clearwater.ca

Issued by R3

About this certificate

This digital certificate with serial number 04:54:3d:d6:70:0a:05:ec:cf:66:ca:1b:17:72:ac:8b:95:fa was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=clearwater.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:54:3d:d6:70:0a:05:ec:cf:66:ca:1b:17:72:ac:8b:95:fa
Serial Number (int): 377115058880094414783876962536283425183226
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 8e:1f:61:f2:dd:46:56:72:d7:d5:d3:f3:0c:ba:95:7f:53:ca:58:31
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): e9:52:05:e5:4c:75:63:fa:3e:c3:1f:b6:d0:bc:10:1d:ff:49:c5:11
Fingerprint (sha256): 66:35:a6:6d:50:06:8c:11:9e:91:51:ba:35:f3:a6:88:79:6f:86:af:86:e6:00:ca:73:0b:28:77:b2:d7:a2:e2

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate clearwater.ca

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for clearwater.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

clearwater.ca

Other certificates including the domain name clearwater.ca

(limited to 100 certificates)
test.clearwater.ca
www.clearwater.ca
webapp.clearwater.ca
www.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
www.clearwater.ca
msan1.myabsorb.ca
www.clearwater.ca
msan1.myabsorb.ca
www.clearwater.ca
clearwater.ca
msan1.myabsorb.ca
wsa.clearwater.ca
msan1.myabsorb.ca
clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
www.clearwater.ca
clearwater.ca
msan1.myabsorb.ca
test.clearwater.ca
clearwater.ca
test.clearwater.ca
msan1.myabsorb.ca
test.clearwater.ca
webmail.clearwater.ca
www.clearwater.ca
webmail.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
clearwater.ca
www.clearwater.ca
www.clearwater.ca
msan1.myabsorb.ca
test.clearwater.ca
clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
psnbedford.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
mobile.clearwater.ca
clearwater.ca
test.clearwater.ca
www.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
*.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
clearwater.ca
msan1.myabsorb.ca
test.clearwater.ca
msan1.myabsorb.ca
*.clearwater.ca
clearwater.ca
www.clearwater.ca
clearwater.ca
mail.clearwater.ca
mobile.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
clearwater.ca
www.clearwater.ca
www.clearwater.ca
msan1.myabsorb.ca
clearwater.ca
webmail.clearwater.ca
msan1.myabsorb.ca
*.clearwater.ca
test.clearwater.ca
test.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
www.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
clearwater.ca
msan1.myabsorb.ca
*.clearwater.ca
msan1.myabsorb.ca
edge.clearwater.ca
wsa.clearwater.ca
secure.clearwater.ca
msan1.myabsorb.ca
clearwater.ca
msan1.myabsorb.ca
www.clearwater.ca
www.clearwater.ca
test.clearwater.ca
msan1.myabsorb.ca
msan1.myabsorb.ca
www.clearwater.ca

Certificate

The complete raw certificate details for clearwater.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgISBFQ91nAKBezPZsobF3Ksi5X6MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA4MjUxNTI5NDJaFw0yMzExMjMxNTI5NDFaMBgxFjAUBgNVBAMT
DWNsZWFyd2F0ZXIuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp
Ueill/fDN9wKEx3I20EgLb2OirTx3tiViAApyufUsFsGivpL4d6sHSlivRsyffQf
4g5GiW5NbPbqKGtD3QnBJKKRxtqt4xuurbglTDj5++Go1oVoeqH9UHKEDze5EBKH
z9yzXCFWDx2Dxz2mI4+yB0awQIiyFR/MTCJcpCV4eekJGGmOVayHO1X52EV6nvvZ
HNZ1fsdjCRUR/MUdKSThgDSgItRzpRrUz+XXvdQIrEuKK/Fhs9DHK6HQOa3nFcGT
R7067QyN2CC+05Ip2Izg7uPkPjgFdP6riNohjGT7ib3BnTZkbAcUiamsEpbuDlKH
FqDA0o176Co+5PPvkGxDAgMBAAGjggIQMIICDDAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFI4fYfLdRlZy19XT8wy6lX9TylgxMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MBgGA1UdEQQRMA+CDWNsZWFyd2F0ZXIuY2EwEwYDVR0gBAwwCjAIBgZngQwBAgEw
ggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwC3Pvsk35xNunXyOcW6WPRsXfxCz3qf
NcSeHQmBJe20mQAAAYoth7UrAAAEAwBIMEYCIQD6YrRl7hj70BZNleAI/n8KLS9S
AaZ9fT153kcDMIRtqwIhANpkYYEB2GaqQf3HLfTfFUnOyauvyPjVB0Ye3Mn82TfG
AHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGKLYe1QQAABAMA
RzBFAiEA0gJkPz+mqrjxOB233KOD37nH712rWgXo0khRhwHq8WECIArU5BbECQ+n
TbheQK/zGPJLnm6L9Ctd8BcvpO8M8lUTMA0GCSqGSIb3DQEBCwUAA4IBAQBtgpio
BxII9owEhTIwglJ9hLkpI21p9i2xeYFQIMRV8BSLlnwf+tFrf2u0kcoYax6TELiA
VrzxX9W7GUv2UUmAgn2SWXH0Kck2AOg4QybdI6xuVN/lfypkN8pKOsD9j3B0SHG+
mS5kPoEOnIspIzVQ/n3bpWVLX4B1AzcjkDtWYNr0bwEVk8E0fhL1EQVvT+DFA2z/
ek4klSuOZC3LTf2ILxc7AxHXEV1ftrukPfG7bGggH1s3p5isLadx3xZMruW04i7o
nDOlU0OIPgGbJijCCk/N6o/IH6wl1veM2XAG+6Y7hzDDDXbND3oaDNzFRAqNNWYr
Xfka1G4xdX1auIjs
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VHopZf3wzfcChMdyNtB
IC29joq08d7YlYgAKcrn1LBbBor6S+HerB0pYr0bMn30H+IORoluTWz26ihrQ90J
wSSikcbareMbrq24JUw4+fvhqNaFaHqh/VByhA83uRASh8/cs1whVg8dg8c9piOP
sgdGsECIshUfzEwiXKQleHnpCRhpjlWshztV+dhFep772RzWdX7HYwkVEfzFHSkk
4YA0oCLUc6Ua1M/l173UCKxLiivxYbPQxyuh0Dmt5xXBk0e9Ou0MjdggvtOSKdiM
4O7j5D44BXT+q4jaIYxk+4m9wZ02ZGwHFImprBKW7g5ShxagwNKNe+gqPuTz75Bs
QwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 377115058880094414783876962536283425183226
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-25 15:29:42 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-23 15:29:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'clearwater.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29453915780293988557350384938373093323492620080721790862940711185310107216569899647635595813792598797524864748390655324730027194519092258666182390695618904520539181013440814815123492096302376888951106673670418461954469156266579294362199497484958132836108590823140357199726625360230365162764274467029086950455946007018116295892340543464170917767868300260377894521208447621804195101681928792212795308523599844694577148058989287441724800213231200147209383932730579306746790867583912170527732652169597663193508853241455508114657230102033777796141611024432388355925864590291235911199155569254351141363259869409569384983619
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8e1f61f2dd465672d7d5d3f30cba957f53ca5831
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clearwater.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a2d87b52b0000040300483046022100fa62b465ee18fbd0164d95e008fe7f0a2d2f5201a67d7d3d79de470330846dab022100da64618101d866aa41fdc72df4df1549cec9abafc8f8d507461edcc9fcd937c60076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a2d87b5410000040300473045022100d202643f3fa6aab8f1381db7dca383dfb9c7ef5dab5a05e8d248518701eaf16102200ad4e416c4090fa74db85e40aff318f24b9e6e8bf42b5df0172fa4ef0cf25513
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006d8298a8071208f68c0485323082527d84b929236d69f62db179815020c455f0148b967c1ffad16b7f6bb491ca186b1e9310b88056bcf15fd5bb194bf6514980827d925971f429c93600e8384326dd23ac6e54dfe57f2a6437ca4a3ac0fd8f70744871be992e643e810e9c8b29233550fe7ddba5654b5f8075033723903b5660daf46f011593c1347e12f511056f4fe0c5036cff7a4e24952b8e642dcb4dfd882f173b0311d7115d5fb6bba43df1bb6c68201f5b37a798ac2da771df164caee5b4e22ee89c33a55343883e019b2628c20a4fcdea8fc81fac25d6f78cd97006fba63b8730c30d76cd0f7a1a0cdcc5440a8d35662b5df91ad46e31757d5ab888ec