www.kjfco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:8f:2e:9a:bf:84:cb:50:75:98:01:c7:1d:19:f8:5f:87:de was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.kjfco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8f:2e:9a:bf:84:cb:50:75:98:01:c7:1d:19:f8:5f:87:deSerial Number (int): 310059184250958535184474793645170464098270
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 23:c4:83:d8:f8:41:07:d9:36:60:15:b0:2e:d9:f0:87:9f:57:cf:65
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 5e:93:22:5f:1e:6d:2a:3d:7f:10:cd:4b:50:0e:bf:d5:08:91:70:c4
Fingerprint (sha256): 79:be:69:2e:38:b6:1e:f0:3b:36:b5:90:d9:2c:2e:b3:04:ee:f3:b1:99:57:b2:19:e2:af:f7:ec:18:7a:57:e5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.kjfco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kjfco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kjfco.com
Other certificates including the domain name kjfco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.kjfco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISA48umr+Ey1B1mAHHHRn4X4feMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTEwNDAwMTFaFw0y MDAzMTAwNDAwMTFaMBgxFjAUBgNVBAMTDXd3dy5ramZjby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/MU4SF0wHzAIpQztS8/uGF/Sdyx0dmqkz /1HMz4Fd+oIuF2NcSu0hKTsHATRlYGDhdes+xuXXjva7Qe/RLiW5bOSY1e5coix5 VL59mYBWdaa8ShzbnFBXMAm0a0y5/AgLkZxo6dd405i1oBgBQIlfemRPXalmM1+8 fuw59jGGT7RAM5MsaQOVhA2ru8lLTqw340XYfzYeHSKGa3BEsqAi952w+80ad0wc mp6OLZWdwa9sN8O0a76vXSeuwLUwiiM2BArXPiREbSXG1Cs2FEs0qZyzQWFrYT+1 Dj+1pSBcDSYY7n4ofMRt5Nk6JGx2B4jyy6g4ilEebteq9RdGq96ekqVsEvEkhapP a+8ILBxYqEFkdPqtCUulJmhy4rb6CmtPr4ciTq5ImMHu9KmM5ec6JbUt9MMC/S3W LVv1sDS6GuvtaIAlm3FOBM/ocmu17V1PT3xoaN4OYG136gfmVUH+v4lS/315vg/W K1luz9YvVRdUOFa/j8zl1KAiyfEx7FjrnPNkP11Kr+ADlp5iPoJW04Qkz+Lxy+7I g5ACOV/p9LK4W+k7UZO6QJPP2/XLoQUt8k8B424X3ou03AnMJv4OmAOJ+aktuqcP HDjWGCMKyCqAD/SpPbRJkeiEh82WRbsquqsGsNxyNKmtHnZ5BfOzjoS6NIq01E74 UN+SxHwOLQIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQjxIPY +EEH2TZgFbAu2fCHn1fPZTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5ramZjby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHx AO8AdQDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAW7zVDC7AAAE AwBGMEQCIH5hYC98o1TPpXEJBYGaCflgWUPOxhXshwTZhwGId+lwAiAtQ/W3vdnc ANJEcx5BO+ydbMZ4uvtFySpIhOGCeq1N+gB2AAe3XBvlfWj/8bDGHSMVx7rmV3xX lLdq7rxhOhpp06IcAAABbvNUMOkAAAQDAEcwRQIgWnmEuZCnB3u/ZZ19y8zODGw8 3E471eBIuAVLaWLZnpwCIQCQm+iC6XOsdYHILMnuJ7WZGTRX7lrIReOYnD/4ZfHX kDANBgkqhkiG9w0BAQsFAAOCAQEAXpT825XpzZYPWlrGCBQ70jjLbIiZ+5nLSspv KM+gZwy/GZcEQNqthHIijNca3G4mTxHyNQ+oUhMPyXiJBkoVv9dtmIrZ8J9HKD5H iZe3oFbmtN/Z4DlXJE+BuZon474J27eq+3aPl1u8Dty4NuR6aCymyc9ZN23HVuaO vai4K9v/iIxZ+IyMnbDcx967uMfFkFmPFFbMX1zpITDhgj/XkPy/4kt0rCn3pF1M cSEG64Ih61R/Z/wxj7FrC/I+4buupkamzHFmmL7xUCB4PZrEHQJMMhhphKqmsCp5 m3uEDtCHwm9BW4+UxiHrVRbvynDRlbVFAXHZrOLfF/69J/LKfQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvzFOEhdMB8wCKUM7UvP7 hhf0ncsdHZqpM/9RzM+BXfqCLhdjXErtISk7BwE0ZWBg4XXrPsbl1472u0Hv0S4l uWzkmNXuXKIseVS+fZmAVnWmvEoc25xQVzAJtGtMufwIC5GcaOnXeNOYtaAYAUCJ X3pkT12pZjNfvH7sOfYxhk+0QDOTLGkDlYQNq7vJS06sN+NF2H82Hh0ihmtwRLKg IvedsPvNGndMHJqeji2VncGvbDfDtGu+r10nrsC1MIojNgQK1z4kRG0lxtQrNhRL NKmcs0Fha2E/tQ4/taUgXA0mGO5+KHzEbeTZOiRsdgeI8suoOIpRHm7XqvUXRqve npKlbBLxJIWqT2vvCCwcWKhBZHT6rQlLpSZocuK2+gprT6+HIk6uSJjB7vSpjOXn OiW1LfTDAv0t1i1b9bA0uhrr7WiAJZtxTgTP6HJrte1dT098aGjeDmBtd+oH5lVB /r+JUv99eb4P1itZbs/WL1UXVDhWv4/M5dSgIsnxMexY65zzZD9dSq/gA5aeYj6C VtOEJM/i8cvuyIOQAjlf6fSyuFvpO1GTukCTz9v1y6EFLfJPAeNuF96LtNwJzCb+ DpgDifmpLbqnDxw41hgjCsgqgA/0qT20SZHohIfNlkW7KrqrBrDccjSprR52eQXz s46EujSKtNRO+FDfksR8Di0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 310059184250958535184474793645170464098270 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-11 04:00:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-10 04:00:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kjfco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 779997746296757147141192174903167355507222485261420880411897831884675324178290711402693385662746417676755427732424626386199403877811248069479182209983457799588989561261440194539129138949562086489552771826340967243022074244025086700033202265271104378117572146455677320475473184316579723835850093402306704875187696249852173468690242373057705140354457466245630359739695685507422494954833480264644324683770091039441284183782276882909380172565640114448839405212442844554639102194830557073168785713222934004739069257889154704392169537933496857324116710741396049481985760456644415227196090531215580010119693566447012207745171257205192416232764685880931350233532024011661403789159075497697490379884622463250320784988880454726152677278602725705410686355219582436283785754155027720715493115525688771035650518429890384681146388363056151251408199504940339885583636550364829245628732168897887541860767676604933521400881700592891723256336454099891445949205415321330133527109153302017871579404959364131915762553066794912896358763844787859809116165191136492147555220157879582869129663216406083255066740889951397149213198390768755546718583382801614323104522301288316725534818740391755778955887588512407395397486255525848675948511264807745638169841197 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 23c483d8f84107d9366015b02ed9f0879f57cf65 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kjfco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016ef35430bb000004030046304402207e61602f7ca354cfa5710905819a09f9605943cec615ec8704d987018877e97002202d43f5b7bdd9dc00d244731e413bec9d6cc678bafb45c92a4884e1827aad4dfa00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ef35430e9000004030047304502205a7984b990a7077bbf659d7dcbccce0c6c3cdc4e3bd5e048b8054b6962d99e9c022100909be882e973ac7581c82cc9ee27b599193457ee5ac845e3989c3ff865f1d790 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005e94fcdb95e9cd960f5a5ac608143bd238cb6c8899fb99cb4aca6f28cfa0670cbf19970440daad8472228cd71adc6e264f11f2350fa852130fc97889064a15bfd76d988ad9f09f47283e478997b7a056e6b4dfd9e03957244f81b99a27e3be09dbb7aafb768f975bbc0edcb836e47a682ca6c9cf59376dc756e68ebda8b82bdbff888c59f88c8c9db0dcc7debbb8c7c590598f1456cc5f5ce92130e1823fd790fcbfe24b74ac29f7a45d4c712106eb8221eb547f67fc318fb16b0bf23ee1bbaea646a6cc716698bef15020783d9ac41d024c32186984aaa6b02a799b7b840ed087c26f415b8f94c621eb5516efca70d195b5450171d9ace2df17febd27f2ca7d