leopalma.com
Issued by R3
About this certificate
This digital certificate with serial number 03:ef:ea:b3:03:78:dd:2c:cd:16:33:76:68:2c:80:26:9d:b3 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=leopalma.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ef:ea:b3:03:78:dd:2c:cd:16:33:76:68:2c:80:26:9d:b3Serial Number (int): 342976312331959439417091205205460414537139
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 11:22:ab:01:f8:82:7e:6f:61:e3:96:e7:75:21:6a:04:36:d2:14:38
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 94:38:bd:ab:f6:0a:6f:5f:0f:87:ac:ae:85:bf:23:78:30:0d:5a:de
Fingerprint (sha256): 8b:54:2b:55:8f:28:5b:a2:bb:44:da:00:d7:2b:ad:e2:5d:bf:20:71:75:6a:0b:67:95:4f:b2:9b:9a:ae:6e:01
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate leopalma.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for leopalma.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
leopalma.com
www.leopalma.com
www.leopalma.com
Other certificates including the domain name leopalma.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for leopalma.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgISA+/qswN43SzNFjN2aCyAJp2zMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjcxMDE0NTNaFw0yNDA2MjUxMDE0NTJaMBcxFTATBgNVBAMT DGxlb3BhbG1hLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANna GtHTY8cw1O17nM4m6GR+8RF34Q7Juv/XYE4IeaR5RFbayHXautgW7E8vrH2esC6c 3ogJxv4ajMgB2XcNEc4qDVka2cj6pmI1beCnQLu3CNVvVlv7LQ80heVrOp5SUiw7 MxGlv2p/CWSHBhhHPjG1jRwwx008aXufx0bCfD81VHEESiulLbowPrTBLieT/53n smdyV7XveegY4IcYQ9Q8x8/Bn1KzFemXKSM7ZWG5rkaElhgdDGC01D/NfCd2/oFd lV/nGrq9HwyCkrg9s1F2OOQYuoTSpYzVgQFcV8X6aTier9Lxp8WAqLYuCxWtZwhH 0jCj3fOWOSRzEvBHID9g/NTtdPgBy5CaP3MLtITmoSpnPV2lKJckekX3wIVB2nN2 qn5i5h+M2H5+8BO7lC8G8i69Q87qDUBFtnb+1VuWU6tHxvrj04f6XxqKf0cXZLaG xaM5PiZSNx+kHZkrHAYtLBvX2giaK80BqT/tmtyBd8OgOnStsZgxq4OCufsDHHIe tWeLGmrwB5NE1VJ2Vi3xTmZJ62uvppdFkI57mIii6hKUKXTb05bnPdqiSIp8ZORC ggu5EqpRVATnELabohIpW+ceH16ZBVG82nYulIgsSMsmvioqWaCqX9AWCgGtJ/vT 7WGRQ9TtjnRw4veAIVwGq3E5HUj5Rkbe8ohGeeWpAgMBAAGjggIhMIICHTAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFBEiqwH4gn5vYeOW53UhagQ20hQ4MB8GA1UdIwQY MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v cjMuaS5sZW5jci5vcmcvMCkGA1UdEQQiMCCCDGxlb3BhbG1hLmNvbYIQd3d3Lmxl b3BhbG1hLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIE gfYEgfMA8QB3ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjn+e vPUAAAQDAEgwRgIhAJ8tKugaf7uLLsS2oqgkwsRAvLwP+hRPE7U1qXcm1O9ZAiEA n7o0s1SVGMGPKKoFuWgqpboTRbXlPgSOjC0WL7DbcyYAdgBIsONr2qZHNA/lagL6 nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY5/nsS+AAAEAwBHMEUCIDsmcsH4/ktIMISX cng7zehs4gD91BwBSWBr58mVkQxUAiEAirhX+aoF35DUvuQI5SOt8bssDva+8LZO QqmBkNk1Tn8wDQYJKoZIhvcNAQELBQADggEBAAjB61Pr9PU3Ir4pL8X+09zg1w7J JsL5C1udNpb9ICEeqGepnIW2f3r8OgV4ZYBC+qT6vnbtRydznSO0zCA/RRWmREVB 5GUhCPyw/+WkeIYiYF2d7hUj8llyU91pOv8AvEw+7q/3SaFNAS1rbB9r/afg2sU/ D5WXQsQL+7/ZHHP7yaxG/MVfvjwEKc73/dn0FxO6IehxtIHAqTXO3B+H6Zw6ekSU 3rfi1C9NGoS9Ogb/yrXgtaJh6vA0koZF07ameh46V40RyuXzMREp+On0qka2JOdu djiDEHMe7VyT9eqJrXrLIKY6kzWeyCuE8MbXDaVbhSH22ceP1T9eQB78+bc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2doa0dNjxzDU7Xuczibo ZH7xEXfhDsm6/9dgTgh5pHlEVtrIddq62BbsTy+sfZ6wLpzeiAnG/hqMyAHZdw0R zioNWRrZyPqmYjVt4KdAu7cI1W9WW/stDzSF5Ws6nlJSLDszEaW/an8JZIcGGEc+ MbWNHDDHTTxpe5/HRsJ8PzVUcQRKK6UtujA+tMEuJ5P/neeyZ3JXte956BjghxhD 1DzHz8GfUrMV6ZcpIztlYbmuRoSWGB0MYLTUP818J3b+gV2VX+caur0fDIKSuD2z UXY45Bi6hNKljNWBAVxXxfppOJ6v0vGnxYCoti4LFa1nCEfSMKPd85Y5JHMS8Ecg P2D81O10+AHLkJo/cwu0hOahKmc9XaUolyR6RffAhUHac3aqfmLmH4zYfn7wE7uU LwbyLr1DzuoNQEW2dv7VW5ZTq0fG+uPTh/pfGop/RxdktobFozk+JlI3H6QdmSsc Bi0sG9faCJorzQGpP+2a3IF3w6A6dK2xmDGrg4K5+wMcch61Z4saavAHk0TVUnZW LfFOZknra6+ml0WQjnuYiKLqEpQpdNvTluc92qJIinxk5EKCC7kSqlFUBOcQtpui Eilb5x4fXpkFUbzadi6UiCxIyya+KipZoKpf0BYKAa0n+9PtYZFD1O2OdHDi94Ah XAarcTkdSPlGRt7yiEZ55akCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342976312331959439417091205205460414537139 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 10:14:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-25 10:14:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'leopalma.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 888758504195607020703806622793484099312732834300417172541509900535790595932643779947204242864787116872966818414558786444408660228976072323924548666215694414449989857530023799931834334951086282833901794035749417575913959846100606469705049193769971862810192381335641246342978791577025065996609883560294704980166049001499143185941331965877491871778800490849891886063619183818799138125877859789424188412553923941392420684674511999481494198714708185982247525457203618929540854647200695041484535672823529086670195163323554197538853561975306534470682212421939381946875485283761209443362941984209932564725668913476119055947957858431802326848693340064511151710277905791212010131129931611089875155027825455269835016739511018723833430257238358019059733005480767344447789159899586536776514024758585712977206461440864562812895279724815156437553017697755537727018598093404241332256258543397768899024610569745236404607136994049507123536921160780704315033744960218430514307923249047498167080891101719715446359787731796634385059881089108328462388480353196340378575531007718836502841271524956810360151619845352029626416741684400477895626173081860340645621190217843298269598868316796312391562344773466977745738219273389650408070504519708492502369166761 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1122ab01f8827e6f61e396e775216a0436d21438 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leopalma.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.leopalma.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e7f9ebcf500000403004830460221009f2d2ae81a7fbb8b2ec4b6a2a824c2c440bcbc0ffa144f13b535a97726d4ef590221009fba34b3549518c18f28aa05b9682aa5ba1345b5e53e048e8c2d162fb0db732600760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e7f9ec4be000004030047304502203b2672c1f8fe4b4830849772783bcde86ce200fdd41c0149606be7c995910c540221008ab857f9aa05df90d4bee408e523adf1bb2c0ef6bef0b64e42a98190d9354e7f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0008c1eb53ebf4f53722be292fc5fed3dce0d70ec926c2f90b5b9d3696fd20211ea867a99c85b67f7afc3a0578658042faa4fabe76ed4727739d23b4cc203f4515a6444541e4652108fcb0ffe5a4788622605d9dee1523f2597253dd693aff00bc4c3eeeaff749a14d012d6b6c1f6bfda7e0dac53f0f959742c40bfbbfd91c73fbc9ac46fcc55fbe3c0429cef7fdd9f41713ba21e871b481c0a935cedc1f87e99c3a7a4494deb7e2d42f4d1a84bd3a06ffcab5e0b5a261eaf034928645d3b6a67a1e3a578d11cae5f3311129f8e9f4aa46b624e76e76388310731eed5c93f5ea89ad7acb20a63a93359ec82b84f0c6d70da55b8521f6d9c78fd53f5e401efcf9b7