markmockensturm.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ab:13:9d:df:f1:31:73:c7:51:19:6e:1d:42:94:6f:34:ee was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=markmockensturm.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ab:13:9d:df:f1:31:73:c7:51:19:6e:1d:42:94:6f:34:eeSerial Number (int): 319551217603374554075089268286803151893742
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 1e:41:70:fa:80:20:63:dd:b2:8e:a6:80:c4:5e:50:2f:4e:99:fe:fc
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 66:8a:da:0d:3e:0a:0f:eb:25:e2:ce:21:24:0a:1b:7d:8f:2a:e1:23
Fingerprint (sha256): 84:58:dd:86:01:26:8f:da:de:94:e6:76:61:e8:c3:42:d6:4e:e1:e4:f3:20:ce:e4:99:01:9c:17:1a:b7:82:c1
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate markmockensturm.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for markmockensturm.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
markmockensturm.com
Other certificates including the domain name markmockensturm.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for markmockensturm.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXzCCBUegAwIBAgISA6sTnd/xMXPHURluHUKUbzTuMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMTUwODMzNTBaFw0y MDAyMTMwODMzNTBaMB4xHDAaBgNVBAMTE21hcmttb2NrZW5zdHVybS5jb20wggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCopwCL3o4imPv+h2c7kGtVUHEj XSBviJQPSg3aE2nF5TdPQ1KBqofWO5HfLrvsqaEkOdXJscF8zRlQN41H+fu3nsYx 8UldJVPil3V9kXUiWIlax1NRumxzK8zy/iXo/YxsGc3ZqkAtWR/+lIXbHC+OdN87 fYaE47yBKmHF8yh1VOEVsjsrqe9xV8ZUJEIsPImGKj1So6vbq5iQlO0yPi9nr90g arIhhgs3CslcJppExitiWv1nw4bU2cXaRMIJlZAIPhQeqIli2NABnxM+9MczvKii 4IpDEdklYFE6Zcpq7A88AGwwyMA7uXPGCgEHPsB8z5tp7NZXG/KP+flzVVmaesBK ckPgnIGotrHDRY4AJvH28j9NV8eDbf2+n+rbYKCnYv6lPVleJV/c495l3IIFb12b v2KX5OX3chIE+9jOUCRJUVfH394F9BmJMrerq9R50fXDblxepwFqJQCYWapqXL/8 5LeYktx7BisNU1difUzhdwgCmZzrP6edo5ah0MD6veAm0PyjjeRFNiKjybf80omY VeIbOINfvhdq5b2j0scP82zs2sJDpEsNTaEQKAjMJuH/shFIQXn8eXPByCa5ilyK wrkkWSPugqWKxbwjmpyfakx6I/pS60I1YtyclwMWGncpXCpEEAX0uetlnw7VGNqV 9jI36x7E0C01AWvcwQIDAQABo4ICaTCCAmUwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQeQXD6gCBj3bKOpoDEXlAvTpn+/DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB4GA1UdEQQXMBWCE21hcmttb2NrZW5z dHVybS5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEE AdZ5AgQCBIH2BIHzAPEAdgDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6y cwAAAW5uaWNUAAAEAwBHMEUCIDsmKjR8ZMKaa0od5SnFp3nqxGgO4AjtnCqhRf8i YxPJAiEA4C8uDJwXbCP5nX4pw0LFu10OKN3uXSOSuF781Nwk9/sAdwCyHgXMi6LN iiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW5uaWOnAAAEAwBIMEYCIQDR0KP4 vongQOln8jrMMQLNxcGtXCNsOxFbkoKJQiE5/AIhANvrVTGHLRCtCD2cZNRqkePm HxYXY/9OGm5C71hdg6zWMA0GCSqGSIb3DQEBCwUAA4IBAQAYc1fstXuDv754EAE1 3aQX5jNxXuTxumdrqE5wKU61+fiJglgysBZCIfOiDn3ErwKsgcpdLADOwrrO5b3w z9udyn0PHmhZEnw8MUMU7OUH+Vy8urahjNEdPwGRQ3hH/aGzkEsfY3fX7RWmNmUr aAOsC0EFeBBG2ehHVxsBdR0VfXsMNy4tYmKSxXBz5kTj98FiIn0ukU87hq539P9m j9im/jgaF/0nlthftfLD2okW1xNkwZUM6UNWTKliPaNcXKYkw53qCbp3LC40DCqG lgaMcPItjHBOq8XZoUMAedMb5EgP/yO7gj075bWvw0CYfyRPCrwzGRFSCINeXsY9 KGnC -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqKcAi96OIpj7/odnO5Br VVBxI10gb4iUD0oN2hNpxeU3T0NSgaqH1juR3y677KmhJDnVybHBfM0ZUDeNR/n7 t57GMfFJXSVT4pd1fZF1IliJWsdTUbpscyvM8v4l6P2MbBnN2apALVkf/pSF2xwv jnTfO32GhOO8gSphxfModVThFbI7K6nvcVfGVCRCLDyJhio9UqOr26uYkJTtMj4v Z6/dIGqyIYYLNwrJXCaaRMYrYlr9Z8OG1NnF2kTCCZWQCD4UHqiJYtjQAZ8TPvTH M7yoouCKQxHZJWBROmXKauwPPABsMMjAO7lzxgoBBz7AfM+baezWVxvyj/n5c1VZ mnrASnJD4JyBqLaxw0WOACbx9vI/TVfHg239vp/q22Cgp2L+pT1ZXiVf3OPeZdyC BW9dm79il+Tl93ISBPvYzlAkSVFXx9/eBfQZiTK3q6vUedH1w25cXqcBaiUAmFmq aly//OS3mJLcewYrDVNXYn1M4XcIApmc6z+nnaOWodDA+r3gJtD8o43kRTYio8m3 /NKJmFXiGziDX74XauW9o9LHD/Ns7NrCQ6RLDU2hECgIzCbh/7IRSEF5/Hlzwcgm uYpcisK5JFkj7oKlisW8I5qcn2pMeiP6UutCNWLcnJcDFhp3KVwqRBAF9LnrZZ8O 1RjalfYyN+sexNAtNQFr3MECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 319551217603374554075089268286803151893742 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-15 08:33:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-13 08:33:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'markmockensturm.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 688041567748813736126568986166490421595337346493679828713699877362464378486969000921496356913559048260459263866825165906225439628019348630185320819433004937472317473467710659946969639113156601981711848759545088234880294729404440836583216566723094597138161002689923985028182622866174607253194891313895103448124327545689724991725509586981510363384905399134754117885004710980437796629473848984130740849479579255757896914712174421020945914853657051345370500533733685901569424138306507950763782068371791711408670241036337329389904986013124028076620884739428781853000621538247993367581575182095825867262376208467659629027116658290557143510062924883919666321915413254727927175746542264850131110365681265203287755437059521514962960352724507153683846703204519990468046295447528647826102386141621045385912370393391832636917967414768540348541913701082530188948547919951128979339018303638674032948293443659865962911559534846030581942723268041852246080270192899696465390037193933930568867220138540421152355761702322707509783342892433354864890104503309350594017271906564026382766031361601324474652988090785235836255301643352217081068600835440999254466988509011318947271264340938318827372101744773693047380664575140735336222121943166552858788879553 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1e4170fa802063ddb28ea680c45e502f4e99fefc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'markmockensturm.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016e6e696354000004030047304502203b262a347c64c29a6b4a1de529c5a779eac4680ee008ed9c2aa145ff226313c9022100e02f2e0c9c176c23f99d7e29c342c5bb5d0e28ddee5d2392b85efcd4dc24f7fb007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e6e6963a70000040300483046022100d1d0a3f8be89e040e967f23acc3102cdc5c1ad5c236c3b115b928289422139fc022100dbeb5531872d10ad083d9c64d46a91e3e61f161763ff4e1a6e42ef585d83acd6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00187357ecb57b83bfbe78100135dda417e633715ee4f1ba676ba84e70294eb5f9f889825832b0164221f3a20e7dc4af02ac81ca5d2c00cec2bacee5bdf0cfdb9dca7d0f1e6859127c3c314314ece507f95cbcbab6a18cd11d3f0191437847fda1b3904b1f6377d7ed15a636652b6803ac0b4105781046d9e847571b01751d157d7b0c372e2d626292c57073e644e3f7c162227d2e914f3b86ae77f4ff668fd8a6fe381a17fd2796d85fb5f2c3da8916d71364c1950ce943564ca9623da35c5ca624c39dea09ba772c2e340c2a8696068c70f22d8c704eabc5d9a1430079d31be4480fff23bb823d3be5b5afc340987f244f0abc3319115208835e5ec63d2869c2