www.cusacklab.org
Issued by R3
About this certificate
This digital certificate with serial number 03:ff:28:a6:92:f4:af:41:34:d6:8d:8c:74:3c:2f:2e:51:1e was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.cusacklab.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:ff:28:a6:92:f4:af:41:34:d6:8d:8c:74:3c:2f:2e:51:1eSerial Number (int): 348162895381847674032376962350600669778206
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c2:5c:c4:e1:5f:b7:75:71:1e:f4:93:32:8e:93:47:81:2b:10:49:a9
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 52:fb:a1:a8:5e:53:c0:b5:ac:e1:4e:0c:34:a5:30:d3:45:95:2b:9f
Fingerprint (sha256): 96:b4:f7:ec:99:af:e5:28:12:10:ea:40:ff:2b:c5:72:49:f4:b7:86:12:d7:5b:bb:d6:e3:9d:aa:f5:ea:d3:be
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.cusacklab.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cusacklab.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cusacklab.org
www.cusacklab.org
www.cusacklab.org
Other certificates including the domain name cusacklab.org
(limited to 100 certificates)
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
cusacklab.org
www.cusacklab.org
www.cusacklab.org
neurana.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
www.cusacklab.org
cusacklab.org
www.cusacklab.org
www.cusacklab.org
neurana.cusacklab.org
www.cusacklab.org
Certificate
The complete raw certificate details for www.cusacklab.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISA/8oppL0r0E01o2MdDwvLlEeMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMDcxNzQ5MThaFw0yNDA1MDcxNzQ5MTdaMBwxGjAYBgNVBAMT EXd3dy5jdXNhY2tsYWIub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmXPAD/HaOYSPXarefgzyqBcbzOrqYSVgNigm2vxxVRvI0sd640NUYZO9rHrD cdWbZ4INksi4drlX6SPLSemEywZKMiRXEEso0OkLNTfVcXuaVHyIecgTC4JYcoVG o9V3g9VwMa/jkiI1yhdLR8wyUL/cDtGkaqMEUGqL8BjN08WkTO6vgvofosKTVGnW b3VC8ICW0noQGYgUfeM9tR6JzsYs0FbEPrSdHeusHRxqbrkQpIglXmyzqQvws760 xMsh9WDtbKgxSu0k30988apHpUhR3xRN3BDZXEzwrnSuplqReJjdVxKCKHpzQMkX Kc7Rq1kRjVWtQ0JgDC7Vdf6MpwIDAQABo4ICIjCCAh4wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBTCXMThX7d1cR70kzKOk0eBKxBJqTAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzArBgNVHREEJDAigg1jdXNhY2tsYWIub3JnghF3d3cuY3VzYWNrbGFiLm9y ZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2 ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjYTnKtEAAAQDAEcw RQIhALqS4jJnjFJ1yJLcHeUFNvYd0X/PCqo3UOBBD4cK4j2YAiAKtvYqTRB4HZLS HAEMVAfOKp23K3Bb0GgUYpGUJQNDCAB2AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i 2reK+Jpt9RfYAAABjYTnKtAAAAQDAEcwRQIhANhim/P1Bw8HMpWyH/fXi/hns9ZP Hwrjd93F6IfS/wU3AiB2Z2xEPMxDxIwSA7GQZlTXyaJY2pGqZ1SZrn0L63HL9TAN BgkqhkiG9w0BAQsFAAOCAQEAd1eppQDZkZ+klW9MrE/mpyQD3tdNctN4lv3yaYex 2RwgHdJ/hNySi7/25f8BkbD7IwAZ39Ycfd+/8TlaBenZ/JBF6qcAgBoTMFMU4NA6 BUAplokFZ8tX8hGcJ0dvPKifn3MPzPTUVSNziCMwRFGF7z0+Li9mhc9BMI2NUHmV PUpAzUpXleyIRXH4rbsqeUmi9o/g7IV3KWZmuvsZx+dWqYbhTmh1orRDU4oQm7gA JdGwcuTQX8zO/FLFKqZe3I2uuulj+aV7k77RF3FeQc6VeMCkhQlVR1R5P6XV8DCK qSAIYxqdG1zADNEG6Dpvu+vjjkExo8/0HccoIarOxRAYgQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXPAD/HaOYSPXarefgzy qBcbzOrqYSVgNigm2vxxVRvI0sd640NUYZO9rHrDcdWbZ4INksi4drlX6SPLSemE ywZKMiRXEEso0OkLNTfVcXuaVHyIecgTC4JYcoVGo9V3g9VwMa/jkiI1yhdLR8wy UL/cDtGkaqMEUGqL8BjN08WkTO6vgvofosKTVGnWb3VC8ICW0noQGYgUfeM9tR6J zsYs0FbEPrSdHeusHRxqbrkQpIglXmyzqQvws760xMsh9WDtbKgxSu0k30988apH pUhR3xRN3BDZXEzwrnSuplqReJjdVxKCKHpzQMkXKc7Rq1kRjVWtQ0JgDC7Vdf6M pwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 348162895381847674032376962350600669778206 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-07 17:49:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-07 17:49:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cusacklab.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19371539232124423154701810436276477328656769921069032975676208877354795908167368078574390291879213675307797805578372523711085843263299660495070502430469863135922362868675451780174026019926819352458454233035232709996693533092454575263648805158877958789446422101208529038119722747388209104004486790837290000149978262260956917944553316830216316689468103385162362319335401695878063697532051558452753502363812782232583379323518812588502670533533124189477438906003730299332303263100488912538076647640041395344897489157826143088072692044807396935772778717250110176153193041150486070642571204088012929471072264381847218064551 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c25cc4e15fb775711ef493328e9347812b1049a9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cusacklab.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cusacklab.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d84e72ad10000040300473045022100ba92e232678c5275c892dc1de50536f61dd17fcf0aaa3750e0410f870ae23d9802200ab6f62a4d10781d92d21c010c5407ce2a9db72b705bd0681462919425034308007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d84e72ad00000040300473045022100d8629bf3f5070f073295b21ff7d78bf867b3d64f1f0ae377ddc5e887d2ff0537022076676c443ccc43c48c1203b1906654d7c9a258da91aa675499ae7d0beb71cbf5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007757a9a500d9919fa4956f4cac4fe6a72403ded74d72d37896fdf26987b1d91c201dd27f84dc928bbff6e5ff0191b0fb230019dfd61c7ddfbff1395a05e9d9fc9045eaa700801a13305314e0d03a05402996890567cb57f2119c27476f3ca89f9f730fccf4d4552373882330445185ef3d3e2e2f6685cf41308d8d5079953d4a40cd4a5795ec884571f8adbb2a7949a2f68fe0ec8577296666bafb19c7e756a986e14e6875a2b443538a109bb80025d1b072e4d05fcccefc52c52aa65edc8daebae963f9a57b93bed117715e41ce9578c0a48509554754793fa5d5f0308aa92008631a9d1b5cc00cd106e83a6fbbebe38e4131a3cff41dc72821aacec5101881