le.ai
Issued by R3
About this certificate
This digital certificate with serial number 04:5a:71:e8:17:f0:9d:28:f7:c5:a6:31:a1:98:44:bd:d3:5a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=le.ai
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5a:71:e8:17:f0:9d:28:f7:c5:a6:31:a1:98:44:bd:d3:5aSerial Number (int): 379225964611879142432904363868026616795994
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 45:b0:be:85:7b:60:9a:51:3b:47:3f:a4:8a:1b:92:50:dd:ef:79:06
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 2b:cd:e0:12:7d:53:53:ff:75:10:df:9c:09:58:0b:3f:91:b9:e8:a5
Fingerprint (sha256): 9b:aa:e1:c7:b0:d1:0a:97:a2:b1:21:b8:90:c3:f0:5d:dc:7e:91:21:ba:63:60:ad:f8:4a:44:5e:90:d6:e6:4a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate le.ai
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for le.ai
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
le.ai
www.le.ai
www.le.ai
Other certificates including the domain name le.ai
(limited to 100 certificates)
www.spangee.com
le.ai
3rein.com
le.ai
le.ai
joga.ai
le.ai
le.ai
le.ai
troisiemecouronne.fr
cut.le.ai
sni.cloudflaressl.com
joga.ai
www.le.ai
le.ai
joga.ai
www.angube.com
le.ai
everywear-demo.dev.everywear.com
le.ai
le.ai
sni.cloudflaressl.com
joga.ai
le.ai
le.ai
joga.ai
le.ai
www.shang-hai-sing.com
le.ai
le.ai
joga.ai
le.ai
3rein.com
le.ai
le.ai
joga.ai
le.ai
le.ai
le.ai
troisiemecouronne.fr
cut.le.ai
sni.cloudflaressl.com
joga.ai
www.le.ai
le.ai
joga.ai
www.angube.com
le.ai
everywear-demo.dev.everywear.com
le.ai
le.ai
sni.cloudflaressl.com
joga.ai
le.ai
le.ai
joga.ai
le.ai
www.shang-hai-sing.com
le.ai
le.ai
joga.ai
Certificate
The complete raw certificate details for le.ai in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgISBFpx6BfwnSj3xaYxoZhEvdNaMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTAwMzMyMTFaFw0yNDA1MTAwMzMyMTBaMBAxDjAMBgNVBAMT BWxlLmFpMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlTUJeCOVaEYv 0gtRXMJx5Ysrk7NWL76DgAp/kmiigCRtfKnaYo76QG0DuzZosumnp1A97ZK+Ilco Emwqx4Ny33aeT80RXXPepbE+J64wbmaL7XFSrjy3If/12L7FuNMgrp38R7aALrY1 sNVv+8Q/YMK3caRNjI5YZM151lrhz6a/noDaAmdVYgyZCAH6sVT1lAbExJczRSMy x2TCzROtx/GnQ9BcWwast4dzNpMyJE6ofsMMu8NMzI5DIm9wPR21RwK96vWFVrQ7 gVyzkuTFWUUSP57xyPjUiwgf2zd/e4ukluK5t5iFVYaDiZvyy+Z296EDFLqQO3kh LpG5Y4FzdN6oXyPdNek+7QQsvmy51HUjargh+1MAIIbUqGTS6pfA9Ho6s9bQnpBt uzhV+4aDgNHnLZjW3I4AudXjKH3l1oR+XHp7uGtqXrx4GdrfEsC53RWGAfrzJL2P m0n9LABBhSXojiRQVfnYUA04+zPHy8N2/Be21MpSOyL+R3AMZMh5Ef7/Ke7ZGyW+ RFxfm8p99SwFZMdgFKhxOVNzVGUtkzKwQXyrnRK8YPzcl2r1JKxGv4Gq3AlAWHVc EXPEWfGdMDKKH2PFXOny9tAyEJUElYkyXVddy1kw5S5eZeKriAEog2ykPvTD9g+n h5+ey+4RczfvjlI5f12piFovgQcWjmcCAwEAAaOCAhIwggIOMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQURbC+hXtgmlE7Rz+kihuSUN3veQYwHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wGwYDVR0RBBQwEoIFbGUuYWmCCXd3dy5sZS5haTATBgNVHSAEDDAK MAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AO7N0GTV2xrOxVy3 nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjZFJiSIAAAQDAEgwRgIhAKTeu+0Tdf1d z85iGsHNQCU7Oi00WyyRvtkHjBZi7Nc3AiEApqlXMkJI1nOP3UUBbqdR8CiAdfxh nFySkyTJEzWBOu0AdQCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAA AY2RSYkQAAAEAwBGMEQCIDlh4kIYtVreTl8tw8Sp2rj+FVxJucVcifdB3bajRiQH AiAEybJ9B+7Olkfdnsct7gaV6f8qNuxrlXejkAOnaGP3UTANBgkqhkiG9w0BAQsF AAOCAQEAW7n9w4dkmv9HM7jiYax3rN2DU705nYEPjf2nw7HuJbwBycOlg6bmqtOW nGJVo27plCfmP9IZreB9eu7JJ1x1hFBPmqyyUJNqPNq3E4j0ZbTbiehT09GCaqye wlO2U0QLYk65RPOYOtUXKH7tNqje4Y8VIY1DbFwWWvR7ymgJ3G8HvVTwiHVeL921 laBGpCfVD7yZJvg9FZOQgTn2cHqGT6ic1eCDNkFtqjl+kGc4cxrbFMEcbeSRJXR4 JIlAv+yiaVzCsX3SUcsXYbDb1ok3tbsEhBqFpclCDk5pWXPSgX7eScIYRGt0NKVo qfX7KQHLnCl5B6sVQ7gXeFXkthsdCw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlTUJeCOVaEYv0gtRXMJx 5Ysrk7NWL76DgAp/kmiigCRtfKnaYo76QG0DuzZosumnp1A97ZK+IlcoEmwqx4Ny 33aeT80RXXPepbE+J64wbmaL7XFSrjy3If/12L7FuNMgrp38R7aALrY1sNVv+8Q/ YMK3caRNjI5YZM151lrhz6a/noDaAmdVYgyZCAH6sVT1lAbExJczRSMyx2TCzROt x/GnQ9BcWwast4dzNpMyJE6ofsMMu8NMzI5DIm9wPR21RwK96vWFVrQ7gVyzkuTF WUUSP57xyPjUiwgf2zd/e4ukluK5t5iFVYaDiZvyy+Z296EDFLqQO3khLpG5Y4Fz dN6oXyPdNek+7QQsvmy51HUjargh+1MAIIbUqGTS6pfA9Ho6s9bQnpBtuzhV+4aD gNHnLZjW3I4AudXjKH3l1oR+XHp7uGtqXrx4GdrfEsC53RWGAfrzJL2Pm0n9LABB hSXojiRQVfnYUA04+zPHy8N2/Be21MpSOyL+R3AMZMh5Ef7/Ke7ZGyW+RFxfm8p9 9SwFZMdgFKhxOVNzVGUtkzKwQXyrnRK8YPzcl2r1JKxGv4Gq3AlAWHVcEXPEWfGd MDKKH2PFXOny9tAyEJUElYkyXVddy1kw5S5eZeKriAEog2ykPvTD9g+nh5+ey+4R czfvjlI5f12piFovgQcWjmcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 379225964611879142432904363868026616795994 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-10 03:32:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-10 03:32:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'le.ai' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 608712169413498704448112493480454720471938724532943785023683187127501426779790106387746286684861434931950320719755556846702669813993246623300710966492794457712200672601726299096380584531542182885171399252251006480858318276793318158430888220027295235468386253080951877326493495507784507090662420348017224053717796593588514979901694394367901533727252738806766895583393112701192920324152384119782240693743440035656227067729315262752001781820848162626863570693797245590920270631766549234748044221556341184280476957354765384315623159218961286704654805626511933148500053374297517724934481576020204930741677349461988550737782901304257503362411169359180995665283932522347232918966382416985999112575847093188958997451276176511415924966246164622979392756418369437403573544244080843986819029073301970504917152334433678224228106582274577311901518233491286269858295120620281371333976223884399305563528605509586746346452256582467227303300819846838898298393694842854228264678148081356466485943941983987312850160177499489240899452751384821787728229237877711754105120964204165223071595735556826230346255625202454916160231746017545148679143924913028997565580546407874788889096910810913077720899029255426912968307219509671825577228385132844269302091367 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 45b0be857b609a513b473fa48a1b9250ddef7906 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'le.ai' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.le.ai' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d914989220000040300483046022100a4debbed1375fd5dcfce621ac1cd40253b3a2d345b2c91bed9078c1662ecd737022100a6a957324248d6738fdd45016ea751f0288075fc619c5c929324c91335813aed007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d91498910000004030046304402203961e24218b55ade4e5f2dc3c4a9dab8fe155c49b9c55c89f741ddb6a3462407022004c9b27d07eece9647dd9ec72dee0695e9ff2a36ec6b9577a39003a76863f751 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005bb9fdc387649aff4733b8e261ac77acdd8353bd399d810f8dfda7c3b1ee25bc01c9c3a583a6e6aad3969c6255a36ee99427e63fd219ade07d7aeec9275c7584504f9aacb250936a3cdab71388f465b4db89e853d3d1826aac9ec253b653440b624eb944f3983ad517287eed36a8dee18f15218d436c5c165af47bca6809dc6f07bd54f088755e2fddb595a046a427d50fbc9926f83d1593908139f6707a864fa89cd5e08336416daa397e906738731adb14c11c6de491257478248940bfeca2695cc2b17dd251cb1761b0dbd68937b5bb04841a85a5c9420e4e695973d2817ede49c218446b7434a568a9f5fb2901cb9c297907ab1543b8177855e4b61b1d0b