thereadtime.com
Issued by R11
About this certificate
This digital certificate with serial number 04:1a:f5:1a:ce:73:95:e2:92:59:5f:61:a7:7c:59:6b:bc:35 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=thereadtime.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:1a:f5:1a:ce:73:95:e2:92:59:5f:61:a7:7c:59:6b:bc:35Serial Number (int): 357622285313005017147120371484041874750517
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 04:4c:a4:90:d7:30:55:c9:62:83:b3:92:f0:7e:1e:f5:fe:f7:1a:ba
AuthorityKeyId: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9
Fingerprint (sha1): 50:e6:ec:c6:c3:c5:aa:08:7c:89:14:69:54:ff:8c:84:aa:7e:db:a9
Fingerprint (sha256): 8f:a2:e6:e7:91:1e:cd:c9:bd:9e:cf:df:01:e7:dc:f1:3e:14:46:c7:cf:b2:cd:da:8d:3d:bc:dc:3a:8d:ee:14
Issuing Certificate URL: http://r11.i.lencr.org/
Revocation information
OCSP Server: http://r11.o.lencr.orgCheck the revocation status for certificate thereadtime.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thereadtime.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thereadtime.com
www.thereadtime.com
www.thereadtime.com
Other certificates including the domain name thereadtime.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for thereadtime.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISBBr1Gs5zleKSWV9hp3xZa7w1MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjQwNjE1MTA0NDM1WhcNMjQwOTEzMTA0NDM0WjAaMRgwFgYDVQQD Ew90aGVyZWFkdGltZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVojDW2e4zy+BoieHPNHvRQ0f5L4jqIH8Zk0GJh8fczz+Rkw9Q0LxG06+W54Lx 9Dd2IrEOKQik5BCYKciT+8DdqGFJFPcNLGSAWD45rD6w9bNvuy0fJ0SXxrB/wVzS 9ggJxBmtlCR+gXu11OBHUO0GysmTi5h/YjmInTd7YQ5CPFDG6lQdOBblwp+62CQm GzKuMvJCCyCKHj6ZOJ3fJnZXUG4Ssdl2cvgt5npInem8sfRw7ePwx+F4nmx1LSrT 94nDF7VFNfJxkKN1gg1rU3KG0qIrBAtseK2ZtmEy37PVCeamYw7dhFlvukL0+8gr dH503hZ3J8dzFs6Cvsc3HHSVAgMBAAGjggIoMIICJDAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFARMpJDXMFXJYoOzkvB+HvX+9xq6MB8GA1UdIwQYMBaAFMXPRqTq9MPA emyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcwAYYWaHR0cDov L3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3IxMS5pLmxlbmNy Lm9yZy8wLwYDVR0RBCgwJoIPdGhlcmVhZHRpbWUuY29tghN3d3cudGhlcmVhZHRp bWUuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB 8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGQG7awSAAA BAMARzBFAiEAvVgQtvaaVHanlHEtxC7fBRrWgZOupSbWuahY5iu1T64CIGmVvhcW cRvZXFXnxz9Y6MW7xqyYMOfxLgaIDR2gxKNHAHYAPxdLT9ciR1iUHWUchL4NEu2Q N38fhWrrwb8ohez4ZG4AAAGQG7awQwAABAMARzBFAiBqTTXqHPjs9Gyehfwh9V1u xURO9ZSBUnJTEx7iT2s13AIhAPZVtY+oyXgGkrQVmGCBE6P1TyJP/HkAeCd2tVXc fMhCMA0GCSqGSIb3DQEBCwUAA4IBAQC4iz5dxm5K8bd0reS0EsKatbzHJDU7Q0bK o3yReHRpvGXj+GZ8K5gbbdqcFWefY88ufcunisjLzx69CdA8tPGRQqn9MrHbRoYw EFVHQex9qyNybcoRF89XzXyzGssAp2v1t7f2fAWwYb9pJJvZoUP21NXjudyR4qWP FADY9YbLGjWCfoSD7EtnG5aXQ7d4KeiiHzb7QCtaKPA7H3EjiTWqcJ+Uq6PAg9a1 8PzIxYaZs4Sg0I11875kS2V8ichVG4bx9+BzgAlnCyBUaGjE9zOlEhnpl8J1HLj7 xEacN7trO+SNsIml7c8dMUaRqaOb/nVeXB0GGEYg/KspID30h3bo -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aIw1tnuM8vgaInhzzR7 0UNH+S+I6iB/GZNBiYfH3M8/kZMPUNC8RtOvlueC8fQ3diKxDikIpOQQmCnIk/vA 3ahhSRT3DSxkgFg+Oaw+sPWzb7stHydEl8awf8Fc0vYICcQZrZQkfoF7tdTgR1Dt BsrJk4uYf2I5iJ03e2EOQjxQxupUHTgW5cKfutgkJhsyrjLyQgsgih4+mTid3yZ2 V1BuErHZdnL4LeZ6SJ3pvLH0cO3j8MfheJ5sdS0q0/eJwxe1RTXycZCjdYINa1Ny htKiKwQLbHitmbZhMt+z1QnmpmMO3YRZb7pC9PvIK3R+dN4WdyfHcxbOgr7HNxx0 lQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 357622285313005017147120371484041874750517 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-15 10:44:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-13 10:44:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thereadtime.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26968738211452600410130874167486608973315021861992746953604098273097183605583916682074553428423098498240060591705860265206508157351234138462726448118781138482817298219149830848695289259385966437760650312046106026350684952298904262875356408859369452600529296491923994217722741728155107978199452053997531394608200535064622226763537124797621969961975319065462331141254900786665084901154321460543550573078185061548960020221540660883547270108609133421226427832742679544619436548053658660993678308281466230951389832950455676848925207745753302905956109683225477147186737414614758949705129909092177351558434136942786096428181 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 044ca490d73055c96283b392f07e1ef5fef71aba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thereadtime.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thereadtime.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001901bb6b0480000040300473045022100bd5810b6f69a5476a794712dc42edf051ad68193aea526d6b9a858e62bb54fae02206995be1716711bd95c55e7c73f58e8c5bbc6ac9830e7f12e06880d1da0c4a3470076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e000001901bb6b043000004030047304502206a4d35ea1cf8ecf46c9e85fc21f55d6ec5444ef59481527253131ee24f6b35dc022100f655b58fa8c9780692b41598608113a3f54f224ffc7900782776b555dc7cc842 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b88b3e5dc66e4af1b774ade4b412c29ab5bcc724353b4346caa37c91787469bc65e3f8667c2b981b6dda9c15679f63cf2e7dcba78ac8cbcf1ebd09d03cb4f19142a9fd32b1db46863010554741ec7dab23726dca1117cf57cd7cb31acb00a76bf5b7b7f67c05b061bf69249bd9a143f6d4d5e3b9dc91e2a58f1400d8f586cb1a35827e8483ec4b671b969743b77829e8a21f36fb402b5a28f03b1f71238935aa709f94aba3c083d6b5f0fcc8c58699b384a0d08d75f3be644b657c89c8551b86f1f7e0738009670b20546868c4f733a51219e997c2751cb8fbc4469c37bb6b3be48db089a5edcf1d314691a9a39bfe755e5c1d06184620fcab29203df48776e8