hempmedicine.org
Issued by R3
About this certificate
This digital certificate with serial number 03:13:fd:86:6a:4d:17:18:5e:50:a4:44:11:10:16:0b:76:ca was issued on by Let's Encrypt.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=hempmedicine.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:13:fd:86:6a:4d:17:18:5e:50:a4:44:11:10:16:0b:76:caSerial Number (int): 268139215373534332243933708462477846214346
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f7:ee:0c:23:f3:9d:83:3b:2e:28:11:d3:c3:86:7a:c8:f7:20:18:21
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fd:aa:e2:2b:a8:2b:b7:aa:b3:c3:9f:8c:7d:cf:64:27:0a:96:ee:ed
Fingerprint (sha256): 64:a3:4d:39:ea:fe:d0:54:6f:4c:9c:5b:fc:86:ca:76:00:2d:da:98:08:ca:02:ef:42:23:74:8e:93:7a:7b:ad
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate hempmedicine.org
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hempmedicine.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
388.cool
constructionconcepts.com
enerpactoolsgroup.fr
greedyratstudios.com
hempmedicine.org
khp.co.in
megdiver.com
resetdebt.com.1800bmwparts.com.thenfor.com
theplanagers.com
theplaygroundcase.org.jaroslavpesek.com
constructionconcepts.com
enerpactoolsgroup.fr
greedyratstudios.com
hempmedicine.org
khp.co.in
megdiver.com
resetdebt.com.1800bmwparts.com.thenfor.com
theplanagers.com
theplaygroundcase.org.jaroslavpesek.com
Other certificates including the domain name hempmedicine.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for hempmedicine.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgISAxP9hmpNFxheUKREERAWC3bKMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjgxODEyMDRaFw0yMzEyMjcxODEyMDNaMBsxGTAXBgNVBAMT EGhlbXBtZWRpY2luZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD1FJly2d4FqSZ91eecJ4juzlxG6PnR/jyA7D4oJRqN7F0X7uUcPxlmcqTKrnqi cezuDoCPEAWRRxGlz+o7TSMKA7l0nlMCuN01MHhutl+Nxyky1IIInJzdjeyjWlon mGpHMZAFgwfkvmqid+N3T4sBAOM3Vdlz6U9EG3xClYRqmxUSKljkJrMSyLsXuIJw xmfC4CGG10JVmWHF9oLDanzrZb/bLNOH3ddyZzIOuA7D/SCAnfDsRzQH6tOl0lTu xYufgM1l1IWigsN7BWaHJaJ4UkrwDdEBGeMSzGiGxiuz7ZBCg5VUm8CqyfAQ6Dyk mMcShwxHmcHuX7sYEjzcwkMRAgMBAAGjggLjMIIC3zAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFPfuDCPznYM7LigR08OGesj3IBghMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMIHtBgNVHREEgeUwgeKCCDM4OC5jb29sghhjb25zdHJ1Y3Rpb25jb25jZXB0 cy5jb22CFGVuZXJwYWN0b29sc2dyb3VwLmZyghRncmVlZHlyYXRzdHVkaW9zLmNv bYIQaGVtcG1lZGljaW5lLm9yZ4IJa2hwLmNvLmluggxtZWdkaXZlci5jb22CKnJl c2V0ZGVidC5jb20uMTgwMGJtd3BhcnRzLmNvbS50aGVuZm9yLmNvbYIQdGhlcGxh bmFnZXJzLmNvbYIndGhlcGxheWdyb3VuZGNhc2Uub3JnLmphcm9zbGF2cGVzZWsu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADu AHQAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGK3TSSewAABAMA RTBDAiA6KkVafAp5baWAj4Bb+I0285ttA4V6ZyOExy6o5F0ovQIfGlInEbwYRK6S KxrtcdmHsvx5Rv+9Qy2koktYw2PZDgB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs 62nhd31tBr1uAAABit00kmcAAAQDAEcwRQIgXaULjQ1qUbeYkQczZSPY2S5/bUGr WLz8UZ7Dv/gxLt0CIQCD3UtfTUY7LjYcVqq9WYTgZF52zuOCORg8yczGG14C7jAN BgkqhkiG9w0BAQsFAAOCAQEAt6jk3fP+V2YiKz9B4pOl+AUowVyjiTXphLIaJZ15 YemU7U0DGfrxpjROzHL5A6eW73GUFLKRWC3f9X0hsgmZ7h0nMlBpSxUy21ujxoSv OsFG7IoOkwcgAPKwLANzwwyFRm/fzKOlM+E0rkqae6ZHsHI/SuQYKXTDZPhufi6q 7yEsi7nmhXLy1MZ7KG2EQJcjNEgs81Q5tGc+1sYzgCJ4wL9HAyJmnZzXafE7Dnlw /yDZqeDIxxIa2ukC07XZglDWA5bASLaHjcwRNamufb+wbeD5ZRxiLy/eqYcVE39X kUos541xH/Rv/9a3OUHbVt1CDQCtLXYCL640CPA4tTrEvA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RSZctneBakmfdXnnCeI 7s5cRuj50f48gOw+KCUajexdF+7lHD8ZZnKkyq56onHs7g6AjxAFkUcRpc/qO00j CgO5dJ5TArjdNTB4brZfjccpMtSCCJyc3Y3so1paJ5hqRzGQBYMH5L5qonfjd0+L AQDjN1XZc+lPRBt8QpWEapsVEipY5CazEsi7F7iCcMZnwuAhhtdCVZlhxfaCw2p8 62W/2yzTh93XcmcyDrgOw/0ggJ3w7Ec0B+rTpdJU7sWLn4DNZdSFooLDewVmhyWi eFJK8A3RARnjEsxohsYrs+2QQoOVVJvAqsnwEOg8pJjHEocMR5nB7l+7GBI83MJD EQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 268139215373534332243933708462477846214346 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 18:12:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-27 18:12:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hempmedicine.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30938542663724869411969835173872584064290518659400966026147045557733838561115728400925383093662199468387413544634388089216562235635079143114299967477312415067616737129851188326778461614356708430517287297352845574254906952958804273933847399372315249537112624713896318620600377409933409476240913931023970088628803451112649750397522435746134814280685019555692620888457492855413713861410572543401533673757039399595583118559843119846674336449783240681433201134968456131375887113678711813427839641465363913339943978195609847076912598353838462648486744997990339338867405396921954519550396469056140411904739068028734981423889 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f7ee0c23f39d833b2e2811d3c3867ac8f7201821 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (229 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '388.cool' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'constructionconcepts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enerpactoolsgroup.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greedyratstudios.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hempmedicine.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khp.co.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'megdiver.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resetdebt.com.1800bmwparts.com.thenfor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theplanagers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theplaygroundcase.org.jaroslavpesek.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0074007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018add34927b000004030045304302203a2a455a7c0a796da5808f805bf88d36f39b6d03857a672384c72ea8e45d28bd021f1a522711bc1844ae922b1aed71d987b2fc7946ffbd432da4a24b58c363d90e007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018add349267000004030047304502205da50b8d0d6a51b7989107336523d8d92e7f6d41ab58bcfc519ec3bff8312edd02210083dd4b5f4d463b2e361c56aabd5984e0645e76cee38239183cc9ccc61b5e02ee . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b7a8e4ddf3fe5766222b3f41e293a5f80528c15ca38935e984b21a259d7961e994ed4d0319faf1a6344ecc72f903a796ef719414b291582ddff57d21b20999ee1d273250694b1532db5ba3c684af3ac146ec8a0e93072000f2b02c0373c30c85466fdfcca3a533e134ae4a9a7ba647b0723f4ae4182974c364f86e7e2eaaef212c8bb9e68572f2d4c67b286d8440972334482cf35439b4673ed6c633802278c0bf470322669d9cd769f13b0e7970ff20d9a9e0c8c7121adae902d3b5d98250d60396c048b6878dcc1135a9ae7dbfb06de0f9651c622f2fdea98715137f57914a2ce78d711ff46fffd6b73941db56dd420d00ad2d76022fae3408f038b53ac4bc