www.knhco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:88:f4:4b:a8:52:41:ee:42:77:43:87:67:23:24:1e:a1:42 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.knhco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:88:f4:4b:a8:52:41:ee:42:77:43:87:67:23:24:1e:a1:42Serial Number (int): 307939984163726207859461292830762114916674
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 35:8a:67:bd:74:f6:fd:d3:2b:d0:7c:71:57:3b:2b:47:6c:dd:2f:68
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 26:ee:15:55:4e:70:fe:82:e6:02:88:ee:a8:37:d6:60:82:bf:fb:e6
Fingerprint (sha256): 98:53:c9:31:cc:dc:77:98:a8:fc:79:c7:09:6c:39:2e:0f:a0:22:0d:08:9b:c4:17:39:00:23:19:0e:b1:24:42
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.knhco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.knhco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.knhco.com
Other certificates including the domain name knhco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.knhco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISA4j0S6hSQe5Cd0OHZyMkHqFCMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTcwNzE1MzVaFw0y MDA1MTcwNzE1MzVaMBgxFjAUBgNVBAMTDXd3dy5rbmhjby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDgI9NSgd44/IeIzvzXN32t3/VV12CwIp/H SYPM8AkMUhzN6/n+7z9OcT3H4+xruyq9QeejnoBPZSrlYNzouCnQWVuyGZ3GVmgG yFOc3o2oeVokD6oyH8Qg/z7GM1Z3x4D3++CsbghTJPzodf7twNlWkgT559f57qTW IRtYnV3VBsYfzAD5/aQAHbRWjg4mIVrmxN51vjyVpuAA7Mg4tlmfDt4rEVNcVFVa fA3HgHONegxuhyi4ORuNzzTdWbN92KWLpyUSbjrCl+2xVKlzI+ywIW8JCuVc5XC6 taZ72gVLTOl6YYzDw8IXOHQSPTNjOghFYSl/4svrOERWQbS2kjO5Sk22je+8fj4q y+3mZgCAdozh1PmjBj21DUVoAgq/IzujusjzUOQkccEMXZWQ7aCjccQnM9gqQtgw 0GYkTF+6nRicgKqkaoNClCIp0wT5Gs6aKtw+rNFWERgqvBHYXFjcPvsRjDXqtWdZ 2mQuPeriitBA2wepk9lJWakOnwde+bgv/6iDtBqZH3jGYuZe7MRe9XgRx4kjdz3O N963VC7dPDxtMRGK+eZJRQceL/pq0js6Cs3KTBkFEgMgPt7n45f9VlqdwjLmS4sg Bs8vb4JZj+l+r6us8llR+Dz7DwthPQp6ETJRrElrOTFZwn3ioce2rDN0tb4HzUkT UpTAj6sWHQIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ1ime9 dPb90yvQfHFXOytHbN0vaDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5rbmhjby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHx AO8AdQCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAXBSN4g5AAAE AwBGMEQCIE8+T29rduJy8TPnhn6jqmmqyBORnieni/YYNQMNL2VxAiAMgJwbQhLZ MGNRMzej+DRo5AWnTWam565SKBDHjAbAQAB2AOcS8rA3fhpi+47JDGGE8ep7N8tW HREmW/Pg80vyQVRuAAABcFI3iDoAAAQDAEcwRQIhAMwR7KXFl+0c8wTpqHyTyceR KpPmvvBOAHXDfKLYg0Q9AiB/esVywCRtDL2h/dN0z0mJtFfOsk8YzOBbwOCFBIzK fDANBgkqhkiG9w0BAQsFAAOCAQEAQNTbwVYwfRdaIVzl2i0Zgx7rNynJYPuU16ay /5GAV9DVpBKQM4YhszXFkv86gz1YEBS8KScxVVtbFkHU7ND34h6F9dtoVKVMH7FM T9ORqUBvEStNnS6+X8exmUhdPOIAWxAgAdB7X/aCkNPj57A+E76XyFc4Cpk8bAdt 66ZVSfz21l2ZV8wW1xtEIywIK/TnQeerMCSAHxPc1JOXSgma2ZOOr435QYRQdizG pXwKoHUgqB8fpr+t3QIYPIUxcE0mBRmvOmuI5NMRrjB9GFNQNdDIyTU2KpN7htzG nqC2i8hupAC4h38yCoGeNQXPvOQ/vKPl/EiqUNlD6JpARdc1RA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4CPTUoHeOPyHiM781zd9 rd/1VddgsCKfx0mDzPAJDFIczev5/u8/TnE9x+Psa7sqvUHno56AT2Uq5WDc6Lgp 0FlbshmdxlZoBshTnN6NqHlaJA+qMh/EIP8+xjNWd8eA9/vgrG4IUyT86HX+7cDZ VpIE+efX+e6k1iEbWJ1d1QbGH8wA+f2kAB20Vo4OJiFa5sTedb48labgAOzIOLZZ nw7eKxFTXFRVWnwNx4BzjXoMbocouDkbjc803Vmzfdili6clEm46wpftsVSpcyPs sCFvCQrlXOVwurWme9oFS0zpemGMw8PCFzh0Ej0zYzoIRWEpf+LL6zhEVkG0tpIz uUpNto3vvH4+Ksvt5mYAgHaM4dT5owY9tQ1FaAIKvyM7o7rI81DkJHHBDF2VkO2g o3HEJzPYKkLYMNBmJExfup0YnICqpGqDQpQiKdME+RrOmircPqzRVhEYKrwR2FxY 3D77EYw16rVnWdpkLj3q4orQQNsHqZPZSVmpDp8HXvm4L/+og7QamR94xmLmXuzE XvV4EceJI3c9zjfet1Qu3Tw8bTERivnmSUUHHi/6atI7OgrNykwZBRIDID7e5+OX /VZancIy5kuLIAbPL2+CWY/pfq+rrPJZUfg8+w8LYT0KehEyUaxJazkxWcJ94qHH tqwzdLW+B81JE1KUwI+rFh0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 307939984163726207859461292830762114916674 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-17 07:15:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-17 07:15:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.knhco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 914411189977248575399208191625272266376423831670606800275386041280361168580634208212336382102813774111882665925599168834563251821424095902959880312903385605452016523122623609717403652291941254219512680822603061427792151984798434991874148266784658581657122942855672782058968817710273104625461889251167573448150584554289219833899135575962337737657833132308578146420787901841637332734584499999461019288961676300451984472519809360390252028502691534190615799246579926510984698641010226455643003303007284441797584193849106259251960593744699891611204734630458413747662621879075405160537496561656672364434796439758766860256605945669813728663642936408338211527101698477214767650646901390067345750610549218308016186129426503121999225850627221756094592762049667000653949376874250324979700359232255185113017059960428702017097026914988703059743113988524545435639820647598412689691964110744000782633473967431422538871543354707139367466815037410406835034177716832900674992170836369534331401334542100400502657650561197428248178461942290209253527663035854421942978209285029067873310904813372199549470683738341531929003055030745575110207210206481752487051358654151729912643129124880489410040147997253000370642872905840932765351331038715995636242257437 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 358a67bd74f6fdd32bd07c71573b2b476cdd2f68 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.knhco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000017052378839000004030046304402204f3e4f6f6b76e272f133e7867ea3aa69aac813919e27a78bf61835030d2f657102200c809c1b4212d93063513337a3f83468e405a74d66a6e7ae522810c78c06c040007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001705237883a0000040300473045022100cc11eca5c597ed1cf304e9a87c93c9c7912a93e6bef04e0075c37ca2d883443d02207f7ac572c0246d0cbda1fdd374cf4989b457ceb24f18cce05bc0e085048cca7c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0040d4dbc156307d175a215ce5da2d19831eeb3729c960fb94d7a6b2ff918057d0d5a41290338621b335c592ff3a833d581014bc292731555b5b1641d4ecd0f7e21e85f5db6854a54c1fb14c4fd391a9406f112b4d9d2ebe5fc7b199485d3ce2005b102001d07b5ff68290d3e3e7b03e13be97c857380a993c6c076deba65549fcf6d65d9957cc16d71b44232c082bf4e741e7ab3024801f13dcd493974a099ad9938eaf8df9418450762cc6a57c0aa07520a81f1fa6bfaddd02183c8531704d260519af3a6b88e4d311ae307d18535035d0c8c935362a937b86dcc69ea0b68bc86ea400b8877f320a819e3505cfbce43fbca3e5fc48aa50d943e89a4045d73544