www.jackfung.com

Issued by R3

About this certificate

This digital certificate with serial number 03:d4:29:8d:b3:0e:7e:d9:e6:c3:02:7a:4f:9e:8b:4d:39:5e was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.jackfung.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:d4:29:8d:b3:0e:7e:d9:e6:c3:02:7a:4f:9e:8b:4d:39:5e
Serial Number (int): 333531953675903701022322431335713947335006
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 6e:a0:81:49:75:a0:4c:2d:fd:13:ef:c7:35:9c:e5:18:93:17:17:51
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 53:db:a4:cc:3e:f4:58:b2:04:82:d4:d6:8e:97:4f:30:1b:36:cf:64
Fingerprint (sha256): 69:c1:af:73:5c:63:1a:ec:c1:11:fd:ef:66:4c:1a:bf:2c:d5:a8:4d:bc:91:14:a1:dd:61:eb:a0:4d:80:39:75

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.jackfung.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.jackfung.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

jackfung.com
photo.jackfung.com
www.jackfung.com

Other certificates including the domain name jackfung.com

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.jackfung.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISA9QpjbMOftnmwwJ6T56LTTleMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MzAxNzUxNTJaFw0yNDA3MjkxNzUxNTFaMBsxGTAXBgNVBAMT
EHd3dy5qYWNrZnVuZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlneJeD5aAW88G49eskI2RcpS/DLNeyWmuAlAJg7ii0tT504PsPxq4L4xp28vQ
BOWQkXaQi/xIH3DFu+nA7xd7PlYwqcHhAEPqiFOO6Ur7eCODypGYWiXYiAWrw/8I
nZfvMsnFWfiy7DbppvRBc1766BXj8bDYaG57he5adjdwYqedgZ7ZQrlCmrkbS0Hy
78GQDbVYu+IEOHboQU8ZdIomGCIuB41JlrCai6Jm13UMhkk6I3SF7YbQ/Y266XXa
Q8z9MJPtSrXj1kj87GWlLEmicBDWtE2z/VEvlWHIBwrAw9PknAgnFdwe6uUlJHuh
FvM87ivdIrUYI2M1zpUdaXhZAgMBAAGjggI0MIICMDAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFG6ggUl1oEwt/RPvxzWc5RiTFxdRMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMD0GA1UdEQQ2MDSCDGphY2tmdW5nLmNvbYIScGhvdG8uamFja2Z1bmcuY29t
ghB3d3cuamFja2Z1bmcuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYB
BAHWeQIEAgSB9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznY
hHMAAAGPMFlWiAAABAMARzBFAiEAhqr0iRXC3ulyPOzZG03XHZPSy3V4/T4cMfI3
hOMWhNQCIBpqNd7lg4JzYatBZ07c75CEv7w09JH+ZrJptTgetolnAHYAPxdLT9ci
R1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPMFlWlgAABAMARzBFAiEAi31z
LGLnm/u9i0hiGnh0yosoodet0ZRfytTHmQvRBDsCICVSxuHtX7qJTdp2i5ZaMadD
TQr3Z5KG8/vBCgCjTFw0MA0GCSqGSIb3DQEBCwUAA4IBAQBnR9I7oB56IlYuF59Z
8DCSMjuiRYGn0ufBj79BCE+8l/uJBfc2Y24Kbi8bQU/YZNdmrJvWx4EILYzhWhOB
NmFuFprYzxigoJqTKOpnCw9NUg3w/m989ZtmpjL91QSUc2DR9Pv5K5WLbcCPwm2F
R0eei14AW9OlT6qj2oG4XLu9eTja1x5LmBQCLS4qJ6O8L+n+2s7InyQez7q5Gplc
4UQVeFnx6g69x+ZA/PDXAgqqqVSY5FgB1spXyBcrWUR/q/owx0qSlboD6mvZl8sw
NIhv4lXK7nQHa0gT36LmeigqBq/Wk7jlRhgfHclyV8zUNaLxIFe8YCXUAQF5GOj8
1/wV
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Z3iXg+WgFvPBuPXrJCN
kXKUvwyzXslprgJQCYO4otLU+dOD7D8auC+MadvL0ATlkJF2kIv8SB9wxbvpwO8X
ez5WMKnB4QBD6ohTjulK+3gjg8qRmFol2IgFq8P/CJ2X7zLJxVn4suw26ab0QXNe
+ugV4/Gw2Ghue4XuWnY3cGKnnYGe2UK5Qpq5G0tB8u/BkA21WLviBDh26EFPGXSK
JhgiLgeNSZawmouiZtd1DIZJOiN0he2G0P2Nuul12kPM/TCT7Uq149ZI/OxlpSxJ
onAQ1rRNs/1RL5VhyAcKwMPT5JwIJxXcHurlJSR7oRbzPO4r3SK1GCNjNc6VHWl4
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 333531953675903701022322431335713947335006
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-30 17:51:52 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-29 17:51:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.jackfung.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28986427461514409488785658572477799406680962406492534591963644087873023051327319710051687664391302371775744019348578490272490725418696321128812652996215025242335013928535660946455604582191830434052455197038812582288484439858843415157162618890607492585338667813631881662107362580777768409367884594282521836681589516876504414695053667811224382989774864352270361974028280630646531376884500338361661027774535164920438096762845714871945182258344090154378938151181436366655231606649763423925810632521085612818465124726305243141329490077541059010417848532369822013622267996291075621554581247285944268105121527179985686198361
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6ea0814975a04c2dfd13efc7359ce51893171751
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jackfung.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photo.jackfung.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jackfung.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f30595688000004030047304502210086aaf48915c2dee9723cecd91b4dd71d93d2cb7578fd3e1c31f23784e31684d402201a6a35dee583827361ab41674edcef9084bfbc34f491fe66b269b5381eb689670076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f3059569600000403004730450221008b7d732c62e79bfbbd8b48621a7874ca8b28a1d7add1945fcad4c7990bd1043b02202552c6e1ed5fba894dda768b965a31a7434d0af7679286f3fbc10a00a34c5c34
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006747d23ba01e7a22562e179f59f03092323ba24581a7d2e7c18fbf41084fbc97fb8905f736636e0a6e2f1b414fd864d766ac9bd6c781082d8ce15a138136616e169ad8cf18a0a09a9328ea670b0f4d520df0fe6f7cf59b66a632fdd504947360d1f4fbf92b958b6dc08fc26d8547479e8b5e005bd3a54faaa3da81b85cbbbd7938dad71e4b9814022d2e2a27a3bc2fe9fedacec89f241ecfbab91a995ce144157859f1ea0ebdc7e640fcf0d7020aaaa95498e45801d6ca57c8172b59447fabfa30c74a9295ba03ea6bd997cb3034886fe255caee74076b4813dfa2e67a282a06afd693b8e546181f1dc97257ccd435a2f12057bc6025d401017918e8fcd7fc15