png.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:1d:6c:08:28:89:f8:1d:0c:d8:99:d8:23:f7:fc:12:37:9d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=png.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:1d:6c:08:28:89:f8:1d:0c:d8:99:d8:23:f7:fc:12:37:9dSerial Number (int): 358460931351895271032297574806015993591709
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 81:2e:03:df:c9:97:88:09:1c:3d:26:91:45:bc:10:a4:80:fc:33:62
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 66:62:a1:b2:f8:27:17:dd:c7:f5:21:4c:33:f3:8f:8e:5b:92:df:b8
Fingerprint (sha256): 77:90:52:3f:51:83:12:ba:96:57:1d:a0:dc:36:7a:00:20:f7:56:62:96:cd:4c:85:74:97:f3:0a:bc:32:e6:b4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate png.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for png.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
png.ca
www.png.ca
www.png.ca
Other certificates including the domain name png.ca
(limited to 100 certificates)
png.ca
png.ca
*.PNG.CA
ebill.png.ca
*.png.ca
aui2056.png.ca
webmail.png.ca
png.ca
png.ca
webmail.png.ca
*.png.ca
webmail.png.ca
aui0056.png.ca
png.ca
webmail.png.ca
*.sp-apps.png.ca
www.png.ca
png.ca
webmail.png.ca
ebill.png.ca
png.ca
png.ca
aui2055.png.ca
www.png.ca
png.ca
www.png.ca
legacy.png.ca
*.png.ca
ebill.png.ca
png.ca
*.png.ca
ebill.png.ca
png.ca
png.ca
webmail.png.ca
ebill.png.ca
dev.png.ca
*.png.ca
webmail.png.ca
aui0055.png.ca
png.ca
png.ca
*.PNG.CA
ebill.png.ca
*.png.ca
aui2056.png.ca
webmail.png.ca
png.ca
png.ca
webmail.png.ca
*.png.ca
webmail.png.ca
aui0056.png.ca
png.ca
webmail.png.ca
*.sp-apps.png.ca
www.png.ca
png.ca
webmail.png.ca
ebill.png.ca
png.ca
png.ca
aui2055.png.ca
www.png.ca
png.ca
www.png.ca
legacy.png.ca
*.png.ca
ebill.png.ca
png.ca
*.png.ca
ebill.png.ca
png.ca
png.ca
webmail.png.ca
ebill.png.ca
dev.png.ca
*.png.ca
webmail.png.ca
aui0055.png.ca
png.ca
Certificate
The complete raw certificate details for png.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISBB1sCCiJ+B0M2JnYI/f8EjedMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA1MTIwMTAxMTNaFw0yMzA4MTAwMTAxMTJaMBExDzANBgNVBAMT BnBuZy5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSJp/rm3tW3 mT/ujgjoSu5bNmtAgOAZM9gC8cTVTXVGPOT76YnL8GZkEhSc7hHa0zo0d6HvAJxw QmBaBNULuyVJ2A/UeaPFEiKXt3xROFPUB1xDwaIw+Hx7OCZi6DbiScrMFdJL/iko 36JMBsayjxgM3Mq/HjduF7YWeyrVRVzd3NwX0KTTAxdQCGAMIqp7Iq4AQhy5QyGo 0FMgVx4vUPCdlk5yio7+WaiFajeoOZEY9Xjb7Uh2LhLzcjekpODZUxXzbVLMB+m6 YulNwTJEZ11sL1bJ1KS6jGPLc8UQS9UYoxRVDrBmQe+XSnD1YOuMscm18acDAtFQ dMaOsO/jT8UCAwEAAaOCAk0wggJJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUgS4D 38mXiAkcPSaRRbwQpID8M2IwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHQYDVR0R BBYwFIIGcG5nLmNhggp3d3cucG5nLmNhMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAtz77JN+cTbp18jnFulj0 bF38Qs96nzXEnh0JgSXttJkAAAGIDbDZGwAABAMARzBFAiA2dEILTAKXkOw7hUWd fhJ7148VsqaNVlaEltnmZKbvOAIhAJjmVvbFlLrDEXDCYlCb5AY1P4wsJYqJy3iO jOewBVdnAHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGIDbDZ QAAABAMARzBFAiA6RRe68spqJhhfK7Gkw9K+6ADbq7Y9GzxuxPYXLBF3vQIhAJ04 ahLCYlouAeV7INOsxWmzHPDNhYtA5oT+otA7ZaVpMA0GCSqGSIb3DQEBCwUAA4IB AQBsSqY0rSA3RsfGwG9GqpOErbzO73Zzv5jrtqTAXVPc7z5Kj7vBIwwJFGqhiIyM aV7OTrP18HtPrbmJUCSqmemIcaae6oeIw1GBeNbhRbugbPcVP8098FtRREcGiYvP SuL6U1jq89xV8ymRmZ5KnyQL0u4V24rsxbgjsqaUsFQYaQqYXNcpc1lBrxNN9q8a JIoekJXwu3tUy7mLW9Izo5yvl5zJEINozlxSFSW/By5u+G1mhgua6nKX1ogZuenf H05HdH4Fss5ech/3DZ9AmkwZlJRzxNH+xsaO7cxFiNAMii1nHXheE7QXaEMFEIYm 2d/l3jL6XQEKWSY0MD+JiVci -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxImn+ube1beZP+6OCOhK 7ls2a0CA4Bkz2ALxxNVNdUY85PvpicvwZmQSFJzuEdrTOjR3oe8AnHBCYFoE1Qu7 JUnYD9R5o8USIpe3fFE4U9QHXEPBojD4fHs4JmLoNuJJyswV0kv+KSjfokwGxrKP GAzcyr8eN24XthZ7KtVFXN3c3BfQpNMDF1AIYAwiqnsirgBCHLlDIajQUyBXHi9Q 8J2WTnKKjv5ZqIVqN6g5kRj1eNvtSHYuEvNyN6Sk4NlTFfNtUswH6bpi6U3BMkRn XWwvVsnUpLqMY8tzxRBL1RijFFUOsGZB75dKcPVg64yxybXxpwMC0VB0xo6w7+NP xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 358460931351895271032297574806015993591709 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-12 01:01:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-10 01:01:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'png.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24810588561814994430442861001223336160818392570204213433208248674637221042062533164989968637381522940207623367084451104387810563842682874373058714564633350095592257139923048215965276250636485703431670334618497876906430609822639229680316670745668605521674343851596582331109106047579267090411476700899093900294761916363374253872780250497929662021751518324746819569928727419322769892883615350036016208613324157255290965152316178622330596754677195592532105649481383395161993520526157196131445829055321878537883411241337719598977822585626298279148235739461054049175373700046494714799500169726458088956810320758345461616581 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 812e03dfc99788091c3d269145bc10a480fc3362 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'png.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.png.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001880db0d91b000004030047304502203674420b4c029790ec3b85459d7e127bd78f15b2a68d56568496d9e664a6ef3802210098e656f6c594bac31170c262509be406353f8c2c258a89cb788e8ce7b00557670076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001880db0d940000004030047304502203a4517baf2ca6a26185f2bb1a4c3d2bee800dbabb63d1b3c6ec4f6172c1177bd0221009d386a12c2625a2e01e57b20d3acc569b31cf0cd858b40e684fea2d03b65a569 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006c4aa634ad203746c7c6c06f46aa9384adbcceef7673bf98ebb6a4c05d53dcef3e4a8fbbc1230c09146aa1888c8c695ece4eb3f5f07b4fadb9895024aa99e98871a69eea8788c3518178d6e145bba06cf7153fcd3df05b51444706898bcf4ae2fa5358eaf3dc55f32991999e4a9f240bd2ee15db8aecc5b823b2a694b05418690a985cd729735941af134df6af1a248a1e9095f0bb7b54cbb98b5bd233a39caf979cc9108368ce5c521525bf072e6ef86d66860b9aea7297d68819b9e9df1f4e47747e05b2ce5e721ff70d9f409a4c19949473c4d1fec6c68eedcc4588d00c8a2d671d785e13b417684305108626d9dfe5de32fa5d010a592634303f89895722