okdnc.com
Issued by R3
About this certificate
This digital certificate with serial number 04:cb:d2:a7:7f:7f:50:d4:0c:2a:54:89:10:80:3d:05:cc:d6 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=okdnc.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:cb:d2:a7:7f:7f:50:d4:0c:2a:54:89:10:80:3d:05:cc:d6Serial Number (int): 417806471790634713772666840480534967471318
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: f9:ed:94:47:60:c8:c6:f6:ef:3c:99:c5:ef:7b:74:34:d0:90:d6:f1
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): dc:e5:02:ef:84:42:01:58:77:81:46:ea:bb:4d:16:89:80:6c:ef:44
Fingerprint (sha256): 61:f3:75:f7:7d:34:39:93:d2:fe:e1:f6:d3:1b:c1:59:b6:c3:53:4d:65:ed:53:b8:0d:62:00:f1:8a:7e:47:2a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate okdnc.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for okdnc.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
okdnc.com
www.okdnc.com
www.okdnc.com
Other certificates including the domain name okdnc.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for okdnc.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgISBMvSp39/UNQMKlSJEIA9BczWMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMzAxMzAyMTZaFw0yNDA2MjgxMzAyMTVaMBQxEjAQBgNVBAMT CW9rZG5jLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMOo1W1a JppK4EMUtB8aPNlOIien083iU6XhTrq5tj9Z405NniTN3MNbfWNP67WzN8PC4NIC sKxvT2l8vMCcjN71It+d9SQtnUsrEDM7+sVecyATtssqH/XiQEHXxRbaJxe/HAGs jTB7/uy5Y3IGglPUZ6FnPyjIopEHGSLm2YbOZHzHBVpSWDqBP6wtiFnjjqVfcfpm LZVfxwR9SouI15AJuhvkduNowYDjDsUqKrhvycX9kkn+uP17o5bwJlIcgC6hyTvJ ZVIPc3NNKIAinkc8x70Yr7JQH9mraFJaiLkK2ozRvO/rZZOI324ypQX6NYar8WGz yVt66UkhP3sMOCD7Uhnms7ctef6jy7qhOY+tBUIdlnY6Gq5PSUrFt5uvsdqLbbP/ D0DiNQ9IkRJVsJWhEFrbPiUFiQtT9CJ6sABEU5OyHg7Btt48DzOmS+dTVGTiHJ+0 5YBZD3QmTFjaKG8mPRazu9gejNPIabwOorvEYf1F+DAS2sI4m8TbHMkYMDHDqQj0 Y+RT5f2qRa/Ujk0mSSz7kyvzp5scAZJUb6dTcPy85jCqSUDyQ1E7IU1fWf5cwa7Y MZXQs3nhzMSJ52mq6OyiH2gtpP/h7+gzeSCcrz8l1KoGLZSckmdFopJguW0yu7OT YvUJIWxdz7DtcEjgfJumzmOADICRjW3CXCCzAgMBAAGjggIZMIICFTAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFPntlEdgyMb27zyZxe97dDTQkNbxMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCW9rZG5jLmNvbYINd3d3Lm9rZG5jLmNv bTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1 AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABjo+rEZEAAAQDAEYw RAIgIQQwOEbhb8N3EEnDuob+5QU258KBGH2N521XvcOpVmQCIEhcGbMW39GRO5aO Wvm7fApvWGgMXmy6cDbDWFIwYoK7AHYAouK/1h7eLy8HoNZObTen3GVDsMa1LqLa t4r4mm31F9gAAAGOj6sRsQAABAMARzBFAiAZTyyLzLvp3axBTNDO26U3CDsS+ehn eEb4kYsqLbbO2gIhAJE1IvSdot1iuAGQ775IJutgILAPi1zAFlXWJy2mt4dbMA0G CSqGSIb3DQEBCwUAA4IBAQAVsNaHpT8eAcjKL2/LM5K0nFNJ9BazR+AUoy7ztVzI JRcCFKKUnIXDp3/kgo2rmE22zQmRvOArVI5xpihcMHuo39Tc1j+MF7DEQZkJty1/ Orky0sUolg8gVBxQvFaswesuGcPs8J6FjPljPoDCyTkDvq7/U+gyANraSLc6sDni 2rc1nY3N3iKuQnk4A0v8Uj7DBQMRm0abMn4dbs6b+sjhy/TCK/ZF5pq610A8dSrP jLxG0gZNPSZueVcpO/NDxQ4VuNY6tzxPU/cr9HZ02iuEa+ovOG1nMQZdy7TJeaUt TMMicbqeBixsMMKnvBST9ns84TKrtwY///Eso3+hhtDC -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw6jVbVommkrgQxS0Hxo8 2U4iJ6fTzeJTpeFOurm2P1njTk2eJM3cw1t9Y0/rtbM3w8Lg0gKwrG9PaXy8wJyM 3vUi3531JC2dSysQMzv6xV5zIBO2yyof9eJAQdfFFtonF78cAayNMHv+7LljcgaC U9RnoWc/KMiikQcZIubZhs5kfMcFWlJYOoE/rC2IWeOOpV9x+mYtlV/HBH1Ki4jX kAm6G+R242jBgOMOxSoquG/Jxf2SSf64/XujlvAmUhyALqHJO8llUg9zc00ogCKe RzzHvRivslAf2atoUlqIuQrajNG87+tlk4jfbjKlBfo1hqvxYbPJW3rpSSE/eww4 IPtSGeazty15/qPLuqE5j60FQh2Wdjoark9JSsW3m6+x2otts/8PQOI1D0iRElWw laEQWts+JQWJC1P0InqwAERTk7IeDsG23jwPM6ZL51NUZOIcn7TlgFkPdCZMWNoo byY9FrO72B6M08hpvA6iu8Rh/UX4MBLawjibxNscyRgwMcOpCPRj5FPl/apFr9SO TSZJLPuTK/OnmxwBklRvp1Nw/LzmMKpJQPJDUTshTV9Z/lzBrtgxldCzeeHMxInn aaro7KIfaC2k/+Hv6DN5IJyvPyXUqgYtlJySZ0WikmC5bTK7s5Ni9QkhbF3PsO1w SOB8m6bOY4AMgJGNbcJcILMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 417806471790634713772666840480534967471318 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-30 13:02:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-28 13:02:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'okdnc.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 798221145615483814691694710780691662185088287042501562191884135447172747884777113299042674938009255453421978802976445189793688478311976849960840988428245743852447769111065255432172778446715728207108042800574776069061082598514252293271463407609966817488867346205472522825873358769092428282116255810690516409548519304999142232364922329614967579078746502189898680616347274327186706270435036536993625357817318233296650303537042997700426899046082615094124618249297797722318034049714705158327869789750869541513537586592650036350159470770190031425248817047597129987995087128966775509692150340100207662968222249107726135572708776998392958721768835204569287926665860729939463054400432737085046791822062634977116828764110329304017929075297609357007554884600761038146774908323876416065997776805395452708094094849448493396818730489523665952849458288373964755104545371526451284156563263124977001368325538897842942599257224060377671285681198603305780149840008181773339887796051962225485402806934015068814726391009142459135196618949717836012711817383355954889600531552619679991507689619907686451386688407447609742656174883428040909109945385404239863068262319006740775816303458158050623749241357154813203367217737844093378295292911654183059507126451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f9ed944760c8c6f6ef3c99c5ef7b7434d090d6f1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okdnc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.okdnc.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018e8fab1191000004030046304402202104303846e16fc3771049c3ba86fee50536e7c281187d8de76d57bdc3a956640220485c19b316dfd1913b968e5af9bb7c0a6f58680c5e6cba7036c35852306282bb007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e8fab11b100000403004730450220194f2c8bccbbe9ddac414cd0cedba537083b12f9e8677846f8918b2a2db6ceda022100913522f49da2dd62b80190efbe4826eb6020b00f8b5cc01655d6272da6b7875b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0015b0d687a53f1e01c8ca2f6fcb3392b49c5349f416b347e014a32ef3b55cc825170214a2949c85c3a77fe4828dab984db6cd0991bce02b548e71a6285c307ba8dfd4dcd63f8c17b0c4419909b72d7f3ab932d2c528960f20541c50bc56acc1eb2e19c3ecf09e858cf9633e80c2c93903beaeff53e83200dada48b73ab039e2dab7359d8dcdde22ae427938034bfc523ec30503119b469b327e1d6ece9bfac8e1cbf4c22bf645e69abad7403c752acf8cbc46d2064d3d266e7957293bf343c50e15b8d63ab73c4f53f72bf47674da2b846bea2f386d6731065dcbb4c979a52d4cc32271ba9e062c6c30c2a7bc1493f67b3ce132abb7063ffff12ca37fa186d0c2