www.ldexchange.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:56:00:15:6e:ae:e7:7c:19:91:95:98:b7:bf:70:b8:53:01 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.ldexchange.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:56:00:15:6e:ae:e7:7c:19:91:95:98:b7:bf:70:b8:53:01Serial Number (int): 377713538565398121419706837220222989521665
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0c:97:f5:dd:e8:38:73:ef:9d:83:f0:91:68:f3:0d:e5:e0:e9:b8:f3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 36:c7:c0:ec:6f:17:68:b4:df:13:c8:75:63:be:50:57:52:91:0a:fa
Fingerprint (sha256): 97:92:65:6f:14:0a:70:90:ad:b8:03:b8:bc:11:91:0f:aa:25:3a:31:18:0e:f9:de:ff:a0:e6:2f:e4:90:26:c1
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.ldexchange.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.ldexchange.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.ldexchange.com
Other certificates including the domain name ldexchange.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.ldexchange.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXTCCBUWgAwIBAgISBFYAFW6u53wZkZWYt79wuFMBMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMDgxNjU2MzJaFw0y MDAxMDYxNjU2MzJaMB0xGzAZBgNVBAMTEnd3dy5sZGV4Y2hhbmdlLmNvbTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMNu9IDe2sfbalbcgQnqg9X3v+pp Ejy7wtLbxYJq3q4EN87Yo62sOEESXqNjdE+I9JYYS52Tld0EO0uHqXRFZfUmiX0/ XsmuiSbO2urZsVbHLRpgDXUX3rHtF7bP5NGiS8w+9D7T5UOc0WFQ4FDvTWWF6D60 SHLewhLP4X8yxMHH5LpQDQ2y6RGtb1llc41fG2AYd4COg3sflFi0MnRbh24XRSKB z4JQVNy7idk6Ep7FrMLoALokkkHxEUlWvPe8AlfJrrKE+XXGq1N/1ylTI/4e8Qcl hriAo0IlEnQhIWKnG7y4GqGw2NDUZanA3glSCudwdFZ8zGRciUhF4LgzBMclVrLY kKJXn5v97RjentwiS0V+5MuAFF+be5QaPSWrwNY+vDRWdCiKHkPOW++H2rDYrKyb 3dhmX5sMUmJFmzBUeAVla28rX67GWLeQizLtbjJta5bSpO8F4ylDlWKM6a0oilKP OPYFqBOEOduaeSvJ24uxOGrKsFtcVUVzMELZAtgn6p+aZrhrl2o24BjpaGV6J5Qn d2B9VbQm/6YMuKdfr8qls4dIRyBD0uwwp0Og6s1flZnXIGDw56XMN0vxnTFyAr1U R/Zl2mQdfifgp2Pj5S1OJMy8hg7uREZEAosZRBT7sxID+b7Rqqmp8ntEkIG5aOSc RsZsjtv/lAlhIwvJAgMBAAGjggJoMIICZDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FAyX9d3oOHPvnYPwkWjzDeXg6bjzMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISd3d3LmxkZXhjaGFu Z2UuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHW eQIEAgSB9gSB8wDxAHYAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4A AAFtrIP1hwAABAMARzBFAiAibzz7wgndWxDZ+JC2F1PJHUJJeXCx4f7JHL2Nu3ke YwIhAJ09BhLD+QA7TdCu2Pn7NAYeucpx1fIzNPrWIvK+PQDnAHcAb1N2rDHwMRnY mQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFtrIP1ugAABAMASDBGAiEAxUmnSO7+ KlDZ7Ccm2YaFmc3CJCrh/8Ay4HazemrwL8ACIQDHGKsqk1Yn+NAo6gwPhiB88XJY MKBS2JeU4Euz0m62HTANBgkqhkiG9w0BAQsFAAOCAQEAYOQaO5pBJg4l7PjSSGs5 G37wjjd7Nd2AA5+Gsf4yPlZ4z+f/ThEIYAOp7RxRuZVfeHJMkRPDZHPlpkGky981 9rF3j3H7XqXs/TlPVF//WnSDptwnrpI6VhCW/sDRg+v/mqsw+q/5t0M5xtLUy41D e9v+0i7STL5F5a8ar2VPGp8rClfXnr2C/rqo9hTnF/WkHJ3vzqXwQ8BkL7AijuQ4 PgGAk8Nz5KF7s+z8jAmEh67epVc3K6hYCtgtVtFrK7Yd7qdgB6r9DJCP3rhd2+YF sqrrgJvnlGvNTSeUMAupsmCjT4QGIMbm8k5tT6awHJoo9boxdiIzPSebXH3PL4qh kA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw270gN7ax9tqVtyBCeqD 1fe/6mkSPLvC0tvFgmrergQ3ztijraw4QRJeo2N0T4j0lhhLnZOV3QQ7S4epdEVl 9SaJfT9eya6JJs7a6tmxVsctGmANdRfese0Xts/k0aJLzD70PtPlQ5zRYVDgUO9N ZYXoPrRIct7CEs/hfzLEwcfkulANDbLpEa1vWWVzjV8bYBh3gI6Dex+UWLQydFuH bhdFIoHPglBU3LuJ2ToSnsWswugAuiSSQfERSVa897wCV8musoT5dcarU3/XKVMj /h7xByWGuICjQiUSdCEhYqcbvLgaobDY0NRlqcDeCVIK53B0VnzMZFyJSEXguDME xyVWstiQolefm/3tGN6e3CJLRX7ky4AUX5t7lBo9JavA1j68NFZ0KIoeQ85b74fa sNisrJvd2GZfmwxSYkWbMFR4BWVrbytfrsZYt5CLMu1uMm1rltKk7wXjKUOVYozp rSiKUo849gWoE4Q525p5K8nbi7E4asqwW1xVRXMwQtkC2Cfqn5pmuGuXajbgGOlo ZXonlCd3YH1VtCb/pgy4p1+vyqWzh0hHIEPS7DCnQ6DqzV+VmdcgYPDnpcw3S/Gd MXICvVRH9mXaZB1+J+CnY+PlLU4kzLyGDu5ERkQCixlEFPuzEgP5vtGqqanye0SQ gblo5JxGxmyO2/+UCWEjC8kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 377713538565398121419706837220222989521665 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-08 16:56:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-06 16:56:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.ldexchange.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 797298785765799650233533448387095769274147405898643889163741993428316286464722098275121700963713702173050789595724041511485107469600880650290436181188946894538391316778688495064804845662985005393105577887423500256212283927838408479421341420820734665541193007602434171964250102819393201692358837768786258268958033026086762975798276547760747079562736722686821356513419201075270743507974136500492103069338403297924642560793469949427296956532105437904523751615050159311378775051779821582455649414527479547335458858630466489701113043111473564102241723819426445648379915545471611646413408623563667739099363466377752680908678116246165336774183671797351258598662299167339189825213461894525569448484480159858614435666638346961382098285205413508123213088773354451360198744045950294375339330335761234986773176336483549329169112957413890117574843177731220813938474582691312154119371950315772522161606124492472495750030736741729198053969042322945116356307095395572638205467071700551561624908286356989953298857180456206427331203623285976717381807881967626738972144626472619586590735986103124985037136584817528112074479320847122695614077407706241585716499720916630420832601059663826099781876963975621163615122231628173486769451397705545759338990537 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0c97f5dde83873ef9d83f09168f30de5e0e9b8f3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ldexchange.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016dac83f58700000403004730450220226f3cfbc209dd5b10d9f890b61753c91d42497970b1e1fec91cbd8dbb791e630221009d3d0612c3f9003b4dd0aed8f9fb34061eb9ca71d5f23334fad622f2be3d00e70077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016dac83f5ba0000040300483046022100c549a748eefe2a50d9ec2726d9868599cdc2242ae1ffc032e076b37a6af02fc0022100c718ab2a935627f8d028ea0c0f86207cf1725830a052d89794e04bb3d26eb61d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0060e41a3b9a41260e25ecf8d2486b391b7ef08e377b35dd80039f86b1fe323e5678cfe7ff4e11086003a9ed1c51b9955f78724c9113c36473e5a641a4cbdf35f6b1778f71fb5ea5ecfd394f545fff5a7483a6dc27ae923a561096fec0d183ebff9aab30faaff9b74339c6d2d4cb8d437bdbfed22ed24cbe45e5af1aaf654f1a9f2b0a57d79ebd82febaa8f614e717f5a41c9defcea5f043c0642fb0228ee4383e018093c373e4a17bb3ecfc8c098487aedea557372ba8580ad82d56d16b2bb61deea76007aafd0c908fdeb85ddbe605b2aaeb809be7946bcd4d2794300ba9b260a34f840620c6e6f24e6d4fa6b01c9a28f5ba317622333d279b5c7dcf2f8aa190