zinnia.capital
Issued by R3
About this certificate
This digital certificate with serial number 04:b3:de:4d:26:f0:09:b7:4d:03:be:29:da:38:af:9d:89:fe was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=zinnia.capital
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:b3:de:4d:26:f0:09:b7:4d:03:be:29:da:38:af:9d:89:feSerial Number (int): 409655176617560660956343255607682396948990
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d2:dd:f3:8e:75:a9:80:b7:0d:19:ba:5e:dc:1f:a5:9e:7a:1b:f3:f0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c2:37:97:c4:42:db:b2:76:78:68:df:fc:18:cb:bf:de:6f:70:4b:31
Fingerprint (sha256): 95:39:aa:83:17:bc:c5:5c:a9:75:36:fe:4e:37:a3:f7:e4:25:fb:08:c1:22:8d:45:87:b2:02:1a:72:08:4c:bf
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate zinnia.capital
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for zinnia.capital
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
garyshum.com
membershipsuite.com
mowerking.com
newyorkmedicareadvisors.com
theantisugar.com
zinnia.capital
membershipsuite.com
mowerking.com
newyorkmedicareadvisors.com
theantisugar.com
zinnia.capital
Other certificates including the domain name zinnia.capital
(limited to 100 certificates)
Certificate
The complete raw certificate details for zinnia.capital in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgISBLPeTSbwCbdNA74p2jivnYn+MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDMxMzE5MjRaFw0yNDA3MDIxMzE5MjNaMBkxFzAVBgNVBAMT Dnppbm5pYS5jYXBpdGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 0gNL/rqCdDjaFz4TzOor7TJmCIpP9Yptsnpumo/u1/7YG96b3co8Kkgblp2LVgFm ArwXoznMdcGdVt/oJNpSz3sxm2UteDScsFZ7si99Mqld8qurkBDPqdKaCWjpO0+z NPl51x2msykxhtTmo2j8rNo0lTzyyTTwK7kNZlrsKOaibD6uHLYjn1zelhnSP65i mgylJ1KTaqCeLjQCWheLTkj4VIMYvu3wxuqBkPCrGmUSHaP1jztl7QnU1eAdDmH0 fyxI4zFDmi4Bp32rYIQ3SwLWJizjQ6Zh+c6L+f5eW8fn2ZPWhs220jyAYvMsPAVf siuPAd5o7FYPCIdxbEquLwIDAQABo4ICcTCCAm0wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBTS3fOOdamAtw0Zul7cH6Weehvz8DAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzB6BgNVHREEczBxggxnYXJ5c2h1bS5jb22CE21lbWJlcnNoaXBzdWl0ZS5jb22C DW1vd2Vya2luZy5jb22CG25ld3lvcmttZWRpY2FyZWFkdmlzb3JzLmNvbYIQdGhl YW50aXN1Z2FyLmNvbYIOemlubmlhLmNhcGl0YWwwEwYDVR0gBAwwCjAIBgZngQwB AgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3 fx+FauvBvyiF7PhkbgAAAY6kVDFpAAAEAwBHMEUCIFxI0qCqWqdd50La8gF0ESlF QmxlpfRmp5021SDdUc7bAiEAwkv433IZTZn+mybyzDkV+RsNazS090ZKRpadAyL7 cBUAdgDf4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAY6kVDH4AAAE AwBHMEUCIA6C3Rt/BN+TGqzJePs9BmcaO1Do+PBMA3fwUXeZwBLuAiEAvtm7xrTh fmhtd/ChNx6KIOxaBc0ejwr/4bAJh6jN9i4wDQYJKoZIhvcNAQELBQADggEBAK5b xqM4919D1OBubeCyQzVWMbUHUzm0HY+tpbczde67BvXico0fVXWiwn9jt0xrPMpW lPc43SudwWP9rSLz9WLJq+oUk92izERcR+yUEjus1J0s0nje5x6nXvIktEuJEe0I EQ+FqhOatAwGVd9TbnZeLi3cFvdejE/oQWdr5O+R7tlkEEoIfqeBIxg/eX1ClngR HwcK3sjrjMU5h7hmUj6g50uBJ58UwnVOBr4J+roo6Jrvb1yU4CmJtPLzmmCfz6dw LnDctpKDzGpiOeuA1kg51s6YL1rITo0tXqoGsj13z5miswjg2dcuAkOC2nTq3cdT mkxgmznKJ1V1v9MZDEQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gNL/rqCdDjaFz4TzOor 7TJmCIpP9Yptsnpumo/u1/7YG96b3co8Kkgblp2LVgFmArwXoznMdcGdVt/oJNpS z3sxm2UteDScsFZ7si99Mqld8qurkBDPqdKaCWjpO0+zNPl51x2msykxhtTmo2j8 rNo0lTzyyTTwK7kNZlrsKOaibD6uHLYjn1zelhnSP65imgylJ1KTaqCeLjQCWheL Tkj4VIMYvu3wxuqBkPCrGmUSHaP1jztl7QnU1eAdDmH0fyxI4zFDmi4Bp32rYIQ3 SwLWJizjQ6Zh+c6L+f5eW8fn2ZPWhs220jyAYvMsPAVfsiuPAd5o7FYPCIdxbEqu LwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 409655176617560660956343255607682396948990 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 13:19:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 13:19:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zinnia.capital' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26511669782960468400916787863690286995259063159991985937851340812836585913164197326490750942137098814817600053686708268497075073524814691113217228732218060146818785361029820525136740036218529007751176374514991845153770003895722214271973621902689488224774082004132618783015651228802820221754525590061768369091059623826054690337802587997592612217196727996601383260833872865391049768492181775883124596705028941893778443900579611430626004864241404163079301640753332841544982884076975478941790365284118715298891321184808002154929200728788293422711181082240530829500525379334273488074870195397785097247188721335187677031983 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d2ddf38e75a980b70d19ba5edc1fa59e7a1bf3f0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'garyshum.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'membershipsuite.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mowerking.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newyorkmedicareadvisors.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theantisugar.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zinnia.capital' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ea4543169000004030047304502205c48d2a0aa5aa75de742daf20174112945426c65a5f466a79d36d520dd51cedb022100c24bf8df72194d99fe9b26f2cc3915f91b0d6b34b4f7464a46969d0322fb7015007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ea45431f8000004030047304502200e82dd1b7f04df931aacc978fb3d06671a3b50e8f8f04c0377f0517799c012ee022100bed9bbc6b4e17e686d77f0a1371e8a20ec5a05cd1e8f0affe1b00987a8cdf62e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ae5bc6a338f75f43d4e06e6de0b243355631b5075339b41d8fada5b73375eebb06f5e2728d1f5575a2c27f63b74c6b3cca5694f738dd2b9dc163fdad22f3f562c9abea1493dda2cc445c47ec94123bacd49d2cd278dee71ea75ef224b44b8911ed08110f85aa139ab40c0655df536e765e2e2ddc16f75e8c4fe841676be4ef91eed964104a087ea78123183f797d429678111f070adec8eb8cc53987b866523ea0e74b81279f14c2754e06be09faba28e89aef6f5c94e02989b4f2f39a609fcfa7702e70dcb69283cc6a6239eb80d64839d6ce982f5ac84e8d2d5eaa06b23d77cf99a2b308e0d9d72e024382da74eaddc7539a4c609b39ca275575bfd3190c44