pfl18.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:20:64:83:bd:fd:c8:77:73:9f:b2:37:3d:3c:d9:07:11:f5 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=pfl18.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:20:64:83:bd:fd:c8:77:73:9f:b2:37:3d:3c:d9:07:11:f5Serial Number (int): 272359500380699912036838814476198627185141
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 89:d6:ec:f6:a8:15:1b:91:dc:59:27:4b:52:f5:4a:16:66:cc:38:1b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): d8:7c:c6:17:4e:e4:dd:15:c7:eb:0b:0a:1a:a7:d7:2a:f6:ff:c9:1c
Fingerprint (sha256): 9c:88:37:c8:62:48:4a:f2:bf:95:b0:10:40:e1:4f:9d:09:75:53:9f:d3:88:4d:8d:98:5e:75:31:de:dc:38:f5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate pfl18.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pfl18.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pfl18.org
Other certificates including the domain name pfl18.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for pfl18.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgISAyBkg739yHdzn7I3PTzZBxH1MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDcxNDQyMDZaFw0y MDAyMDUxNDQyMDZaMBQxEjAQBgNVBAMTCXBmbDE4Lm9yZzCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAJ/n1T7z9e+Bdq/1yteLbCMyfM4FeEm5gFuBCH2I Ce2gpawZt/15D4gtpNNjEmT1wWJ5O1rAPpreYGEaSOl5HTDiwiSGHUsdcdKucvi+ a9qTFiMSARwsZMSLoG1vTp7AsNsXXKrH/21icBj+vIfQsEHZ0bKljB549kI/n+15 rzz96KsWGtCytnwlNh0hOznG94pKYN8jeOekic/emprRw8JdGQGEZ+3+Clgy37zv Sn0FwtCngXoZ+z1H7DTwMmC4cXDctRtQ6PKLpunvss8M7ZxWfFs7SZOrj2Epk4Md WNr4EyxPVyiahOdLEUcOb6cvdwZ0e/p6g6Q9lKrKC52FfFsCAwEAAaOCAlwwggJY MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUidbs9qgVG5HcWSdLUvVKFmbMOBswHwYD VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAU BgNVHREEDTALgglwZmwxOC5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYB BAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v cmcwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQDwlaRZ8gDRgkAQLS+TiI6tS/4d R+OZ4dA0prCoqo6ycwAAAW5Gh6u4AAAEAwBGMEQCIGoT5aFM08k8YvFdkGacwDhP DsUDm4IkZyXlNDZfOXpHAiBFwurhToxWssPL82jj6y2grM1/plREu9P7Lm9gborw XgB1AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABbkaHq7MAAAQD AEYwRAIgQdISliETuLbtDUfXc28aRwC7POKgFWFA1l/v9AtJCXACIGTGRSOnthQn T526uRCxJxVk0AUxu99Go9VluP3VN0DkMA0GCSqGSIb3DQEBCwUAA4IBAQBI1Hj1 O3Gavk7ZfuyodZSL95+jSyVyQrSCFuRe10fXxpNuj0AEZ+rHuqB1PFWHGffPaQc4 0lJ/Y0O+EqRLn5VB49bwoVRNMgx7ICOvKzI3k8gpQeNUDc1SIYOL+xLFeHoOY/HD C2ne11J289hcQPIK+/rKNSEw8ODKrjPI7PIdKx31Ce6Y6NwKLe3cWooLD2txmkBp uaB3ZoRIfiOC7ZduC3op1F5Xc3X6QPWh3hBTuE3sh5uim9B5EqmGK1OrKkbkjfTl S/KDw6+P3gZCOCqdrnOUUBvvDw1HIk6qsMFMcXcbrnSWzMH5wm2hR3HvjdDTX8On lf5p/csbTS4PHkQ2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+fVPvP174F2r/XK14ts IzJ8zgV4SbmAW4EIfYgJ7aClrBm3/XkPiC2k02MSZPXBYnk7WsA+mt5gYRpI6Xkd MOLCJIYdSx1x0q5y+L5r2pMWIxIBHCxkxIugbW9OnsCw2xdcqsf/bWJwGP68h9Cw QdnRsqWMHnj2Qj+f7XmvPP3oqxYa0LK2fCU2HSE7Ocb3ikpg3yN456SJz96amtHD wl0ZAYRn7f4KWDLfvO9KfQXC0KeBehn7PUfsNPAyYLhxcNy1G1Do8oum6e+yzwzt nFZ8WztJk6uPYSmTgx1Y2vgTLE9XKJqE50sRRw5vpy93BnR7+nqDpD2UqsoLnYV8 WwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 272359500380699912036838814476198627185141 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-07 14:42:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-05 14:42:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pfl18.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20186211598683793096644163735528950740581201439549348877746665725833493248944649266394374243497447800966412654944287211653051128978836489738910149863088512526448567406962777296400446766824036229849355893559411848450434131294059438837840990284097380196652891285726100993426517736689036551884089711669070304033523678499370722973912906187658805658209029044058857896804665295704073731359865232164061053213311543431117045193561521186320044978745466063646181896588728417721867095426875522022741007027332143740583307452418472202582521549133147900471905650733271114369468211320487182069477665292495871281329838240425283255387 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 89d6ecf6a8151b91dc59274b52f54a1666cc381b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfl18.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016e4687abb8000004030046304402206a13e5a14cd3c93c62f15d90669cc0384f0ec5039b82246725e534365f397a47022045c2eae14e8c56b2c3cbf368e3eb2da0accd7fa65444bbd3fb2e6f606e8af05e00750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e4687abb30000040300463044022041d212962113b8b6ed0d47d7736f1a4700bb3ce2a0156140d65feff40b490970022064c64523a7b614274f9dbab910b1271564d00531bbdf46a3d565b8fdd53740e4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0048d478f53b719abe4ed97eeca875948bf79fa34b257242b48216e45ed747d7c6936e8f400467eac7baa0753c558719f7cf690738d2527f6343be12a44b9f9541e3d6f0a1544d320c7b2023af2b323793c82941e3540dcd5221838bfb12c5787a0e63f1c30b69ded75276f3d85c40f20afbfaca352130f0e0caae33c8ecf21d2b1df509ee98e8dc0a2deddc5a8a0b0f6b719a4069b9a0776684487e2382ed976e0b7a29d45e577375fa40f5a1de1053b84dec879ba29bd07912a9862b53ab2a46e48df4e54bf283c3af8fde0642382a9dae7394501bef0f0d47224eaab0c14c71771bae7496ccc1f9c26da14771ef8dd0d35fc3a795fe69fdcb1b4d2e0f1e4436