health.clinic

Issued by R10

About this certificate

This digital certificate with serial number 03:41:04:e6:55:e9:7c:1b:6a:57:00:71:1a:1d:0e:75:ef:90 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=health.clinic

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:41:04:e6:55:e9:7c:1b:6a:57:00:71:1a:1d:0e:75:ef:90
Serial Number (int): 283461724527905730199443524065361042730896
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 71:97:b0:9c:cd:17:f7:02:4a:00:51:25:e3:10:d9:e2:c1:ad:1b:54
AuthorityKeyId: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (sha1): 3a:95:1e:7e:2d:e7:75:92:f7:50:e7:1a:94:56:b3:e1:11:df:17:e0
Fingerprint (sha256): 82:55:75:61:40:46:71:ad:51:c5:07:f1:22:39:34:52:b4:1a:b0:3e:cf:bf:77:f3:35:ed:cb:44:6f:2b:5c:8f

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation information

OCSP Server: http://r10.o.lencr.org

Check the revocation status for certificate health.clinic

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for health.clinic

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

health.clinic
www.health.clinic

Other certificates including the domain name health.clinic

(limited to 100 certificates)
health.clinic
health.clinic
health.clinic
health.clinic
health.clinic
health.clinic
health.clinic
health.clinic
health.clinic
health.clinic

Certificate

The complete raw certificate details for health.clinic in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISA0EE5lXpfBtqVwBxGh0Ode+QMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjQwNjE2MDMwMzQyWhcNMjQwOTE0MDMwMzQxWjAYMRYwFAYDVQQD
Ew1oZWFsdGguY2xpbmljMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
oDvJnsgvQHRToGfEhUmuWLWwkvQGi9QVyp11tz+5eNsS/c6Qk/QJTDRoerdh6Ubu
rOpt4CX1F/IYQxab6gTOk0R0pONFYX3KcRwrDwm5c3BJYSIg7A2MfKHp/PQY83TH
bAFznmActwOPDEJ6SHhhSJp4K0KYWoqRVDyebpMUwPAKMZ06WZYRscGYEsyv6Fw+
q9M9kjEWDQ1MmLq5z9zEnZcMNA8NPYTC0q/AVL55QsyA24ABW4GPvNchYELgB1ey
L510b/StRjz1IfyjvpLm1SJYXaLRBpeZ2JxVRzDdmfaJN7372gOAb23GgqBETzgB
9tcb8ICk3eFbSK4Sylp6wniUTnsRjSZHRqskCNhAoNSUtO1Gl3ASpHnHfmQ2fWGV
U3fq4ayKDnJUbgGSZrdAQSwPmrPQOicEyKd+b+uYhVm6/Q6JGxV6uhKWfFRYU4zU
gfJVIhyNUvRtmsOgrvt4n2lwWASfs5IA9wOXvNJmiJo82ptHnol1Z/8ztyYHQBgX
lp595E1yJAw2m2mxAPlDUgEMhvtA3fu1XsxOtMkrmQ0gjiYB9P45gHhNb7HUxCM5
473EUQWkkkZ45B+0IZ/3DzRT0uwdLNTYERYqWABHQ6cuIommzpec47AnCnGPeim5
2CtrsAgxusgBVVPv8sR20afVMuncU1X0oZvJwny8M3ECAwEAAaOCAiQwggIgMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUcZewnM0X9wJKAFEl4xDZ4sGtG1QwHwYDVR0j
BBgwFoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwVwYIKwYBBQUHAQEESzBJMCIGCCsG
AQUFBzABhhZodHRwOi8vcjEwLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRw
Oi8vcjEwLmkubGVuY3Iub3JnLzArBgNVHREEJDAigg1oZWFsdGguY2xpbmljghF3
d3cuaGVhbHRoLmNsaW5pYzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABkB83F2gAAAQDAEYwRAIgfrTQKckM1twIMbfOHCzZxOoSXQdeWzKY+3IvIOJf
p14CIGKktEijQOJEqyj/ZTm/8UeACXwUlXf7Kp7h5EeV+OCCAHcAGZgQcQnw1lIu
MIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoAAAGQHzcXhwAABAMASDBGAiEAnwSFHqrx
fmwSuMFR3XTnT9HyUfObR0lAxwzNxTzuRIACIQDRyEEFz3bDsKUu46ZR54BWlj2P
XhssumMfdKJ+8ynZjDANBgkqhkiG9w0BAQsFAAOCAQEAy1s9O1NJCqgreLgGGIfM
38YopmcRqyc0bIkYVjcXV/j+RhthHIjdCSCpyLb/y0i/6o+Aqdtq9JDT0fQFjPxt
u1gvtNEPwAFwTJoE3/gZ2Mg9vUtQJALFHllcUxO7FAQQeAXEIkRX5/r42h9y5iO+
tQTiBF09I5KzK6DYOL3wWXB7TamXjJ0/cc3+coFNRq/CJgpzBzMhp2wELe58hknR
kahyfAEmEtyAD75A+JbMxNiN6bSZvYliubPlkt+o2rg+YcHtNspG2RfPp0G5d1MY
QQd33SqNqybL5WQxP6L/Pbegsnn5qmeLfGNB+CE+YUXLlVVH57TL1XNRF24bB4Ed
TA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoDvJnsgvQHRToGfEhUmu
WLWwkvQGi9QVyp11tz+5eNsS/c6Qk/QJTDRoerdh6UburOpt4CX1F/IYQxab6gTO
k0R0pONFYX3KcRwrDwm5c3BJYSIg7A2MfKHp/PQY83THbAFznmActwOPDEJ6SHhh
SJp4K0KYWoqRVDyebpMUwPAKMZ06WZYRscGYEsyv6Fw+q9M9kjEWDQ1MmLq5z9zE
nZcMNA8NPYTC0q/AVL55QsyA24ABW4GPvNchYELgB1eyL510b/StRjz1IfyjvpLm
1SJYXaLRBpeZ2JxVRzDdmfaJN7372gOAb23GgqBETzgB9tcb8ICk3eFbSK4Sylp6
wniUTnsRjSZHRqskCNhAoNSUtO1Gl3ASpHnHfmQ2fWGVU3fq4ayKDnJUbgGSZrdA
QSwPmrPQOicEyKd+b+uYhVm6/Q6JGxV6uhKWfFRYU4zUgfJVIhyNUvRtmsOgrvt4
n2lwWASfs5IA9wOXvNJmiJo82ptHnol1Z/8ztyYHQBgXlp595E1yJAw2m2mxAPlD
UgEMhvtA3fu1XsxOtMkrmQ0gjiYB9P45gHhNb7HUxCM5473EUQWkkkZ45B+0IZ/3
DzRT0uwdLNTYERYqWABHQ6cuIommzpec47AnCnGPeim52CtrsAgxusgBVVPv8sR2
0afVMuncU1X0oZvJwny8M3ECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 283461724527905730199443524065361042730896
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-16 03:03:42 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-14 03:03:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'health.clinic'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 653695832298441675080954982533887356684189406995996423380531799482807353895094803817575866554824940642466472996133322384906985416130208388512925341003514087864692026432899944846233983387715712320554694712409992779196215777802776752412007184485529241499103395483692572561263687426436679927089392327000230903674932552193846679240374189220867383336506032865445486403116272066018782846425999383710268568929739878006823419325638410376005585838706533239237940170744899183727970787654176630546891028777350953116887482487707037304377832958535236720699675693992408764711776477754859553113068165329791275935097840732325067472919748810420695214499622936206678815026465263331165681540994201427554297465486189395064316469308311802266462550766069330187121634481873271821159679350067914674862823466525343662242148184377006749861496584283059142998454700603894180819379696429036656443491711752660230288526229319255614123759612852962346497085305494195211696297034916564319294339438227560517418464332080450120053661062255579707276437953651621167275017895187530257621643675461991277742288555895835117468132451590102195746808349903014754791287235884362530789434000820671355961292375144913371395275921023354904209808827990289827421099343783306577546326897
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7197b09ccd17f7024a005125e310d9e2c1ad1b54
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'health.clinic'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.health.clinic'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001901f371768000004030046304402207eb4d029c90cd6dc0831b7ce1c2cd9c4ea125d075e5b3298fb722f20e25fa75e022062a4b448a340e244ab28ff6539bff14780097c149577fb2a9ee1e44795f8e0820077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca000001901f37178700000403004830460221009f04851eaaf17e6c12b8c151dd74e74fd1f251f39b474940c70ccdc53cee4480022100d1c84105cf76c3b0a52ee3a651e78056963d8f5e1b2cba631f74a27ef329d98c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00cb5b3d3b53490aa82b78b8061887ccdfc628a66711ab27346c891856371757f8fe461b611c88dd0920a9c8b6ffcb48bfea8f80a9db6af490d3d1f4058cfc6dbb582fb4d10fc001704c9a04dff819d8c83dbd4b502402c51e595c5313bb1404107805c4224457e7faf8da1f72e623beb504e2045d3d2392b32ba0d838bdf059707b4da9978c9d3f71cdfe72814d46afc2260a73073321a76c042dee7c8649d191a8727c012612dc800fbe40f896ccc4d88de9b499bd8962b9b3e592dfa8dab83e61c1ed36ca46d917cfa741b9775318410777dd2a8dab26cbe564313fa2ff3db7a0b279f9aa678b7c6341f8213e6145cb955547e7b4cbd57351176e1b07811d4c