spfilter-3.secure-dns.net

Issued by R3

About this certificate

This digital certificate with serial number 03:3e:de:52:e0:f0:cc:e5:f3:af:0a:1a:e8:d0:99:02:47:8d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=spfilter-3.secure-dns.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:3e:de:52:e0:f0:cc:e5:f3:af:0a:1a:e8:d0:99:02:47:8d
Serial Number (int): 282729883490123499012428934667679897372557
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 8c:09:f8:b6:7e:0a:66:ed:54:26:b7:a3:df:4a:2c:d8:0d:f2:c8:06
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): c8:3b:b2:a4:45:36:5c:84:39:7d:e3:41:85:30:dc:ca:2c:e3:49:6b
Fingerprint (sha256): 81:0e:a5:d5:76:71:cb:e1:4c:c8:92:ba:dd:c3:4c:4c:aa:3f:da:31:4e:e2:33:f3:6d:37:3a:3f:5c:15:b1:c1

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate spfilter-3.secure-dns.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for spfilter-3.secure-dns.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

spfilter-3.secure-dns.net

Other certificates including the domain name secure-dns.net

(limited to 100 certificates)
wppluspro01.secure-dns.net
wpadmin1.secure-dns.net
springer.secure-dns.net
wpauthor2.secure-dns.net
wp17.secure-dns.net
ipless.soundwave.secure-dns.net
wplitepro01.secure-dns.net
ainee2.secure-dns.net
ipless.bumblebee.secure-dns.net
power3.secure-dns.net
ipless.bumblebee.secure-dns.net
ipless.bumblebee.secure-dns.net
ipless.bumblebee.secure-dns.net
wpcontributor3.secure-dns.net
steeljaw.secure-dns.net
secure-dns.net
power2.secure-dns.net
*.secure-dns.net
secure-dns.net
wpauthor2.secure-dns.net
wpeditor1.secure-dns.net
spfilter-1.secure-dns.net
*.secure-dns.net
ipless.soundwave.secure-dns.net
wpauthor3.secure-dns.net
wpcontributor3.secure-dns.net
wpcontributor1.secure-dns.net
secure-dns.net
*.secure-dns.net
grimlock.secure-dns.net
ipless.bumblebee.secure-dns.net
wpeditor2.secure-dns.net
grimlock.secure-dns.net
wpplus01.secure-dns.net
ainee2.secure-dns.net
wpsuperadmin1.secure-dns.net
secure-dns.net
spfilter-2.secure-dns.net
secure-dns.net
secure-dns.net
spfilter-2.secure-dns.net
wpauthor1.secure-dns.net
sunstreaker.secure-dns.net
power3.secure-dns.net
wpcontributor3-sg.secure-dns.net
opah.secure-dns.net
ainee2.secure-dns.net
secure-dns.net
secure-dns.net
wplitepro01.secure-dns.net
power3.secure-dns.net
wpauthor1.secure-dns.net
ipless.soundwave.secure-dns.net
wpauthor3.secure-dns.net
wpauthor1.secure-dns.net
ipless.soundwave.secure-dns.net
*.secure-dns.net
spfilter-1.secure-dns.net
wp13.secure-dns.net
spfilter-4.secure-dns.net
secure-dns.net
spfilter-3.secure-dns.net
soundwave2.secure-dns.net
power1.secure-dns.net
spfilter-4.secure-dns.net
keywaden.secure-dns.net
secure-dns.net
spfilter-4.secure-dns.net
secure-dns.net
belial.secure-dns.net
ainee2.secure-dns.net
*.secure-dns.net
wpcontributor2.secure-dns.net
ainee2.secure-dns.net
secure-dns.net
secure-dns.net
ainee2.secure-dns.net
ipless.soundwave.secure-dns.net
jazz.secure-dns.net
spfilter-2.secure-dns.net
secure-dns.net
secure-dns.net
spfilter-1.us02.secure-dns.net
wpsuperadmin1.secure-dns.net
megatron.secure-dns.net
secure-dns.net
spfilter-3.secure-dns.net
secure-dns.net
spfilter-5.secure-dns.net
power2.secure-dns.net
ipless.soundwave.secure-dns.net
wpcontributor1.secure-dns.net
secure-dns.net
wp14.secure-dns.net
ox.secure-dns.net
oscar.secure-dns.net
ox.secure-dns.net
secure-dns.net
eel.secure-dns.net
hydrogen.secure-dns.net

Certificate

The complete raw certificate details for spfilter-3.secure-dns.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAz7eUuDwzOXzrwoa6NCZAkeNMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMDEwNzM5MzlaFw0yNDAyMjkwNzM5MzhaMCQxIjAgBgNVBAMT
GXNwZmlsdGVyLTMuc2VjdXJlLWRucy5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsnZ/yISJfo79RSKS8xCRb4tTVjj9O9+/DRTPlKJkwq7IuQwgd
zI47Bixq7shLrC6cvWH7p0JBa31s570ey479X3UaePUlNaKXCk4Hym5w/xZjpCH/
bxmthiznnec2bh/yVet7wNgLsy+lP/Mn8DxdMeUvXQsNA31MrIH/bbT5uP7kfPhD
pL9lCkGNDK09ECQ+1s5/T5/zIXsBRelAsCHZS0HcjvWJ0ad/XhdvuN3GmoXmO1pN
5T9gDs92CRQAZygGUpZG/1mc0qjs4TdmkglmlKDNfdnxNTqmYKROFsuJbfJ08JUm
9a9OGDqVmOdFPBCElavfD8XoIAxZBB44XVOPAgMBAAGjggIcMIICGDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFIwJ+LZ+CmbtVCa3o99KLNgN8sgGMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMCQGA1UdEQQdMBuCGXNwZmlsdGVyLTMuc2VjdXJlLWRucy5u
ZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEA
dwA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYwkiJMWAAAEAwBI
MEYCIQDE4IHxS5L94MmeIBtAEzPV+zZmq3OM1XJvMZvy+zVE4gIhAP8SnCUREgxJ
oqrGoYX4SBSNz3nv0RY9/mMcT2eXgl0vAHYA7s3QZNXbGs7FXLedtM0TojKHRny8
7N7DUUhZRnEftZsAAAGMJIiTwwAABAMARzBFAiEAmNbl333oe2KBYcD2DVhK/R4m
qLolD9T+R/q6ahS1+rYCIDUe/oGT5KTrd/yUT2E13BhnU/aFbUg96wcpx2OcKamp
MA0GCSqGSIb3DQEBCwUAA4IBAQCpZdgGmDDnjzFnIakU1les9bmfZUAjquVN56vJ
B+QDxCmd0uYL/TLnzYTyG2YA3VvcHXMTDoB6j6qx932NXghcJUT7akKdzhVRv4En
i4+3eu/dErBd8LkE5Dl8V7k2MgUXOCEEF7YW7K2DzJCJcwp2cxfRnniOUHNE1ynI
PPRh6WABDaEb86XTtgyEx0vjyJMquwBcihO+OD1KOaYuTngEuFpRNaf6YgsSnQWZ
2jFryET977dnbDrMz4iPvQbTSChK4tjFIorOOXUE7HIck0Le5Nq/5kn5/YFCGMo+
pqDswc1biwXYOxdf7XAul/nV2ruHqo/BwLtfz9Ryj58uZWaV
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ2f8iEiX6O/UUikvMQk
W+LU1Y4/Tvfvw0Uz5SiZMKuyLkMIHcyOOwYsau7IS6wunL1h+6dCQWt9bOe9HsuO
/V91Gnj1JTWilwpOB8pucP8WY6Qh/28ZrYYs553nNm4f8lXre8DYC7MvpT/zJ/A8
XTHlL10LDQN9TKyB/220+bj+5Hz4Q6S/ZQpBjQytPRAkPtbOf0+f8yF7AUXpQLAh
2UtB3I71idGnf14Xb7jdxpqF5jtaTeU/YA7PdgkUAGcoBlKWRv9ZnNKo7OE3ZpIJ
ZpSgzX3Z8TU6pmCkThbLiW3ydPCVJvWvThg6lZjnRTwQhJWr3w/F6CAMWQQeOF1T
jwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 282729883490123499012428934667679897372557
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-01 07:39:39 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 07:39:38 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'spfilter-3.secure-dns.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21790716134248719016487645068263874966422346473340696127858230958867831636988096709152539501049802175039785815357585388324563110495136885392485111879183705424580999713434800490234339633787725998995962827966366252467680899399667407902289209286559965667212731092106954183561260170489635496918818205060621867294426417540861587628379405891885844592149663838628110561989848120433194960721546650191956861862030314986936158522775163093004180661470045326392189869864916102477029394481189234063713040993350240988920116572036949968778872328045457941050957677654645510076235957007838745398357939788583871691676126499234411008911
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8c09f8b67e0a66ed5426b7a3df4a2cd80df2c806
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spfilter-3.secure-dns.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c248893160000040300483046022100c4e081f14b92fde0c99e201b401333d5fb3666ab738cd5726f319bf2fb3544e2022100ff129c2511120c49a2aac6a185f848148dcf79efd1163dfe631c4f6797825d2f007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c248893c3000004030047304502210098d6e5df7de87b628161c0f60d584afd1e26a8ba250fd4fe47faba6a14b5fab60220351efe8193e4a4eb77fc944f6135dc186753f6856d483deb0729c7639c29a9a9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a965d8069830e78f316721a914d657acf5b99f654023aae54de7abc907e403c4299dd2e60bfd32e7cd84f21b6600dd5bdc1d73130e807a8faab1f77d8d5e085c2544fb6a429dce1551bf81278b8fb77aefdd12b05df0b904e4397c57b93632051738210417b616ecad83cc9089730a767317d19e788e507344d729c83cf461e960010da11bf3a5d3b60c84c74be3c8932abb005c8a13be383d4a39a62e4e7804b85a5135a7fa620b129d0599da316bc844fdefb7676c3acccf888fbd06d348284ae2d8c5228ace397504ec721c9342dee4dabfe649f9fd814218ca3ea6a0ecc1cd5b8b05d83b175fed702e97f9d5dabb87aa8fc1c0bb5fcfd4728f9f2e656695