sunnlife.com
Issued by R3
About this certificate
This digital certificate with serial number 03:ec:85:0f:35:4b:d0:ab:95:ab:45:05:e7:c3:45:f9:8c:fa was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=sunnlife.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ec:85:0f:35:4b:d0:ab:95:ab:45:05:e7:c3:45:f9:8c:faSerial Number (int): 341820362677488890647997064642932101451002
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: db:9a:7d:5a:aa:8f:75:ab:4f:e5:10:f2:b1:c1:b9:aa:28:c9:08:b8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b9:8c:1c:aa:85:1a:0c:f5:79:fc:fc:fe:51:5e:38:38:2a:5b:58:ee
Fingerprint (sha256): 97:d1:23:59:8d:a7:8c:e9:e2:0e:37:65:1a:1f:09:b8:4e:99:c0:07:9a:f8:78:b7:bc:63:10:02:20:9f:e9:3a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate sunnlife.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sunnlife.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sunnlife.com
sunnlife.com
sunnlife.com
Other certificates including the domain name sunnlife.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for sunnlife.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgISA+yFDzVL0KuVq0UF58NF+Yz6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTUwNDQ0MThaFw0yNDAyMTMwNDQ0MTdaMBcxFTATBgNVBAMT DHN1bm5saWZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTa W9Cs7Mtrpv7iUzIXIMnDRVSQb6VzMZ+LNFm2Eemf9L1T0kcmcy56CRSTYuJbVpbv qlQy0tp9zSbHo4EyAiMhT86DUkmj8MWzt+JFRXHwwejeathpOSxgPoB3oYMiRXi3 vp+fjxoJEo6VOzE0GT2jktDabGXe+zduVHTzXqpZo2jThX8lvvmwXsyNStB+gu42 z8zYRtme9a3NvPcoUiLZTVOx+FtRaOdhpGSndRNkmq+qFsFBFdi0X95s5no3B72N 12m9bezkq+ZGXemP+JdxfRaIM0PZsiafFm40sp5tgy1Ve4QeYNvleKEd5JBBLMdN VzuoC2rh/K9JBDltNb0CAwEAAaOCAh0wggIZMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQU25p9WqqPdatP5RDyscG5qijJCLgwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w JwYDVR0RBCAwHoIOKi5zdW5ubGlmZS5jb22CDHN1bm5saWZlLmNvbTATBgNVHSAE DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AEiw42vapkc0 D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi9GCS0kAAAQDAEcwRQIgWw+wqGIG MjOajCyBCAYY0IsXf5anj0Wob2yRbqZ7thwCIQDRknv7hNseVywh5y5mEoN969qk m4uVYyR9c457YJRyAgB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0 AAABi9GCS9wAAAQDAEYwRAIgMU8ogbxowlfKo8jKmLmXOZ/voJoBMRYjoMLEkFxW FzwCIDLcCVAWhh6Qu+J1OxodM4kmlPoQAlwahS2SXJinQzM1MA0GCSqGSIb3DQEB CwUAA4IBAQASJb+PjG7JktlnFcpU1iasihnCX1VGgWeh9wXL2hlKDlIMjZULOmqR P6Nte2Yig8D4C68UMCRG/cEoM5GpR/dSUbTOk8hlyW7s/idH91Y3PjeGHJYw/M3a W/DRzkGTG/nhbBx5h0Pm4LhHeFI412JyHWdm2T6+Ui/77InFot2fHxkYgVs65VNS Kg+5AS5fyIkBMpxAKmd7EpKL4/V2GegsQI+CzEMOQ3ZqpKQ/Ev+sJFbhqlasnHkY YCSIjzqLxIqyEG2NUVS4Ne0JhqzYyuIpW8FUORFyAEKsxabF5AOlKURWePSY+acH zyETgidw7HLoxwtmbxTonUgFu0XEltfM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNpb0Kzsy2um/uJTMhcg ycNFVJBvpXMxn4s0WbYR6Z/0vVPSRyZzLnoJFJNi4ltWlu+qVDLS2n3NJsejgTIC IyFPzoNSSaPwxbO34kVFcfDB6N5q2Gk5LGA+gHehgyJFeLe+n5+PGgkSjpU7MTQZ PaOS0NpsZd77N25UdPNeqlmjaNOFfyW++bBezI1K0H6C7jbPzNhG2Z71rc289yhS ItlNU7H4W1Fo52GkZKd1E2Sar6oWwUEV2LRf3mzmejcHvY3Xab1t7OSr5kZd6Y/4 l3F9FogzQ9myJp8WbjSynm2DLVV7hB5g2+V4oR3kkEEsx01XO6gLauH8r0kEOW01 vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 341820362677488890647997064642932101451002 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-15 04:44:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-13 04:44:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sunnlife.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22830571558792531705480903271858117941249462607432883288234693912736505529888164959613185201296789992486647570545866988047025420284409234352607868706798052839955175319916834842834263513166206076267527246405318416795114659539933436442613167766588783983448481982489531920693708086953146570609884276550167643480956436460102141527976346096855988378992252262232383716583880100963140743337575083402119639956918490123082195187239569593028995060730909693891665202909835833425179117274352036845548271022760903388864629643798830660957299124136248586613262841852000730185978656351359809112110175745929798265557373808808746104253 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) db9a7d5aaa8f75ab4fe510f2b1c1b9aa28c908b8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sunnlife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sunnlife.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bd1824b49000004030047304502205b0fb0a8620632339a8c2c81080618d08b177f96a78f45a86f6c916ea67bb61c022100d1927bfb84db1e572c21e72e6612837debdaa49b8b9563247d738e7b6094720200750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bd1824bdc00000403004630440220314f2881bc68c257caa3c8ca98b997399fefa09a01311623a0c2c4905c56173c022032dc095016861e90bbe2753b1a1d33892694fa10025c1a852d925c98a7433335 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001225bf8f8c6ec992d96715ca54d626ac8a19c25f55468167a1f705cbda194a0e520c8d950b3a6a913fa36d7b662283c0f80baf14302446fdc1283391a947f75251b4ce93c865c96eecfe2747f756373e37861c9630fccdda5bf0d1ce41931bf9e16c1c798743e6e0b847785238d762721d6766d93ebe522ffbec89c5a2dd9f1f1918815b3ae553522a0fb9012e5fc88901329c402a677b12928be3f57619e82c408f82cc430e43766aa4a43f12ffac2456e1aa56ac9c79186024888f3a8bc48ab2106d8d5154b835ed0986acd8cae2295bc1543911720042acc5a6c5e403a529445678f498f9a707cf2113822770ec72e8c70b666f14e89d4805bb45c496d7cc