www.kjfco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:aa:1e:93:61:5e:c7:14:69:1a:72:89:2e:96:fc:fa:7c:f0 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.kjfco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:aa:1e:93:61:5e:c7:14:69:1a:72:89:2e:96:fc:fa:7c:f0Serial Number (int): 406337788186015068493477857512483634969840
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 9e:1b:fe:7e:9d:93:f5:23:44:e3:3a:1d:73:a5:ed:d6:5d:c1:a6:9c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 74:b2:e2:54:06:37:b3:1b:2c:25:45:95:f5:d2:48:ac:a1:33:c2:49
Fingerprint (sha256): 8a:8d:f1:a3:5d:02:4d:80:f8:41:45:74:6e:ff:cc:7a:6b:ec:47:59:13:d2:80:8f:92:ad:b6:6a:5b:a0:da:52
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.kjfco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kjfco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kjfco.com
Other certificates including the domain name kjfco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.kjfco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISBKoek2FexxRpGnKJLpb8+nzwMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTIwMzUwNDNaFw0y MDAxMTAwMzUwNDNaMBgxFjAUBgNVBAMTDXd3dy5ramZjby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQCfwnEEEbZYoJwkD8/w3BJCDvwoqiIP1PXn 2QRuuVKjNhvxWCvuO4Up6Gn0bxfCAQbDy7zuWpUM2KjlW2/VN3HhDUJ9akZSeid9 EN9AHgB+XbPBHpIRKf1lBRWHmx7OqwYr6ND63Q1StRakG6Ocyj4xWHyEA1S+rZpo v17WnYfXJfZMkl5xRv2c4ENxmTgsge2UGrOriVHW5EsEebof/y5OeOD33D5lbeAQ 9SQvcPwbV86dd/5Y+mLabWthPt1NTC2h/SS9D3DugMmazz7211WIre1Ea+dao07S BgsVVdIuTthiWd8IPmgua0dMA1oGArbyOgVgY6WxkKffCwt6XY3ZSslifRBWe3o6 r9jscaa7HF1RA8cRcplzDN1BmWLs+1PYj3MVeVp4+5DxLVpWraVf6/ixE5MieZnJ xbMPLA1KI27PkplRkfFuWMXKOZxivb41FGQzDDIeP2y+Fb+gKCYBVE9wD29r0bzA 6qBpAUGZM/9CmBhbwS0M4QA2NgVFsxxC2K1z9ec+vDcdVvNjHF54bKlhQbBNHKDa 2Hdkc9VKgzR08xLcffhHkN/hnCegZYUofV2x7FDG5Q1GyNd80igd9sNYndRhjK2k jHx7E4pvM2Msrz7se2PoK3DuFxQCQRZwrDTzh5sadvUMGUAC3bsxk/tBxm/g1osm YGcOeQvYqwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSeG/5+ nZP1I0TjOh1zpe3WXcGmnDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5ramZjby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW2+TfcvAAAE AwBIMEYCIQC3nmZSli5oUr05XOzXWWKeZp6v8jOqF/F0Vts60pqx/QIhAKmaKyoF 9VQesbofCtPfUUL0v7hSVs8o34Phqlm9tO8HAHUAb1N2rDHwMRnYmQCkURX/dxUc EdkCwQApBo2yCJo32RMAAAFtvk33YwAABAMARjBEAiADLiwClxg4kko4H0+n3WQ9 mpvN+6DDM66IV71nJG9yowIgPHR5XBAu1PpxP/3C4rsO6ibMkNuKyC9TGn2o/8y0 fsgwDQYJKoZIhvcNAQELBQADggEBAGXc/IYelLzisHVfdS5NU2mXguo3ZnYxNlED TBPczgq+XoNS5aRY3zRzoDEIxNA17g2xklbB8unygbKIsT3Ntx++s9vydEs+JjZM 3MSIkRPehHjRGn8by9ySc7R7rqsKllakwoq161a7pOaIOO8R6+6Qpdi44aqalpSa lnAAsHRJlWka85ieh4T5LhVDPjsrfpL9k6F2g1R95PtOqOL9oKCVvLI/8jCoqQ6e 3cYW5D862VUhZKyFMY8ZcJPfRJ5iWrKqTTv+7Oclg3vL3GP1HHb+ngQ8RWRsNxak py1INUNLet2QQQzwvsBb6eIPmXVibMdIf4GYOb5BwUMMH0UE8aQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn8JxBBG2WKCcJA/P8NwS Qg78KKoiD9T159kEbrlSozYb8Vgr7juFKehp9G8XwgEGw8u87lqVDNio5Vtv1Tdx 4Q1CfWpGUnonfRDfQB4Afl2zwR6SESn9ZQUVh5sezqsGK+jQ+t0NUrUWpBujnMo+ MVh8hANUvq2aaL9e1p2H1yX2TJJecUb9nOBDcZk4LIHtlBqzq4lR1uRLBHm6H/8u Tnjg99w+ZW3gEPUkL3D8G1fOnXf+WPpi2m1rYT7dTUwtof0kvQ9w7oDJms8+9tdV iK3tRGvnWqNO0gYLFVXSLk7YYlnfCD5oLmtHTANaBgK28joFYGOlsZCn3wsLel2N 2UrJYn0QVnt6Oq/Y7HGmuxxdUQPHEXKZcwzdQZli7PtT2I9zFXlaePuQ8S1aVq2l X+v4sROTInmZycWzDywNSiNuz5KZUZHxbljFyjmcYr2+NRRkMwwyHj9svhW/oCgm AVRPcA9va9G8wOqgaQFBmTP/QpgYW8EtDOEANjYFRbMcQtitc/XnPrw3HVbzYxxe eGypYUGwTRyg2th3ZHPVSoM0dPMS3H34R5Df4ZwnoGWFKH1dsexQxuUNRsjXfNIo HfbDWJ3UYYytpIx8exOKbzNjLK8+7Htj6Ctw7hcUAkEWcKw084ebGnb1DBlAAt27 MZP7QcZv4NaLJmBnDnkL2KsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 406337788186015068493477857512483634969840 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-12 03:50:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-10 03:50:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kjfco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 651762047373380030588982667926003152116769725292807781374359524128345187906576291559050778115203532050952567502552473969667210356466843772352144525057273246785944856808886005289899654335555686175223167288242610648116646903765371330920112007823333149826475530334883792459487325088258379344411587265768470226247428914142079897469644160046538116787298505104531315185864026050281809068833825102904382605618158511146884174375541763156737945482962197510278484081359530656570011995231085602692072311195934000006549521192160612000916265726653001848396734639587393784542797885306947830013677190883708863404287588236143560755169207397114224662315430918289017801791320164233119746677338285502512939064569648680403721536099556825765383575785686631252309203164700462940448888019943429210308298966811953666630473387315428152342381361904655194110919958555432293188793061458215653924950020395203528239228760885139462300190444990644056205782047650875436612799493283727453192368784457645086758570744565342939144535824987456505086970634877079206373113619384946740299358838877860832391753051559209465518950971573219066265968429227625931452821043440365353557724313199033691214216386807766491888899136045582926833083140198155235412045729536751365195028651 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9e1bfe7e9d93f52344e33a1d73a5edd65dc1a69c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kjfco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016dbe4df72f0000040300483046022100b79e6652962e6852bd395cecd759629e669eaff233aa17f17456db3ad29ab1fd022100a99a2b2a05f5541eb1ba1f0ad3df5142f4bfb85256cf28df83e1aa59bdb4ef070075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016dbe4df76300000403004630440220032e2c02971838924a381f4fa7dd643d9a9bcdfba0c333ae8857bd67246f72a302203c74795c102ed4fa713ffdc2e2bb0eea26cc90db8ac82f531a7da8ffccb47ec8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0065dcfc861e94bce2b0755f752e4d53699782ea376676313651034c13dcce0abe5e8352e5a458df3473a03108c4d035ee0db19256c1f2e9f281b288b13dcdb71fbeb3dbf2744b3e26364cdcc4889113de8478d11a7f1bcbdc9273b47baeab0a9656a4c28ab5eb56bba4e68838ef11ebee90a5d8b8e1aa9a96949a967000b0744995691af3989e8784f92e15433e3b2b7e92fd93a17683547de4fb4ea8e2fda0a095bcb23ff230a8a90e9eddc616e43f3ad9552164ac85318f197093df449e625ab2aa4d3bfeece725837bcbdc63f51c76fe9e043c45646c3716a4a72d4835434b7add90410cf0bec05be9e20f9975626cc7487f819839be41c1430c1f4504f1a4