www.stretchmax.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:80:c6:e0:80:0f:c4:b2:85:9f:a2:b9:d3:09:20:16:4c:81 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.stretchmax.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:80:c6:e0:80:0f:c4:b2:85:9f:a2:b9:d3:09:20:16:4c:81Serial Number (int): 305157353576220314994275547419115664067713
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 06:4f:1f:44:0d:12:32:3c:08:eb:bd:0f:5e:34:55:29:d6:d0:88:0a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 06:04:b5:98:bc:94:6a:8d:ae:a7:68:31:eb:92:0f:03:10:ac:be:b0
Fingerprint (sha256): 63:ca:f2:ba:11:73:68:4e:81:f1:6f:40:9e:e1:c1:e8:40:a1:6f:4f:86:38:2a:bf:35:dd:d0:f3:6c:38:7e:5d
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.stretchmax.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.stretchmax.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.stretchmax.com
Other certificates including the domain name stretchmax.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.stretchmax.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXTCCBUWgAwIBAgISA4DG4IAPxLKFn6K50wkgFkyBMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTkwNDM2MzdaFw0y MDA1MTkwNDM2MzdaMB0xGzAZBgNVBAMTEnd3dy5zdHJldGNobWF4LmNvbTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMYBYtHVCjAaCKW/Ar+/MUUr642/ EhITWtrr1oDrn82r7y0GPIddXJqf4i6EnvAhuyWBukQaPR95IXzgMFHGwOr+7O2y wcah7miFYbbuHZ2ZPiSoEQLYx/9BDwYHVIiacrcaeTgHKzZp8bHP1xg+RrcYBoQW hDvIxUJ+GCtWoaDTHrvatr+0f0fur5/IC8YR5TjxsMlA2tM6HXGoNnazwnkytlHa r8nZ9Uve417nvKr0PUmUZ0h+l9DxWp3KPvNR3KrVOd6n1wSFtqKkTMyGgt7IraeG 6eklOYBD/o7FvOvvFRSTrbXSQG3Tbh2qwnaSCYuKDCf21+zw/cxdQODMGqn6oNM9 8mdPsdFEvcG67+BBVFSpbrsXA7joGTCVZQ9DPqZ1yzosVGjY63Mx7vjmTPg2SrHG 3Am+zwgUWf2X//+tuLvedbuBbA0tTH/XmeB+BSvCpntEAWYm0v8C/62rGA8jE+b3 PGJwXP33GRo4K0alOmGZMVX75ITGxyLmMf21WgahueFb5MtEf1NSWV6wMhImJA+o zolHeUssnvKOuAbPkb6/DrEeHY0/iXI62sI50JczoDEBd8Z2C3r3HRCU8515DsnN mtAwVBsCLmw41NR++MkfjwMs6s/U/amf76QRAmHmpnOJ3J0i8d8rsrZ9Do0w7q0L HLv1chd+tt1a8w2vAgMBAAGjggJoMIICZDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FAZPH0QNEjI8COu9D140VSnW0IgKMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISd3d3LnN0cmV0Y2ht YXguY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHW eQIEAgSB9gSB8wDxAHYAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwA AAFwW/KzygAABAMARzBFAiEA+Mnai4b3nBoKEQSLASVzQwsZQPGJTedoShh6lLqu DYkCICZ9SADPh70xYyLJ5aLOJtQ4c0o3yzmlS69eoMWcuqO8AHcAb1N2rDHwMRnY mQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFwW/K0EgAABAMASDBGAiEAl0Jd6Dbs VM3Va3pbOMM8KIE4cpV7OkIc3HdIv5kkAwMCIQChxUMMJoRbzAkdXm7NcheiLcLo dAt5G0emj4fIQWGo0zANBgkqhkiG9w0BAQsFAAOCAQEAUBNBDuUXVdWpy7lVGSgG bR/hDx51apEnWom+xtxsn7Ah2ABplZx/3duhUrQwtROdUsomPeE2Z7q+HrNO1jHa nKbeHMyydR4F2dQ2RS3Map5rqR4XKdLJLvGpTltHqVyhksC3XZAmhb9hKGbW0UX2 ydaVGsd4RCWL/dVD7XMCmZRaWvIHbKhhSAkQxrPwAxuXUd3kB6c5K1vgLH6j5jW8 wyiWgydDnv0sGrSz4MRaM+KfFOXwN4UZrm6r2j9kWcw+9PZAoufQ3SyXAtw3ojZH fupL4+oiFfvzu3QAuhP4yk6jJ2dEs+LwLHP7kjFKo9iCqOiPw/TJChRZhXjx4l2i uw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxgFi0dUKMBoIpb8Cv78x RSvrjb8SEhNa2uvWgOufzavvLQY8h11cmp/iLoSe8CG7JYG6RBo9H3khfOAwUcbA 6v7s7bLBxqHuaIVhtu4dnZk+JKgRAtjH/0EPBgdUiJpytxp5OAcrNmnxsc/XGD5G txgGhBaEO8jFQn4YK1ahoNMeu9q2v7R/R+6vn8gLxhHlOPGwyUDa0zodcag2drPC eTK2Udqvydn1S97jXue8qvQ9SZRnSH6X0PFanco+81HcqtU53qfXBIW2oqRMzIaC 3sitp4bp6SU5gEP+jsW86+8VFJOttdJAbdNuHarCdpIJi4oMJ/bX7PD9zF1A4Mwa qfqg0z3yZ0+x0US9wbrv4EFUVKluuxcDuOgZMJVlD0M+pnXLOixUaNjrczHu+OZM +DZKscbcCb7PCBRZ/Zf//624u951u4FsDS1Mf9eZ4H4FK8Kme0QBZibS/wL/rasY DyMT5vc8YnBc/fcZGjgrRqU6YZkxVfvkhMbHIuYx/bVaBqG54Vvky0R/U1JZXrAy EiYkD6jOiUd5Syye8o64Bs+Rvr8OsR4djT+JcjrawjnQlzOgMQF3xnYLevcdEJTz nXkOyc2a0DBUGwIubDjU1H74yR+PAyzqz9T9qZ/vpBECYeamc4ncnSLx3yuytn0O jTDurQscu/VyF3623VrzDa8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 305157353576220314994275547419115664067713 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-19 04:36:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-19 04:36:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.stretchmax.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 807791613143595685779068910838002159261717126359868304780015660790922082726477954909371397733898612116275177677461648681322359289269738171381638618913925721515196930597813499287750589350698105570033125319715582203453168282007951167335489265163294300862377925682120597325826098161325555888348041921709314153860593337576418158033120015950169566066824563692236829518550177478482774691560434387780979041379090899547255983923468104086666584155101493639548582191702746838995882871231633956458960536584773438506421536156995103237982768091083114659493500308999192121684547717253692690031615596694558632999006578710714706328324183997549565889146247593322858361097349356338364276869148492840832151185341929816468972128348683858446627411125234870403597350003763397487475849690282772476262862443170618736694190424479992310344363087734853994239700374821250409162150634487393916926456435028144948313737721584393606843423374448452755784580058654752169829417745251504584797790905359380719647493406070687486836795120330887584969010703000958169100297963742780511213507548758984457465979537945770545622433098437795794213534900112799551847897582546653078858548472455480520256853232694412549664190511449899394367948895252224365404887298477488819930336687 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 064f1f440d12323c08ebbd0f5e345529d6d0880a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stretchmax.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c000001705bf2b3ca0000040300473045022100f8c9da8b86f79c1a0a11048b012573430b1940f1894de7684a187a94baae0d890220267d4800cf87bd316322c9e5a2ce26d438734a37cb39a54baf5ea0c59cbaa3bc0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001705bf2b412000004030048304602210097425de836ec54cdd56b7a5b38c33c28813872957b3a421cdc7748bf99240303022100a1c5430c26845bcc091d5e6ecd7217a22dc2e8740b791b47a68f87c84161a8d3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005013410ee51755d5a9cbb9551928066d1fe10f1e756a91275a89bec6dc6c9fb021d80069959c7fdddba152b430b5139d52ca263de13667babe1eb34ed631da9ca6de1cccb2751e05d9d436452dcc6a9e6ba91e1729d2c92ef1a94e5b47a95ca192c0b75d902685bf612866d6d145f6c9d6951ac77844258bfdd543ed730299945a5af2076ca861480910c6b3f0031b9751dde407a7392b5be02c7ea3e635bcc328968327439efd2c1ab4b3e0c45a33e29f14e5f0378519ae6eabda3f6459cc3ef4f640a2e7d0dd2c9702dc37a236477eea4be3ea2215fbf3bb7400ba13f8ca4ea3276744b3e2f02c73fb92314aa3d882a8e88fc3f4c90a14598578f1e25da2bb