www.gearshift.ca
Issued by R3
About this certificate
This digital certificate with serial number 03:6d:b2:e8:1a:fc:f6:e9:b8:51:2b:03:a4:68:f3:c7:e7:f3 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.gearshift.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:6d:b2:e8:1a:fc:f6:e9:b8:51:2b:03:a4:68:f3:c7:e7:f3Serial Number (int): 298665443533168490073849011260969040996339
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 56:bd:97:13:cd:d5:50:30:cf:70:3b:f8:88:e0:5a:67:ea:6f:b8:d6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 2b:04:8b:04:0f:79:dd:78:27:bd:89:9f:2a:c8:a3:89:77:0d:69:44
Fingerprint (sha256): 60:9e:d2:7b:4d:f8:81:56:e2:4b:27:2f:65:9a:99:e7:48:0c:d6:fa:ff:9e:95:c9:f0:f8:eb:dc:3a:c5:f0:97
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.gearshift.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.gearshift.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gearshift.ca
www.gearshift.ca
www.gearshift.ca
Other certificates including the domain name gearshift.ca
(limited to 100 certificates)
gearshift.ca
sni.cloudflaressl.com
sni218998.cloudflaressl.com
sni.cloudflaressl.com
studios.gearshift.ca
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
gearshift.ca
sni218998.cloudflaressl.com
sni.cloudflaressl.com
sni137232.cloudflaressl.com
studios.gearshift.ca
www.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
studios.gearshift.ca
gearshift.ca
www.gearshift.ca
gearshift.ca
sni.cloudflaressl.com
gearshift.ca
play.gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
gearshift.ca
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
studios.gearshift.ca
gearshift.ca
gearshift.ca
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
sni.cloudflaressl.com
gearshift.ca
sni137232.cloudflaressl.com
studios.gearshift.ca
studios.gearshift.ca
gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
gearshift.ca
studios.gearshift.ca
sni218998.cloudflaressl.com
www.gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
sni.cloudflaressl.com
sni218998.cloudflaressl.com
sni.cloudflaressl.com
studios.gearshift.ca
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
gearshift.ca
sni218998.cloudflaressl.com
sni.cloudflaressl.com
sni137232.cloudflaressl.com
studios.gearshift.ca
www.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
studios.gearshift.ca
gearshift.ca
www.gearshift.ca
gearshift.ca
sni.cloudflaressl.com
gearshift.ca
play.gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
gearshift.ca
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
studios.gearshift.ca
gearshift.ca
gearshift.ca
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
sni.cloudflaressl.com
gearshift.ca
sni137232.cloudflaressl.com
studios.gearshift.ca
studios.gearshift.ca
gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
gearshift.ca
studios.gearshift.ca
sni218998.cloudflaressl.com
www.gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
Certificate
The complete raw certificate details for www.gearshift.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgISA22y6Br89um4USsDpGjzx+fzMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTIyMzM2NTRaFw0yNDA1MTIyMzM2NTNaMBsxGTAXBgNVBAMT EHd3dy5nZWFyc2hpZnQuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCrdpIqxs+gkqINV+owoEDRh7DstVn1lI8bjemd3fkS4OuTKfAeOZy4OGsd2yTa UcZNJ8SUON06YNbozdNDSrAD33F0WqHU1I5eyTzUDBJg4v6uXbHVIzi3NLtguGu5 vkSFpLkDSO80R3el4SvxssRZhti8lXm36CqKMXBy1Jj9xiH6ZBgtm7tBsl+bJv4O aNrrl6ODGnQ7EK/BLzEZnCAJGOkfRh8w2CkIZ1yprub6hrQL6tbVNPgeuG9vIkSY EO+3yKNw54MkRLNMpiAd2JKtIqgGu5VYSieY3XhmCKrUkAIDyIyyZnCeeMn1KuEE sf3PiKYx8blPVdcdOjqpW+sPAgMBAAGjggIeMIICGjAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFFa9lxPN1VAwz3A7+IjgWmfqb7jWMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMCkGA1UdEQQiMCCCDGdlYXJzaGlmdC5jYYIQd3d3LmdlYXJzaGlmdC5jYTAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AEiw 42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjZ/lM9kAAAQDAEYwRAIg db9NwsEqIjXqS811me2wsl9+FVj/SGAbbAjalPSZE24CICe9Nv86/s1+Z3G16+qL eFxDW8XsZiPFv5CHafhKUGvnAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/m Z0xaOnQAAAGNn+U0KQAABAMARjBEAiB8fXZ998VGn1kxNWvP6Yfn5S8fPSzxsfIA PqTydUhArQIgL6XIAsPAYpVB/Ug8IEXPZSvDKpfXoZEzfKpJ72ezSfIwDQYJKoZI hvcNAQELBQADggEBAB5wqi4n/mgM+qjpI1JpC8u7N8LPA9Gridtl9Qaq6C+izsNA c2ff5gYu6YbXGWZPHnZyc/4uuNU4iWvp4lkAsfr6+tD1l3h25YDgyEeWSRPyqF7s 4IMuIunwFT/cJpGWD7iZqxEINjqA7XYJmf6+KaugXE+9wId9BsatrG3D4Uj8Ef9f vmvA+82BSS6DipmQGkpuhc+REnu7M8gj/XUr8cZTWAr9CSDkSbai4nH6VrhJeBaB yr3/Jkfq0pg96Rpg96P2CmHKQjaSOnCGJYBY0QEnUW9XlE8udNoBuBlGLrfciZOF Riqzolnt13spp8xYx2b7TPiRkHt1F5s4W2B8lRc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3aSKsbPoJKiDVfqMKBA 0Yew7LVZ9ZSPG43pnd35EuDrkynwHjmcuDhrHdsk2lHGTSfElDjdOmDW6M3TQ0qw A99xdFqh1NSOXsk81AwSYOL+rl2x1SM4tzS7YLhrub5EhaS5A0jvNEd3peEr8bLE WYbYvJV5t+gqijFwctSY/cYh+mQYLZu7QbJfmyb+Dmja65ejgxp0OxCvwS8xGZwg CRjpH0YfMNgpCGdcqa7m+oa0C+rW1TT4HrhvbyJEmBDvt8ijcOeDJESzTKYgHdiS rSKoBruVWEonmN14Zgiq1JACA8iMsmZwnnjJ9SrhBLH9z4imMfG5T1XXHTo6qVvr DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 298665443533168490073849011260969040996339 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-12 23:36:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-12 23:36:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gearshift.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21645219671334546230500436604720988884516560447165213930069683156896746119098819777518508829338267537571842632645129098218451488275693723544195899305927199494958988702469479390726106129320916841079432251116883544923504883326012020978769371085966752321697971811392391028294801801787495038073232628062910585571380916218810561529961308786424409685057750697104126837099479441964428497007890820477029422200102887028516488047889650923903882738371848623798400410275709303389539448272763789642513167685655600845590551869232961386999025115710634005787787408166261406755396794988740671007743724432752268594092389856422997519119 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 56bd9713cdd55030cf703bf888e05a67ea6fb8d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gearshift.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gearshift.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d9fe533d90000040300463044022075bf4dc2c12a2235ea4bcd7599edb0b25f7e1558ff48601b6c08da94f499136e022027bd36ff3afecd7e6771b5ebea8b785c435bc5ec6623c5bf908769f84a506be700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d9fe53429000004030046304402207c7d767df7c5469f5931356bcfe987e7e52f1f3d2cf1b1f2003ea4f2754840ad02202fa5c802c3c0629541fd483c2045cf652bc32a97d7a191337caa49ef67b349f2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001e70aa2e27fe680cfaa8e92352690bcbbb37c2cf03d1ab89db65f506aae82fa2cec3407367dfe6062ee986d719664f1e767273fe2eb8d538896be9e25900b1fafafad0f5977876e580e0c847964913f2a85eece0832e22e9f0153fdc2691960fb899ab1108363a80ed760999febe29aba05c4fbdc0877d06c6adac6dc3e148fc11ff5fbe6bc0fbcd81492e838a99901a4a6e85cf91127bbb33c823fd752bf1c653580afd0920e449b6a2e271fa56b849781681cabdff2647ead2983de91a60f7a3f60a61ca4236923a7086258058d10127516f57944f2e74da01b819462eb7dc899385462ab3a259edd77b29a7cc58c766fb4cf891907b75179b385b607c9517