oxfordprivatecare.co.uk

Issued by R3

About this certificate

This digital certificate with serial number 04:aa:51:57:df:5f:d9:3e:fc:6a:a8:43:e0:e8:5e:78:ec:6a was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=oxfordprivatecare.co.uk

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:aa:51:57:df:5f:d9:3e:fc:6a:a8:43:e0:e8:5e:78:ec:6a
Serial Number (int): 406405269831657047536691669734014655720554
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 49:63:b2:d3:c5:53:9e:0d:0b:4d:df:b4:fb:e7:48:38:dd:f8:d7:95
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): a6:7a:9c:0e:b0:fc:94:02:2a:c1:2b:28:1d:db:dc:77:6f:06:bb:28
Fingerprint (sha256): 66:84:aa:89:39:18:f1:ed:2f:25:34:90:38:12:5c:bd:98:c8:ad:fb:4d:47:c5:08:65:85:0f:b6:d6:57:95:91

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate oxfordprivatecare.co.uk

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for oxfordprivatecare.co.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk

Other certificates including the domain name oxfordprivatecare.co.uk

(limited to 100 certificates)
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk
www.oxfordprivatecare.co.uk

Certificate

The complete raw certificate details for oxfordprivatecare.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISBKpRV99f2T78aqhD4OheeOxqMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMjkwNzU0MThaFw0yNDAxMjcwNzU0MTdaMCIxIDAeBgNVBAMT
F294Zm9yZHByaXZhdGVjYXJlLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvCxvz3RSKZXHRYEeoTAj3WkPM4XwtFE+6ymWlhty4/e9867FaqaU
JdvgaEEEqjhlX0Rqt39SYmmTydpRczpjJYlSxKF/Ku1VtEerK54t6Seqq5sKcjVN
APZp6Y23pFpmMIUQaM6a8aNU7yJLzIyz5ItySBRUOZ+AQrJwHhvh5G/8RQZiAShw
YtgR8YmSnyPunmX8q8H2EYjnQJ4Qt/9tK49ULNycrTE1Kll+RSm7xvxsuwYv6JCK
urDJyg0G33wEmBiNV2hYF813x0+XfFWgOKEIIjIeDXcWos14WczmYSiTzUlImlHg
HJzH1Bu3I8lrjHc0ap48qURN5YP6QB/MaQIDAQABo4ICNTCCAjEwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBRJY7LTxVOeDQtN37T750g43fjXlTAfBgNVHSMEGDAWgBQU
LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG
FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku
bGVuY3Iub3JnLzA/BgNVHREEODA2ghdveGZvcmRwcml2YXRlY2FyZS5jby51a4Ib
d3d3Lm94Zm9yZHByaXZhdGVjYXJlLmNvLnVrMBMGA1UdIAQMMAowCAYGZ4EMAQIB
MIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUA2ra/az+1tiKfm8K7XGvocJFxbLtR
hIU0vaQ9MEjX+6sAAAGLeqQhbAAABAMARjBEAiAJG33DqWmSwhkMBcEmUSA+7Usi
kRyI7y0JfCvQl7iWBgIgKYSci10OpVwcH2i2Yn6oI9fnkAYoIOo+FN4XlMFrt6QA
dgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYt6pCF8AAAEAwBH
MEUCIDRdnQ0YrFOVV5Xn4GZafMCV8BNOifRDdzt04oLbUGWpAiEAkpkPdAQ8Q8gq
f0DsLDT1wm45CbcFC+n2JVZ8oab+wCIwDQYJKoZIhvcNAQELBQADggEBAAhIqGGE
pmtM2X6sJ71cQATbjnuGdv1kY1/n5RT0fsp/JbDReuH4KJ7fxynABmiAtBLYtlyR
GyIEQMd6AiTQWNjeGoXlEqwUhSsGeqmUbz1JI5N2jXyzmXJIg5ntErSB8gjaAiRM
CqKLguPgTlqIZYWwO9h/z0DxRGl+SnbIlygMXgOPFa1zHooPFMuH9TcejUOmyt11
z6Q1fLxyn5Ijuz+mRZ72QZaTT3wBEtpFj0o8ngDMSfc1dKiiB4HD8CdfAAoMthC0
3QZzBxpucH4bdg9aCgHrXfGGQXED7fvMsbRl675jCk/p8BGDa0X3AUtQey4+YB0M
sHtNUu0Y9MitxOc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCxvz3RSKZXHRYEeoTAj
3WkPM4XwtFE+6ymWlhty4/e9867FaqaUJdvgaEEEqjhlX0Rqt39SYmmTydpRczpj
JYlSxKF/Ku1VtEerK54t6Seqq5sKcjVNAPZp6Y23pFpmMIUQaM6a8aNU7yJLzIyz
5ItySBRUOZ+AQrJwHhvh5G/8RQZiAShwYtgR8YmSnyPunmX8q8H2EYjnQJ4Qt/9t
K49ULNycrTE1Kll+RSm7xvxsuwYv6JCKurDJyg0G33wEmBiNV2hYF813x0+XfFWg
OKEIIjIeDXcWos14WczmYSiTzUlImlHgHJzH1Bu3I8lrjHc0ap48qURN5YP6QB/M
aQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 406405269831657047536691669734014655720554
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-29 07:54:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-27 07:54:17 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oxfordprivatecare.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23754713916299621123153682214498734146979461658602975322230648384291047772304934213068822114738366514902865385416957382484492961247787468091047315583474472743500401305362573112947253197955726689112198258417180765651417053635044115746532719070287335780485154290911551319241183414247160264197253437407856340356576836523942648502549715975149385615564336238442743290426988926402120132548647871120755166132801944820270174105690431495750581613957292649696108436397369419213799767331161443032071433255296637033713534026476854349299945838871161636627442450987967985405695652749399792633889413692761465276639076475574834678889
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4963b2d3c5539e0d0b4ddfb4fbe74838ddf8d795
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oxfordprivatecare.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oxfordprivatecare.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b7aa4216c00000403004630440220091b7dc3a96992c2190c05c12651203eed4b22911c88ef2d097c2bd097b89606022029849c8b5d0ea55c1c1f68b6627ea823d7e790062820ea3e14de1794c16bb7a4007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b7aa4217c00000403004730450220345d9d0d18ac53955795e7e0665a7cc095f0134e89f443773b74e282db5065a902210092990f74043c43c82a7f40ec2c34f5c26e3909b7050be9f625567ca1a6fec022
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000848a86184a66b4cd97eac27bd5c4004db8e7b8676fd64635fe7e514f47eca7f25b0d17ae1f8289edfc729c0066880b412d8b65c911b220440c77a0224d058d8de1a85e512ac14852b067aa9946f3d492393768d7cb39972488399ed12b481f208da02244c0aa28b82e3e04e5a886585b03bd87fcf40f144697e4a76c897280c5e038f15ad731e8a0f14cb87f5371e8d43a6cadd75cfa4357cbc729f9223bb3fa6459ef64196934f7c0112da458f4a3c9e00cc49f73574a8a20781c3f0275f000a0cb610b4dd0673071a6e707e1b760f5a0a01eb5df186417103edfbccb1b465ebbe630a4fe9f011836b45f7014b507b2e3e601d0cb07b4d52ed18f4c8adc4e7