www.bemployed.co.za
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a2:33:ee:12:28:d7:16:4e:cb:af:72:66:b8:2f:60:39:ba was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.bemployed.co.za
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a2:33:ee:12:28:d7:16:4e:cb:af:72:66:b8:2f:60:39:baSerial Number (int): 316531627999229198631314248166995644135866
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d5:a4:ef:fa:97:55:6b:88:e8:2a:38:b0:17:45:6f:d0:f9:10:71:46
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b3:e8:92:ae:6f:cb:c0:2b:4d:9d:10:9a:64:c3:58:7b:60:64:25:6f
Fingerprint (sha256): 7f:ef:22:22:b6:5a:83:f6:26:dd:13:5b:4a:e2:ff:a6:94:85:dd:6b:f7:37:c0:0a:a2:a3:00:8a:68:27:7f:0a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate www.bemployed.co.za
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bemployed.co.za
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bemployed.co.za
www.bemployed.co.za
www.bemployed.co.za
Other certificates including the domain name bemployed.co.za
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.bemployed.co.za in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGzCCBQOgAwIBAgISA6Iz7hIo1xZOy69yZrgvYDm6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA1MjIwNjAxMDBaFw0x NjA4MjAwNjAxMDBaMB4xHDAaBgNVBAMTE3d3dy5iZW1wbG95ZWQuY28uemEwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCoZM9XnyxSXI4JireQ9oPmyWOk CTdfwKU7nDg+xM3qYvmb451Sv6fGr6TCzzu3klLWhdV3yKbaZEqrLgqOrEUEDO+8 d+IzJ/vDbmRozdfZSJgqQ0PIO5iAjTAzOQ7Mve3qTYJ8Z0i4OuMZfCaKC+9dtfd8 EHL0RagTpdq3NkeyRlGRJIbObkBXBSU8iZChdooZLZuFk8t5NauCiwerrHu/rMdk U1X88TMDAJPRhExGf0PSbMYvQetqR894UiPBq92IE3CwZIO+MoYNKdR+1zhEFriL ac4HelHFSGNNCrPN30tyg2yRtGbUGjtvV0eRsnuSrXZocFVAV1tabLDaTDaS0nnO Pv6OAHCwq684tPy9SXuTFIee9UzKk3qA4x8NnqN3tON+le+/Jy1H+P04hun0gCeX qCr+iiRuJ3qvuCCWH2e0oTHVStH0/D8UHZI575WzL+ufMaRFJJebsCT4K1pgH7v0 bQhQa8HlC2O1c0X5RR97YTU1nUpdJIZRmE2Z+IFu8yPXPzaCSoOzAIXqW/6grhw0 2gABqX27WhqddbyiS9d2SzUmgzI74KBEFi0NigGPcpcZo3FSdFDo5caBSCtgpg4c G3r+J9/l1CLRoccag8+w6hdbYHzzoRKz10Bn1MTQx4PWUCDUOXN9tCgx7g2O0j83 c+S0fZpHcSHr+6077wIDAQABo4ICJTCCAiEwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBTVpO/6l1VriOgqOLAXRW/Q+RBxRjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2Vy dC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAvBgNVHREEKDAmgg9iZW1wbG95ZWQu Y28uemGCE3d3dy5iZW1wbG95ZWQuY28uemEwgf4GA1UdIASB9jCB8zAIBgZngQwB AgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl dHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRl IG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQg b25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBm b3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkq hkiG9w0BAQsFAAOCAQEAmo7VbvqnGjwFtj7S0LQ8V4kzSldJJZADv3gdYFS7+Wbq GA8kVw0wGm1YGvgG10ILk+fs6an/m4/8jPIaO+Yj+BkExN+ODjZEvnKfOzIQSmNT eoZmxGE47X+O8A4BVytMamNc0st8M1bTVkqFOZr75soQSc1cOjMJMI9noD3nTLkL Fh156+XZqNvBpBK9EKZi2fsaD5XIXQJEFursAJUCYAjRd72XHeBJ+eQlcFYPVNyC hAwFvEt0LtcdUY4Acmrhe3odGGDVc3hgXltn7StXxH6PB+Yj9zwzeE+FhSyBzuBt KXWux+apf7EJ9F0xcuW3wWCPWwyD2freQ1UUiox1Jg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqGTPV58sUlyOCYq3kPaD 5sljpAk3X8ClO5w4PsTN6mL5m+OdUr+nxq+kws87t5JS1oXVd8im2mRKqy4KjqxF BAzvvHfiMyf7w25kaM3X2UiYKkNDyDuYgI0wMzkOzL3t6k2CfGdIuDrjGXwmigvv XbX3fBBy9EWoE6XatzZHskZRkSSGzm5AVwUlPImQoXaKGS2bhZPLeTWrgosHq6x7 v6zHZFNV/PEzAwCT0YRMRn9D0mzGL0HrakfPeFIjwavdiBNwsGSDvjKGDSnUftc4 RBa4i2nOB3pRxUhjTQqzzd9LcoNskbRm1Bo7b1dHkbJ7kq12aHBVQFdbWmyw2kw2 ktJ5zj7+jgBwsKuvOLT8vUl7kxSHnvVMypN6gOMfDZ6jd7TjfpXvvyctR/j9OIbp 9IAnl6gq/ookbid6r7gglh9ntKEx1UrR9Pw/FB2SOe+Vsy/rnzGkRSSXm7Ak+Cta YB+79G0IUGvB5QtjtXNF+UUfe2E1NZ1KXSSGUZhNmfiBbvMj1z82gkqDswCF6lv+ oK4cNNoAAal9u1oanXW8okvXdks1JoMyO+CgRBYtDYoBj3KXGaNxUnRQ6OXGgUgr YKYOHBt6/iff5dQi0aHHGoPPsOoXW2B886ESs9dAZ9TE0MeD1lAg1DlzfbQoMe4N jtI/N3PktH2aR3Eh6/utO+8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316531627999229198631314248166995644135866 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-22 06:01:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-20 06:01:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bemployed.co.za' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 686986721536718639952489410136314511527216375888509361658778480034537185507147584551329126381111729389243461700790010389765898271494547682315721875899128617368858064911970973868583293761767227621724813640680297455404965046174392813496364517177059048994803094233554648927789051578607600753283791905345776796013647871139359202818035306494978756355907041455917110973375816194616992915516852150882261438160930388836079331612123871762264055903947883925757152985848469146061241563353249337673992773023559178403797806639251735798149302456151997113148322682285129385644236312852485138818423350279694960288306267139847329533284021930654166044329314473442796475933643563461728597029966822913877602254206018146641494045678121537805009280226580912159445755418516636656215419902123692277379360748851941788105072895987284530257325452974948225663841281317550741139366745685399566801638267148801279282009926880743948763416468197464293407169366429453752132907086829423554627252427606549635741872110531310359936133313406435449641765475138775574542489476816123334890608535112371202955766524999701331448490080884482085149296433600477004198071646488144352129057657675750305747864242627650730077757000694253790843125887117116842205149861253976480545586159 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d5a4effa97556b88e82a38b017456fd0f9107146 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bemployed.co.za' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bemployed.co.za' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009a8ed56efaa71a3c05b63ed2d0b43c5789334a5749259003bf781d6054bbf966ea180f24570d301a6d581af806d7420b93e7ece9a9ff9b8ffc8cf21a3be623f81904c4df8e0e3644be729f3b32104a63537a8666c46138ed7f8ef00e01572b4c6a635cd2cb7c3356d3564a85399afbe6ca1049cd5c3a3309308f67a03de74cb90b161d79ebe5d9a8dbc1a412bd10a662d9fb1a0f95c85d024416eaec0095026008d177bd971de049f9e42570560f54dc82840c05bc4b742ed71d518e00726ae17b7a1d1860d57378605e5b67ed2b57c47e8f07e623f73c33784f85852c81cee06d2975aec7e6a97fb109f45d3172e5b7c1608f5b0c83d9fade4355148a8c7526