liberate.ai

Issued by R3

About this certificate

This digital certificate with serial number 04:5e:32:27:3c:fe:36:24:e1:d5:26:83:74:41:62:ed:04:de was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=liberate.ai

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:5e:32:27:3c:fe:36:24:e1:d5:26:83:74:41:62:ed:04:de
Serial Number (int): 380502351354061217080023130420034264696030
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 1f:7c:f3:a3:18:45:22:54:95:71:78:85:35:46:58:71:49:6a:db:3f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 47:7c:bc:81:e2:27:df:4e:aa:99:15:09:fb:c4:53:a2:a3:99:e8:41
Fingerprint (sha256): 84:5f:a0:8e:a4:50:14:8c:ac:75:7d:d7:76:78:23:32:29:b5:af:00:54:77:c9:b9:6a:88:95:d6:39:e4:b1:77

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate liberate.ai

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for liberate.ai

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

liberate.ai
www.liberate.ai

Other certificates including the domain name liberate.ai

(limited to 100 certificates)

Certificate

The complete raw certificate details for liberate.ai in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgISBF4yJzz+NiTh1SaDdEFi7QTeMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMjMxNzIwMDNaFw0yNDAyMjExNzIwMDJaMBYxFDASBgNVBAMT
C2xpYmVyYXRlLmFpMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmoQw
2Sm2K+vJDOtWRLgKrY300xoN3C9VPv/IU93leCscCu77kdm1HSmmyrIi42XFlcM7
v3T3ZZjFWTug/16m8ohGikp0Q9AV30TXWoIe+Z14oWJ491+vocyDU3snPt3k7Aeh
gbU961dsrfQKTI9ZpMU0oaKT9QtZllPIWNbjVcuItA276T5HAXfgoM6TOcx/FxPW
de6GoGLrGmZL749iAkqOOJsEaaK+5tDvwlIQHzkLGGcON+jVU3btKpH/wFfPqr8U
XDXf++yCthRSWLPf7PGHXIlR4+FhF8GJuI46kdKjHRXDTFEc78I1jsLOaEoF86RI
Dc4u6qVVxYxRG8lC4nwgb8pOy7rnnCHOJfLeeSgu1YSlQSnQIEfLAkqb3S2nfu2p
fmBw814+knByu7SUNYQFQGRdMWGnetPsPxqDOkhl3bOw1sq+4dSO5SbnDjf1d352
lxCGeUstfvq201yGFLZfg63wvkN8YlKWsGj2k532ADomylxkWr6WsP685BrRkmvl
TnIiqNLJhUHm4CFmcTz7wpyVhSHUDVklD8skN9zUt6b3kty/EoZzAAjSlzATUlhy
qv4Eb8UYc64daGUqWbCeS5X/6VndReyWwe45uILXg0Hw8m4PkUsZ996i9hkDNPFW
joQiS556o345uNmahI846ZCX9MpJuQgbOaYdd3kCAwEAAaOCAh4wggIaMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQUH3zzoxhFIlSVcXiFNUZYcUlq2z8wHwYDVR0jBBgw
FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF
BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y
My5pLmxlbmNyLm9yZy8wJwYDVR0RBCAwHoILbGliZXJhdGUuYWmCD3d3dy5saWJl
cmF0ZS5haTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUE
gfIA8AB3ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABi/1pFUkA
AAQDAEgwRgIhAKUvSJviXKHU7ZSOmkFWAdQtj/iCdCgBPPvNve1bZUUEAiEArONM
sZFZgwjf/H5whAl4kyp4jKHZOHGyPIib2wSPMLIAdQDuzdBk1dsazsVct520zROi
ModGfLzs3sNRSFlGcR+1mwAAAYv9aRVMAAAEAwBGMEQCIF38LZ7tWeCJoNqP6Cdk
4PP2rJtYdc7MMTtEY2Jb/tTRAiAr+dGujdlDSa9KfFqVW+bZ9nj7aKXZvQ5M1jur
ZvUWATANBgkqhkiG9w0BAQsFAAOCAQEARLLdqE5cQD8yRtTi78EP6x5ab1hYpO9I
xhtgRphYDdZsSI6BsUng5OLX6TgE41/ops3crDv/4rCrtYffO19AAuUiBUUTC/F6
NBJqMJ+z073daSLiYsN00GM/4+NshXfZFIkPQzd4K9HGQjgZFswsVbbHAHKFYDcJ
rs1mPVY9JCIkFw+wgFnloEr2oZlHw0u0pevk1OMBJvY6wdfp5h+W3aY5Z+e4Mkw+
LuCNA5GFlkHXmXy6bDGcWAFRJ81YHB9+TGnXDxG9PTsIgeYKG6s2C6Fn236iORBO
MrlLwUn44eHh5nhz/pQz1nXi//RiHd/e1+9swyR7ogkwyXrxfY4ziQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmoQw2Sm2K+vJDOtWRLgK
rY300xoN3C9VPv/IU93leCscCu77kdm1HSmmyrIi42XFlcM7v3T3ZZjFWTug/16m
8ohGikp0Q9AV30TXWoIe+Z14oWJ491+vocyDU3snPt3k7AehgbU961dsrfQKTI9Z
pMU0oaKT9QtZllPIWNbjVcuItA276T5HAXfgoM6TOcx/FxPWde6GoGLrGmZL749i
AkqOOJsEaaK+5tDvwlIQHzkLGGcON+jVU3btKpH/wFfPqr8UXDXf++yCthRSWLPf
7PGHXIlR4+FhF8GJuI46kdKjHRXDTFEc78I1jsLOaEoF86RIDc4u6qVVxYxRG8lC
4nwgb8pOy7rnnCHOJfLeeSgu1YSlQSnQIEfLAkqb3S2nfu2pfmBw814+knByu7SU
NYQFQGRdMWGnetPsPxqDOkhl3bOw1sq+4dSO5SbnDjf1d352lxCGeUstfvq201yG
FLZfg63wvkN8YlKWsGj2k532ADomylxkWr6WsP685BrRkmvlTnIiqNLJhUHm4CFm
cTz7wpyVhSHUDVklD8skN9zUt6b3kty/EoZzAAjSlzATUlhyqv4Eb8UYc64daGUq
WbCeS5X/6VndReyWwe45uILXg0Hw8m4PkUsZ996i9hkDNPFWjoQiS556o345uNma
hI846ZCX9MpJuQgbOaYdd3kCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 380502351354061217080023130420034264696030
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-23 17:20:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-21 17:20:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'liberate.ai'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 630371793774815109193235692075413780170227377530851572310150902725543679676215182692737638402370034854905228454223557282193030302126698049276425779220857421425472401990905805151722073478872989369433058774200618308406222812423349338266602713845306638044552551465896435089240961442483240045400170356556674540553983777721606570967358085400771644326731503631095694940187408598433495776455541502482890099279205668106882396171973265291600862215315453644033543545839715996809847528060078539033747193213392223101586774054643576397323890868891451762865768957021197113477628665880491908651584777752521742163873816345882383770730293991857989624711669137974522689880354556948419041247805043685224068954410341082850145486287775234945007743422949840243592554740753716244826076384600674771958499987018900551811102359331363006100069711872340589414515960673053186378508201540496440844314076034910764424133629248501012162512792058298983050448217474982741256332465126775715437827257580415518098597329049433694614660504783981403934627375510082246254747560637807065880680609979309181274622660125008653653517399003679791771461809511421020546800729778362259522360912154416870475198247443491106057865424499855971539091280649447239578877660268103199815989113
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1f7cf3a3184522549571788535465871496adb3f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liberate.ai'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.liberate.ai'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bfd6915490000040300483046022100a52f489be25ca1d4ed948e9a415601d42d8ff8827428013cfbcdbded5b654504022100ace34cb191598308dffc7e70840978932a788ca1d93871b23c889bdb048f30b2007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bfd69154c000004030046304402205dfc2d9eed59e089a0da8fe82764e0f3f6ac9b5875cecc313b4463625bfed4d102202bf9d1ae8dd94349af4a7c5a955be6d9f678fb68a5d9bd0e4cd63bab66f51601
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0044b2dda84e5c403f3246d4e2efc10feb1e5a6f5858a4ef48c61b604698580dd66c488e81b149e0e4e2d7e93804e35fe8a6cddcac3bffe2b0abb587df3b5f4002e5220545130bf17a34126a309fb3d3bddd6922e262c374d0633fe3e36c8577d914890f4337782bd1c642381916cc2c55b6c7007285603709aecd663d563d242224170fb08059e5a04af6a19947c34bb4a5ebe4d4e30126f63ac1d7e9e61f96dda63967e7b8324c3e2ee08d0391859641d7997cba6c319c58015127cd581c1f7e4c69d70f11bd3d3b0881e60a1bab360ba167db7ea239104e32b94bc149f8e1e1e1e67873fe9433d675e2fff4621ddfded7ef6cc3247ba20930c97af17d8e3389