heavy.lol
Issued by R3
About this certificate
This digital certificate with serial number 04:0f:98:b0:f3:97:15:ae:7a:2d:eb:53:b9:f8:5b:68:8b:8e was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=heavy.lol
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:0f:98:b0:f3:97:15:ae:7a:2d:eb:53:b9:f8:5b:68:8b:8eSerial Number (int): 353756340671057169223074677844762507643790
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: dc:a3:7a:52:49:29:0b:a3:0e:fe:21:4e:3d:f3:29:f3:87:b0:51:aa
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 0f:7e:cf:5d:18:e7:e3:85:c1:18:bf:de:25:e1:1b:6a:5c:80:6c:29
Fingerprint (sha256): 71:a2:a0:f4:d1:d0:93:a4:3a:ff:a2:18:5b:be:5d:93:84:be:47:67:36:78:29:3b:4a:cb:d8:90:90:4e:fe:c4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate heavy.lol
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for heavy.lol
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
arbitrageer.com
bombinthebrain.com
globaleinvest.com
heavy.lol
vintageatv.com
washingtonwomensnetwork.org.8sv.com
bombinthebrain.com
globaleinvest.com
heavy.lol
vintageatv.com
washingtonwomensnetwork.org.8sv.com
Other certificates including the domain name heavy.lol
(limited to 100 certificates)
Certificate
The complete raw certificate details for heavy.lol in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFTDCCBDSgAwIBAgISBA+YsPOXFa56LetTufhbaIuOMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjAwMDE0NTJaFw0yNDAzMTkwMDE0NTFaMBQxEjAQBgNVBAMT CWhlYXZ5LmxvbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQU/sWd fwfiwkDDcFo1kz69+TOrxEQfJsZ86uO8BXjyxn3OPL1XDZQRPzvzDmsdBFnN1KB2 PxOjx33LMl4BMW41j14nqvLPMPm7F3/E0kNCkYi5BGHO25WxNDQr7ix7eQ0kJSY9 MQ+O7ECsuzcywu20Iz7WjrykJ03pmN6FHD1i8XCv3RhXM5UvDsFIerhCn0YVx0Um rirQy86RCWJ4Y+rG3ssn8hNEuReAHg1TWssohd2v+vxmN36rlUUOyYkRvfwLjgaS 5RYrsKvGLCNquPjB7oLUENXSRBp3WRS5RHD/MkXI1nCLT5otm+mwXl+CQajyvdoi VI0Zwn4tai2Tnv8CAwEAAaOCAngwggJ0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU 3KN6UkkpC6MO/iFOPfMp84ewUaowHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgYEG A1UdEQR6MHiCD2FyYml0cmFnZWVyLmNvbYISYm9tYmludGhlYnJhaW4uY29tghFn bG9iYWxlaW52ZXN0LmNvbYIJaGVhdnkubG9sgg52aW50YWdlYXR2LmNvbYIjd2Fz aGluZ3RvbndvbWVuc25ldHdvcmsub3JnLjhzdi5jb20wEwYDVR0gBAwwCjAIBgZn gQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQDuzdBk1dsazsVct520zROi ModGfLzs3sNRSFlGcR+1mwAAAYyEyjG7AAAEAwBGMEQCIHuvnZ03/EOyivnIlkHq nNCMl/HnPmWpSMLRr1DDfoJuAiAtOUl5Bq4//H+AScOnzeYFzEdAzqDpKSW6MMkp LOFHjgB2ACnQOhu2dKpxHNMDW2VXwU+Kp4tP6DiUSeykU/lEvSRoAAABjITKMnoA AAQDAEcwRQIhAJlSCXca1IYlJvKxpauq7uppuE5gk5MLG6/KrsBv0V7VAiAqWHQq tnBb48MGQYPyctHKZgwPDORdDyvQowm5fxyTxzANBgkqhkiG9w0BAQsFAAOCAQEA BUoBy+nBRniI1FnrHOgEkwd+6AsL4/xwGqd1wplxtgvcAA4r3ds5qvqm/LOoIXoC qd6zHlTg6Ctd/gxl//63AJb7dVgfl9XxhGL77wlPqQ0UG8XnBgsyjzl4EMOTJPfx mrx1thbrQ9T99tI57DPxIYHh5f1fxHPN53PJJFqhbg+cJzmaiToBFGP1ATyUsFxk BLiKuQvL4128FR1avrpXIg+h2Q3ghVQ+FB/y+gkxO9ZNCYq8HH52bboScDo9enMB hNxFTxeC50gHyFNVogbppOIrCeX7EdBA8NTh+vX8Wq6WOaAFC72zlcZk69dZBGeN Y0vyO+pMv7eRQjsljLjVtw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBT+xZ1/B+LCQMNwWjWT Pr35M6vERB8mxnzq47wFePLGfc48vVcNlBE/O/MOax0EWc3UoHY/E6PHfcsyXgEx bjWPXieq8s8w+bsXf8TSQ0KRiLkEYc7blbE0NCvuLHt5DSQlJj0xD47sQKy7NzLC 7bQjPtaOvKQnTemY3oUcPWLxcK/dGFczlS8OwUh6uEKfRhXHRSauKtDLzpEJYnhj 6sbeyyfyE0S5F4AeDVNayyiF3a/6/GY3fquVRQ7JiRG9/AuOBpLlFiuwq8YsI2q4 +MHugtQQ1dJEGndZFLlEcP8yRcjWcItPmi2b6bBeX4JBqPK92iJUjRnCfi1qLZOe /wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 353756340671057169223074677844762507643790 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 00:14:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-19 00:14:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'heavy.lol' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20713435134834375502288558856730812208932408594279127057808654633261488278920694469009763562566313965691722570470569381985056120004827292370737216685120652296530241092239544770076444989746336697487146908099730537573301748662410636479283254341448126216863645691878416671708845232568574307858793628912891328400631287954488203092933594144596615791556634341393937904590548243726480396872881829840819696634810917089807200712555021869053628146100311388611050331330426063978521798087513343335056750166012350504994032523781029412541240650629627826245053593251925266190722420435348985357504256553731330151656692327384995831551 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dca37a5249290ba30efe214e3df329f387b051aa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitrageer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bombinthebrain.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'globaleinvest.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heavy.lol' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vintageatv.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'washingtonwomensnetwork.org.8sv.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c84ca31bb000004030046304402207baf9d9d37fc43b28af9c89641ea9cd08c97f1e73e65a948c2d1af50c37e826e02202d39497906ae3ffc7f8049c3a7cde605cc4740cea0e92925ba30c9292ce1478e00760029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018c84ca327a0000040300473045022100995209771ad4862526f2b1a5abaaeeea69b84e6093930b1bafcaaec06fd15ed502202a58742ab6705be3c3064183f272d1ca660c0f0ce45d0f2bd0a309b97f1c93c7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00054a01cbe9c1467888d459eb1ce80493077ee80b0be3fc701aa775c29971b60bdc000e2bdddb39aafaa6fcb3a8217a02a9deb31e54e0e82b5dfe0c65fffeb70096fb75581f97d5f18462fbef094fa90d141bc5e7060b328f397810c39324f7f19abc75b616eb43d4fdf6d239ec33f12181e1e5fd5fc473cde773c9245aa16e0f9c27399a893a011463f5013c94b05c6404b88ab90bcbe35dbc151d5abeba57220fa1d90de085543e141ff2fa09313bd64d098abc1c7e766dba12703a3d7a730184dc454f1782e74807c85355a206e9a4e22b09e5fb11d040f0d4e1faf5fc5aae9639a0050bbdb395c664ebd75904678d634bf23bea4cbfb791423b258cb8d5b7