heavy.lol

Issued by R3

About this certificate

This digital certificate with serial number 04:0f:98:b0:f3:97:15:ae:7a:2d:eb:53:b9:f8:5b:68:8b:8e was issued on by Let's Encrypt.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=heavy.lol

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:0f:98:b0:f3:97:15:ae:7a:2d:eb:53:b9:f8:5b:68:8b:8e
Serial Number (int): 353756340671057169223074677844762507643790
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: dc:a3:7a:52:49:29:0b:a3:0e:fe:21:4e:3d:f3:29:f3:87:b0:51:aa
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 0f:7e:cf:5d:18:e7:e3:85:c1:18:bf:de:25:e1:1b:6a:5c:80:6c:29
Fingerprint (sha256): 71:a2:a0:f4:d1:d0:93:a4:3a:ff:a2:18:5b:be:5d:93:84:be:47:67:36:78:29:3b:4a:cb:d8:90:90:4e:fe:c4

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate heavy.lol

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for heavy.lol

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

arbitrageer.com
bombinthebrain.com
globaleinvest.com
heavy.lol
vintageatv.com
washingtonwomensnetwork.org.8sv.com

Other certificates including the domain name heavy.lol

(limited to 100 certificates)
cowork.vc
heavy.lol
5272653.ca
summercampsdfw.com.brightideaspress.org
heavy.lol
weibo.co.za
exchangedbyfaith.church
jockout.com.heavy.lol

Certificate

The complete raw certificate details for heavy.lol in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISBA+YsPOXFa56LetTufhbaIuOMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjAwMDE0NTJaFw0yNDAzMTkwMDE0NTFaMBQxEjAQBgNVBAMT
CWhlYXZ5LmxvbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQU/sWd
fwfiwkDDcFo1kz69+TOrxEQfJsZ86uO8BXjyxn3OPL1XDZQRPzvzDmsdBFnN1KB2
PxOjx33LMl4BMW41j14nqvLPMPm7F3/E0kNCkYi5BGHO25WxNDQr7ix7eQ0kJSY9
MQ+O7ECsuzcywu20Iz7WjrykJ03pmN6FHD1i8XCv3RhXM5UvDsFIerhCn0YVx0Um
rirQy86RCWJ4Y+rG3ssn8hNEuReAHg1TWssohd2v+vxmN36rlUUOyYkRvfwLjgaS
5RYrsKvGLCNquPjB7oLUENXSRBp3WRS5RHD/MkXI1nCLT5otm+mwXl+CQajyvdoi
VI0Zwn4tai2Tnv8CAwEAAaOCAngwggJ0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
3KN6UkkpC6MO/iFOPfMp84ewUaowHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v
nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s
ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgYEG
A1UdEQR6MHiCD2FyYml0cmFnZWVyLmNvbYISYm9tYmludGhlYnJhaW4uY29tghFn
bG9iYWxlaW52ZXN0LmNvbYIJaGVhdnkubG9sgg52aW50YWdlYXR2LmNvbYIjd2Fz
aGluZ3RvbndvbWVuc25ldHdvcmsub3JnLjhzdi5jb20wEwYDVR0gBAwwCjAIBgZn
gQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQDuzdBk1dsazsVct520zROi
ModGfLzs3sNRSFlGcR+1mwAAAYyEyjG7AAAEAwBGMEQCIHuvnZ03/EOyivnIlkHq
nNCMl/HnPmWpSMLRr1DDfoJuAiAtOUl5Bq4//H+AScOnzeYFzEdAzqDpKSW6MMkp
LOFHjgB2ACnQOhu2dKpxHNMDW2VXwU+Kp4tP6DiUSeykU/lEvSRoAAABjITKMnoA
AAQDAEcwRQIhAJlSCXca1IYlJvKxpauq7uppuE5gk5MLG6/KrsBv0V7VAiAqWHQq
tnBb48MGQYPyctHKZgwPDORdDyvQowm5fxyTxzANBgkqhkiG9w0BAQsFAAOCAQEA
BUoBy+nBRniI1FnrHOgEkwd+6AsL4/xwGqd1wplxtgvcAA4r3ds5qvqm/LOoIXoC
qd6zHlTg6Ctd/gxl//63AJb7dVgfl9XxhGL77wlPqQ0UG8XnBgsyjzl4EMOTJPfx
mrx1thbrQ9T99tI57DPxIYHh5f1fxHPN53PJJFqhbg+cJzmaiToBFGP1ATyUsFxk
BLiKuQvL4128FR1avrpXIg+h2Q3ghVQ+FB/y+gkxO9ZNCYq8HH52bboScDo9enMB
hNxFTxeC50gHyFNVogbppOIrCeX7EdBA8NTh+vX8Wq6WOaAFC72zlcZk69dZBGeN
Y0vyO+pMv7eRQjsljLjVtw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBT+xZ1/B+LCQMNwWjWT
Pr35M6vERB8mxnzq47wFePLGfc48vVcNlBE/O/MOax0EWc3UoHY/E6PHfcsyXgEx
bjWPXieq8s8w+bsXf8TSQ0KRiLkEYc7blbE0NCvuLHt5DSQlJj0xD47sQKy7NzLC
7bQjPtaOvKQnTemY3oUcPWLxcK/dGFczlS8OwUh6uEKfRhXHRSauKtDLzpEJYnhj
6sbeyyfyE0S5F4AeDVNayyiF3a/6/GY3fquVRQ7JiRG9/AuOBpLlFiuwq8YsI2q4
+MHugtQQ1dJEGndZFLlEcP8yRcjWcItPmi2b6bBeX4JBqPK92iJUjRnCfi1qLZOe
/wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 353756340671057169223074677844762507643790
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 00:14:52 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-19 00:14:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'heavy.lol'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20713435134834375502288558856730812208932408594279127057808654633261488278920694469009763562566313965691722570470569381985056120004827292370737216685120652296530241092239544770076444989746336697487146908099730537573301748662410636479283254341448126216863645691878416671708845232568574307858793628912891328400631287954488203092933594144596615791556634341393937904590548243726480396872881829840819696634810917089807200712555021869053628146100311388611050331330426063978521798087513343335056750166012350504994032523781029412541240650629627826245053593251925266190722420435348985357504256553731330151656692327384995831551
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dca37a5249290ba30efe214e3df329f387b051aa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitrageer.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bombinthebrain.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'globaleinvest.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heavy.lol'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vintageatv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'washingtonwomensnetwork.org.8sv.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c84ca31bb000004030046304402207baf9d9d37fc43b28af9c89641ea9cd08c97f1e73e65a948c2d1af50c37e826e02202d39497906ae3ffc7f8049c3a7cde605cc4740cea0e92925ba30c9292ce1478e00760029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018c84ca327a0000040300473045022100995209771ad4862526f2b1a5abaaeeea69b84e6093930b1bafcaaec06fd15ed502202a58742ab6705be3c3064183f272d1ca660c0f0ce45d0f2bd0a309b97f1c93c7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00054a01cbe9c1467888d459eb1ce80493077ee80b0be3fc701aa775c29971b60bdc000e2bdddb39aafaa6fcb3a8217a02a9deb31e54e0e82b5dfe0c65fffeb70096fb75581f97d5f18462fbef094fa90d141bc5e7060b328f397810c39324f7f19abc75b616eb43d4fdf6d239ec33f12181e1e5fd5fc473cde773c9245aa16e0f9c27399a893a011463f5013c94b05c6404b88ab90bcbe35dbc151d5abeba57220fa1d90de085543e141ff2fa09313bd64d098abc1c7e766dba12703a3d7a730184dc454f1782e74807c85355a206e9a4e22b09e5fb11d040f0d4e1faf5fc5aae9639a0050bbdb395c664ebd75904678d634bf23bea4cbfb791423b258cb8d5b7