www.cigalequebec.com

Issued by R3

About this certificate

This digital certificate with serial number 03:43:9c:7c:ab:d7:72:84:a6:d9:c4:36:f5:3b:4e:e1:ef:16 was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.cigalequebec.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:43:9c:7c:ab:d7:72:84:a6:d9:c4:36:f5:3b:4e:e1:ef:16
Serial Number (int): 284343783276498061008976944813023948828438
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 73:1d:19:3c:5a:b9:5a:4e:25:fc:29:e8:5c:e0:be:7e:8c:d3:87:de
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 26:69:c6:1c:cf:de:8e:0e:1d:d3:62:82:64:36:c7:ff:a5:9d:fe:56
Fingerprint (sha256): 7b:68:ea:c9:c9:b1:c0:51:25:f2:fd:43:a2:6c:cb:a8:4e:31:c1:f7:5b:6b:82:69:7f:87:5f:be:38:4e:af:4f

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.cigalequebec.com

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.cigalequebec.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cigale-demo.jnv.dev
cigalequebec.ca
cigalequebec.com
www.cigalequebec.ca
www.cigalequebec.com

Other certificates including the domain name cigalequebec.com

(limited to 100 certificates)
www.cigalequebec.com
www.cigalequebec.com
www.cigalequebec.com
www.cigalequebec.com

Certificate

The complete raw certificate details for www.cigalequebec.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISA0OcfKvXcoSm2cQ29TtO4e8WMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MjQwNjU3MDdaFw0yMzEyMjMwNjU3MDZaMB8xHTAbBgNVBAMT
FHd3dy5jaWdhbGVxdWViZWMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4P/xbzh+UOTZ2hb4C4wUmfywn7fUZZ1b+PPHVNL+riqcsfKASRnraNbI
Ie49gLXY+DuHZSxJU9XBsakDwPyTqtbJNoZFE+uW9OIaNPCumN+JoXUK7MlYxkpp
x2NncMD2VvA50V1WEAE7WlPQLWCps94EduGIePbiRs7Mi136tJA496nYPPFYW5+Y
L38naAEa1lMFEnDOrYLLJB/bqYwUCfOsdJqplpvZnfb/DlQ2UrLtk+oGSUNPOmmX
MZjpi6JMLwZ8yXkwgTW0Te7KoSdMRwB9nIx++/2Ndc0dYhx3phBEqn67UBts66BL
zbYP9UQ7HHOOh6HgNqH3jEpD9OGnMwIDAQABo4ICYzCCAl8wDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBRzHRk8WrlaTiX8Kehc4L5+jNOH3jAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzBsBgNVHREEZTBjghNjaWdhbGUtZGVtby5qbnYuZGV2gg9jaWdhbGVx
dWViZWMuY2GCEGNpZ2FsZXF1ZWJlYy5jb22CE3d3dy5jaWdhbGVxdWViZWMuY2GC
FHd3dy5jaWdhbGVxdWViZWMuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYK
KwYBBAHWeQIEAgSB9QSB8gDwAHUAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6
V6NS61IAAAGKxjEx8AAABAMARjBEAiAEd3ceZH6u94szUqH50AQQ1a10Ob7Wk6hF
wUTIW0ntmgIgb4PzGdASjGNH9B46SiHpPqgR6Fg7uF4YI7uYHdKI2eYAdwCt9776
fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYrGMTHJAAAEAwBIMEYCIQCe
K3wpv2mo1qKlvBUDo21r5RZdIHkrOo9AnboUA0CHQQIhAOb+iebEyXqNpM+aIDto
g6tNmn/wPMpyFNw083ana59kMA0GCSqGSIb3DQEBCwUAA4IBAQAJYXfnCLuNU31m
Tka7+b5UrTEzUTSPNwRXMPdFPSNWxBFfmlNdrhitIeH3C3jIiVGGrRlRhDFBszON
B1FssX27+EJyIIdzN32IBU5k5h1lNa5aZtK7pRkhvRG7Rb1CFCbHJwfJ02svswdT
fAGsLx5eFnuYUSG84F5CI9IGvZJSLGbnduarPhr5I7/aY9Yb4BFFZIgyz2TGhHpu
b0OkxULtFQElsz7JHAj1mB1YYMl+I5BiXRCqFFQiEXcVxM2+BtXrrV5wUGNkJB4Z
+KEMDOkk9pIKt5BGBMdRBeu/Oo9b9et+a1UC5qPkC1gi+pIFMnwKfzS1JnEaaGrz
7jm18pT6
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4P/xbzh+UOTZ2hb4C4wU
mfywn7fUZZ1b+PPHVNL+riqcsfKASRnraNbIIe49gLXY+DuHZSxJU9XBsakDwPyT
qtbJNoZFE+uW9OIaNPCumN+JoXUK7MlYxkppx2NncMD2VvA50V1WEAE7WlPQLWCp
s94EduGIePbiRs7Mi136tJA496nYPPFYW5+YL38naAEa1lMFEnDOrYLLJB/bqYwU
CfOsdJqplpvZnfb/DlQ2UrLtk+oGSUNPOmmXMZjpi6JMLwZ8yXkwgTW0Te7KoSdM
RwB9nIx++/2Ndc0dYhx3phBEqn67UBts66BLzbYP9UQ7HHOOh6HgNqH3jEpD9OGn
MwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 284343783276498061008976944813023948828438
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-24 06:57:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 06:57:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cigalequebec.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28403590560575861657367008169087698470452255553249542777144234212443608085113902625331782449777550960715485125241101491310982320931804598110179696977628396837314231717835200225575773318916010966437915218673162231201198441916491376022813189149508114738279987780356455375590541674035249408539601877985575854547952181991140809878665607492852383148167586753889228492527699376669001545683852182125020067769724130791687293563480427637575624835079527521432659568322117529910213307850637546850465504378609351160108401658243281605835880020464455487722784623229240073062179837020668490774822355120247343362988860808660852516659
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							731d193c5ab95a4e25fc29e85ce0be7e8cd387de
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (101 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cigale-demo.jnv.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cigalequebec.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cigalequebec.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cigalequebec.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cigalequebec.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ac63131f0000004030046304402200477771e647eaef78b3352a1f9d00410d5ad7439bed693a845c144c85b49ed9a02206f83f319d0128c6347f41e3a4a21e93ea811e8583bb85e1823bb981dd288d9e6007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018ac63131c900000403004830460221009e2b7c29bf69a8d6a2a5bc1503a36d6be5165d20792b3a8f409dba1403408741022100e6fe89e6c4c97a8da4cf9a203b6883ab4d9a7ff03cca7214dc34f376a76b9f64
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00096177e708bb8d537d664e46bbf9be54ad313351348f37045730f7453d2356c4115f9a535dae18ad21e1f70b78c8895186ad1951843141b3338d07516cb17dbbf84272208773377d88054e64e61d6535ae5a66d2bba51921bd11bb45bd421426c72707c9d36b2fb307537c01ac2f1e5e167b985121bce05e4223d206bd92522c66e776e6ab3e1af923bfda63d61be01145648832cf64c6847a6e6f43a4c542ed150125b33ec91c08f5981d5860c97e2390625d10aa145422117715c4cdbe06d5ebad5e70506364241e19f8a10c0ce924f6920ab7904604c75105ebbf3a8f5bf5eb7e6b5502e6a3e40b5822fa9205327c0a7f34b526711a686af3ee39b5f294fa