*.desicna.app
Issued by R3
About this certificate
This digital certificate with serial number 03:b0:2d:c8:4c:71:b2:30:b5:c3:e2:84:27:ef:a9:3f:57:7a was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.desicna.app
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b0:2d:c8:4c:71:b2:30:b5:c3:e2:84:27:ef:a9:3f:57:7aSerial Number (int): 321287409643018997149420140833701546121082
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a6:76:8b:c1:3d:cc:81:88:af:56:b8:fa:17:ec:34:5e:c7:a6:2a:ad
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 79:82:d3:34:e0:1f:e5:a8:d0:92:54:24:01:bb:11:7c:c0:76:29:9d
Fingerprint (sha256): 8a:da:54:f7:b2:63:f9:83:24:ff:6e:7d:23:bc:ca:d5:70:50:5a:46:a2:30:7a:54:9b:07:5e:fb:50:f0:9e:7c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.desicna.app
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.desicna.app
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.abstract-factory.io
*.desicna.app
*.desicna.com
abstract-factory.io
desicna.app
desicna.com
*.desicna.app
*.desicna.com
abstract-factory.io
desicna.app
desicna.com
Other certificates including the domain name desicna.app
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.desicna.app in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgISA7AtyExxsjC1w+KEJ++pP1d6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMDcwMTAwMTVaFw0yNDAzMDYwMTAwMTRaMBgxFjAUBgNVBAMM DSouZGVzaWNuYS5hcHAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb NckWPrs5SulbMsRo760DW5sgTkUjBp8wlRNsTwqTs1sfqFSVv5R0iAdhAkX2x408 tRFct1HslEyIFmnMebnnUw9jY5Nc+YgIJaX9HPMEP6Cw/Uf6J3NR1qaIfck7xB0t 4nznGRcA4vlrCu9R4K7mtcX08a0HGeKZCsfacpOuqvc4hGCvg0jxPi3gu9bcgfuk FdiVuP9b7vReqLSXS4NKEdQFYPbKlhuyXmz2d3ghKeOcHg21P6qKLwUisspEIcKE yGfLhC1LZ/ShTrJPSYuzOD1rw+X+Sgjs0XwNwkUgZNDvvrioFkQUcuf2/mq0lkhw Z/TZo6CQPXR/2H9cH7g9AgMBAAGjggJjMIICXzAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFKZ2i8E9zIGIr1a4+hfsNF7HpiqtMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv MG0GA1UdEQRmMGSCFSouYWJzdHJhY3QtZmFjdG9yeS5pb4INKi5kZXNpY25hLmFw cIINKi5kZXNpY25hLmNvbYITYWJzdHJhY3QtZmFjdG9yeS5pb4ILZGVzaWNuYS5h cHCCC2Rlc2ljbmEuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHW eQIEAgSB9ASB8QDvAHUASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMA AAGMQgERaQAABAMARjBEAiA9rHhIMf0bq2Kjj9+yxuDp+T8hHs0NCNh7Q9Hmp4ku gQIgPEUi5rCS9aG1ywQTW23o/AFlQ/EkF3ut5Mthn1F9NeMAdgA7U3d1Pi25gE6L MFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYxCARFfAAAEAwBHMEUCICGeEszbX3qN 9FA4jHxRGwc2RwhfwIWlfDf2xitaApnzAiEAlFbN5kOr30muRB7GaWCoU5+Vwz68 V6Q2sgRjzI7VzKAwDQYJKoZIhvcNAQELBQADggEBAHINj/SMwja0Zqp5nKnbkGCo PLngFnpiiNYgmh9J2LE+OKiVnhEKBQ7J8yEo4/WpvVDP3hzOtNLiSvihJIS8E9UG Q9VYP1XU3yh0HOeLa07hiz9u80RnwXtJuGeRAiAFGIMgH1xCrsz+AJLlpaQ6Kgqd nvkD8i7FqEY4DqJxAQw7R7UgKjOb2OHNHhyYD+iGj2JD+to0RpTVIzlZyLnLKCl7 TebcAwmyT0ej9IACGHBl61oJisLgSzt6BFPJawDv8iROlWS6r30VHmiBviGOEvhM X9gget2MzlZjr5MlHzug2YhpiaaP437OUN6C+3ERHO+qkoPbhD9Ccx8GnA4ooTw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zXJFj67OUrpWzLEaO+t A1ubIE5FIwafMJUTbE8Kk7NbH6hUlb+UdIgHYQJF9seNPLURXLdR7JRMiBZpzHm5 51MPY2OTXPmICCWl/RzzBD+gsP1H+idzUdamiH3JO8QdLeJ85xkXAOL5awrvUeCu 5rXF9PGtBxnimQrH2nKTrqr3OIRgr4NI8T4t4LvW3IH7pBXYlbj/W+70Xqi0l0uD ShHUBWD2ypYbsl5s9nd4ISnjnB4NtT+qii8FIrLKRCHChMhny4QtS2f0oU6yT0mL szg9a8Pl/koI7NF8DcJFIGTQ7764qBZEFHLn9v5qtJZIcGf02aOgkD10f9h/XB+4 PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 321287409643018997149420140833701546121082 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-07 01:00:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-06 01:00:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.desicna.app' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27672711403999300531219923621779358256135546361911215280832567908012546165936122651868082130181049004682547963782908907244493828527480108266319822689438928732494018212298772862649164913118210775129816672764471055017884447063141776030516408571011900099198393826606824761047230021487803184201682195959097151914753667144317550744975919857852407504406686958242948990608966532931313137086875688567961807991597352515378628845199408093138884951485483495435611743129969742475109903937109713598866098031746173255007080103257593715591017311253113424825505386411467445484625626258434704990304292015624064898959739891511566776381 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a6768bc13dcc8188af56b8fa17ec345ec7a62aad . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.abstract-factory.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.desicna.app' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.desicna.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abstract-factory.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'desicna.app' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'desicna.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c42011169000004030046304402203dac784831fd1bab62a38fdfb2c6e0e9f93f211ecd0d08d87b43d1e6a7892e8102203c4522e6b092f5a1b5cb04135b6de8fc016543f124177bade4cb619f517d35e30076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c4201115f00000403004730450220219e12ccdb5f7a8df450388c7c511b073647085fc085a57c37f6c62b5a0299f30221009456cde643abdf49ae441ec66960a8539f95c33ebc57a436b20463cc8ed5cca0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00720d8ff48cc236b466aa799ca9db9060a83cb9e0167a6288d6209a1f49d8b13e38a8959e110a050ec9f32128e3f5a9bd50cfde1cceb4d2e24af8a12484bc13d50643d5583f55d4df28741ce78b6b4ee18b3f6ef34467c17b49b867910220051883201f5c42aeccfe0092e5a5a43a2a0a9d9ef903f22ec5a846380ea271010c3b47b5202a339bd8e1cd1e1c980fe8868f6243fada344694d5233959c8b9cb28297b4de6dc0309b24f47a3f48002187065eb5a098ac2e04b3b7a0453c96b00eff2244e9564baaf7d151e6881be218e12f84c5fd8207add8cce5663af93251f3ba0d9886989a68fe37ece50de82fb71111cefaa9283db843f42731f069c0e28a13c