*.cantamayec.gob.mx
Issued by R3
About this certificate
This digital certificate with serial number 03:88:be:d5:42:28:da:59:1a:91:0a:d1:9c:1d:3d:df:83:8a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.cantamayec.gob.mx
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:88:be:d5:42:28:da:59:1a:91:0a:d1:9c:1d:3d:df:83:8aSerial Number (int): 307868920316834108698604151887887324906378
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f4:fe:8c:37:fb:19:f4:55:74:82:62:de:3e:ca:3d:47:5d:0f:ba:b2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ca:69:6d:2d:b2:f2:b2:fc:04:c6:75:34:22:9f:7c:55:72:b9:a3:a2
Fingerprint (sha256): 68:49:26:39:a5:bd:98:ec:e6:6c:90:58:8a:e9:ca:05:07:c3:ad:55:06:8c:a4:8a:05:79:3e:52:35:47:d8:bf
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.cantamayec.gob.mx
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.cantamayec.gob.mx
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.cantamayec.gob.mx
cantamayec.gob.mx
cantamayec.gob.mx
Other certificates including the domain name cantamayec.gob.mx
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.cantamayec.gob.mx in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISA4i+1UIo2lkakQrRnB0934OKMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjkxNDEyMzNaFw0yNDAxMjcxNDEyMzJaMB4xHDAaBgNVBAMM EyouY2FudGFtYXllYy5nb2IubXgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDPC3Kc9I49sc2SKgD6d1pjTf6JKiOQOs8rNiOpnqY8ZTfSEvwMSm/SnT0j aKcfZzlFEJj/aeAw0PrSAiA1BqgL1I9e6oAjQPRUZh+nOhyVnFxnjf1/kui6wwtv W9SUOe5+XG4RKlwcRarGhxNgW+HMH43WRC67oikwQNDVcidQH2gHQzGjiMLvZcvo dkyK6NdPSsdq4zZ9iGck95Xd4HwB9Rh+4RAMbfgc6RQX5rjNYKeNxUtm9B5oFc0x ZsS44TAGom3H53T4txaf/FdaACb1Ki2OfdOur7ZxJWWKAG92ES1h2P2up63ZQIAS 31RdbJEsv+UdMigcrhGmSUQ4xVX7AgMBAAGjggIpMIICJTAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFPT+jDf7GfRVdIJi3j7KPUddD7qyMB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMDEGA1UdEQQqMCiCEyouY2FudGFtYXllYy5nb2IubXiCEWNhbnRhbWF5 ZWMuZ29iLm14MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB 9gSB8wDxAHcA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGLe/5s zQAABAMASDBGAiEAtTp6nPv/4oYnsq7xBpD/n9+/qdvboaWmShJwntvPThUCIQDv Y88EwZ9czbh/99x1e9aRm0C7AXQYkEgZ+JBK+Y7BtgB2AHb/iD8KtvuVUcJhzPWH ujS0pM27KdxoQgqf5mdMWjp0AAABi3v+bP8AAAQDAEcwRQIhAJZdelj55lmUAtBV M/WYpXllps+0eN1Ouy76lgR7STCOAiANuDjTc82QOAlpJWaXUD4eeLwK42CN06Iu lEILURxQ2jANBgkqhkiG9w0BAQsFAAOCAQEAsEeTYzAMUdh3S0CME6CWiCaVEUsI 46XVkrFtL4j9KMPDmYkbHcwOswTixeIAlmfKq+YKSw6LPMEH+1R0ndEGcrAJLv4C QKUQ1AHK/bKWS8rz8sCSFr2J/xNnkcE3ZOk92IArwbanqXG1ah9Oodpbwunq3HBG engBrrUECe38ZunlI8rbD0s1iy7AzNkZ13wDrdaXtrZjk8Rfb6MNRLeuIW1/JH1l sDv9veGHuUUKa/UNVik1C0tVvyJYMHHLm1DppsUHzlxPUV1oCwpRadacycgDy16x ugQWwOEJm1HcKiuqVpfM3ONWflmkm0SH8ZKHJbeWvwOpUfxGR7Zv9jByfQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwtynPSOPbHNkioA+nda Y03+iSojkDrPKzYjqZ6mPGU30hL8DEpv0p09I2inH2c5RRCY/2ngMND60gIgNQao C9SPXuqAI0D0VGYfpzoclZxcZ439f5LousMLb1vUlDnuflxuESpcHEWqxocTYFvh zB+N1kQuu6IpMEDQ1XInUB9oB0Mxo4jC72XL6HZMiujXT0rHauM2fYhnJPeV3eB8 AfUYfuEQDG34HOkUF+a4zWCnjcVLZvQeaBXNMWbEuOEwBqJtx+d0+LcWn/xXWgAm 9Sotjn3Trq+2cSVligBvdhEtYdj9rqet2UCAEt9UXWyRLL/lHTIoHK4RpklEOMVV +wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 307868920316834108698604151887887324906378 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-29 14:12:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-27 14:12:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.cantamayec.gob.mx' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26136974202911442119177891605782678959773049476041935722822707536325534276400930426927892443207108206956247454033516424458847598381620067405371323541154097178805715905389827946935934031297311718198881868787717613738713538357633970785919020357587329550059623846670430074756903526476528201689095676534008903004303365040591705684174431018042515751805126313876571246367833697511398346268092692274382887415643812858602964093431923640740910905106090374571149429328960492228243138570650815183213275054841548118752172828184330261404509416319085199023557951704926536667855004214066706337050819488418157838835652097514133607931 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4fe8c37fb19f455748262de3eca3d475d0fbab2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cantamayec.gob.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cantamayec.gob.mx' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b7bfe6ccd0000040300483046022100b53a7a9cfbffe28627b2aef10690ff9fdfbfa9dbdba1a5a64a12709edbcf4e15022100ef63cf04c19f5ccdb87ff7dc757bd6919b40bb017418904819f8904af98ec1b600760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b7bfe6cff0000040300473045022100965d7a58f9e6599402d05533f598a57965a6cfb478dd4ebb2efa96047b49308e02200db838d373cd90380969256697503e1e78bc0ae3608dd3a22e94420b511c50da . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b0479363300c51d8774b408c13a096882695114b08e3a5d592b16d2f88fd28c3c399891b1dcc0eb304e2c5e2009667caabe60a4b0e8b3cc107fb54749dd10672b0092efe0240a510d401cafdb2964bcaf3f2c09216bd89ff136791c13764e93dd8802bc1b6a7a971b56a1f4ea1da5bc2e9eadc70467a7801aeb50409edfc66e9e523cadb0f4b358b2ec0ccd919d77c03add697b6b66393c45f6fa30d44b7ae216d7f247d65b03bfdbde187b9450a6bf50d5629350b4b55bf22583071cb9b50e9a6c507ce5c4f515d680b0a5169d69cc9c803cb5eb1ba0416c0e1099b51dc2a2baa5697ccdce3567e59a49b4487f1928725b796bf03a951fc4647b66ff630727d