matson.io

Issued by R3

About this certificate

This digital certificate with serial number 04:54:1a:de:2b:09:a4:d4:36:92:3c:da:0d:e7:d7:fe:ec:af was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=matson.io

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:54:1a:de:2b:09:a4:d4:36:92:3c:da:0d:e7:d7:fe:ec:af
Serial Number (int): 377068576039100498573088163491080203857071
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 60:cd:40:1b:d2:c0:d4:67:bf:0c:f6:40:47:c7:8f:c4:d3:18:d2:75
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 0a:b0:0c:4a:9d:69:f1:11:79:e7:9a:6c:11:23:df:d2:6b:7a:84:ca
Fingerprint (sha256): 99:e5:3e:0f:25:62:31:af:93:76:b6:ac:24:41:77:9e:f8:5a:34:73:74:34:2b:15:d4:4b:d9:a3:14:6c:41:64

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate matson.io

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for matson.io

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

matson.io

Other certificates including the domain name matson.io

(limited to 100 certificates)
sni.cloudflaressl.com
sni.cloudflaressl.com
test.matson.io
test.matson.io
test.matson.io
assist.zorzstudios.com
matson.io
test.matson.io
test.matson.io
test.matson.io
matson.io
dev.matson.io
matson.io
help.mibrk.com
test.matson.io
matson.io
matson.io
matson.io
test.matson.io
sni.cloudflaressl.com
assist.matson.io
sni.cloudflaressl.com
portal.matson.io
matson.io
test.matson.io
portal.matson.io
test.matson.io

Certificate

The complete raw certificate details for matson.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgISBFQa3isJpNQ2kjzaDefX/uyvMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MjgyMDEyMTFaFw0yNDA4MjYyMDEyMTBaMBQxEjAQBgNVBAMT
CW1hdHNvbi5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK5CW0lp
+hL6tprguiPHptwdIBbkZz5BBUTCw2mNJ8jZj/1b8K5ddnM2sSJOyDAPM4t71hyP
3R7WM36ee5ZTrQuh3vQG5nPOBybJHd5WHP66xJqbJCqtewXfQQJcig1EXzDQXCRO
+TeefGvhI9GDyEokrpXE0+JHzcdxxTCvmRsHwczVZav8BcEn0HYLebI99eomwtAR
RF6qrji0gmD6K/VSis7WI0LE4/UHouXCP37r2aRdlbYlC2B9dQepH54SjP6tmktx
t5Wo2D+qM31TNOzHZnUL0JbOffCCJmmr2pNLezpjPVfp12TK33G8IiBBvM9i0Y71
xbWIwkDea5HOEJcCAwEAAaOCAgkwggIFMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
YM1AG9LA1Ge/DPZAR8ePxNMY0nUwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v
nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s
ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wFAYD
VR0RBA0wC4IJbWF0c29uLmlvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAgYKKwYB
BAHWeQIEAgSB8wSB8ADuAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xa
OnQAAAGPwQveEAAABAMARjBEAiAn9Ft5xmKpz4uH88dDre0YnWOA9oNigKcGZgrv
ksvBiQIgZGhiriUXde6L23wgj879jHG3ypVHmTxUrlEpVTweU5EAdQDf4VbrqgWv
tZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAY/BC964AAAEAwBGMEQCIENdjKYc
03Sy5B7klUnTyEsAOmJQhxR58x2v+PguN6PDAiAn0QLEWMxP3EOwEsdpOGAPUcCi
AILXS9e6M9LrkvyYfDANBgkqhkiG9w0BAQsFAAOCAQEAlcKj5Q0yFdPa4FoYu/Bc
jp69VlSsTo3whbyqWPCGXJ43RHdVTOEZ4E2xZyd6216++CcRTlopqyN4JrTq5mxQ
lVB8ospecb7+/MAi+dR6K5nNa/9RHut6M8MZMEXgyCnzoIp6fL1acC1MtpChI2vM
/fMlepg7tR4VhDJPrKWOtPpMLghoRZUNGanWSdog4N608PwYdO0p7cRZJE1/iYWM
cazKAffeS01tlGtgqOGVcBIeQPqBotulLZS7cYWdcFH+HdhL2v4WUSJKHHgQESY9
cvLvPc7dd6KgjyRJ2f2AcquVemS1k7rIfhjtdy4AZObwSHFXKwEVN7hNv5Q3uKQK
GA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkJbSWn6Evq2muC6I8em
3B0gFuRnPkEFRMLDaY0nyNmP/Vvwrl12czaxIk7IMA8zi3vWHI/dHtYzfp57llOt
C6He9Abmc84HJskd3lYc/rrEmpskKq17Bd9BAlyKDURfMNBcJE75N558a+Ej0YPI
SiSulcTT4kfNx3HFMK+ZGwfBzNVlq/wFwSfQdgt5sj316ibC0BFEXqquOLSCYPor
9VKKztYjQsTj9Qei5cI/fuvZpF2VtiULYH11B6kfnhKM/q2aS3G3lajYP6ozfVM0
7MdmdQvQls598IImaavak0t7OmM9V+nXZMrfcbwiIEG8z2LRjvXFtYjCQN5rkc4Q
lwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 377068576039100498573088163491080203857071
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-28 20:12:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-26 20:12:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'matson.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21998186717662274745422105105147772899021372129657204711215360385549013357918445576950069737805886730308320308530777201630762923408232699021639427616204340242401185903110968838248364466697964474496150350014944742511831204522177500839933854627489286627160213666239672742978284984246305360450583902192499251718016211637777546808133216180170552881887365621534173577547699064505485495377463063711462758731102489847722821877786758207309227594566195753366192904996620408624408154857644848657964303828825737701122239247409304957095615837732149058277461287663860730201593198291439099826669540893169381861674601929874401530007
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							60cd401bd2c0d467bf0cf64047c78fc4d318d275
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'matson.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018fc10bde100000040300463044022027f45b79c662a9cf8b87f3c743aded189d6380f6836280a706660aef92cbc1890220646862ae251775ee8bdb7c208fcefd8c71b7ca9547993c54ae5129553c1e5391007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018fc10bdeb800000403004630440220435d8ca61cd374b2e41ee49549d3c84b003a6250871479f31daff8f82e37a3c3022027d102c458cc4fdc43b012c76938600f51c0a20082d74bd7ba33d2eb92fc987c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0095c2a3e50d3215d3dae05a18bbf05c8e9ebd5654ac4e8df085bcaa58f0865c9e374477554ce119e04db167277adb5ebef827114e5a29ab237826b4eae66c5095507ca2ca5e71befefcc022f9d47a2b99cd6bff511eeb7a33c3193045e0c829f3a08a7a7cbd5a702d4cb690a1236bccfdf3257a983bb51e1584324faca58eb4fa4c2e086845950d19a9d649da20e0deb4f0fc1874ed29edc459244d7f89858c71acca01f7de4b4d6d946b60a8e19570121e40fa81a2dba52d94bb71859d7051fe1dd84bdafe1651224a1c781011263d72f2ef3dcedd77a2a08f2449d9fd8072ab957a64b593bac87e18ed772e0064e6f04871572b011537b84dbf9437b8a40a18