mekanisk.com

Issued by R3

About this certificate

This digital certificate with serial number 04:ad:69:47:1b:5c:05:9e:10:aa:f0:a3:e7:c9:98:4a:33:7d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mekanisk.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:ad:69:47:1b:5c:05:9e:10:aa:f0:a3:e7:c9:98:4a:33:7d
Serial Number (int): 407457931351913501669023107020618698732413
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 1d:12:1a:5c:1e:f4:13:97:0d:c1:a9:f2:d8:47:00:2d:d2:e8:34:02
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 5d:95:00:70:24:f0:d7:14:12:f4:b6:15:16:8d:3f:5b:25:93:92:40
Fingerprint (sha256): 8a:50:f7:02:96:3b:cb:92:cf:50:8e:b0:53:ce:ac:39:b9:b4:32:58:cd:1b:2b:98:d6:b7:2b:72:6d:93:c0:2f

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate mekanisk.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mekanisk.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mekanisk.com

Other certificates including the domain name mekanisk.com

(limited to 100 certificates)

Certificate

The complete raw certificate details for mekanisk.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgISBK1pRxtcBZ4QqvCj58mYSjN9MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMjExMDMyMjlaFw0yNDAyMTkxMDMyMjhaMBcxFTATBgNVBAMT
DG1la2FuaXNrLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKui
FAM/52FAMaB8aud7LHMSqNx3Yg8/F54tPYnjXQZRknV+xNjUuYjKDaQ0m5osQlWW
iFLZ6Xe+xUg0n4/Ydg8gX2EIVCntm3UsUGwo3IQ80F069lWNYANIP6V3eCTntiBc
m+bbfaRg31oKvyp6aTTkkoX30qlQVcKJeBBx46xsGBanM7sdg4awQfiOYyWhW6jC
uad99CpZhWAEFr73QLqMgLXwqFddTkTNwl9qW1fVanZZl53cpbQvQgrq3fhQe3YS
5N7/47dJ847ya6XEw1U2BLc2u9hpc5rUFfWmoqn2P+VSY5KsdfnA2ATQFgtVNfwc
4Ctf8Ng8Afc1YeUhE6ECAwEAAaOCAg0wggIJMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUHRIaXB70E5cNwany2EcALdLoNAIwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA
5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu
by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w
FwYDVR0RBBAwDoIMbWVrYW5pc2suY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB
AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUASLDja9qmRzQP5WoC+p0w6xxSActW3SyB
2bu/qznYhHMAAAGL8ac4lgAABAMARjBEAiA2lUc3mGNBUvDG6qtXcIa/HFWDUZtz
Rd6QErZ7IT5+ZQIgD4wX2oKiJ5JtNzZzq4J6ADnvMKsLvvSUpANKxZb3Rw8AdgA7
U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYvxpzjMAAAEAwBHMEUC
IDYuw6M3NcQ3IZ//F6Fk0B9UUljHM0RBgyXYQVKdmetdAiEAsd7/hL6VVrgtQHVx
5C27n99m/xXYmRRd0lurkrxJKz0wDQYJKoZIhvcNAQELBQADggEBAAER1npIY3A1
9DWzJv842U8ickdYhTR8AjFbRQ6fMwltR36pG45K9bje3pmbLwoQEe3j1jMFY9Ay
UYlrwcCsQp9Q2DyKV2p7Idf7vxrGEi5Y0yEpErA6vLrF7WB1TPfp7h+D3QtMTuV7
+Nmcc1hQj6XmG33Svlalnzlx4EBRaBVjL3QENGeP9cEzHN/AhojSc66ka7jXecqK
YfYvqxkQgJ1KImyK6iX7jqTvnB6F9i2F6E6iUOUCnG+pK7ZW8R6NlYj6Papxyfx1
z46JsWeUDV14RGgjjIMEXLzCr6tA/8Ewn8NOnkPYNtnInkysmgKVtyGz6y0Cgwkp
sAxgQZS2Lq8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6IUAz/nYUAxoHxq53ss
cxKo3HdiDz8Xni09ieNdBlGSdX7E2NS5iMoNpDSbmixCVZaIUtnpd77FSDSfj9h2
DyBfYQhUKe2bdSxQbCjchDzQXTr2VY1gA0g/pXd4JOe2IFyb5tt9pGDfWgq/Knpp
NOSShffSqVBVwol4EHHjrGwYFqczux2DhrBB+I5jJaFbqMK5p330KlmFYAQWvvdA
uoyAtfCoV11ORM3CX2pbV9VqdlmXndyltC9CCurd+FB7dhLk3v/jt0nzjvJrpcTD
VTYEtza72GlzmtQV9aaiqfY/5VJjkqx1+cDYBNAWC1U1/BzgK1/w2DwB9zVh5SET
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 407457931351913501669023107020618698732413
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-21 10:32:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-19 10:32:28 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mekanisk.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21666673875882138666397003785850725263272406630131189064106753930299576629227685170550154138685705265810005715447512973292709584467449613099910467929556777446878213225938384929763969109339152068914591042685003161244601900670529261013735449340103859855533180436164729208635860531299699591555123145339538692461871854240060937383621709242930053386812092466706074486380880455202446574715431518930208897085765843480223331623323463152995547482967276470524309835890859421185003387402783079711720059538777772749097207317408537977092004076905562918821183185060138571077429084044612070923332394188658266908746880193047906292641
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:29|false] CHARACTER STRING [26 92 30 244 19 151 13 193 169 242 216 71 0 45 210 232 52 2]
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mekanisk.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bf1a73896000004030046304402203695473798634152f0c6eaab577086bf1c5583519b7345de9012b67b213e7e6502200f8c17da82a227926d373673ab827a0039ef30ab0bbef494a4034ac596f7470f0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bf1a738cc00000403004730450220362ec3a33735c437219fff17a164d01f545258c73344418325d841529d99eb5d022100b1deff84be9556b82d407571e42dbb9fdf66ff15d899145dd25bab92bc492b3d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000111d67a48637035f435b326ff38d94f2272475885347c02315b450e9f33096d477ea91b8e4af5b8dede999b2f0a1011ede3d6330563d03251896bc1c0ac429f50d83c8a576a7b21d7fbbf1ac6122e58d3212912b03abcbac5ed60754cf7e9ee1f83dd0b4c4ee57bf8d99c7358508fa5e61b7dd2be56a59f3971e040516815632f740434678ff5c1331cdfc08688d273aea46bb8d779ca8a61f62fab1910809d4a226c8aea25fb8ea4ef9c1e85f62d85e84ea250e5029c6fa92bb656f11e8d9588fa3daa71c9fc75cf8e89b167940d5d784468238c83045cbcc2afab40ffc1309fc34e9e43d836d9c89e4cac9a0295b721b3eb2d02830929b00c604194b62eaf