brightsavant.com

Issued by R3

About this certificate

This digital certificate with serial number 03:b2:69:92:0a:ac:1e:fe:ec:c3:42:58:92:6e:72:0a:c4:4a was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=brightsavant.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b2:69:92:0a:ac:1e:fe:ec:c3:42:58:92:6e:72:0a:c4:4a
Serial Number (int): 322047446338567481412344422381297565615178
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 82:64:d7:9e:80:37:7d:df:7b:de:bd:94:22:17:be:b6:84:6c:79:eb
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 48:c5:47:09:fb:2b:8a:b8:14:5d:05:1c:c4:45:20:4c:14:c9:16:ca
Fingerprint (sha256): 98:22:e0:74:56:a3:21:5b:29:38:ec:33:d3:05:54:14:55:2a:f0:33:db:18:81:1f:0e:30:7d:fc:ef:fa:a8:ab

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate brightsavant.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for brightsavant.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

brightsavant.com

Other certificates including the domain name brightsavant.com

(limited to 100 certificates)
maineprp.com
bendingmobiles.com
www.seattlesportstherapy.com
brightsavant.com
financesavant.com
123conveyancing.nl
brightsavant.com
auditsystemstest.com
vrgamecompany.com
casmeri.com
www.brightsavant.com
tubspouts.com

Certificate

The complete raw certificate details for brightsavant.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISA7JpkgqsHv7sw0JYkm5yCsRKMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMDEwNzMzMTBaFw0yNDA1MzAwNzMzMDlaMBsxGTAXBgNVBAMT
EGJyaWdodHNhdmFudC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQD2G7tODOaUyfPIL0hiG+7UX/qSVrDZ7/6pyFDPvlehU7Nt/e9BWsuXID/yWigI
gvx1iesRWFNH9CO+N02rTO4lp5LYvhvoNKn+SU+jVj4Adsy2p+5bk0EFZaO9TS6Q
s+i3hIqhU9CPCjeY15ahPS68yEYRIAG7OYP/J1FKy63kMoAQO/jl0q9onRx0QLsj
aSynWdvcro8hPEbRgjYhscfmGdOpJwnKF996XdhiZRIw8PzqqL6lgAEhBKaENFC9
rOIEor8SWl2glHxEIotsco/n4tgVuWdB2jn1mVtG5kUomJNxwbJMqr6j/3faFpEd
KX9QlSUneHmzGwa2fNea1oTMcN3QUgvayiExGXvXo41x+81pHoJ4WivRsf/9TwcH
KNJkckGBtd2bI7mPqa5mFh4ITa7dV6SPu6iuH9YVO4dNdSMZSFS8MpnIpLqy/vbe
P/fRqY6qytmysvt10Kv8r2uNSSZCObbTYcFINBcPplcSqmS09oPsSVX+J3zH5BET
zRmTYlfukCt/qb9fJwIWUZA+Jxxvmj4C5Uiv40+T/4Bu/akoa54q3EZ9ttCPYsNh
bmSpNKv4oP+Vji2xCQcEYzqH5hbGdCtXsLzoAvL63tbqMW3TeKVJIGq6yUS6xS8Y
3DOECrVuqOrI4SzKM8PiARtNa/L3XLaT1aMFGUzqCJjNaQIDAQABo4ICEjCCAg4w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSCZNeegDd933vevZQiF762hGx56zAfBgNV
HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI
KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0
cDovL3IzLmkubGVuY3Iub3JnLzAbBgNVHREEFDASghBicmlnaHRzYXZhbnQuY29t
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA
O1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGN+SVY/wAABAMARzBF
AiEAu5obMD2LFo+mPckSttXQxWJsreZyj3L+GWxajY2eMQUCIHRvAcb/Ie+bu9ky
zRqUPBf3XGr3cnSQf2kSNyCRqQBiAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D
UUhZRnEftZsAAAGN+SVY+wAABAMARzBFAiAZcOMk5lNH9Knw/4YQSfMVid2TdvkU
YiSnoZ/obh4aWgIhALwxEUEaCn1tm3ZF88+a4UN3h1qP3bxaFhc9B9hmI5L/MA0G
CSqGSIb3DQEBCwUAA4IBAQBNHmK/viqJ7dnVtP+TcgtpUV1LifGUAChJwLXd/DJn
ecWPW1wLl3jTlq3OAI02bQTq1ItA855RCZQblg6raNDmVuqt4KeiNr9bd9eIMukJ
fly5pFuuTTfHQOWXvX/WcwG1MdOXX/j+su88BShGa+eLqJ4jt2qmgTZZrJKkui7B
rnwSs0nRfiwViS0sLav744543Xn7mRtn2GWHV0j2G3zdEZQWlfH+dHOfLaw0gNF4
/eTH3O8JwnWYxcg9cRdEF82qm8O5XYx6x5Ma5xrLI30cR5zRnPaizHSvrXO+WSLQ
oXsh/jgTUnwcxRCTGEejvya4onvAiqH11/luY/FwUpGX
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9hu7TgzmlMnzyC9IYhvu
1F/6klaw2e/+qchQz75XoVOzbf3vQVrLlyA/8looCIL8dYnrEVhTR/QjvjdNq0zu
JaeS2L4b6DSp/klPo1Y+AHbMtqfuW5NBBWWjvU0ukLPot4SKoVPQjwo3mNeWoT0u
vMhGESABuzmD/ydRSsut5DKAEDv45dKvaJ0cdEC7I2ksp1nb3K6PITxG0YI2IbHH
5hnTqScJyhffel3YYmUSMPD86qi+pYABIQSmhDRQvaziBKK/ElpdoJR8RCKLbHKP
5+LYFblnQdo59ZlbRuZFKJiTccGyTKq+o/932haRHSl/UJUlJ3h5sxsGtnzXmtaE
zHDd0FIL2sohMRl716ONcfvNaR6CeFor0bH//U8HByjSZHJBgbXdmyO5j6muZhYe
CE2u3Vekj7uorh/WFTuHTXUjGUhUvDKZyKS6sv723j/30amOqsrZsrL7ddCr/K9r
jUkmQjm202HBSDQXD6ZXEqpktPaD7ElV/id8x+QRE80Zk2JX7pArf6m/XycCFlGQ
Piccb5o+AuVIr+NPk/+Abv2pKGueKtxGfbbQj2LDYW5kqTSr+KD/lY4tsQkHBGM6
h+YWxnQrV7C86ALy+t7W6jFt03ilSSBquslEusUvGNwzhAq1bqjqyOEsyjPD4gEb
TWvy91y2k9WjBRlM6giYzWkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 322047446338567481412344422381297565615178
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-01 07:33:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-30 07:33:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'brightsavant.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1004034375502520655911482973495038814443328105215891054871984307664867211250594912961066989334421730267331498567048377086913862860425371590761358132383768671872895529961337181647569443036547986913256233080487916376958835953586604225201169208177283189126827310745402460068129054694836980781183161177307360893360097492941361079464951707475213616636712446635833338747658352432900933395629438960756925655148824539866066732914312194840702221231575934424813225622666299067457915086366490166376426393758953749020661386634932304930023262754549747755991669533180605696830391038613815520527474439351832698275254605229655425320270523546144414863709019269217928009367654464717006093447530423226148988857031605429289040398440175643486126431764208427380604966600557958885226131612014682089484836322769652474515612999077106678758558878126443125397069927892689283457001827593370495742634196847314143923769405579432483742327346296704313525048411097215090186869893821741433090793605621592833448368784090356237005090981757433915456120114849678708810954793574192461014552799559154397504653252690891866657373387957542068859988922170631879206278695397412049101584812236381756860034316714003593024580003085022142825803595499094589822288023581240145951116649
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8264d79e80377ddf7bdebd942217beb6846c79eb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brightsavant.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018df92558ff0000040300473045022100bb9a1b303d8b168fa63dc912b6d5d0c5626cade6728f72fe196c5a8d8d9e31050220746f01c6ff21ef9bbbd932cd1a943c17f75c6af77274907f6912372091a90062007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018df92558fb000004030047304502201970e324e65347f4a9f0ff861049f31589dd9376f9146224a7a19fe86e1e1a5a022100bc3111411a0a7d6d9b7645f3cf9ae14377875a8fddbc5a16173d07d8662392ff
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004d1e62bfbe2a89edd9d5b4ff93720b69515d4b89f194002849c0b5ddfc326779c58f5b5c0b9778d396adce008d366d04ead48b40f39e5109941b960eab68d0e656eaade0a7a236bf5b77d78832e9097e5cb9a45bae4d37c740e597bd7fd67301b531d3975ff8feb2ef3c0528466be78ba89e23b76aa6813659ac92a4ba2ec1ae7c12b349d17e2c15892d2c2dabfbe38e78dd79fb991b67d865875748f61b7cdd11941695f1fe74739f2dac3480d178fde4c7dcef09c27598c5c83d71174417cdaa9bc3b95d8c7ac7931ae71acb237d1c479cd19cf6a2cc74afad73be5922d0a17b21fe3813527c1cc510931847a3bf26b8a27bc08aa1f5d7f96e63f170529197