www.bemployed.co.za

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:a2:33:ee:12:28:d7:16:4e:cb:af:72:66:b8:2f:60:39:ba was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

www.bemployed.co.za

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:a2:33:ee:12:28:d7:16:4e:cb:af:72:66:b8:2f:60:39:ba
Serial Number (int): 316531627999229198631314248166995644135866
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: d5:a4:ef:fa:97:55:6b:88:e8:2a:38:b0:17:45:6f:d0:f9:10:71:46
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): b3:e8:92:ae:6f:cb:c0:2b:4d:9d:10:9a:64:c3:58:7b:60:64:25:6f
Fingerprint (sha256): 7f:ef:22:22:b6:5a:83:f6:26:dd:13:5b:4a:e2:ff:a6:94:85:dd:6b:f7:37:c0:0a:a2:a3:00:8a:68:27:7f:0a

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate www.bemployed.co.za

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.bemployed.co.za

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bemployed.co.za
www.bemployed.co.za

Other certificates including the domain name bemployed.co.za

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.bemployed.co.za in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISA6Iz7hIo1xZOy69yZrgvYDm6MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA1MjIwNjAxMDBaFw0x
NjA4MjAwNjAxMDBaMB4xHDAaBgNVBAMTE3d3dy5iZW1wbG95ZWQuY28uemEwggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCoZM9XnyxSXI4JireQ9oPmyWOk
CTdfwKU7nDg+xM3qYvmb451Sv6fGr6TCzzu3klLWhdV3yKbaZEqrLgqOrEUEDO+8
d+IzJ/vDbmRozdfZSJgqQ0PIO5iAjTAzOQ7Mve3qTYJ8Z0i4OuMZfCaKC+9dtfd8
EHL0RagTpdq3NkeyRlGRJIbObkBXBSU8iZChdooZLZuFk8t5NauCiwerrHu/rMdk
U1X88TMDAJPRhExGf0PSbMYvQetqR894UiPBq92IE3CwZIO+MoYNKdR+1zhEFriL
ac4HelHFSGNNCrPN30tyg2yRtGbUGjtvV0eRsnuSrXZocFVAV1tabLDaTDaS0nnO
Pv6OAHCwq684tPy9SXuTFIee9UzKk3qA4x8NnqN3tON+le+/Jy1H+P04hun0gCeX
qCr+iiRuJ3qvuCCWH2e0oTHVStH0/D8UHZI575WzL+ufMaRFJJebsCT4K1pgH7v0
bQhQa8HlC2O1c0X5RR97YTU1nUpdJIZRmE2Z+IFu8yPXPzaCSoOzAIXqW/6grhw0
2gABqX27WhqddbyiS9d2SzUmgzI74KBEFi0NigGPcpcZo3FSdFDo5caBSCtgpg4c
G3r+J9/l1CLRoccag8+w6hdbYHzzoRKz10Bn1MTQx4PWUCDUOXN9tCgx7g2O0j83
c+S0fZpHcSHr+6077wIDAQABo4ICJTCCAiEwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBTVpO/6l1VriOgqOLAXRW/Q+RBxRjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem
RWXv86jsoTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3Nw
LmludC14My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2Vy
dC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAvBgNVHREEKDAmgg9iZW1wbG95ZWQu
Y28uemGCE3d3dy5iZW1wbG95ZWQuY28uemEwgf4GA1UdIASB9jCB8zAIBgZngQwB
AgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
dHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRl
IG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQg
b25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBm
b3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkq
hkiG9w0BAQsFAAOCAQEAmo7VbvqnGjwFtj7S0LQ8V4kzSldJJZADv3gdYFS7+Wbq
GA8kVw0wGm1YGvgG10ILk+fs6an/m4/8jPIaO+Yj+BkExN+ODjZEvnKfOzIQSmNT
eoZmxGE47X+O8A4BVytMamNc0st8M1bTVkqFOZr75soQSc1cOjMJMI9noD3nTLkL
Fh156+XZqNvBpBK9EKZi2fsaD5XIXQJEFursAJUCYAjRd72XHeBJ+eQlcFYPVNyC
hAwFvEt0LtcdUY4Acmrhe3odGGDVc3hgXltn7StXxH6PB+Yj9zwzeE+FhSyBzuBt
KXWux+apf7EJ9F0xcuW3wWCPWwyD2freQ1UUiox1Jg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqGTPV58sUlyOCYq3kPaD
5sljpAk3X8ClO5w4PsTN6mL5m+OdUr+nxq+kws87t5JS1oXVd8im2mRKqy4KjqxF
BAzvvHfiMyf7w25kaM3X2UiYKkNDyDuYgI0wMzkOzL3t6k2CfGdIuDrjGXwmigvv
XbX3fBBy9EWoE6XatzZHskZRkSSGzm5AVwUlPImQoXaKGS2bhZPLeTWrgosHq6x7
v6zHZFNV/PEzAwCT0YRMRn9D0mzGL0HrakfPeFIjwavdiBNwsGSDvjKGDSnUftc4
RBa4i2nOB3pRxUhjTQqzzd9LcoNskbRm1Bo7b1dHkbJ7kq12aHBVQFdbWmyw2kw2
ktJ5zj7+jgBwsKuvOLT8vUl7kxSHnvVMypN6gOMfDZ6jd7TjfpXvvyctR/j9OIbp
9IAnl6gq/ookbid6r7gglh9ntKEx1UrR9Pw/FB2SOe+Vsy/rnzGkRSSXm7Ak+Cta
YB+79G0IUGvB5QtjtXNF+UUfe2E1NZ1KXSSGUZhNmfiBbvMj1z82gkqDswCF6lv+
oK4cNNoAAal9u1oanXW8okvXdks1JoMyO+CgRBYtDYoBj3KXGaNxUnRQ6OXGgUgr
YKYOHBt6/iff5dQi0aHHGoPPsOoXW2B886ESs9dAZ9TE0MeD1lAg1DlzfbQoMe4N
jtI/N3PktH2aR3Eh6/utO+8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 316531627999229198631314248166995644135866
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-22 06:01:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-20 06:01:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bemployed.co.za'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 686986721536718639952489410136314511527216375888509361658778480034537185507147584551329126381111729389243461700790010389765898271494547682315721875899128617368858064911970973868583293761767227621724813640680297455404965046174392813496364517177059048994803094233554648927789051578607600753283791905345776796013647871139359202818035306494978756355907041455917110973375816194616992915516852150882261438160930388836079331612123871762264055903947883925757152985848469146061241563353249337673992773023559178403797806639251735798149302456151997113148322682285129385644236312852485138818423350279694960288306267139847329533284021930654166044329314473442796475933643563461728597029966822913877602254206018146641494045678121537805009280226580912159445755418516636656215419902123692277379360748851941788105072895987284530257325452974948225663841281317550741139366745685399566801638267148801279282009926880743948763416468197464293407169366429453752132907086829423554627252427606549635741872110531310359936133313406435449641765475138775574542489476816123334890608535112371202955766524999701331448490080884482085149296433600477004198071646488144352129057657675750305747864242627650730077757000694253790843125887117116842205149861253976480545586159
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d5a4effa97556b88e82a38b017456fd0f9107146
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bemployed.co.za'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bemployed.co.za'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009a8ed56efaa71a3c05b63ed2d0b43c5789334a5749259003bf781d6054bbf966ea180f24570d301a6d581af806d7420b93e7ece9a9ff9b8ffc8cf21a3be623f81904c4df8e0e3644be729f3b32104a63537a8666c46138ed7f8ef00e01572b4c6a635cd2cb7c3356d3564a85399afbe6ca1049cd5c3a3309308f67a03de74cb90b161d79ebe5d9a8dbc1a412bd10a662d9fb1a0f95c85d024416eaec0095026008d177bd971de049f9e42570560f54dc82840c05bc4b742ed71d518e00726ae17b7a1d1860d57378605e5b67ed2b57c47e8f07e623f73c33784f85852c81cee06d2975aec7e6a97fb109f45d3172e5b7c1608f5b0c83d9fade4355148a8c7526