www.gearshift.ca

Issued by R3

About this certificate

This digital certificate with serial number 03:6d:b2:e8:1a:fc:f6:e9:b8:51:2b:03:a4:68:f3:c7:e7:f3 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.gearshift.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:6d:b2:e8:1a:fc:f6:e9:b8:51:2b:03:a4:68:f3:c7:e7:f3
Serial Number (int): 298665443533168490073849011260969040996339
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 56:bd:97:13:cd:d5:50:30:cf:70:3b:f8:88:e0:5a:67:ea:6f:b8:d6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 2b:04:8b:04:0f:79:dd:78:27:bd:89:9f:2a:c8:a3:89:77:0d:69:44
Fingerprint (sha256): 60:9e:d2:7b:4d:f8:81:56:e2:4b:27:2f:65:9a:99:e7:48:0c:d6:fa:ff:9e:95:c9:f0:f8:eb:dc:3a:c5:f0:97

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.gearshift.ca

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.gearshift.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gearshift.ca
www.gearshift.ca

Other certificates including the domain name gearshift.ca

(limited to 100 certificates)
gearshift.ca
sni.cloudflaressl.com
sni218998.cloudflaressl.com
sni.cloudflaressl.com
studios.gearshift.ca
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
gearshift.ca
sni218998.cloudflaressl.com
sni.cloudflaressl.com
sni137232.cloudflaressl.com
studios.gearshift.ca
www.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
studios.gearshift.ca
gearshift.ca
www.gearshift.ca
gearshift.ca
sni.cloudflaressl.com
gearshift.ca
play.gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
gearshift.ca
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
studios.gearshift.ca
gearshift.ca
gearshift.ca
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni218998.cloudflaressl.com
sni.cloudflaressl.com
gearshift.ca
sni137232.cloudflaressl.com
studios.gearshift.ca
studios.gearshift.ca
gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca
studios.gearshift.ca
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
sni137232.cloudflaressl.com
gearshift.ca
studios.gearshift.ca
sni218998.cloudflaressl.com
www.gearshift.ca
sni218998.cloudflaressl.com
gearshift.ca

Certificate

The complete raw certificate details for www.gearshift.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgISA22y6Br89um4USsDpGjzx+fzMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTIyMzM2NTRaFw0yNDA1MTIyMzM2NTNaMBsxGTAXBgNVBAMT
EHd3dy5nZWFyc2hpZnQuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrdpIqxs+gkqINV+owoEDRh7DstVn1lI8bjemd3fkS4OuTKfAeOZy4OGsd2yTa
UcZNJ8SUON06YNbozdNDSrAD33F0WqHU1I5eyTzUDBJg4v6uXbHVIzi3NLtguGu5
vkSFpLkDSO80R3el4SvxssRZhti8lXm36CqKMXBy1Jj9xiH6ZBgtm7tBsl+bJv4O
aNrrl6ODGnQ7EK/BLzEZnCAJGOkfRh8w2CkIZ1yprub6hrQL6tbVNPgeuG9vIkSY
EO+3yKNw54MkRLNMpiAd2JKtIqgGu5VYSieY3XhmCKrUkAIDyIyyZnCeeMn1KuEE
sf3PiKYx8blPVdcdOjqpW+sPAgMBAAGjggIeMIICGjAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFFa9lxPN1VAwz3A7+IjgWmfqb7jWMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMCkGA1UdEQQiMCCCDGdlYXJzaGlmdC5jYYIQd3d3LmdlYXJzaGlmdC5jYTAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AEiw
42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjZ/lM9kAAAQDAEYwRAIg
db9NwsEqIjXqS811me2wsl9+FVj/SGAbbAjalPSZE24CICe9Nv86/s1+Z3G16+qL
eFxDW8XsZiPFv5CHafhKUGvnAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/m
Z0xaOnQAAAGNn+U0KQAABAMARjBEAiB8fXZ998VGn1kxNWvP6Yfn5S8fPSzxsfIA
PqTydUhArQIgL6XIAsPAYpVB/Ug8IEXPZSvDKpfXoZEzfKpJ72ezSfIwDQYJKoZI
hvcNAQELBQADggEBAB5wqi4n/mgM+qjpI1JpC8u7N8LPA9Gridtl9Qaq6C+izsNA
c2ff5gYu6YbXGWZPHnZyc/4uuNU4iWvp4lkAsfr6+tD1l3h25YDgyEeWSRPyqF7s
4IMuIunwFT/cJpGWD7iZqxEINjqA7XYJmf6+KaugXE+9wId9BsatrG3D4Uj8Ef9f
vmvA+82BSS6DipmQGkpuhc+REnu7M8gj/XUr8cZTWAr9CSDkSbai4nH6VrhJeBaB
yr3/Jkfq0pg96Rpg96P2CmHKQjaSOnCGJYBY0QEnUW9XlE8udNoBuBlGLrfciZOF
Riqzolnt13spp8xYx2b7TPiRkHt1F5s4W2B8lRc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3aSKsbPoJKiDVfqMKBA
0Yew7LVZ9ZSPG43pnd35EuDrkynwHjmcuDhrHdsk2lHGTSfElDjdOmDW6M3TQ0qw
A99xdFqh1NSOXsk81AwSYOL+rl2x1SM4tzS7YLhrub5EhaS5A0jvNEd3peEr8bLE
WYbYvJV5t+gqijFwctSY/cYh+mQYLZu7QbJfmyb+Dmja65ejgxp0OxCvwS8xGZwg
CRjpH0YfMNgpCGdcqa7m+oa0C+rW1TT4HrhvbyJEmBDvt8ijcOeDJESzTKYgHdiS
rSKoBruVWEonmN14Zgiq1JACA8iMsmZwnnjJ9SrhBLH9z4imMfG5T1XXHTo6qVvr
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 298665443533168490073849011260969040996339
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-12 23:36:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-12 23:36:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gearshift.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21645219671334546230500436604720988884516560447165213930069683156896746119098819777518508829338267537571842632645129098218451488275693723544195899305927199494958988702469479390726106129320916841079432251116883544923504883326012020978769371085966752321697971811392391028294801801787495038073232628062910585571380916218810561529961308786424409685057750697104126837099479441964428497007890820477029422200102887028516488047889650923903882738371848623798400410275709303389539448272763789642513167685655600845590551869232961386999025115710634005787787408166261406755396794988740671007743724432752268594092389856422997519119
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							56bd9713cdd55030cf703bf888e05a67ea6fb8d6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gearshift.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gearshift.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d9fe533d90000040300463044022075bf4dc2c12a2235ea4bcd7599edb0b25f7e1558ff48601b6c08da94f499136e022027bd36ff3afecd7e6771b5ebea8b785c435bc5ec6623c5bf908769f84a506be700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d9fe53429000004030046304402207c7d767df7c5469f5931356bcfe987e7e52f1f3d2cf1b1f2003ea4f2754840ad02202fa5c802c3c0629541fd483c2045cf652bc32a97d7a191337caa49ef67b349f2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001e70aa2e27fe680cfaa8e92352690bcbbb37c2cf03d1ab89db65f506aae82fa2cec3407367dfe6062ee986d719664f1e767273fe2eb8d538896be9e25900b1fafafad0f5977876e580e0c847964913f2a85eece0832e22e9f0153fdc2691960fb899ab1108363a80ed760999febe29aba05c4fbdc0877d06c6adac6dc3e148fc11ff5fbe6bc0fbcd81492e838a99901a4a6e85cf91127bbb33c823fd752bf1c653580afd0920e449b6a2e271fa56b849781681cabdff2647ead2983de91a60f7a3f60a61ca4236923a7086258058d10127516f57944f2e74da01b819462eb7dc899385462ab3a259edd77b29a7cc58c766fb4cf891907b75179b385b607c9517