centrahq.com
Issued by R3
About this certificate
This digital certificate with serial number 03:a8:4a:50:15:49:85:b6:db:60:36:8a:e8:db:db:ca:ca:74 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=centrahq.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a8:4a:50:15:49:85:b6:db:60:36:8a:e8:db:db:ca:ca:74Serial Number (int): 318603074125190808469528658411357542730356
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 74:e0:64:3e:e3:62:9c:52:b4:36:bd:fe:40:3c:a4:fc:90:de:99:3b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c0:d5:8c:de:94:00:04:42:ad:dd:d0:e3:2b:20:ee:13:6e:1c:30:a1
Fingerprint (sha256): 70:4b:b5:8f:15:1d:76:1e:82:3d:50:fd:ef:0c:d9:30:47:5c:60:a8:06:1b:a7:7a:40:7b:9d:bf:a8:b6:8c:7d
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate centrahq.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for centrahq.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
centrahq.com
Other certificates including the domain name centrahq.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for centrahq.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgISA6hKUBVJhbbbYDaK6Nvbysp0MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjEwMDUyMzBaFw0yNDA2MTkwMDUyMjlaMBcxFTATBgNVBAMT DGNlbnRyYWhxLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/w SfJpa5j6GH0fAKGaTK3iMgrQxl7KpPCQEyLpIIC2ZPau/Xo5pFAT939GN9WGbtue AzcXtMgm9OL7iGHKVnCU17iF0V7abOC4awOjbX4AI9aq693u2iAVjpeM8ws6uUOD wWgDAaKW2eiIw5N/0fMkGYoCnxRSFMtWaGjFxPqXLEtJLr6aIdPpTK6DK3MNvbC9 4vuowXcbxYB1iw2rlx7pZqms4VYKHwW7MlIKBA+CO/ImUH/IuuIoCOYumdDUC4Dg ajX9A8DtglAXhljYFhiSBq15xal28zYty6JpYBTIMfrlJ/6Bok5Ylcjq3idhmp/m w7Cuf+TMHhYCmAzzDekCAwEAAaOCAg4wggIKMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUdOBkPuNinFK0Nr3+QDyk/JDemTswHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w FwYDVR0RBBAwDoIMY2VudHJhaHEuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB 2bu/qznYhHMAAAGOXrW0aAAABAMARzBFAiAGvHzDQpl79f2rfJMxCCChn0JNWScj 8yibNNBKDcmpdwIhAKMAXnolS23fZho/HCUn93xYs9222usShz3dAo0McXYDAHYA dv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGOXrW0rAAABAMARzBF AiAY8SuYKMM5CZ9cDw0OINBmGk+FN8UTETTCXvoJcN2QkAIhANWWKXSqKLGYbdJP w/rvpnCVB4VSXl7bjmqGIZtZtaurMA0GCSqGSIb3DQEBCwUAA4IBAQBlGy4CY4nm Qr4o7kSnW9nGF0wkmGozu4vxh59a12zrcwRsj7SdK5MiIIt55ux0fBExHZ2j9LOV Or8In+hAzLDx2pEQJOFuokY4zo6mS+OVzus3qbI+PJxIShlrmQtN+U4JRhFzPKVv lgra7NdMvXUiYZWrRqULD/0Y5qufPzCbVygVtcRYBmoOjgphiOYaK5LyCbLNA9Wf KkQyHFWaaR00RVGKhiv26noIAfLojheaJsJXrXY7OfN27IaSvKPLgYbTPpWurCgc peS89BvdI8sDu2TtST1RKHLGONcK9iv1ieJIBFlb1nxl6OE9JHtxxty76FxVzoYM yehi16zOJASq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/BJ8mlrmPoYfR8AoZpM reIyCtDGXsqk8JATIukggLZk9q79ejmkUBP3f0Y31YZu254DNxe0yCb04vuIYcpW cJTXuIXRXtps4LhrA6NtfgAj1qrr3e7aIBWOl4zzCzq5Q4PBaAMBopbZ6IjDk3/R 8yQZigKfFFIUy1ZoaMXE+pcsS0kuvpoh0+lMroMrcw29sL3i+6jBdxvFgHWLDauX HulmqazhVgofBbsyUgoED4I78iZQf8i64igI5i6Z0NQLgOBqNf0DwO2CUBeGWNgW GJIGrXnFqXbzNi3LomlgFMgx+uUn/oGiTliVyOreJ2Gan+bDsK5/5MweFgKYDPMN 6QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 318603074125190808469528658411357542730356 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-21 00:52:30 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-19 00:52:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'centrahq.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24230007099211319446665471284849853271333778984796946241618058060809186602583273534189035247443046165592056074975963735696209953554308980993805542185458677846842358569525219040130717311079276074352381439816365397595908606054485533829748363171229131241212120171836913160441359786120743544746455479972559163407402956850671008913333838295517114192461950386472362302693450038277278110907017925718985349023245516906373096899371578082889480763445407502891200741092999348904307290390777907890649071649180612175936712005781034245393470685519336882042592747817785018495567981775210951359593247431416163634911098865198359055849 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 74e0643ee3629c52b436bdfe403ca4fc90de993b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'centrahq.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e5eb5b4680000040300473045022006bc7cc342997bf5fdab7c93310820a19f424d592723f3289b34d04a0dc9a977022100a3005e7a254b6ddf661a3f1c2527f77c58b3ddb6daeb12873ddd028d0c71760300760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e5eb5b4ac0000040300473045022018f12b9828c339099f5c0f0d0e20d0661a4f8537c5131134c25efa0970dd9090022100d5962974aa28b1986dd24fc3faefa670950785525e5edb8e6a86219b59b5abab . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00651b2e026389e642be28ee44a75bd9c6174c24986a33bb8bf1879f5ad76ceb73046c8fb49d2b9322208b79e6ec747c11311d9da3f4b3953abf089fe840ccb0f1da911024e16ea24638ce8ea64be395ceeb37a9b23e3c9c484a196b990b4df94e094611733ca56f960adaecd74cbd75226195ab46a50b0ffd18e6ab9f3f309b572815b5c458066a0e8e0a6188e61a2b92f209b2cd03d59f2a44321c559a691d3445518a862bf6ea7a0801f2e88e179a26c257ad763b39f376ec8692bca3cb8186d33e95aeac281ca5e4bcf41bdd23cb03bb64ed493d512872c638d70af62bf589e24804595bd67c65e8e13d247b71c6dcbbe85c55ce860cc9e862d7acce2404aa