parsimonia.com
Issued by R3
About this certificate
This digital certificate with serial number 03:f2:df:e7:dc:86:59:58:1b:8c:ad:7f:27:70:94:45:be:7e was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=parsimonia.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f2:df:e7:dc:86:59:58:1b:8c:ad:7f:27:70:94:45:be:7eSerial Number (int): 343982812326556543144572174291849351380606
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 02:4c:ca:13:88:12:ac:33:b6:e3:c0:bb:72:de:be:d3:f2:1c:50:27
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c7:2b:ec:33:37:d1:a0:a8:a6:0c:37:2e:b7:f3:1b:f2:d9:77:04:28
Fingerprint (sha256): 79:3e:8a:9c:76:55:69:18:4a:00:3f:bd:dd:31:25:3f:44:7f:92:38:50:33:48:62:0d:21:a8:b1:34:6d:df:99
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate parsimonia.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for parsimonia.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
parsimonia.com
Other certificates including the domain name parsimonia.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for parsimonia.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6TCCBNGgAwIBAgISA/Lf59yGWVgbjK1/J3CURb5+MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDEwODE1MTJaFw0yNDA1MzAwODE1MTFaMBkxFzAVBgNVBAMT DnBhcnNpbW9uaWEuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA zPlisDL6zC66rcMvX7n8HTiJ24em8ZymXwcGz0yvGOcRAWjp8jRknfaylapfW/TW Igd7wxnoVuRC6mnUnvvXk93CRGwjxkEqshUX5gXpDzkydECjCmj+sdi0wK8ldi3f IEPBUaokPYksy22k/psSREzbKR0FD4Zq2N2DmWfNZBKRzZ6bCStp1lKu12V4ud65 r9nK4smS5b46a6HWROECfayiBZLIyTmHhnUMC3jjP/4O4mCgBM/eEK5V5vj1Z4AI tYJStYHbq0LLDKvqycIJDTPu/y1wkFNkOuj18eomCfwIVFBGgigQ9Yq2HwKtemlX NqXLSallJ3Zq7F9h2QDel99A68lQuZSXNv0dYx2VEeU3ofjt/pjGc6CddB9HfiMS ooogIDT5WW74dvod7XZvCETf+sAiAuYFEyK26lTAYUyB/eCuJgmg6VQA1+6zjaAT e7rPmEGGn2nCS0gS9R+CX6mirLQaUDv22z1q+XlNJ0IbaVfHFFHINsI9y/6lDZbT 8uP8r4LYVQByeDZAdA9eYX9+oEQOjR1sLLueH2w0lHbozwZ0pBTRXPQFkkDymJdW RTJ0R/M9/tIZXdCl/O11Dflcb5Zx8IO9UW+b0aYs4KBP76402Zu4masrV4XN55ao gcafIK9X9xTb9PqAFcSMWd1I8PY397ClVFrGSJocDfsCAwEAAaOCAhAwggIMMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUAkzKE4gSrDO248C7ct6+0/IcUCcwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wGQYDVR0RBBIwEIIOcGFyc2ltb25pYS5jb20wEwYD VR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBIsONr 2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY35S9OpAAAEAwBHMEUCIF+a NgW+x1KL4kNSOJKIR8GmGL4SyvzMcRPiNLy8OQViAiEApLiDkspAeTxKuREKoeBW fIzJOqwtFp0JCPb0no9VvfMAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAY35S9PqAAAEAwBHMEUCIQDK9tARQh9i9mHkbNNQnRy4wA7jhinAKZX4 zoJO0pJEHwIgAmdo/0uLTcaw8eOObKV6aVcJqM6VCW0QHnD34xQoNJ8wDQYJKoZI hvcNAQELBQADggEBAKfGm7VbmeKWRntsgjz2QdzVt+BcOHegBAmwykuBMVGRh3dV hop6I4u+Cw/NPFKYGwxcTx+UH05iC7zckS2VDnqTRxU1UzRM/PmMW4MYK69vSD+W +g0dElEuqkhqzEzWRFMkWpC0I4Mx1gNewqmFY3Xct5i+GpxpWuMO1tYZ8lvMVHaN 1PuwmImh1V9v7fNB6LpaN+Lm9PqSAlqfQi8AHlFY60YAmyNpvzIKRSKRuUgt6OTA DnhvLX/xZUQyCDde8pHcKIhNs2iME8T58GsuGmF35+Xt+l7GPoDxMpYs4C29LJ/c 2D5D8YnD318sg+i3syjXOlf+iPGno0IHJZi28QM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzPlisDL6zC66rcMvX7n8 HTiJ24em8ZymXwcGz0yvGOcRAWjp8jRknfaylapfW/TWIgd7wxnoVuRC6mnUnvvX k93CRGwjxkEqshUX5gXpDzkydECjCmj+sdi0wK8ldi3fIEPBUaokPYksy22k/psS REzbKR0FD4Zq2N2DmWfNZBKRzZ6bCStp1lKu12V4ud65r9nK4smS5b46a6HWROEC fayiBZLIyTmHhnUMC3jjP/4O4mCgBM/eEK5V5vj1Z4AItYJStYHbq0LLDKvqycIJ DTPu/y1wkFNkOuj18eomCfwIVFBGgigQ9Yq2HwKtemlXNqXLSallJ3Zq7F9h2QDe l99A68lQuZSXNv0dYx2VEeU3ofjt/pjGc6CddB9HfiMSooogIDT5WW74dvod7XZv CETf+sAiAuYFEyK26lTAYUyB/eCuJgmg6VQA1+6zjaATe7rPmEGGn2nCS0gS9R+C X6mirLQaUDv22z1q+XlNJ0IbaVfHFFHINsI9y/6lDZbT8uP8r4LYVQByeDZAdA9e YX9+oEQOjR1sLLueH2w0lHbozwZ0pBTRXPQFkkDymJdWRTJ0R/M9/tIZXdCl/O11 Dflcb5Zx8IO9UW+b0aYs4KBP76402Zu4masrV4XN55aogcafIK9X9xTb9PqAFcSM Wd1I8PY397ClVFrGSJocDfsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 343982812326556543144572174291849351380606 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-01 08:15:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-30 08:15:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'parsimonia.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 836221624564206253266431413493785168278355521401338371549788117852930645755492847868817628136968380933575405856803001461430424004171053452057039046933115261679036850403379921028101214254302508480689724309917162645808210609908282476305226252672046407881258316776050801558133143956045475459893978891117359461475777160422794711149613989928252239169945255174685831302822325881215156579845222524284295499001854446594591653958421264935851495162237093515161014807495947814935273650308761145076265906889844757962580228812790530225446941797431006939923291831825535258760685767500689592048449953828016675086993929990140019107570830218253013394781957696288650313782531133185663160606377852155706366381790715705453684434149382756742477670852037849417915135916225841190869243037509171226214657978656768168175917118345740957705428962885972149768545931183377700255139859404153603513127332615153160098839479980569437573630408366989155347768445971985056611778882807926875663938262324449690481364663310811165871295488058233446881173040237955425447042030109373208554602534883397819222164308058871881909032879743691581050316394866693427685038581195508873175780431424423248098530863608136416669342597751813412834692222491391829410063504946829321616231931 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 024cca138812ac33b6e3c0bb72debed3f21c5027 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parsimonia.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018df94bd3a9000004030047304502205f9a3605bec7528be2435238928847c1a618be12cafccc7113e234bcbc390562022100a4b88392ca40793c4ab9110aa1e0567c8cc93aac2d169d0908f6f49e8f55bdf3007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018df94bd3ea0000040300473045022100caf6d011421f62f661e46cd3509d1cb8c00ee38629c02995f8ce824ed292441f0220026768ff4b8b4dc6b0f1e38e6ca57a695709a8ce95096d101e70f7e31428349f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a7c69bb55b99e296467b6c823cf641dcd5b7e05c3877a00409b0ca4b81315191877755868a7a238bbe0b0fcd3c52981b0c5c4f1f941f4e620bbcdc912d950e7a9347153553344cfcf98c5b83182baf6f483f96fa0d1d12512eaa486acc4cd64453245a90b4238331d6035ec2a9856375dcb798be1a9c695ae30ed6d619f25bcc54768dd4fbb09889a1d55f6fedf341e8ba5a37e2e6f4fa92025a9f422f001e5158eb46009b2369bf320a452291b9482de8e4c00e786f2d7ff165443208375ef291dc28884db3688c13c4f9f06b2e1a6177e7e5edfa5ec63e80f132962ce02dbd2c9fdcd83e43f189c3df5f2c83e8b7b328d73a57fe88f1a7a342072598b6f103