www.lutheromedia.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:e7:ed:a2:4e:e1:6a:a6:e0:b7:05:b8:a8:a0:b6:e7:a0:56 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.lutheromedia.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:e7:ed:a2:4e:e1:6a:a6:e0:b7:05:b8:a8:a0:b6:e7:a0:56Serial Number (int): 427370240272757172154942302765785194930262
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 06:8a:b9:fb:38:28:00:1a:05:ca:b3:09:a5:06:2a:4f:fd:f9:fb:0a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b4:da:0e:e2:a1:2d:2b:41:6c:e4:c1:24:c0:8c:a9:22:44:ed:cf:c2
Fingerprint (sha256): 8a:21:c3:3e:44:11:52:5c:99:c3:fb:42:e0:9b:1a:6a:e0:27:91:58:ac:6f:8d:1c:a6:1d:cd:f4:c4:48:28:37
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.lutheromedia.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.lutheromedia.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
beyondgroomlake.com
ilovetsa.com
lutheromedia.com
www.beyondgroomlake.com
www.ilovetsa.com
www.lutheromedia.com
ilovetsa.com
lutheromedia.com
www.beyondgroomlake.com
www.ilovetsa.com
www.lutheromedia.com
Other certificates including the domain name lutheromedia.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.lutheromedia.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFwDCCBKigAwIBAgISBOftok7haqbgtwW4qKC256BWMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMTQyMDMwMTJaFw0y MDAyMTIyMDMwMTJaMB8xHTAbBgNVBAMTFHd3dy5sdXRoZXJvbWVkaWEuY29tMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs34duO/zKIoAt0J7w/1WO7NV jiiNS5VkqabdTIGohtosc3/vp4/xKMunOUDFI0yN+luVtNT65SRVEHrzzcQZVLW4 xkOm8WbUFRAmIAl/Tz11bqej6UizyWGjhT/+tuY/Y6l2gHXHQwzkKVUIeM38EklR 9ztWj1pJoVikgbMGf8kivs3aJxHGtB7RlwaWF6jMKUsCJh8ghJMV7Vv62UJtACnN 0spqToQFNeIbaxv7RL1IK8EzhjQs1Aa64dneJhPB/0rDBhTaaEBAWg6PX/wZ03z7 9ob2vpMiEMbhmytcpj785XDZnwzSvRxkuTNQiP5aalomJsdLiaauKXUBYCY+DQID AQABo4ICyTCCAsUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQGirn7OCgAGgXKswml BipP/fn7CjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j cnlwdC5vcmcvMH8GA1UdEQR4MHaCE2JleW9uZGdyb29tbGFrZS5jb22CDGlsb3Zl dHNhLmNvbYIQbHV0aGVyb21lZGlhLmNvbYIXd3d3LmJleW9uZGdyb29tbGFrZS5j b22CEHd3dy5pbG92ZXRzYS5jb22CFHd3dy5sdXRoZXJvbWVkaWEuY29tMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHYA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFua9Lh9wAABAMA RzBFAiAEbSUPjfW+hoHOyiMRG+lOwR4+oqUTv2KYPJhv+wfJuAIhAKxpmKxjxulp QkoOMRHNHazqUaJToxUlER5Be25zjKzHAHYAB7dcG+V9aP/xsMYdIxXHuuZXfFeU t2ruvGE6GmnTohwAAAFua9LiIAAABAMARzBFAiA3dukzyem4aS2V/oOG7nTr4FmN NZMABn3jOxrhLLU8IgIhAM4/txYSu5dP3SWvyx3GBpWs8gecKk/qAzTMgMgWH/kO MA0GCSqGSIb3DQEBCwUAA4IBAQBMlxWeIHFUN1HGSSkgvs1+Sq/tmdNeBZ2UUFvK qd60JVa/+loIkyapMmLGuVpOebwTATT9fkegJPqZLnVcIn5GoE4cV1UImNWa8KUF GZIKBv+W6w0gPmuHGGz+WAgm1PtbbZIjFn1CdJTLodI4owHmZQqNNwMIxdiy65VF 77V08g7ovwbL2ad06mvCZBi7Nmze1suqYTuW4h+RxgNPTkrfXMDnbVmlX9rxAG/d z78CENporIybmAieE+oVFQ5hx9heACazfwtxi6uqwcHd8o5jpC+UejLPYrejtFw3 rK3kg3QMMJprilV8Dd6qjPPptbeNwwbBrRzRBvUwPZS4T5jc -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs34duO/zKIoAt0J7w/1W O7NVjiiNS5VkqabdTIGohtosc3/vp4/xKMunOUDFI0yN+luVtNT65SRVEHrzzcQZ VLW4xkOm8WbUFRAmIAl/Tz11bqej6UizyWGjhT/+tuY/Y6l2gHXHQwzkKVUIeM38 EklR9ztWj1pJoVikgbMGf8kivs3aJxHGtB7RlwaWF6jMKUsCJh8ghJMV7Vv62UJt ACnN0spqToQFNeIbaxv7RL1IK8EzhjQs1Aa64dneJhPB/0rDBhTaaEBAWg6PX/wZ 03z79ob2vpMiEMbhmytcpj785XDZnwzSvRxkuTNQiP5aalomJsdLiaauKXUBYCY+ DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 427370240272757172154942302765785194930262 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-14 20:30:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-12 20:30:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.lutheromedia.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22658846757256597138854658950960729714089583166737396646085554012832589966085647926838058821888318184407676597634909592883386619905535944331108016364529878884901907171985860444406435739861339594204291857300904443228578596167399789539746764479397118358275886603321818882564290192697230257875622037176104800405536370997977020400038568294383665901820127947478670671520735811387115860390146638383453780447191184304962825572706294511829809734085969637009992968772289355806781283172938376903777563076202121863272141894736582773545502890302531441101085143767060203506164086117013852525223439735511689382868718627977110633997 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 068ab9fb3828001a05cab309a5062a4ffdf9fb0a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beyondgroomlake.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ilovetsa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lutheromedia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.beyondgroomlake.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ilovetsa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lutheromedia.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016e6bd2e1f700000403004730450220046d250f8df5be8681ceca23111be94ec11e3ea2a513bf62983c986ffb07c9b8022100ac6998ac63c6e969424a0e3111cd1dacea51a253a31525111e417b6e738cacc700760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e6bd2e220000004030047304502203776e933c9e9b8692d95fe8386ee74ebe0598d359300067de33b1ae12cb53c22022100ce3fb71612bb974fdd25afcb1dc60695acf2079c2a4fea0334cc80c8161ff90e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004c97159e2071543751c6492920becd7e4aafed99d35e059d94505bcaa9deb42556bffa5a089326a93262c6b95a4e79bc130134fd7e47a024fa992e755c227e46a04e1c57550898d59af0a50519920a06ff96eb0d203e6b87186cfe580826d4fb5b6d9223167d427494cba1d238a301e6650a8d370308c5d8b2eb9545efb574f20ee8bf06cbd9a774ea6bc26418bb366cded6cbaa613b96e21f91c6034f4e4adf5cc0e76d59a55fdaf1006fddcfbf0210da68ac8c9b98089e13ea15150e61c7d85e0026b37f0b718babaac1c1ddf28e63a42f947a32cf62b7a3b45c37acade483740c309a6b8a557c0ddeaa8cf3e9b5b78dc306c1ad1cd106f5303d94b84f98dc