gemalings.ca
Issued by R3
About this certificate
This digital certificate with serial number 03:3c:f3:f8:fe:e5:13:d0:5b:b2:42:5c:27:86:c3:d5:f7:bf was issued on by Let's Encrypt.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=gemalings.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:3c:f3:f8:fe:e5:13:d0:5b:b2:42:5c:27:86:c3:d5:f7:bfSerial Number (int): 282078095073015119590113234149561490339775
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c3:e4:8c:af:1a:f5:e2:67:e1:22:1c:de:e1:eb:9a:03:4a:16:c9:8a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 39:bb:b5:4c:c0:74:af:22:3c:6b:20:b0:41:a2:18:65:b0:f6:da:6e
Fingerprint (sha256): 67:b0:d4:68:67:4d:1d:25:cf:71:37:7b:fb:36:4f:d8:60:ee:d8:e0:34:9d:6e:c7:2f:b6:0f:92:6c:71:14:1d
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate gemalings.ca
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gemalings.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
arbitragedealer.com
christmas.istlm.com
designtorecycle.com
gemalings.ca
heavenpavement.com
machineguntour.com
medicareinfotexas.com
purposeit.com
renfrolaw.com
christmas.istlm.com
designtorecycle.com
gemalings.ca
heavenpavement.com
machineguntour.com
medicareinfotexas.com
purposeit.com
renfrolaw.com
Other certificates including the domain name gemalings.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for gemalings.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgISAzzz+P7lE9BbskJcJ4bD1fe/MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTQxOTA4NTBaFw0yNDA3MTMxOTA4NDlaMBcxFTATBgNVBAMT DGdlbWFsaW5ncy5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALhB heanRxd4FqdddOt0DlthX958pDgGgWmdM/YP1vzF0nK54BjJpA6eJ3jUSKBexmFB IQMeMTP7sJxF2/2aMPxFNB8kzAyhXVvomzy/iu7E0NIJimL2ibyTVbKae65LanBO VGTId8bkdVY/+Ijvw/A/v3R9qrz6en9MSbd/vDyzeAy7Hy3XuVdOsk/rn/HJLf3x Y24+SvgQImc/BRK4hWKnqatbzqGxmcIHqRNAY+mSGC0DVzH1ennjmTLEaaOQEWqh 7GkegC13beYxPUovRFTRtJyMbNPBkOzmDNgOftS4iALDmW6uWsCeTqe9EawEvJ+z eGG+w+Zi3aEvQUkiWhcCAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUw+SMrxr14mfhIhze4euaA0oWyYowHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w gbUGA1UdEQSBrTCBqoITYXJiaXRyYWdlZGVhbGVyLmNvbYITY2hyaXN0bWFzLmlz dGxtLmNvbYITZGVzaWdudG9yZWN5Y2xlLmNvbYIMZ2VtYWxpbmdzLmNhghJoZWF2 ZW5wYXZlbWVudC5jb22CEm1hY2hpbmVndW50b3VyLmNvbYIVbWVkaWNhcmVpbmZv dGV4YXMuY29tgg1wdXJwb3NlaXQuY29tgg1yZW5mcm9sYXcuY29tMBMGA1UdIAQM MAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYASLDja9qmRzQP 5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO3joPwQAABAMARzBFAiEA6tf6u/zi zlPU5qIy/HSkeef7h+jKDtCfhr9EYiEVpdUCIEuoBPTlGlkzIiNn4nMhTOD7r1zL KgZLHFFQs7kmQWcfAHcAGZgQcQnw1lIuMIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoA AAGO3joRGAAABAMASDBGAiEAlUY93z0mVfrDGipvEpFxHQz8BvRzH3bJlQoHvdCc deECIQC3S5CGFjKvtIxGpaNjaiKLBxPpI7pNaJvxEEC03AaVsjANBgkqhkiG9w0B AQsFAAOCAQEAulBNJUzciqwuo4lRUrFX2ahw7veWlwvLUcpof+MOdQzEKx0QRUZr Ifus/aKbTYrKtlEHKPATBDvwPwzjU3kRIr+dODllQ+0rOu9OT2gNQLLniVA12dXh 1QeKoQSJukPZjVBJRmRSFkBETrKQQXoZqLRqknO3cbSvxY6hRYcCi8/UI/F1ePgO thUNxcrkIdglSjDgYajeS1C4HYr15La6iaiPynBwbBviOqrI6L6LvVGRRFlEoXn+ KfSBtFnydmSTyq2tvK2z5iDesdQGsmkveZNfhRPK/o+ib68RdZmGIoX55ZuZTGbl iQ4x8ihljwA5ULlVSx5w/zgDJFWyPWRpNQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEGF5qdHF3gWp11063QO W2Ff3nykOAaBaZ0z9g/W/MXScrngGMmkDp4neNRIoF7GYUEhAx4xM/uwnEXb/Zow /EU0HyTMDKFdW+ibPL+K7sTQ0gmKYvaJvJNVspp7rktqcE5UZMh3xuR1Vj/4iO/D 8D+/dH2qvPp6f0xJt3+8PLN4DLsfLde5V06yT+uf8ckt/fFjbj5K+BAiZz8FEriF Yqepq1vOobGZwgepE0Bj6ZIYLQNXMfV6eeOZMsRpo5ARaqHsaR6ALXdt5jE9Si9E VNG0nIxs08GQ7OYM2A5+1LiIAsOZbq5awJ5Op70RrAS8n7N4Yb7D5mLdoS9BSSJa FwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 282078095073015119590113234149561490339775 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-14 19:08:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-13 19:08:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gemalings.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23260158734308992324214688799253306066147829429829394147917789781078433146841818275322019846591690663942792579881881269602108029937538300743144730521362818942280055980800742599758028472095553612505272629240696761049643026664936073673717872949568544333671951248835943833628386427321680851032946253823099083546751752422112509673308336010144225429637562516993504993433429164457460533403049813092714786014780458101274736292566811275876144234652198354084282785031925917244324982062146455606308071212175079503611047584927667777433254567800694782164942362264652667662584495674216969209919205017256624927279962566715899009559 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c3e48caf1af5e267e1221cdee1eb9a034a16c98a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (173 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitragedealer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'christmas.istlm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'designtorecycle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gemalings.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heavenpavement.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'machineguntour.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medicareinfotexas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purposeit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'renfrolaw.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ede3a0fc10000040300473045022100ead7fabbfce2ce53d4e6a232fc74a479e7fb87e8ca0ed09f86bf44622115a5d502204ba804f4e51a5933222367e273214ce0fbaf5ccb2a064b1c5150b3b92641671f0077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018ede3a1118000004030048304602210095463ddf3d2655fac31a2a6f1291711d0cfc06f4731f76c9950a07bdd09c75e1022100b74b90861632afb48c46a5a3636a228b0713e923ba4d689bf11040b4dc0695b2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ba504d254cdc8aac2ea3895152b157d9a870eef796970bcb51ca687fe30e750cc42b1d1045466b21fbacfda29b4d8acab6510728f013043bf03f0ce353791122bf9d38396543ed2b3aef4e4f680d40b2e7895035d9d5e1d5078aa10489ba43d98d50494664521640444eb290417a19a8b46a9273b771b4afc58ea14587028bcfd423f17578f80eb6150dc5cae421d8254a30e061a8de4b50b81d8af5e4b6ba89a88fca70706c1be23aaac8e8be8bbd5191445944a179fe29f481b459f2766493caadadbcadb3e620deb1d406b2692f79935f8513cafe8fa26faf117599862285f9e59b994c66e5890e31f228658f003950b9554b1e70ff38032455b23d646935