loripsum.net
Issued by R3
About this certificate
This digital certificate with serial number 03:d2:9f:c2:ba:fd:6a:56:33:5c:70:12:5a:13:6c:27:c5:54 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=loripsum.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d2:9f:c2:ba:fd:6a:56:33:5c:70:12:5a:13:6c:27:c5:54Serial Number (int): 333008513198203995664058998705145443239252
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 89:d4:78:cf:81:2a:72:05:64:26:1a:02:a5:14:6f:34:79:c2:fe:cf
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fb:4a:f6:e3:0c:78:6d:96:77:f9:c3:5a:7e:cc:d4:5f:e8:c1:73:4a
Fingerprint (sha256): 76:0e:bc:75:d9:6a:e1:ba:39:6e:61:a9:9c:1b:a0:72:93:8c:a4:64:53:da:0a:ef:ce:6c:05:20:ab:5b:7c:87
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate loripsum.net
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for loripsum.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
loripsum.net
test.loripsum.net
www.loripsum.net
www.test.loripsum.net
test.loripsum.net
www.loripsum.net
www.test.loripsum.net
Other certificates including the domain name loripsum.net
(limited to 100 certificates)
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
Certificate
The complete raw certificate details for loripsum.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGIDCCBQigAwIBAgISA9Kfwrr9alYzXHASWhNsJ8VUMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTQyMTE0MzRaFw0yNDAxMTIyMTE0MzNaMBcxFTATBgNVBAMT DGxvcmlwc3VtLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALRU Id91wnxMiSiTtEg2b2XJUsX/kOpjutt8uAdrWpS9o6KswiMCAaU5JVu5LzaAhKdo JX6ASO1L2VJnCgpMwQy8EDILz360KOocEQ6o/27OjxO6/LXF96O2Jnq+v5NUMvGE 2+mnn2zGfYAge3c7Dk0Vfe38GRTl9tjl5TeV4wjdvWzks2DmeGxJy8Nu3qnghsA6 WCWzF2jgk5YhDJW7wEiPvvJnqIbPxllkZmO27Ef4sYUxdZ/V1vCCv8XXm7oODS61 FOqFqOq/vGxIK7gP19CGDdE81myYuLbcdGkbFWmqcjWrhmh86RsDz2ZQlhGLuTYE NsWjJWkYBQP+D7ObfcFci1Pf6EUOD6o8D2+kX0Iq92RTBV6EDATVMBhLCJMy3BT5 dggDtBkQecpXBLFf7l/ObC+dKnmQ58Jnftiq3uNQvcE/PeayzgEIG1lMhow0SNTs uDH6ICdUMyJKQT7cLF4KDlyzgYjjjBVytIusYP070sPO9Um3/kEg5QFZ3wSrLfNT iIel8V0JL5H7wKGtoRNkm6rGnBHg/LsjJUpWKxtPdEtwJ382Jzk+2pIsb7QHRrIn kkDKnqTYJybziVjWYjwhJ0xhPbJKjQHyxfg2MJStbfzHZ6V/Z/+lDo7+PZwi/xST 9ff5bqAYVqamMGaFroBOl/08Y/se0p+l9f/86sivAgMBAAGjggJJMIICRTAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFInUeM+BKnIFZCYaAqUUbzR5wv7PMB8GA1UdIwQY MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v cjMuaS5sZW5jci5vcmcvMFMGA1UdEQRMMEqCDGxvcmlwc3VtLm5ldIIRdGVzdC5s b3JpcHN1bS5uZXSCEHd3dy5sb3JpcHN1bS5uZXSCFXd3dy50ZXN0Lmxvcmlwc3Vt Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA 7wB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABizBBZYAAAAQD AEcwRQIgZlVUnHM49OZXPKlcX/ArX16zaMERsWirrIytCgR77YECIQDDB1fDKK17 A2I5BwpKH6vUjsmGVuODcpmjCAbFRstopgB1AHb/iD8KtvuVUcJhzPWHujS0pM27 KdxoQgqf5mdMWjp0AAABizBBZjUAAAQDAEYwRAIgLsJmXEwGPtOflt/YidAel23k wvKpUOVNMaNp7P83eloCIEoqjEjTM6PM8y8HlCpfLuwJ+Rb72YWXu9vwLRzqLxeU MA0GCSqGSIb3DQEBCwUAA4IBAQA+1GxlSjWbkJ2J1ejjUmGiwnvKoMg4QL0nCoN6 Ks4MdALmmlOo4dDyAP6kc4iBodievvKe7P4PavoJZflddYOU7ysoREPIUJnbZV91 hurr7nPQXBdaXmRNvcncSGFbINaeIEokx46ZdjlAtSZmxRHr7hWdVyMHEFv5VOmz yX/m97ahiIQhoHB1sWCqYcAYERZyjP4qTv8ev9LyXlPbJlJXh0pwM73Zh1ttHmCg Ki6OAMf38E6GOzVpKMH5p/nc46P/J7kbj6/NOg91/F4xSjCfC/+3OIuoUTHLOr01 NkcOFZC/86Y3XhckpjUUw1YK0/0spyXE4sev8Ziuz4JNUp+C -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtFQh33XCfEyJKJO0SDZv ZclSxf+Q6mO623y4B2talL2joqzCIwIBpTklW7kvNoCEp2glfoBI7UvZUmcKCkzB DLwQMgvPfrQo6hwRDqj/bs6PE7r8tcX3o7Ymer6/k1Qy8YTb6aefbMZ9gCB7dzsO TRV97fwZFOX22OXlN5XjCN29bOSzYOZ4bEnLw27eqeCGwDpYJbMXaOCTliEMlbvA SI++8meohs/GWWRmY7bsR/ixhTF1n9XW8IK/xdebug4NLrUU6oWo6r+8bEgruA/X 0IYN0TzWbJi4ttx0aRsVaapyNauGaHzpGwPPZlCWEYu5NgQ2xaMlaRgFA/4Ps5t9 wVyLU9/oRQ4PqjwPb6RfQir3ZFMFXoQMBNUwGEsIkzLcFPl2CAO0GRB5ylcEsV/u X85sL50qeZDnwmd+2Kre41C9wT895rLOAQgbWUyGjDRI1Oy4MfogJ1QzIkpBPtws XgoOXLOBiOOMFXK0i6xg/TvSw871Sbf+QSDlAVnfBKst81OIh6XxXQkvkfvAoa2h E2SbqsacEeD8uyMlSlYrG090S3AnfzYnOT7akixvtAdGsieSQMqepNgnJvOJWNZi PCEnTGE9skqNAfLF+DYwlK1t/MdnpX9n/6UOjv49nCL/FJP19/luoBhWpqYwZoWu gE6X/Txj+x7Sn6X1//zqyK8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 333008513198203995664058998705145443239252 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-14 21:14:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 21:14:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'loripsum.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 735676674055390307454074963923740710982073557407003087325907955484755053113768359397511381293800916338840024709722523686992065504549026634697065964803718102026534072407815063642646079124554147194501349643778824975550672724656107123395902374315240491987714356159230702888135070745841185904900222492086850454578736770711516334475899225538810518230279941308978191861548127972070950427370212790811892107430914815309802864921945229866459009936692529586403143313523246611554712312878849408787679619236215106750821576434893821845350636664685478570033864191421482067963896135899962300534821161453539626207711823391030724192254104024872815762726292919184228463532921148606397219091035436496651329160568278781479100423540989521444412927839835991613151481155299046355299347511247412691416174518225692551269475076610867468123057473570317500397555019237296255476980010716387543926820894260503334419002031774832692600222649914432016369625962723884281249477015741448019959573330054233917993328929773036387579120833799549310423415900206589778489227414444901151739180886690236326922275251275372028589483417544922359343470429181381095800593219611587887500047932520424701495003590504765625529992031042083973591944862796301488414713810325716771000731823 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 89d478cf812a720564261a02a5146f3479c2fecf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'loripsum.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.loripsum.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.loripsum.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.test.loripsum.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b30416580000004030047304502206655549c7338f4e6573ca95c5ff02b5f5eb368c111b168abac8cad0a047bed81022100c30757c328ad7b036239070a4a1fabd48ec98656e3837299a30806c546cb68a600750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b30416635000004030046304402202ec2665c4c063ed39f96dfd889d01e976de4c2f2a950e54d31a369ecff377a5a02204a2a8c48d333a3ccf32f07942a5f2eec09f916fbd98597bbdbf02d1cea2f1794 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003ed46c654a359b909d89d5e8e35261a2c27bcaa0c83840bd270a837a2ace0c7402e69a53a8e1d0f200fea4738881a1d89ebef29eecfe0f6afa0965f95d758394ef2b284443c85099db655f7586eaebee73d05c175a5e644dbdc9dc48615b20d69e204a24c78e99763940b52666c511ebee159d572307105bf954e9b3c97fe6f7b6a1888421a07075b160aa61c0181116728cfe2a4eff1ebfd2f25e53db265257874a7033bdd9875b6d1e60a02a2e8e00c7f7f04e863b356928c1f9a7f9dce3a3ff27b91b8fafcd3a0f75fc5e314a309f0bffb7388ba85131cb3abd3536470e1590bff3a6375e1724a63514c3560ad3fd2ca725c4e2c7aff198aecf824d529f82