gemalings.ca
Issued by R3
About this certificate
This digital certificate with serial number 03:35:f1:1a:ea:86:61:35:12:51:32:41:a8:b1:d7:1a:c5:75 was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=gemalings.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:35:f1:1a:ea:86:61:35:12:51:32:41:a8:b1:d7:1a:c5:75Serial Number (int): 279692306945523470371242526806799319483765
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6f:c0:e0:03:0e:89:1b:56:72:fb:73:88:df:e1:e8:f1:bc:f1:76:07
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 64:27:45:36:22:c3:23:4f:e8:56:7c:fd:38:b2:4a:bb:1a:5b:94:87
Fingerprint (sha256): 90:4d:b5:35:bd:b2:36:86:71:78:89:5f:84:30:28:79:17:69:8c:ce:cb:b0:99:2a:fb:79:d0:6a:49:55:07:26
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate gemalings.ca
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gemalings.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
321pressurewashing.com
acluvsamerica.net
bigdaddyworldwide.com
carsscanner.com.zerosugarschools.com.palosverdeshomevalues.com
gemalings.ca
impossible.cn
medicallyinducedcoma.com
opteer.com
pgj.co.in
saprivateschool.org
shipwrecks.xyz.goldmulch.com
systors.com
www.enerpactoolsgroup.pl.idloq.com
acluvsamerica.net
bigdaddyworldwide.com
carsscanner.com.zerosugarschools.com.palosverdeshomevalues.com
gemalings.ca
impossible.cn
medicallyinducedcoma.com
opteer.com
pgj.co.in
saprivateschool.org
shipwrecks.xyz.goldmulch.com
systors.com
www.enerpactoolsgroup.pl.idloq.com
Other certificates including the domain name gemalings.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for gemalings.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGETCCBPmgAwIBAgISAzXxGuqGYTUSUTJBqLHXGsV1MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTIwNDAzMTZaFw0yNDAxMTAwNDAzMTVaMBcxFTATBgNVBAMT DGdlbWFsaW5ncy5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMNa YY0e50q8UwEnWZJ6GU8NZH3W37q0nY5vbuOWNolEtForHjZVDB6qGgajDNIJdwVw RvoQOzBTSpfXxZrXPLS1i+Oq8Omz1su8LQgKkBLxO+82uc2AvcCLjoZ/vpyZS/1w wTLJlDgJd1exEGxiYwvVS+evBf3I6+WmI7Q3RMQsm5fEHBLEHcQPDS+ZmkCbA12T MeLAa1h8w3FUE9XrMXO7ZOY5uARmhJKS81Xnb+zhd14dRMKhK8orjC/wdYkIANSJ AqoH4zRXz4lWZX+QeTZVgsMc0c5lO6IQfPPhYx6+KrRH69QCM9+SKh/2plN6Q0IP Q1JDFmsF/XTDkEQcUMUCAwEAAaOCAzowggM2MA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUb8DgAw6JG1Zy+3OI3+Ho8bzxdgcwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w ggFBBgNVHREEggE4MIIBNIIWMzIxcHJlc3N1cmV3YXNoaW5nLmNvbYIRYWNsdXZz YW1lcmljYS5uZXSCFWJpZ2RhZGR5d29ybGR3aWRlLmNvbYI+Y2Fyc3NjYW5uZXIu Y29tLnplcm9zdWdhcnNjaG9vbHMuY29tLnBhbG9zdmVyZGVzaG9tZXZhbHVlcy5j b22CDGdlbWFsaW5ncy5jYYINaW1wb3NzaWJsZS5jboIYbWVkaWNhbGx5aW5kdWNl ZGNvbWEuY29tggpvcHRlZXIuY29tgglwZ2ouY28uaW6CE3NhcHJpdmF0ZXNjaG9v bC5vcmeCHHNoaXB3cmVja3MueHl6LmdvbGRtdWxjaC5jb22CC3N5c3RvcnMuY29t giJ3d3cuZW5lcnBhY3Rvb2xzZ3JvdXAucGwuaWRsb3EuY29tMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA2ra/az+1tiKfm8K7 XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGLIkR+fQAABAMASDBGAiEAwWKEATRUCeRt lPBB5JEaj6E/gP6yH4umG7PHfo4BHpwCIQC8fGfv3XXGZonOnwbfj/OvWSewf6ej eCnmjw+hhMQ35wB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB iyJEfmcAAAQDAEYwRAIgaG6QpBDpPJyN5B/M2XN2cUPrUY1iF8I7ZJSbx8h+mVsC IDOH371VKYu0EavLCadXcMUAEkOGnX7ntAv/Voi+Tx0vMA0GCSqGSIb3DQEBCwUA A4IBAQCODPnWOFS6Dvv9YZOaS4wEi0ZN46nYuFM/l/M96Hej7DL5s1j/7eiDSnnr IRCpAB+CiUZ/+Rbhp0tBWnUfU2yKLHFXYCj7x4YJ5HcZyltOcnh66OpcK8GniYOr 30ntL8WI0azKi3+CRvsttCVMFhQpsf3zjY8yTVcwQwZe3ZwIf/WrVITx+2j6ugTO D6JRJcP5howwSSIvLyVXV/9e3cKmirIafDB0VNynAxJnVhRrnVtB2Zs1wd+6hMN8 vmQIBtQLOprEBqjDVHSf5GqDjgbSzkxuuPrd4frIYWXsfvR8Q3PTd/TqodaMKaHq AGxfafnK/rg3l3/pIb0O92BY7g30 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1phjR7nSrxTASdZknoZ Tw1kfdbfurSdjm9u45Y2iUS0WiseNlUMHqoaBqMM0gl3BXBG+hA7MFNKl9fFmtc8 tLWL46rw6bPWy7wtCAqQEvE77za5zYC9wIuOhn++nJlL/XDBMsmUOAl3V7EQbGJj C9VL568F/cjr5aYjtDdExCybl8QcEsQdxA8NL5maQJsDXZMx4sBrWHzDcVQT1esx c7tk5jm4BGaEkpLzVedv7OF3Xh1EwqEryiuML/B1iQgA1IkCqgfjNFfPiVZlf5B5 NlWCwxzRzmU7ohB88+FjHr4qtEfr1AIz35IqH/amU3pDQg9DUkMWawX9dMOQRBxQ xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 279692306945523470371242526806799319483765 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-12 04:03:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 04:03:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gemalings.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24661038029953983008872517071720069038036811531388356435924633901328972642512259539526612687476888362752396453741560006979091536860561962899921463183764847154604905253043104220561948304345855704730479677208148568524942985548612151254966602937467017277704252614064315685095261048789474792565359210268545871761853685584720989324671183597410897302675215664710501972433261817224138289653708838183780198821344740721935298867539076526713156114819445083020059110664786343081211454472095019922741909211892357859840916652562344238084753212090562085623348004264410680721345518759541630269621596518769983309054774914722517766341 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6fc0e0030e891b5672fb7388dfe1e8f1bcf17607 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (312 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '321pressurewashing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acluvsamerica.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bigdaddyworldwide.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carsscanner.com.zerosugarschools.com.palosverdeshomevalues.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gemalings.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impossible.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medicallyinducedcoma.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opteer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pgj.co.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saprivateschool.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shipwrecks.xyz.goldmulch.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'systors.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.enerpactoolsgroup.pl.idloq.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b22447e7d0000040300483046022100c1628401345409e46d94f041e4911a8fa13f80feb21f8ba61bb3c77e8e011e9c022100bc7c67efdd75c66689ce9f06df8ff3af5927b07fa7a37829e68f0fa184c437e7007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b22447e6700000403004630440220686e90a410e93c9c8de41fccd973767143eb518d6217c23b64949bc7c87e995b02203387dfbd55298bb411abcb09a75770c5001243869d7ee7b40bff5688be4f1d2f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008e0cf9d63854ba0efbfd61939a4b8c048b464de3a9d8b8533f97f33de877a3ec32f9b358ffede8834a79eb2110a9001f8289467ff916e1a74b415a751f536c8a2c71576028fbc78609e47719ca5b4e72787ae8ea5c2bc1a78983abdf49ed2fc588d1acca8b7f8246fb2db4254c161429b1fdf38d8f324d573043065edd9c087ff5ab5484f1fb68faba04ce0fa25125c3f9868c3049222f2f255757ff5eddc2a68ab21a7c307454dca703126756146b9d5b41d99b35c1dfba84c37cbe640806d40b3a9ac406a8c354749fe46a838e06d2ce4c6eb8fadde1fac86165ec7ef47c4373d377f4eaa1d68c29a1ea006c5f69f9cafeb837977fe921bd0ef76058ee0df4