coloradofarmshow.com

Issued by R3

About this certificate

This digital certificate with serial number 03:c3:50:bf:78:68:74:52:7a:ca:a0:c4:da:f8:40:b5:d6:1b was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=coloradofarmshow.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:c3:50:bf:78:68:74:52:7a:ca:a0:c4:da:f8:40:b5:d6:1b
Serial Number (int): 327799251755391395049746065095264543561243
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: d2:cd:37:b2:8f:8d:e9:2f:5e:a8:99:e5:dc:4f:8c:1d:5e:ab:fa:19
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3b:41:3c:c7:e8:f8:da:2c:ed:10:b9:87:86:3e:1c:46:b9:f5:b0:fa
Fingerprint (sha256): 88:be:2e:2e:16:42:45:5a:4b:17:f8:86:94:c9:53:06:05:39:d6:df:2d:ee:ee:ba:8a:91:13:3e:97:ee:6b:39

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate coloradofarmshow.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for coloradofarmshow.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.coloradofarmshow.com
coloradofarmshow.com

Other certificates including the domain name coloradofarmshow.com

(limited to 100 certificates)
*.coloradofarmshow.com
*.coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
*.coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
*.coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
*.coloradofarmshow.com
*.coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com
coloradofarmshow.com

Certificate

The complete raw certificate details for coloradofarmshow.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISA8NQv3hodFJ6yqDE2vhAtdYbMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTAxNjE2MDRaFw0yNDA1MTAxNjE2MDNaMB8xHTAbBgNVBAMT
FGNvbG9yYWRvZmFybXNob3cuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7smoCQRmdQjVIAqHkWAJ42uAxek+14eo8hrTxe3RbuMpXnzijS7GTr/X
zP1jUQRQNlldB6zZhdO2b6ZmBua4OtTPOf6WKg11eC46ZjR4t9/HdJ2JOf7L70FN
OKJxXEJeQO/zrrMdR4NHO60gCKSD2DqgbGpSewg47003UL0Y1r64dDoA6aEFoiBR
6aHsoGGU+sL4h3lzEb7bZwREYqzzBYAwM6C8NIVbQwME2orVh2kR2EvH8PUTBj9V
tB3tUKRGhpY+hsycukQPXrCCUd0fOflj/j4MDzKvzkwXYZmob+B7FDJqiZJ1OAhM
acswlwnPkSOZK89Cj9fb3coF/1oilwIDAQABo4ICLTCCAikwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBTSzTeyj43pL16omeXcT4wdXqv6GTAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzA3BgNVHREEMDAughYqLmNvbG9yYWRvZmFybXNob3cuY29tghRjb2xv
cmFkb2Zhcm1zaG93LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB
1nkCBAIEgfQEgfEA7wB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABjZQE478AAAQDAEYwRAIga3h7gjy+kLt20GBcA15qLJu5Q3L/PBX6u8RU2H0N
yzkCICEFQ/E38TLFTMpnF9kXqSOhMP1X1ohAItXsKN0amXUWAHYAO1N3dT4tuYBO
izBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGNlATlXwAABAMARzBFAiEAqzh0VOK7
fbgnoVpfbL/eIDyK0wAXRQ9CyssQA7YunpcCIG7MXZ8IYA8r6GMKLLIJCyQwZXBf
D8YI5Sv+qTAfq0YEMA0GCSqGSIb3DQEBCwUAA4IBAQBERWuig6eOxt2pLNrQ6nxp
205d3FnqvaeK0YSYidGBX4cugVhw3Jh/xjXPjONMJnDW4P86Db265YYRJ5H7SCRF
OB/8t4zAUM+ouGSsy3qw1UH2d4u6piS33J2lZ65uUUeWkN5WHIMMKBGEbLeQPS3F
Rw6pL0LtoUEVUhK75OS1slcq5v033zVM8HJhUre7o9C3rqjxrZXNPy/yZHKW/N0Y
y4b5wp6m5J2MPZVqhVrzIYO13ydfSTu9pUR/AtFtexCminYu5tMguBNcHBYsKT2C
O98DMkqNf8oWz7V0clktU2+pWyGnIcz6LBd5DWoeYgmnFOPg4y6KOoG7FWI9n9Gj
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7smoCQRmdQjVIAqHkWAJ
42uAxek+14eo8hrTxe3RbuMpXnzijS7GTr/XzP1jUQRQNlldB6zZhdO2b6ZmBua4
OtTPOf6WKg11eC46ZjR4t9/HdJ2JOf7L70FNOKJxXEJeQO/zrrMdR4NHO60gCKSD
2DqgbGpSewg47003UL0Y1r64dDoA6aEFoiBR6aHsoGGU+sL4h3lzEb7bZwREYqzz
BYAwM6C8NIVbQwME2orVh2kR2EvH8PUTBj9VtB3tUKRGhpY+hsycukQPXrCCUd0f
Oflj/j4MDzKvzkwXYZmob+B7FDJqiZJ1OAhMacswlwnPkSOZK89Cj9fb3coF/1oi
lwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 327799251755391395049746065095264543561243
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-10 16:16:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-10 16:16:03 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'coloradofarmshow.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30144157052840365209526505127305935184305862217333358088354080759951957512210805455742671091557281224510771420331533105536788176228776566993599244175726342105651216364024754370054495958603482040639553366038681364850361879384604027476983409044858450656388393533298083742433567909337588314327540774728659064978622354883657389506694552891484718426374199632868113466800764437325121190700026286245998267369846949480498106199721908893166117224923280471682133675266795706019611990812989208000694519752252106068503620233118680201697554107291838634860251499322994650831360390490009138930362069357681268451111663929935665963671
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d2cd37b28f8de92f5ea899e5dc4f8c1d5eabfa19
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.coloradofarmshow.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'coloradofarmshow.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d9404e3bf000004030046304402206b787b823cbe90bb76d0605c035e6a2c9bb94372ff3c15fabbc454d87d0dcb390220210543f137f132c54cca6717d917a923a130fd57d6884022d5ec28dd1a9975160076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d9404e55f0000040300473045022100ab387454e2bb7db827a15a5f6cbfde203c8ad30017450f42cacb1003b62e9e9702206ecc5d9f08600f2be8630a2cb2090b243065705f0fc608e52bfea9301fab4604
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0044456ba283a78ec6dda92cdad0ea7c69db4e5ddc59eabda78ad1849889d1815f872e815870dc987fc635cf8ce34c2670d6e0ff3a0dbdbae586112791fb482445381ffcb78cc050cfa8b864accb7ab0d541f6778bbaa624b7dc9da567ae6e51479690de561c830c2811846cb7903d2dc5470ea92f42eda141155212bbe4e4b5b2572ae6fd37df354cf0726152b7bba3d0b7aea8f1ad95cd3f2ff2647296fcdd18cb86f9c29ea6e49d8c3d956a855af32183b5df275f493bbda5447f02d16d7b10a68a762ee6d320b8135c1c162c293d823bdf03324a8d7fca16cfb57472592d536fa95b21a721ccfa2c17790d6a1e6209a714e3e0e32e8a3a81bb15623d9fd1a3