www.blug.net
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:17:2c:97:21:ad:54:30:7a:9a:f1:07:59:74:5a:f9:74:c1 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.blug.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:17:2c:97:21:ad:54:30:7a:9a:f1:07:59:74:5a:f9:74:c1Serial Number (int): 269222622986154544040633056422334608012481
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b1:28:92:ad:a5:00:b4:26:13:af:c3:53:e7:f6:fa:07:18:20:73:ec
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 68:45:cc:7f:06:68:5a:88:68:81:d5:d2:ae:28:f1:74:7c:4f:84:73
Fingerprint (sha256): 93:66:f2:e6:58:d1:ac:8b:8c:2e:fd:eb:14:72:1a:e6:1f:87:c2:cf:fe:c5:f7:c2:03:c8:98:07:0d:d1:d6:cb
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.blug.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.blug.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.blug.net
Other certificates including the domain name blug.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.blug.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISAxcslyGtVDB6mvEHWXRa+XTBMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDYwMTI3NTdaFw0y MDAzMDUwMTI3NTdaMBcxFTATBgNVBAMTDHd3dy5ibHVnLm5ldDCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAM4UnjRCpi5myYf5SQF29Au0IKcKDVzsIi6j 4Jd8RwETb+k8IXGyuw+MNZ23mUsRqzwdzhfNAyPy+XSN3ny9fLjwiiPGU7kLLxHY CiBKtytNDGd6ns8q564KbIIGgLXdILg7aNW/wNFxIXVPnjm5o1Bahwb/4uveZD8s bYmkGghwjcapYwsCefAsc/BdV/u814S95wMHvCPjMnYu6vCdk2bUMBjeZLKiHkBa pi0tJ0SWEO7cR3uEzvBjsYgEaJmurbhPQndf2jYFD9ethgD17aQwI6kpdyr/Wysi 9sghb9B38vYy2ncSR7k1M2VexBGYAs87BWGdXSoPWeoh+IXjtuiRcjzwfUv1jnij rLHR1IrdtvQFevvNn6NwneJbC+sY93ADj1sjkA1q4zBZqADlMrXyVOxRSjffL23Y Xlh26m+Aia0yATIoW0TsJBME5I74vpkZZquPtyOsXcROyEJh5I4soAALEpr/x17M NkfsRc5gQjPzwxIySK9Dd1143Hj7UzmaSmpODn00mz003VahPMkDGwjgHmTSMPCJ wH2AuijA2jxXyJiG3WhH/eXKtRyev+d9eQknhT7mH2tIjPHOUmeUBunPkDVUpsQz ePHnfm9uGHdapZzwIbKzYv/sC0nWs+9dl1qsp+iUiiBkNGoM5Yr2Hd3cF9A/jnht Zkjyco3xAgMBAAGjggJgMIICXDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLEokq2l ALQmE6/DU+f2+gcYIHPsMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMd3d3LmJsdWcubmV0MEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv AHUA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFu2QkG3AAABAMA RjBEAiABzAJv2MP0oHK8HC8B5W2osr0vgwE8zzALA5DNrs7ZpgIgVw0XXP0cm0Ex xeKjvuN7LEuSHDS9R/b9+OO2F7gMYxAAdgAHt1wb5X1o//Gwxh0jFce65ld8V5S3 au68YToaadOiHAAAAW7ZCQcnAAAEAwBHMEUCIHBqIbHU2s08GDyEIKcsPDrYRbWW FuWAq9UZuQH8Y1LAAiEA++P8Ox6Qk5i2Sp7OGzhe2Vk01GwV95vht+4PD1+xtoow DQYJKoZIhvcNAQELBQADggEBAIJM7WpLwh3YGit6iUrNUs7qkIHWvjTqnsUsz/dy 6+FghbccOefojxHhHltQiaQwNCTqsVdKS7da9jlX1USS8225/Bys3Mtn8VJDyIcL n8gsIvxxAd7AuvhdDBxc1afr2hpQwQqGrfIloEjQtk4beMzlTEJtY8LNsVBlpuNb D1iXsM/BDea4bNDRJFHH+OCpsxIJsVqziI3t02TQTZ9pHcLPntV2nwNb+WVdIeqo pmu94giY2kWjMrU+w7v3jK1lrx+FnQa7OXj0nUU9eJLh57lBROcou/evOFfBb3zx ZfVOYo9qxTuepTQblK/xfAZXJsSikEwozzVSOXvc7nTOdog= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzhSeNEKmLmbJh/lJAXb0 C7QgpwoNXOwiLqPgl3xHARNv6TwhcbK7D4w1nbeZSxGrPB3OF80DI/L5dI3efL18 uPCKI8ZTuQsvEdgKIEq3K00MZ3qezyrnrgpsggaAtd0guDto1b/A0XEhdU+eObmj UFqHBv/i695kPyxtiaQaCHCNxqljCwJ58Cxz8F1X+7zXhL3nAwe8I+Mydi7q8J2T ZtQwGN5ksqIeQFqmLS0nRJYQ7txHe4TO8GOxiARoma6tuE9Cd1/aNgUP162GAPXt pDAjqSl3Kv9bKyL2yCFv0Hfy9jLadxJHuTUzZV7EEZgCzzsFYZ1dKg9Z6iH4heO2 6JFyPPB9S/WOeKOssdHUit229AV6+82fo3Cd4lsL6xj3cAOPWyOQDWrjMFmoAOUy tfJU7FFKN98vbdheWHbqb4CJrTIBMihbROwkEwTkjvi+mRlmq4+3I6xdxE7IQmHk jiygAAsSmv/HXsw2R+xFzmBCM/PDEjJIr0N3XXjcePtTOZpKak4OfTSbPTTdVqE8 yQMbCOAeZNIw8InAfYC6KMDaPFfImIbdaEf95cq1HJ6/5315CSeFPuYfa0iM8c5S Z5QG6c+QNVSmxDN48ed+b24Yd1qlnPAhsrNi/+wLSdaz712XWqyn6JSKIGQ0agzl ivYd3dwX0D+OeG1mSPJyjfECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 269222622986154544040633056422334608012481 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-06 01:27:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-05 01:27:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.blug.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 840735248480555114650600805031313529280676581397289587873597757680852028737750235895642083469035834563113644949764164661200057003159836168323183957403097100359352741490978378381041407490371586631920580857113547950106234329502023943056613111833433317875151475163101752444308493862522705402363501342564969172600867900523995334135494806853868262467041228237831303744803879260120415335184585287685282435502911145897025225915476443888289644594455382758448498855820271792814783802063731978688379499677310390731077628410872228583115100950274357137683571606757580473589599885388385442842141360986036430036866650478357375648147234219986472181346772304287712531840035406981571690901254191898096650016479858925151139047695131540690103206661114612293273074049741803650191397290164640848180874281414889277218542890660699325137458771212323300919858061377816062028880184251099368963848432523586419087888002240148447848880022384793996824933497623701122774433150343725909481240508194339790005546568174222257356480555213160695312684769803725236476536610510919827591825429995385432741801484907665280312898564312074894854871911921731315879185362560611382219163200218257474623964391137535310959016136895733912275263692111073927275700545439020779012525553 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b12892ada500b42613afc353e7f6fa07182073ec . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blug.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016ed90906dc0000040300463044022001cc026fd8c3f4a072bc1c2f01e56da8b2bd2f83013ccf300b0390cdaeced9a60220570d175cfd1c9b4131c5e2a3bee37b2c4b921c34bd47f6fdf8e3b617b80c631000760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ed909072700000403004730450220706a21b1d4dacd3c183c8420a72c3c3ad845b59616e580abd519b901fc6352c0022100fbe3fc3b1e909398b64a9ece1b385ed95934d46c15f79be1b7ee0f0f5fb1b68a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00824ced6a4bc21dd81a2b7a894acd52ceea9081d6be34ea9ec52ccff772ebe16085b71c39e7e88f11e11e5b5089a4303424eab1574a4bb75af63957d54492f36db9fc1cacdccb67f15243c8870b9fc82c22fc7101dec0baf85d0c1c5cd5a7ebda1a50c10a86adf225a048d0b64e1b78cce54c426d63c2cdb15065a6e35b0f5897b0cfc10de6b86cd0d12451c7f8e0a9b31209b15ab3888dedd364d04d9f691dc2cf9ed5769f035bf9655d21eaa8a66bbde20898da45a332b53ec3bbf78cad65af1f859d06bb3978f49d453d7892e1e7b94144e728bbf7af3857c16f7cf165f54e628f6ac53b9ea5341b94aff17c065726c4a2904c28cf3552397bdcee74ce7688