www.jackfung.com
Issued by R3
About this certificate
This digital certificate with serial number 03:d4:29:8d:b3:0e:7e:d9:e6:c3:02:7a:4f:9e:8b:4d:39:5e was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.jackfung.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:d4:29:8d:b3:0e:7e:d9:e6:c3:02:7a:4f:9e:8b:4d:39:5eSerial Number (int): 333531953675903701022322431335713947335006
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6e:a0:81:49:75:a0:4c:2d:fd:13:ef:c7:35:9c:e5:18:93:17:17:51
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 53:db:a4:cc:3e:f4:58:b2:04:82:d4:d6:8e:97:4f:30:1b:36:cf:64
Fingerprint (sha256): 69:c1:af:73:5c:63:1a:ec:c1:11:fd:ef:66:4c:1a:bf:2c:d5:a8:4d:bc:91:14:a1:dd:61:eb:a0:4d:80:39:75
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.jackfung.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.jackfung.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
jackfung.com
photo.jackfung.com
www.jackfung.com
photo.jackfung.com
www.jackfung.com
Other certificates including the domain name jackfung.com
(limited to 100 certificates)
jackfung.com
jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
photo.jackfung.com
www.jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
photo.jackfung.com
www.jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
photo.jackfung.com
jackfung.com
jackfung.com
photo.jackfung.com
photo.jackfung.com
jackfung.com
www.jackfung.com
photo.jackfung.com
Certificate
The complete raw certificate details for www.jackfung.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISA9QpjbMOftnmwwJ6T56LTTleMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MzAxNzUxNTJaFw0yNDA3MjkxNzUxNTFaMBsxGTAXBgNVBAMT EHd3dy5qYWNrZnVuZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDlneJeD5aAW88G49eskI2RcpS/DLNeyWmuAlAJg7ii0tT504PsPxq4L4xp28vQ BOWQkXaQi/xIH3DFu+nA7xd7PlYwqcHhAEPqiFOO6Ur7eCODypGYWiXYiAWrw/8I nZfvMsnFWfiy7DbppvRBc1766BXj8bDYaG57he5adjdwYqedgZ7ZQrlCmrkbS0Hy 78GQDbVYu+IEOHboQU8ZdIomGCIuB41JlrCai6Jm13UMhkk6I3SF7YbQ/Y266XXa Q8z9MJPtSrXj1kj87GWlLEmicBDWtE2z/VEvlWHIBwrAw9PknAgnFdwe6uUlJHuh FvM87ivdIrUYI2M1zpUdaXhZAgMBAAGjggI0MIICMDAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFG6ggUl1oEwt/RPvxzWc5RiTFxdRMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMD0GA1UdEQQ2MDSCDGphY2tmdW5nLmNvbYIScGhvdG8uamFja2Z1bmcuY29t ghB3d3cuamFja2Z1bmcuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYB BAHWeQIEAgSB9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznY hHMAAAGPMFlWiAAABAMARzBFAiEAhqr0iRXC3ulyPOzZG03XHZPSy3V4/T4cMfI3 hOMWhNQCIBpqNd7lg4JzYatBZ07c75CEv7w09JH+ZrJptTgetolnAHYAPxdLT9ci R1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPMFlWlgAABAMARzBFAiEAi31z LGLnm/u9i0hiGnh0yosoodet0ZRfytTHmQvRBDsCICVSxuHtX7qJTdp2i5ZaMadD TQr3Z5KG8/vBCgCjTFw0MA0GCSqGSIb3DQEBCwUAA4IBAQBnR9I7oB56IlYuF59Z 8DCSMjuiRYGn0ufBj79BCE+8l/uJBfc2Y24Kbi8bQU/YZNdmrJvWx4EILYzhWhOB NmFuFprYzxigoJqTKOpnCw9NUg3w/m989ZtmpjL91QSUc2DR9Pv5K5WLbcCPwm2F R0eei14AW9OlT6qj2oG4XLu9eTja1x5LmBQCLS4qJ6O8L+n+2s7InyQez7q5Gplc 4UQVeFnx6g69x+ZA/PDXAgqqqVSY5FgB1spXyBcrWUR/q/owx0qSlboD6mvZl8sw NIhv4lXK7nQHa0gT36LmeigqBq/Wk7jlRhgfHclyV8zUNaLxIFe8YCXUAQF5GOj8 1/wV -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Z3iXg+WgFvPBuPXrJCN kXKUvwyzXslprgJQCYO4otLU+dOD7D8auC+MadvL0ATlkJF2kIv8SB9wxbvpwO8X ez5WMKnB4QBD6ohTjulK+3gjg8qRmFol2IgFq8P/CJ2X7zLJxVn4suw26ab0QXNe +ugV4/Gw2Ghue4XuWnY3cGKnnYGe2UK5Qpq5G0tB8u/BkA21WLviBDh26EFPGXSK JhgiLgeNSZawmouiZtd1DIZJOiN0he2G0P2Nuul12kPM/TCT7Uq149ZI/OxlpSxJ onAQ1rRNs/1RL5VhyAcKwMPT5JwIJxXcHurlJSR7oRbzPO4r3SK1GCNjNc6VHWl4 WQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 333531953675903701022322431335713947335006 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-30 17:51:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-29 17:51:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.jackfung.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28986427461514409488785658572477799406680962406492534591963644087873023051327319710051687664391302371775744019348578490272490725418696321128812652996215025242335013928535660946455604582191830434052455197038812582288484439858843415157162618890607492585338667813631881662107362580777768409367884594282521836681589516876504414695053667811224382989774864352270361974028280630646531376884500338361661027774535164920438096762845714871945182258344090154378938151181436366655231606649763423925810632521085612818465124726305243141329490077541059010417848532369822013622267996291075621554581247285944268105121527179985686198361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6ea0814975a04c2dfd13efc7359ce51893171751 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jackfung.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photo.jackfung.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jackfung.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f30595688000004030047304502210086aaf48915c2dee9723cecd91b4dd71d93d2cb7578fd3e1c31f23784e31684d402201a6a35dee583827361ab41674edcef9084bfbc34f491fe66b269b5381eb689670076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f3059569600000403004730450221008b7d732c62e79bfbbd8b48621a7874ca8b28a1d7add1945fcad4c7990bd1043b02202552c6e1ed5fba894dda768b965a31a7434d0af7679286f3fbc10a00a34c5c34 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006747d23ba01e7a22562e179f59f03092323ba24581a7d2e7c18fbf41084fbc97fb8905f736636e0a6e2f1b414fd864d766ac9bd6c781082d8ce15a138136616e169ad8cf18a0a09a9328ea670b0f4d520df0fe6f7cf59b66a632fdd504947360d1f4fbf92b958b6dc08fc26d8547479e8b5e005bd3a54faaa3da81b85cbbbd7938dad71e4b9814022d2e2a27a3bc2fe9fedacec89f241ecfbab91a995ce144157859f1ea0ebdc7e640fcf0d7020aaaa95498e45801d6ca57c8172b59447fabfa30c74a9295ba03ea6bd997cb3034886fe255caee74076b4813dfa2e67a282a06afd693b8e546181f1dc97257ccd435a2f12057bc6025d401017918e8fcd7fc15