www.fflco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:b6:a8:91:24:d4:7b:f1:0d:8e:a2:ca:fb:67:ca:f8:f3:2c was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.fflco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b6:a8:91:24:d4:7b:f1:0d:8e:a2:ca:fb:67:ca:f8:f3:2cSerial Number (int): 323492312508229367962696513369666041213740
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 9d:bb:de:40:e9:2b:95:b7:98:87:4a:cb:71:f4:e5:d6:bf:4d:1f:ae
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): d3:88:65:18:ce:ef:12:ea:cc:eb:1f:4d:3e:22:ec:44:1a:ff:15:3e
Fingerprint (sha256): 90:0e:d9:45:b1:0f:c3:e8:c4:ba:1c:d5:03:ee:b9:8c:95:25:82:53:a2:c4:a6:7a:0b:f6:85:d1:41:91:be:76
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.fflco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.fflco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.fflco.com
Other certificates including the domain name fflco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.fflco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA7aokSTUe/ENjqLK+2fK+PMsMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTcwMDM5MjZaFw0y MDAzMTYwMDM5MjZaMBgxFjAUBgNVBAMTDXd3dy5mZmxjby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDPHnfDFJuXPEgaFfxwOuFKM2fWvdBHtWQf 4zQjDXlNuDZNI5lnKW0wwChPBx/JYm+dZRf3vBZ/Gix04ZjQlQVQTN8UCFAXB/HN Oz1aQUcK+QIzESZSu0yuntYm/ZGO0+NSZjILUAItBr1QsndDqYdt/4B/712tkaFv Ps8tjEmlfB64Wlc+2CtasWh0efH6kEja9HBDB2BVnsYmgxAYaaENOzrieVvzGobs uEfhmEPMhm1KqzejFMjIbm62kIv/FdLoefXZISjYZchL5DuBJg9myktk7dSPdp0s JhQ1Wq/VW9cepjfooWv+12aIlrzECn0SN/zxvyujYMTYsyYSXh9AQuFk5ZsMx+T5 SNxYNbLQuHRTAnNIMlLjkSMZBMZGWxpoHcXxRz9/nMGvgl49lxaxoG58OTy7z6J9 fYv+FSbtuneEibHnhYIBaL/dBzNSnmvR5QwIn/qvgsu/4NLxZig++O14VGQEQNDZ 2xm5T2IYyH3Vzs+DXk4xjBQtUGuZPUrk4zdnJj4UL7hL81QtRaE7XzMTjl8FF4lH BV0+b5GFHA45Mr48/dMyPacGh2Zwkw8xCeE3MBHPML5p+DgYHTw+YIDTGgR5vKT0 s0dttSKfRfvJnA/IAbGqeRVge5M5QI3lsdCaU9cg44JE+v9/DhG39assSVArLt5W 0iLTVgBCCQIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSdu95A 6SuVt5iHSstx9OXWv00frjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5mZmxjby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAW8RgpCwAAAE AwBHMEUCIQCRZmBc2dDbTRwp3glLS6CCLKcqu+gZSdRJrLQPsJN4xAIgNxF/P5TN yxeIrO+RIOBZVAk7utf3joufhoP2X7Wa0uQAdgAHt1wb5X1o//Gwxh0jFce65ld8 V5S3au68YToaadOiHAAAAW8RgpDWAAAEAwBHMEUCIQDoSMyPWHsrIEel7rGBKoCZ xuV6sqNoV6eyr885oJ/OBwIgXE1noEPlvl6nYvALBe0uNu3HDxTdOr+zFM6vSscD 4N0wDQYJKoZIhvcNAQELBQADggEBAF8IRUM0p1BE3aigcyUMI9bWpltJhWmJUtkr GxyB7kCusKwkKDmp/BFcr8601j74w/qxUmoW3LrxzHtqFCnJpuec/owATSScFrf3 rktuGt6uHL+ZJroLAaXByJDvShLlCvnzQYRMWmiOThrwgcmFcokB12rj3AGlqdB1 /jH3tmpHnGLBgYTJQ6fRJQW/ndTSePaRUV50N5fVFBpD68uIcb2R/gdrQXPGEoHy uSCyY5Ff5UTxe03utzd91Z42WlN/VKhwu6hrwuiGOgmUO2k9MQSTs73smjCHv3Y5 8dMcLfHnYbiC5v9pgn4VO5FswXT8CQmQbYPxW3qD+bjf+pIttKo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzx53wxSblzxIGhX8cDrh SjNn1r3QR7VkH+M0Iw15Tbg2TSOZZyltMMAoTwcfyWJvnWUX97wWfxosdOGY0JUF UEzfFAhQFwfxzTs9WkFHCvkCMxEmUrtMrp7WJv2RjtPjUmYyC1ACLQa9ULJ3Q6mH bf+Af+9drZGhbz7PLYxJpXweuFpXPtgrWrFodHnx+pBI2vRwQwdgVZ7GJoMQGGmh DTs64nlb8xqG7LhH4ZhDzIZtSqs3oxTIyG5utpCL/xXS6Hn12SEo2GXIS+Q7gSYP ZspLZO3Uj3adLCYUNVqv1VvXHqY36KFr/tdmiJa8xAp9Ejf88b8ro2DE2LMmEl4f QELhZOWbDMfk+UjcWDWy0Lh0UwJzSDJS45EjGQTGRlsaaB3F8Uc/f5zBr4JePZcW saBufDk8u8+ifX2L/hUm7bp3hImx54WCAWi/3QczUp5r0eUMCJ/6r4LLv+DS8WYo PvjteFRkBEDQ2dsZuU9iGMh91c7Pg15OMYwULVBrmT1K5OM3ZyY+FC+4S/NULUWh O18zE45fBReJRwVdPm+RhRwOOTK+PP3TMj2nBodmcJMPMQnhNzARzzC+afg4GB08 PmCA0xoEebyk9LNHbbUin0X7yZwPyAGxqnkVYHuTOUCN5bHQmlPXIOOCRPr/fw4R t/WrLElQKy7eVtIi01YAQgkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 323492312508229367962696513369666041213740 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-17 00:39:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-16 00:39:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.fflco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 844971860607246237949615331279281380614861382093768318868228813462767720283905546891358873525812723236904946528497704619661715795023371040463216645380102505975895309190663861928875047049776692176641475970208741590936354510554598510294816255332256266340815726258587005301908716371924275119408377755274529071110487978724216545337058612494223186956911554817490775907285975286653626382484234593955571420672080202718771739532754089197025455821976221185109480364970226715622902452802643542389611897442487482493535236540860984628371706223112376587783241196048755488678688162569786123260154119128893778596490270547776452955385552510163864157881179564006344766018965184778824712274655322833370857213176477172877379617648972265550894740681683912006017872644671423653384809125242408442574040822904037868888577278144957689425635977077226328605205036336234629419993307819267794767169778547102355510139390795241820686723038218189616973386605551968690658709748842341241575006545659532244066754152600201041166294180920087781632377689408468676925009718861898592218537657856005631871449854086056664265140828071066661142242424418878055585041972568362480100905119536117405822572685867599611950932586236057358092152767253604533238009307403774965292483081 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9dbbde40e92b95b798874acb71f4e5d6bf4d1fae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fflco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f118290b000000403004730450221009166605cd9d0db4d1c29de094b4ba0822ca72abbe81949d449acb40fb09378c4022037117f3f94cdcb1788acef9120e05954093bbad7f78e8b9f8683f65fb59ad2e400760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f118290d60000040300473045022100e848cc8f587b2b2047a5eeb1812a8099c6e57ab2a36857a7b2afcf39a09fce0702205c4d67a043e5be5ea762f00b05ed2e36edc70f14dd3abfb314ceaf4ac703e0dd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005f08454334a75044dda8a073250c23d6d6a65b4985698952d92b1b1c81ee40aeb0ac242839a9fc115cafceb4d63ef8c3fab1526a16dcbaf1cc7b6a1429c9a6e79cfe8c004d249c16b7f7ae4b6e1adeae1cbf9926ba0b01a5c1c890ef4a12e50af9f341844c5a688e4e1af081c985728901d76ae3dc01a5a9d075fe31f7b66a479c62c18184c943a7d12505bf9dd4d278f691515e743797d5141a43ebcb8871bd91fe076b4173c61281f2b920b263915fe544f17b4deeb7377dd59e365a537f54a870bba86bc2e8863a09943b693d310493b3bdec9a3087bf7639f1d31c2df1e761b882e6ff69827e153b916cc174fc0909906d83f15b7a83f9b8dffa922db4aa