKDE3ksNGH7BcoaigJtCZluWpoRPeCFdyBFS+R8s20Dsh+LeN0LFnMd/tvF825 OS2/zs+C8afKhz38vxEdfBdMxOl5x8XlYZKZm7VhWVq3QeV/yvmA843s/U9GulXq GD8Bs86STUL0 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg9CfB/w1iXD0/R5oILo bKeoCekR3yAclbtwKFH/CkWP04FPf4SGDmJAP+pCrznLG6bUvNbibHxpXyFVPb5d FS2OsAnwSHowgv258b9n1atGtG3KjnxV53jMq2cHllm7q2reFLAxYxIvv8iIiTzf fz9+vRvtrWW4muv3lm2h44jtFkuYrMg1aiAc5CDK0e4H9teKc2Q+MZg0q4Qp8Png hNkNpkMQMiiU2VebnlsMLtwmu3mPbGKgCHhmcf9/CQuKYDn6iMLrt6FEf0bqsga3 CR+ssad//wZMvpe0dnrIXnrSwXVgvvMA6o36eK2xsRKZZHszE4gbM31LcW4yVP3u fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 280266729012577581737391108574817950788204 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 00:31:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-24 00:31:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.comprehensivesleep.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25002709225006323735725218933961010442333989559463993185780816738522880738329795762065815870037867395972585086207043540888318354492415488329921684351983637740210694094583577805774603902400514180507241140703644336493700441244991392547256530868475384610294178053435803278805983407149087100507298018950472130935575306285716043139597767442670236012298538453914787418906568142266016751164485613310807353228297163115042178134824196899620459856375282630537591641819220729121137966603811487418288207867306947694689446817699139754418549033410540228700996859810018324595322217504181492010112742152368649724283533318054989393533 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 78f5728acb7856cf5fbde841aedfd785ca85ed69 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.comprehensivesleep.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'comprehensivesleep.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d3e3e83d40000040300473045022100e37f47480df2402415d3bc488d5e3133954041a36dacc132c6a7b45b03b10611022008127c93b9a880348de320b7ef5a4604b255034c87536e5185dbe2d0b65f3c710076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d3e3e83dd0000040300473045022100ac50dca9c1218f110a5527ae40cfa4db863cb5dcd02c8fbf908f8367598879e8022055caef8c83ef442575f35ebbcf95638626dd2c9c3c4bc4970fbd24d50c34d8ae . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00846513c79a3658e9d5520534b7c5d45ca574f973af8a25ffbbe272016fe50eb6b1a4a22e1aacf94eeff8ef6d16037b7efd045fef7f7a141905b3d65ed891c6f2b7e6f0dd83021d1e38fc144b476f05b72ecfdbb037137ba8642882dd30e5fc94c97b1d184936f2598acab967a341b397f211d2af314bed0f056b4133f70d71a244877a5484cee68c087fa3dad1bfd4e376d61e00bb7fa779d7ca0c4de4b0d187ec17286a2809b42665b96a6844f78215dc81152f91f2cdb40ec87e2de3742c59cc77fb6f17cdb9392dbfcecf82f1a7ca873dfcbf111d7c174cc4e979c7c5e56192999bb561595ab741e57fcaf980f38decfd4f46ba55ea183f01b3ce924d42f4