28951.com
Issued by R3
About this certificate
This digital certificate with serial number 03:07:e4:16:34:de:a3:f8:00:79:e6:30:0f:f4:71:04:de:c5 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=28951.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:07:e4:16:34:de:a3:f8:00:79:e6:30:0f:f4:71:04:de:c5Serial Number (int): 264022013649621855109851547913433819438789
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 83:7e:34:f0:60:d3:32:ce:16:c2:85:71:26:e3:7c:45:a2:67:8f:de
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 73:59:87:3f:22:c4:8d:95:e9:00:57:11:b6:4b:78:c9:03:ac:a6:db
Fingerprint (sha256): 60:a4:82:9d:d4:5c:8a:f5:17:aa:48:05:18:ac:f6:55:db:1e:59:c5:e7:63:d0:68:3b:6e:f8:0c:db:07:ea:5f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate 28951.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for 28951.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
28951.com
Other certificates including the domain name 28951.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for 28951.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4DCCBMigAwIBAgISAwfkFjTeo/gAeeYwD/RxBN7FMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjExMTE2MzdaFw0yNDAxMTkxMTE2MzZaMBQxEjAQBgNVBAMT CTI4OTUxLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbEOP09 Frm1v5ceYvFu1uX3u/kXW21X0JgqZawJFV7Pl7qnlhzEnLpRfgLjKLv1Kq3fFnam gYERJa4WbcJO88T/7VsZtjj/YQ/K72KCUsHf8qdg//Ue7nlUvl+Sp2Xs4rGFT3SF ABGBoLEqerWQOrPLYsUh+pitDO4OiZ31wukp3pmSphz4WKwLbebK65C5DSdVWmNT PMaaJ9h211zQ4OymsAp0YWcgOMDS1k+/9FQlUIkAgp5GPAyvR8EpVKcYDB8Fh6lL fXk38ikS6Dvug2qBwaYgJ89X8X0w1b16SsN0jNXFi0Lju2FOtDujFgWQN0Vzjtc2 1e3wDKdgUhL+T03URWjj93bxTkLl6G8AV+singnI32e6zbptEKdZqb4SqvgW4V0O Kg/Afw6OcFOPuVsagV7CGGOcFdIQiRQjh6W7F9UxnpHyDzs0R2LmN3ueZ0G7QcHx unhfgBCiyi3OJv3IpmbJkPGcXimRjyTz7pBzmPVQi7Rw0Zv4H+Eu2OCCp/SVhaew xY0odNeeQdoow+/+owE6WCTJQCsqm9XzvzPUlajlPRvjWjFQ/dUdAtEDYTAht9Ve rCkxE1UyXlYNhrHnhCe+cB5F7SjvjoEqQW1Z4QDy7/uQzTVNj6THcqSOv8PDP2G0 QVO3Oxi0PJoF6eWCHVwZO5gbHwqPBkDu7q0rAgMBAAGjggIMMIICCDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFIN+NPBg0zLOFsKFcSbjfEWiZ4/eMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCTI4OTUxLmNvbTATBgNVHSAEDDAKMAgG BmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ADtTd3U+LbmAToswWwb+ QDtn2E/D9Me9AA0tcm/h+tQXAAABi1IqepsAAAQDAEgwRgIhAKqHUYDAjlJPv2jy rwxaWtnM5GEdagH1laGbOoB0Od/qAiEA/g9ZSXpOkU5xwacl9xAXH5FwFQm3KOXl 5PeVw25R81oAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYtS KnrjAAAEAwBHMEUCIQC7h6ozQmbFDw674U0hPRsK3euRsnprK37FeBzMEzRldgIg RMVURUTlzztTxOfF/pR7tJs96aQt31y6enLTwefUJzAwDQYJKoZIhvcNAQELBQAD ggEBAKG0jEeLVl6so7r3WFEkz15bM/0uUZt/t0v4ZMkPyqJ/IrWsjtz1fr4Nvg49 RaZ9qWkgvumaZRQR87W2xLDmONFyCCGTkU+AYrcBVdgpvp8oun6ElNarpDdpceKX cykuO8qBN5S/Q+C/vP+1dBqyLaXbserm25YTWD6JuKogeipwOOIbK5ySxkIH6Sst EZmhBP+rJj8X5b5sLF38egdjdoLBkFZc2KWv1P0ZXSMy2kz7u29/Yn406CIZtRT2 SqPbRsh4hUEKWSb5e5cKnAUhlyB0LL67gQbBCfIaH3KKvsLP/XhAXfBY+tMpxtec jgRpPoIFJjoEpcdU5GV0mJeRvC4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtsQ4/T0WubW/lx5i8W7W 5fe7+RdbbVfQmCplrAkVXs+XuqeWHMSculF+AuMou/Uqrd8WdqaBgRElrhZtwk7z xP/tWxm2OP9hD8rvYoJSwd/yp2D/9R7ueVS+X5KnZezisYVPdIUAEYGgsSp6tZA6 s8tixSH6mK0M7g6JnfXC6SnemZKmHPhYrAtt5srrkLkNJ1VaY1M8xpon2HbXXNDg 7KawCnRhZyA4wNLWT7/0VCVQiQCCnkY8DK9HwSlUpxgMHwWHqUt9eTfyKRLoO+6D aoHBpiAnz1fxfTDVvXpKw3SM1cWLQuO7YU60O6MWBZA3RXOO1zbV7fAMp2BSEv5P TdRFaOP3dvFOQuXobwBX6yKeCcjfZ7rNum0Qp1mpvhKq+BbhXQ4qD8B/Do5wU4+5 WxqBXsIYY5wV0hCJFCOHpbsX1TGekfIPOzRHYuY3e55nQbtBwfG6eF+AEKLKLc4m /cimZsmQ8ZxeKZGPJPPukHOY9VCLtHDRm/gf4S7Y4IKn9JWFp7DFjSh0155B2ijD 7/6jATpYJMlAKyqb1fO/M9SVqOU9G+NaMVD91R0C0QNhMCG31V6sKTETVTJeVg2G seeEJ75wHkXtKO+OgSpBbVnhAPLv+5DNNU2PpMdypI6/w8M/YbRBU7c7GLQ8mgXp 5YIdXBk7mBsfCo8GQO7urSsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 264022013649621855109851547913433819438789 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-21 11:16:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-19 11:16:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '28951.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 745622245472182157582484553147598927228223046988004316511404624996016681405095797156955358811632037832048991728900966776156020901370422708959855704173289974105107761409311625940013761478675028427297141175440373751132256166826525531577307627948086916518740284790558122495018632242425661245833259435618790737061312347393806021305821611504273704888599719136558951279497160157421552289191394992598221213011776180502797255755113585335275613705888028089146376968769611670838707343708955011240324920215310743986609852721150372802928604032067482016294858736956917270614144599491860456455127224681949750287375357449956018349496048285589147076748469220153005898665012804564415385985784494169520561831368106485824491352257831327463238676483056612287227566818156458327068281138119257079346581613625803923012157297691233607399176058087379354578821172878427759346913940049642782855362356063510050884602989432813851368255337562339275038052269424753726805870035242820638007410822872239014321176857867485976532290226265083036043055230234268812475987226333588360799519837619667842320633359325793061225933927898663297446733049997139797496020499801477465223509343368621093016168500650815709006051612627609018324611081267455551745860993034843206219377963 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 837e34f060d332ce16c2857126e37c45a2678fde . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '28951.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b522a7a9b0000040300483046022100aa875180c08e524fbf68f2af0c5a5ad9cce4611d6a01f595a19b3a807439dfea022100fe0f59497a4e914e71c1a725f710171f91701509b728e5e5e4f795c36e51f35a00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b522a7ae30000040300473045022100bb87aa334266c50f0ebbe14d213d1b0addeb91b27a6b2b7ec5781ccc13346576022044c5544544e5cf3b53c4e7c5fe947bb49b3de9a42ddf5cba7a72d3c1e7d42730 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a1b48c478b565eaca3baf7585124cf5e5b33fd2e519b7fb74bf864c90fcaa27f22b5ac8edcf57ebe0dbe0e3d45a67da96920bee99a651411f3b5b6c4b0e638d172082193914f8062b70155d829be9f28ba7e8494d6aba4376971e29773292e3bca813794bf43e0bfbcffb5741ab22da5dbb1eae6db9613583e89b8aa207a2a7038e21b2b9c92c64207e92b2d1199a104ffab263f17e5be6c2c5dfc7a07637682c190565cd8a5afd4fd195d2332da4cfbbb6f7f627e34e82219b514f64aa3db46c87885410a5926f97b970a9c05219720742cbebb8106c109f21a1f728abec2cffd78405df058fad329c6d79c8e04693e8205263a04a5c754e46574989791bc2e