pennlaw.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0d:35:ba:8b:07:01:86:d6:a5:d9:9a:cd:40:55:a3:5e:82 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=pennlaw.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0d:35:ba:8b:07:01:86:d6:a5:d9:9a:cd:40:55:a3:5e:82Serial Number (int): 265831946236055232523995886024918932086402
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 9d:05:db:a0:11:6e:e0:aa:4b:89:f9:f7:3d:cb:15:67:24:ef:cf:16
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): cd:f5:3f:be:a5:7b:46:23:4c:aa:c5:4e:0f:b1:21:f5:5b:11:8b:f9
Fingerprint (sha256): 9b:30:0b:85:17:54:e8:b9:84:5b:57:84:14:96:8a:6c:8b:e8:10:05:be:4c:97:39:f3:7a:17:24:53:a5:5f:e6
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate pennlaw.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pennlaw.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pennlaw.org
Other certificates including the domain name pennlaw.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for pennlaw.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTTCCBTWgAwIBAgISAw01uosHAYbWpdmazUBVo16CMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTcxNTAyNTJaFw0x OTEwMTUxNTAyNTJaMBYxFDASBgNVBAMTC3Blbm5sYXcub3JnMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAy+f9NKgMYUzRDmUOtK/6+Wt8qDyFQ8VDFf5o JD6/J+HsoURxmfVaDNZLkZ7RETrQt8ouPJTqTKWPbAMFvcqdf7Fk49YeDbS+I+BC zxzvh0eas3bcFrcBxlUD2ADdxyww7NZsNzRTvmfIs66WtsZ9/9v0JpRcD3SeYI5R +yWeF0NujwVAZ82o2gVoymAC8rdBWKFgoQw49HhfKrvlfPQQm4cPGHqDxU7pG/3z +KN9O+6NYAVCUwGuANzf1+QviI5Td3mVGLqK0f8H17IVjCNWyQCx6+Pnqfiqq8u2 9WqbOUhx3bEy/IafOanQ73pdYMUIKzR1ro0IznS19EPYI6wojYqC7aBoUnLmeeFG kLdiJ3ZwPPOtADdSqc9G78znkxdCv6DN65K0KEspF7jqnQOyB3tOsZC9QdsVgmj9 dQkiSFd+Qa3Jk8H8gqPmvsCZ2rY1EsRKLn01H8RwsLhDog+Blo7290Axv4xKVJCz /JdDPrLhyRR3NQHdnkNpiK4SFVHfm2RoNDwYN4VWRHkWHoocsi9qFIv4SAwjavwA lEEk+Ku4/rkMCoX2Kdto30rJoMPXSZVJRxpfQUQLOifWpzHjPNi3tSlvRNygUdh1 W9YwKEtS3CUqSTCOuS69zxmzMyRJfIjkEzjmKsibUPrVk6gLLHiNmGkQM1bsuQnP c6IdRV8CAwEAAaOCAl8wggJbMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUnQXboBFu 4KpLifn3PcsVZyTvzxYwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAWBgNVHREEDzANggtwZW5ubGF3Lm9yZzBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2 AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABbACsEocAAAQDAEcw RQIhALhSM/692P5WFaPd2eF+bzaQytAY1zUnT1mvBxbqXDUwAiAcg2O8dndGx2YE ljsGuPhs4v3aOavC01Nh9inWaeohwAB1ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLc pMMM9OVFR/R4AAABbACsEqwAAAQDAEYwRAIgNzi7babMdQ6YQLuxr0Zp5zkfv4wl sD/77cKGhtRtjEQCIHqhuv+Kl7QlZC4viEreqMh1kO1scHjeGlaksG1D5LR0MA0G CSqGSIb3DQEBCwUAA4IBAQBigF5caEXP1mpQo528Mma1ELZ336Rg2CGSKT0sk0wV I9PMht/HMorJPPycfYD/UlbL/qhRrzbF7kSnZ9O25N9pS3x8ow0DYic9CHIdPE4F FGaFuxNqRy891IU+l9PsRH1SNCPjO2nCAGkM9wrgc7VDPI90zkY+yy8bAOJYQna4 Q4GMHqljTiET+GFFzkKzHtvff2cmuyDdCYRNkG/SpnhJoiwx4BhQQQv6PjSfAigJ D4IzUiDs5WRrgdh023bOv2+fx/WjcTbtSz8mM72/VAhr5FtKwqCScAYw9reHujGg K/3X9rfmIwFTXMzdwHBWhx8CU/07pPl9KyVL2eoe2Kwt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAy+f9NKgMYUzRDmUOtK/6 +Wt8qDyFQ8VDFf5oJD6/J+HsoURxmfVaDNZLkZ7RETrQt8ouPJTqTKWPbAMFvcqd f7Fk49YeDbS+I+BCzxzvh0eas3bcFrcBxlUD2ADdxyww7NZsNzRTvmfIs66WtsZ9 /9v0JpRcD3SeYI5R+yWeF0NujwVAZ82o2gVoymAC8rdBWKFgoQw49HhfKrvlfPQQ m4cPGHqDxU7pG/3z+KN9O+6NYAVCUwGuANzf1+QviI5Td3mVGLqK0f8H17IVjCNW yQCx6+Pnqfiqq8u29WqbOUhx3bEy/IafOanQ73pdYMUIKzR1ro0IznS19EPYI6wo jYqC7aBoUnLmeeFGkLdiJ3ZwPPOtADdSqc9G78znkxdCv6DN65K0KEspF7jqnQOy B3tOsZC9QdsVgmj9dQkiSFd+Qa3Jk8H8gqPmvsCZ2rY1EsRKLn01H8RwsLhDog+B lo7290Axv4xKVJCz/JdDPrLhyRR3NQHdnkNpiK4SFVHfm2RoNDwYN4VWRHkWHooc si9qFIv4SAwjavwAlEEk+Ku4/rkMCoX2Kdto30rJoMPXSZVJRxpfQUQLOifWpzHj PNi3tSlvRNygUdh1W9YwKEtS3CUqSTCOuS69zxmzMyRJfIjkEzjmKsibUPrVk6gL LHiNmGkQM1bsuQnPc6IdRV8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 265831946236055232523995886024918932086402 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-17 15:02:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-15 15:02:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pennlaw.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 831864749297685859193312167421692461371683806334347989481361611435573605101064415767753975538734046781776818903065147238431976333676368642681737246035749029179806321884521529668306652744572718305097073385843183556578408534251552588584268164535923807795954283828181063337358444401377497212579981189497455989271212787454943438618233601142976180521399941254602309137168133050341708787047727270166622769991039353563218454645342474308524076540176133218887450276710171536081327894943500925737367466871552851922416127167340820819155200565367087127079038675979923585488472043631722166890706732500900494278629275159154625871727724757207083773028949473805643114880352408851071641334552866348585525331138504915605561467658505437541529937177302655720500456824053755904511324572351123516249291753990706973795170216427310884154824191167330007889718479073856658482459211907627350084638248917043358532419495123230298151465311434123189459082523469865794322060695829640119015728440132257734171915601234876997726737769558570853690744992146531375231302467227340773406525513352684441974057255480522946323283278934132285864013384032093453153016309846438551304832807136732637141126724054118629322835944591669236826571681350418206706714732217644276093109599 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9d05dba0116ee0aa4b89f9f73dcb156724efcf16 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pennlaw.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016c00ac12870000040300473045022100b85233febdd8fe5615a3ddd9e17e6f3690cad018d735274f59af0716ea5c353002201c8363bc767746c76604963b06b8f86ce2fdda39abc2d35361f629d669ea21c0007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c00ac12ac000004030046304402203738bb6da6cc750e9840bbb1af4669e7391fbf8c25b03ffbedc28686d46d8c4402207aa1baff8a97b425642e2f884adea8c87590ed6c7078de1a56a4b06d43e4b474 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0062805e5c6845cfd66a50a39dbc3266b510b677dfa460d82192293d2c934c1523d3cc86dfc7328ac93cfc9c7d80ff5256cbfea851af36c5ee44a767d3b6e4df694b7c7ca30d0362273d08721d3c4e05146685bb136a472f3dd4853e97d3ec447d523423e33b69c200690cf70ae073b5433c8f74ce463ecb2f1b00e2584276b843818c1ea9634e2113f86145ce42b31edbdf7f6726bb20dd09844d906fd2a67849a22c31e01850410bfa3e349f0228090f82335220ece5646b81d874db76cebf6f9fc7f5a37136ed4b3f2633bdbf54086be45b4ac2a092700630f6b787ba31a02bfdd7f6b7e62301535cccddc07056871f0253fd3ba4f97d2b254bd9ea1ed8ac2d