pndh.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:55:9c:b8:4c:4a:61:ba:d9:be:95:89:41:42:f1:bc:93:c8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=pndh.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:55:9c:b8:4c:4a:61:ba:d9:be:95:89:41:42:f1:bc:93:c8Serial Number (int): 377581461412641433103345898521222472045512
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 3e:ef:7d:0f:45:1b:c4:a2:22:0c:cd:0d:ea:54:44:68:67:28:84:5c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 24:0c:cf:62:b6:67:42:6c:2e:69:e5:20:22:ff:23:36:68:60:0b:7a
Fingerprint (sha256): 8f:f7:68:e2:a7:dc:93:0b:93:1e:2c:c1:a6:06:04:1b:a8:60:ed:25:8e:76:2b:bc:c7:ec:c1:f7:03:cc:21:b9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate pndh.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pndh.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pndh.org
www.pndh.org
www.pndh.org
Other certificates including the domain name pndh.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for pndh.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISBFWcuExKYbrZvpWJQULxvJPIMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMjExMTUwMTFaFw0x OTA0MjExMTUwMTFaMBMxETAPBgNVBAMTCHBuZGgub3JnMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA4fZ2PrvgUTuJ9x2qfR73RGB6ImKfndOXlEyu9zxF oh7ZFt8UYALGERAh1970KWzcly0mX2O6Q8zfojTlE7kxsIsTdAllS45/4hHwQNxj 3FwFCupJVY82z9GdQBmiR65Y4Krxxa8EuV3IaahTo1YjEZd5KMjxvdIbuX+wnWZY m0iDP7nPaibaEN2e7n6Pt9aj6PnSUcbHlliIGYzmimg3pz6M20KVBJSMcEg9DuyW yCIVSHTMXY04jbFTIVvA8ewJNw1+zOVqeUPNVgN1GQe+ij0VCVRVg/XB+i8DvF4A yC1OxdylM0k//NpX4yjyHBvxplDoZKrxytZ0MXo6XZOu6QIDAQABo4ICazCCAmcw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ+730PRRvEoiIMzQ3qVERoZyiEXDAfBgNV HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG A1UdEQQaMBiCCHBuZGgub3Jnggx3d3cucG5kaC5vcmcwTAYDVR0gBEUwQzAIBgZn gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwDiaUuuJujp QAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWhwdg8nAAAEAwBIMEYCIQDzIQsU W8cccUMzKw2uQv/YBYP9hN0+76Ppib67yGVfZQIhAJgPY+UiEXZf47gsPHogEYTs sOs49ZFGLs9YTMZWZBJUAHUAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL 2I0AAAFocHYPHQAABAMARjBEAiBvb+rKaQ+0h1ovjNZC4XeySAfa75WZKfXDMKAw Tp1yBAIgBL9iftuMtzNc5TDwAXLq6rJIwqnXzWNKn3eMwAgDfhwwDQYJKoZIhvcN AQELBQADggEBAGYiwAxbI5IXSOY+nxZD1MCcNXjoHwBopGJlWoyAPbzGCVujrP8r LanaAvilJsDactPzgLktZbmvBUPIlWZr/87aJfD5CUh21MRzdXu1/YPyRFJu2CzM ws2Xlt1BftZ9+3JKDV8BGPibZFGWzk0YQ0Ssffy9oQ/3tHk7cjLlzSnmG68DuIMv ofSMo5rOvfo27oFJM0TtUzch8oe1nOdWoZI55YbaS/hhqXlpYJgvST40i0VbyA0q HY5npFxPzd0guBhFTTKNFM2PJb8AC8C+Nlsvieb/xM0+zl5IScRyoZTlWyDBf7DO 9FilGK3QcOP6YssxguKoknF9LaS9U548ssk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fZ2PrvgUTuJ9x2qfR73 RGB6ImKfndOXlEyu9zxFoh7ZFt8UYALGERAh1970KWzcly0mX2O6Q8zfojTlE7kx sIsTdAllS45/4hHwQNxj3FwFCupJVY82z9GdQBmiR65Y4Krxxa8EuV3IaahTo1Yj EZd5KMjxvdIbuX+wnWZYm0iDP7nPaibaEN2e7n6Pt9aj6PnSUcbHlliIGYzmimg3 pz6M20KVBJSMcEg9DuyWyCIVSHTMXY04jbFTIVvA8ewJNw1+zOVqeUPNVgN1GQe+ ij0VCVRVg/XB+i8DvF4AyC1OxdylM0k//NpX4yjyHBvxplDoZKrxytZ0MXo6XZOu 6QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 377581461412641433103345898521222472045512 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-21 11:50:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-21 11:50:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pndh.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28525153507328451900559775412003057398974247687264998388462259393519629442682580482409784178439702245351040124723918596547221254857112901020270632586717881876605307779569233603391399213180688898688836342954208729168567298345653321498774123814283057870480300783678745534121860336588745303394006824479059628677377195978164138296221141068006988377403160386556545919105833309875327944769102332298342650101979466212789576481083890594643355363592884210919866713739281584203507197359390621411368026913462911919327667847843857448496108447058365509389622327854680568491757599655365421077095082615388924160304388168097402695401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3eef7d0f451bc4a2220ccd0dea5444686728845c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pndh.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pndh.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016870760f270000040300483046022100f3210b145bc71c7143332b0dae42ffd80583fd84dd3eefa3e989bebbc8655f65022100980f63e52211765fe3b82c3c7a201184ecb0eb38f591462ecf584cc65664125400750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016870760f1d000004030046304402206f6feaca690fb4875a2f8cd642e177b24807daef959929f5c330a0304e9d7204022004bf627edb8cb7335ce530f00172eaeab248c2a9d7cd634a9f778cc008037e1c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006622c00c5b23921748e63e9f1643d4c09c3578e81f0068a462655a8c803dbcc6095ba3acff2b2da9da02f8a526c0da72d3f380b92d65b9af0543c895666bffceda25f0f9094876d4c473757bb5fd83f244526ed82cccc2cd9796dd417ed67dfb724a0d5f0118f89b645196ce4d184344ac7dfcbda10ff7b4793b7232e5cd29e61baf03b8832fa1f48ca39acebdfa36ee81493344ed533721f287b59ce756a19239e586da4bf861a9796960982f493e348b455bc80d2a1d8e67a45c4fcddd20b818454d328d14cd8f25bf000bc0be365b2f89e6ffc4cd3ece5e4849c472a194e55b20c17fb0cef458a518add070e3fa62cb3182e2a892717d2da4bd539e3cb2c9