www.cigalequebec.com
Issued by R3
About this certificate
This digital certificate with serial number 03:43:9c:7c:ab:d7:72:84:a6:d9:c4:36:f5:3b:4e:e1:ef:16 was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.cigalequebec.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:43:9c:7c:ab:d7:72:84:a6:d9:c4:36:f5:3b:4e:e1:ef:16Serial Number (int): 284343783276498061008976944813023948828438
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 73:1d:19:3c:5a:b9:5a:4e:25:fc:29:e8:5c:e0:be:7e:8c:d3:87:de
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 26:69:c6:1c:cf:de:8e:0e:1d:d3:62:82:64:36:c7:ff:a5:9d:fe:56
Fingerprint (sha256): 7b:68:ea:c9:c9:b1:c0:51:25:f2:fd:43:a2:6c:cb:a8:4e:31:c1:f7:5b:6b:82:69:7f:87:5f:be:38:4e:af:4f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.cigalequebec.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cigalequebec.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cigale-demo.jnv.dev
cigalequebec.ca
cigalequebec.com
www.cigalequebec.ca
www.cigalequebec.com
cigalequebec.ca
cigalequebec.com
www.cigalequebec.ca
www.cigalequebec.com
Other certificates including the domain name cigalequebec.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.cigalequebec.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgISA0OcfKvXcoSm2cQ29TtO4e8WMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjQwNjU3MDdaFw0yMzEyMjMwNjU3MDZaMB8xHTAbBgNVBAMT FHd3dy5jaWdhbGVxdWViZWMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA4P/xbzh+UOTZ2hb4C4wUmfywn7fUZZ1b+PPHVNL+riqcsfKASRnraNbI Ie49gLXY+DuHZSxJU9XBsakDwPyTqtbJNoZFE+uW9OIaNPCumN+JoXUK7MlYxkpp x2NncMD2VvA50V1WEAE7WlPQLWCps94EduGIePbiRs7Mi136tJA496nYPPFYW5+Y L38naAEa1lMFEnDOrYLLJB/bqYwUCfOsdJqplpvZnfb/DlQ2UrLtk+oGSUNPOmmX MZjpi6JMLwZ8yXkwgTW0Te7KoSdMRwB9nIx++/2Ndc0dYhx3phBEqn67UBts66BL zbYP9UQ7HHOOh6HgNqH3jEpD9OGnMwIDAQABo4ICYzCCAl8wDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA MB0GA1UdDgQWBBRzHRk8WrlaTiX8Kehc4L5+jNOH3jAfBgNVHSMEGDAWgBQULrMX t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0 dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu Y3Iub3JnLzBsBgNVHREEZTBjghNjaWdhbGUtZGVtby5qbnYuZGV2gg9jaWdhbGVx dWViZWMuY2GCEGNpZ2FsZXF1ZWJlYy5jb22CE3d3dy5jaWdhbGVxdWViZWMuY2GC FHd3dy5jaWdhbGVxdWViZWMuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHUAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6 V6NS61IAAAGKxjEx8AAABAMARjBEAiAEd3ceZH6u94szUqH50AQQ1a10Ob7Wk6hF wUTIW0ntmgIgb4PzGdASjGNH9B46SiHpPqgR6Fg7uF4YI7uYHdKI2eYAdwCt9776 fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYrGMTHJAAAEAwBIMEYCIQCe K3wpv2mo1qKlvBUDo21r5RZdIHkrOo9AnboUA0CHQQIhAOb+iebEyXqNpM+aIDto g6tNmn/wPMpyFNw083ana59kMA0GCSqGSIb3DQEBCwUAA4IBAQAJYXfnCLuNU31m Tka7+b5UrTEzUTSPNwRXMPdFPSNWxBFfmlNdrhitIeH3C3jIiVGGrRlRhDFBszON B1FssX27+EJyIIdzN32IBU5k5h1lNa5aZtK7pRkhvRG7Rb1CFCbHJwfJ02svswdT fAGsLx5eFnuYUSG84F5CI9IGvZJSLGbnduarPhr5I7/aY9Yb4BFFZIgyz2TGhHpu b0OkxULtFQElsz7JHAj1mB1YYMl+I5BiXRCqFFQiEXcVxM2+BtXrrV5wUGNkJB4Z +KEMDOkk9pIKt5BGBMdRBeu/Oo9b9et+a1UC5qPkC1gi+pIFMnwKfzS1JnEaaGrz 7jm18pT6 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4P/xbzh+UOTZ2hb4C4wU mfywn7fUZZ1b+PPHVNL+riqcsfKASRnraNbIIe49gLXY+DuHZSxJU9XBsakDwPyT qtbJNoZFE+uW9OIaNPCumN+JoXUK7MlYxkppx2NncMD2VvA50V1WEAE7WlPQLWCp s94EduGIePbiRs7Mi136tJA496nYPPFYW5+YL38naAEa1lMFEnDOrYLLJB/bqYwU CfOsdJqplpvZnfb/DlQ2UrLtk+oGSUNPOmmXMZjpi6JMLwZ8yXkwgTW0Te7KoSdM RwB9nIx++/2Ndc0dYhx3phBEqn67UBts66BLzbYP9UQ7HHOOh6HgNqH3jEpD9OGn MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 284343783276498061008976944813023948828438 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-24 06:57:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 06:57:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cigalequebec.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28403590560575861657367008169087698470452255553249542777144234212443608085113902625331782449777550960715485125241101491310982320931804598110179696977628396837314231717835200225575773318916010966437915218673162231201198441916491376022813189149508114738279987780356455375590541674035249408539601877985575854547952181991140809878665607492852383148167586753889228492527699376669001545683852182125020067769724130791687293563480427637575624835079527521432659568322117529910213307850637546850465504378609351160108401658243281605835880020464455487722784623229240073062179837020668490774822355120247343362988860808660852516659 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 731d193c5ab95a4e25fc29e85ce0be7e8cd387de . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (101 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cigale-demo.jnv.dev' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cigalequebec.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cigalequebec.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cigalequebec.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cigalequebec.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ac63131f0000004030046304402200477771e647eaef78b3352a1f9d00410d5ad7439bed693a845c144c85b49ed9a02206f83f319d0128c6347f41e3a4a21e93ea811e8583bb85e1823bb981dd288d9e6007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018ac63131c900000403004830460221009e2b7c29bf69a8d6a2a5bc1503a36d6be5165d20792b3a8f409dba1403408741022100e6fe89e6c4c97a8da4cf9a203b6883ab4d9a7ff03cca7214dc34f376a76b9f64 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00096177e708bb8d537d664e46bbf9be54ad313351348f37045730f7453d2356c4115f9a535dae18ad21e1f70b78c8895186ad1951843141b3338d07516cb17dbbf84272208773377d88054e64e61d6535ae5a66d2bba51921bd11bb45bd421426c72707c9d36b2fb307537c01ac2f1e5e167b985121bce05e4223d206bd92522c66e776e6ab3e1af923bfda63d61be01145648832cf64c6847a6e6f43a4c542ed150125b33ec91c08f5981d5860c97e2390625d10aa145422117715c4cdbe06d5ebad5e70506364241e19f8a10c0ce924f6920ab7904604c75105ebbf3a8f5bf5eb7e6b5502e6a3e40b5822fa9205327c0a7f34b526711a686af3ee39b5f294fa