okedai.com
Issued by R3
About this certificate
This digital certificate with serial number 04:5f:58:93:32:47:df:fb:7d:44:0f:11:99:b4:7d:92:4b:8a was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=okedai.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5f:58:93:32:47:df:fb:7d:44:0f:11:99:b4:7d:92:4b:8aSerial Number (int): 380893704935612416742211561882869910621066
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ec:a9:5c:c7:be:a3:6e:2c:79:38:65:d0:4e:df:1d:d2:8e:6b:1a:27
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): eb:89:17:68:d6:54:a9:a8:df:2d:f2:31:84:f4:94:74:61:bb:2c:9e
Fingerprint (sha256): 70:8b:15:2f:d2:cc:d8:15:e8:4b:0e:89:ee:5f:f4:24:c0:77:8c:31:fd:16:e4:96:87:4c:1c:ee:41:4b:01:4d
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate okedai.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for okedai.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
okedai.com
Other certificates including the domain name okedai.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for okedai.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgISBF9YkzJH3/t9RA8RmbR9kkuKMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTYxNDIwMThaFw0yNDAzMTUxNDIwMTdaMBUxEzARBgNVBAMT Cm9rZWRhaS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7FBSp ddEhfTZmUIljf57j1BshH+bMA5wf/PUCW618i7xeWXktzUSZFbxac2PM9+dE2AMw SCKfv2xsGKpSIZZ/j4poPX0bokyej3BFbzNE3ss0NjtfOkouLy3ur1tsXQIyiWni 0oSJfx2uPSc2N87X/g83zL1J/VEi9r/7mZtkTTq1JgQHEiPp+37+zWbWr6i0nyr7 fkRBkGNakPVeAb2jcQ92BCXCLrkI31U2utvHxiE0gnyYqeFHgnPps8QUWVHRgtw6 NCdHU8xuJ90tOthGEh6u/IZZf19iZIiJwH8L9TssCsU2SVKkOVda+ZGcobmMU2ZX 5vemu8nI1TbJskFrAgMBAAGjggIOMIICCjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FOypXMe+o24seThl0E7fHdKOaxonMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBUG A1UdEQQOMAyCCm9rZWRhaS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEGBgor BgEEAdZ5AgQCBIH3BIH0APIAdwCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3ivia bfUX2AAAAYxzNsV5AAAEAwBIMEYCIQCFim55ArwJlXbbF1ZJqdaWfDXvxR+J3iNI Yy+vtWcsVQIhAKoTZKoiI8FBe+0QHOQaz62GZpR1bGXBwgkfpC1C/bJGAHcA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMczbFbgAABAMASDBGAiEA skX8DIC2c6lyK2WdJgSbyQaKkc9KGio+7uLGYKBQyT8CIQCwjQjHhH1IiTRktqUH 0QYWhmABkbVrBXp9fjBqkvxQOjANBgkqhkiG9w0BAQsFAAOCAQEAuYCJZs4AQ4xA lSeq/DfUTyxq4CqdjXfiZr/+9RB9Q9PCPVFO9GoXJogA8vfsTQtvSwvfYtDDDmaf 2rEQQ5tmEIL9pc2ZOJA5Nlzpi1KyZWcG/ZV7B2RXPr/YFT8m3gvS31+Cy5q72+k/ EQnbTF0Kjn4VJ5xeXWZxoJfGTPxVVlNmeelLM4jD44Vxkb16Fb6xrxDycunnkhpk npoVdkPWWOGQrFNgY4CG4cgQ+kUVdSERL5OFe6/Hgk+DOf04ayI5orusxPXMOpDn P4TmENlimpfE4la1CGNw55HNm4p2nbxj+siRGWuy/mcdmOZakZ11h2272xDaC2ID XzDvkSmgSg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxQUqXXRIX02ZlCJY3+e 49QbIR/mzAOcH/z1AlutfIu8Xll5Lc1EmRW8WnNjzPfnRNgDMEgin79sbBiqUiGW f4+KaD19G6JMno9wRW8zRN7LNDY7XzpKLi8t7q9bbF0CMolp4tKEiX8drj0nNjfO 1/4PN8y9Sf1RIva/+5mbZE06tSYEBxIj6ft+/s1m1q+otJ8q+35EQZBjWpD1XgG9 o3EPdgQlwi65CN9VNrrbx8YhNIJ8mKnhR4Jz6bPEFFlR0YLcOjQnR1PMbifdLTrY RhIervyGWX9fYmSIicB/C/U7LArFNklSpDlXWvmRnKG5jFNmV+b3prvJyNU2ybJB awIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 380893704935612416742211561882869910621066 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-16 14:20:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-15 14:20:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'okedai.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23616465196186465245094228598770062682818258893496708072757548242230587034039473228637637587594382324293758135006678618264347697467248701279168085795264246594495930306851374938694230036364105209228197367902070651450888727711001851630957106733538131233249912090056622890097320519520955293361626564751745708957832296493897699481810212664088425092386460802265532931662569174196076498892375824349363161713049515093638278714521455575300383666251524520177530321601476097042981909973315621352512681312751227574610425539114241541898977888870637621937413231280097933780527045379430575716451689752327093755704556123382342631787 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eca95cc7bea36e2c793865d04edf1dd28e6b1a27 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okedai.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c7336c5790000040300483046022100858a6e7902bc099576db175649a9d6967c35efc51f89de2348632fafb5672c55022100aa1364aa2223c1417bed101ce41acfad866694756c65c1c2091fa42d42fdb246007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c7336c56e0000040300483046022100b245fc0c80b673a9722b659d26049bc9068a91cf4a1a2a3eeee2c660a050c93f022100b08d08c7847d48893464b6a507d1061686600191b56b057a7d7e306a92fc503a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b9808966ce00438c409527aafc37d44f2c6ae02a9d8d77e266bffef5107d43d3c23d514ef46a17268800f2f7ec4d0b6f4b0bdf62d0c30e669fdab110439b661082fda5cd99389039365ce98b52b2656706fd957b0764573ebfd8153f26de0bd2df5f82cb9abbdbe93f1109db4c5d0a8e7e15279c5e5d6671a097c64cfc5556536679e94b3388c3e3857191bd7a15beb1af10f272e9e7921a649e9a157643d658e190ac5360638086e1c810fa45157521112f93857bafc7824f8339fd386b2239a2bbacc4f5cc3a90e73f84e610d9629a97c4e256b5086370e791cd9b8a769dbc63fac891196bb2fe671d98e65a919d75876dbbdb10da0b62035f30ef9129a04a