nelsoncruz.com

Issued by R3

About this certificate

This digital certificate with serial number 03:9f:d0:03:81:3b:d4:65:22:86:9f:4f:ee:20:7c:55:ea:49 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=nelsoncruz.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:9f:d0:03:81:3b:d4:65:22:86:9f:4f:ee:20:7c:55:ea:49
Serial Number (int): 315718251756894827282635929167850739460681
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 6a:5f:36:40:ea:07:78:2b:43:4b:69:3c:24:89:9a:f1:2e:b0:1d:ca
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 7a:df:27:f6:10:40:50:5a:7b:32:ff:7d:6f:c9:7f:96:f5:c5:a7:6d
Fingerprint (sha256): 9e:e2:fa:ee:ea:ff:b9:b5:1d:57:82:cc:c7:a6:4d:e4:5f:b6:90:b5:e5:b7:6d:d3:ce:14:19:d2:30:17:f6:0a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate nelsoncruz.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for nelsoncruz.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

nelsoncruz.com

Other certificates including the domain name nelsoncruz.com

(limited to 100 certificates)
www.hrbfc.com
nelsoncruz.com
nelsoncruz.com
texasregenerativedoctors.com
www.nelsoncruz.com
www.multilingualads.com
stemcellbusiness.com
nelsoncruz.com
www.mountainwestinvestments.com
www.nelsoncruz.com
nelsoncruz.com
www.waveyourhands.com

Certificate

The complete raw certificate details for nelsoncruz.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISA5/QA4E71GUihp9P7iB8VepJMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMjAxNTAwMzdaFw0yNDA0MTkxNTAwMzZaMBkxFzAVBgNVBAMT
Dm5lbHNvbmNydXouY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
2P7vlUfx9u8BXEB26zcxMkZLXbM2XvU3LauDB99PAEhD+RoKMlLhl757FxaLWe0+
GhShXX2WcZX4zXmt9n9/JCm7HQN8fsC3tNtMMc2lHG3MkOIVfQVAEafLvnfks+8e
oiHIixrTg7g19Y5S8HCLrqoA2lhJVbRASAdpGoPtxdQkVpXdlUn5HRlYKlZMpKoW
INRrDqU1UzNIzGoXGBOpevbdzbhkmdOulzd4EQfQGziIXTaE1b74DjpC41CPnHSp
3O/it90sWyf7K3kF6LR66t+WRrX6aPhyMjOBpcAc1WN4qlJ9KLRTLcIdP7kCYMjV
4k+RFJ3b8e+8fyx8zgJQQByRvR/3InuoJmIFRMaZNYkcmzm0nVLSYuhK/9XJBmF9
Hc63K/abrNXdleDh+7Zm0SYC1h0yZS0YpGBbMPXySn0tkMw94+0/l8qzPD5Vq3Fv
/Q/N95TxqbDUUNMNPhVVUpEnWY5c1SRqmxpSZi7Wyr76AHO1pZG78dfXmz+j7G2q
WQilXfRGQHUMiUv23NPV4Ck0csSPTBfHOd3FBjnjzFaLbXOPKcJ2gtWfbEMdsB8m
0vFFaYPUSfyXEWsdTSOZQfQcdnokhFr1NwHOh43x8CAHD27hgzt5tkjWIPjsD1J4
Qvs8Wskyq9TbviIhae27guBkHQTxSZtmtMcaO5kuYucCAwEAAaOCAhEwggINMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUal82QOoHeCtDS2k8JIma8S6wHcowHwYDVR0j
BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9yMy5pLmxlbmNyLm9yZy8wGQYDVR0RBBIwEIIObmVsc29uY3J1ei5jb20wEwYD
VR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwA7U3d1
Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY0nmkL5AAAEAwBIMEYCIQD6
pTE4doFR7P4CyJv35o9znKbtNW8GoikDfHPP66uqKQIhAK7XnOU6LniK6I+qQ7id
vFOW7b34prRfPm7E5RgAJ5dWAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZ
RnEftZsAAAGNJ5pDSgAABAMARzBFAiEA0xSp3ydx13epoK7ch7EatuAfHupttkpp
RZ7l2KszK3YCIEpIxGsTEi5CHboPZmBWk61vt6U7s3ihm8zw4ucfQDDZMA0GCSqG
SIb3DQEBCwUAA4IBAQBCX2FPX2jZBujJGUY7+Wsy+f+4zk1DPrX0IabF4HJoET+4
Smpv3NqGuql8TUCpAgZClgy+vKb43RxWoTbVEZgMI9VwYrxaGISd60MD9ngNXtu3
w9tCOJs5IKcPSahVruJgYwTOKQMZlogB9YWt9ZV2QiYParzcdu3T5rEnS8nQrtxT
TNyttnqPLjs44o58qWJbX9pnwZGs6FZ+rvN02QpFKb/XaECTZF3w8gU7tq+i9ksF
VA0ZLci7lUTECEqQNt9TsDdVg6woYWZq7dxVrX37Lib/ir4/kyx6vVIC4qIBuNVc
t0xYFYMytIsii+cvVdew2dwUuCbOpL4V+HetloQV
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2P7vlUfx9u8BXEB26zcx
MkZLXbM2XvU3LauDB99PAEhD+RoKMlLhl757FxaLWe0+GhShXX2WcZX4zXmt9n9/
JCm7HQN8fsC3tNtMMc2lHG3MkOIVfQVAEafLvnfks+8eoiHIixrTg7g19Y5S8HCL
rqoA2lhJVbRASAdpGoPtxdQkVpXdlUn5HRlYKlZMpKoWINRrDqU1UzNIzGoXGBOp
evbdzbhkmdOulzd4EQfQGziIXTaE1b74DjpC41CPnHSp3O/it90sWyf7K3kF6LR6
6t+WRrX6aPhyMjOBpcAc1WN4qlJ9KLRTLcIdP7kCYMjV4k+RFJ3b8e+8fyx8zgJQ
QByRvR/3InuoJmIFRMaZNYkcmzm0nVLSYuhK/9XJBmF9Hc63K/abrNXdleDh+7Zm
0SYC1h0yZS0YpGBbMPXySn0tkMw94+0/l8qzPD5Vq3Fv/Q/N95TxqbDUUNMNPhVV
UpEnWY5c1SRqmxpSZi7Wyr76AHO1pZG78dfXmz+j7G2qWQilXfRGQHUMiUv23NPV
4Ck0csSPTBfHOd3FBjnjzFaLbXOPKcJ2gtWfbEMdsB8m0vFFaYPUSfyXEWsdTSOZ
QfQcdnokhFr1NwHOh43x8CAHD27hgzt5tkjWIPjsD1J4Qvs8Wskyq9TbviIhae27
guBkHQTxSZtmtMcaO5kuYucCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 315718251756894827282635929167850739460681
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-20 15:00:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-19 15:00:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nelsoncruz.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 885265804693478895968823697262412604599433780584367515296369990096421840949189988621170485478622168673102655213388179954159426608229167078858037018359575677513209807922830170724979132276472027092755307857212628587895137134966509550564901120515249754959235274328068544821858939409761698293856853078295515369693618434438590399800579607530148534738059151423378077848041927127130354934677219787381949112969561361080440651025544654152370088022737618458870232652185519925320854882748616473292105776177832639150852028534498482399807800768227065497239069575248359487497009767815306140617058019357418241444857365323495445426344644298130319760686744792908432029888295874837740313537602059007410412758309025877830046654589892488600022085240540736088378826891079243934141927324655332019087327535423612101067732813627841136936234074144765359381256886841476705544417554159546653306775049689978826266587427148088826604443180915241266127034562614907103502734514982796693375256730373993358628054667824518936356877849807591363605585656926790390101123092324900870669819788604286177701261581280241562219739396323487530665556496567639075113483312814845013697012500249219729818416618994400228541829350542065146067397160084717315234992183341237884922258151
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6a5f3640ea07782b434b693c24899af12eb01dca
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nelsoncruz.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d279a42f90000040300483046022100faa53138768151ecfe02c89bf7e68f739ca6ed356f06a229037c73cfebabaa29022100aed79ce53a2e788ae88faa43b89dbc5396edbdf8a6b45f3e6ec4e51800279756007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d279a434a0000040300473045022100d314a9df2771d777a9a0aedc87b11ab6e01f1eea6db64a69459ee5d8ab332b7602204a48c46b13122e421dba0f66605693ad6fb7a53bb378a19bccf0e2e71f4030d9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00425f614f5f68d906e8c919463bf96b32f9ffb8ce4d433eb5f421a6c5e07268113fb84a6a6fdcda86baa97c4d40a9020642960cbebca6f8dd1c56a136d511980c23d57062bc5a18849deb4303f6780d5edbb7c3db42389b3920a70f49a855aee2606304ce290319968801f585adf5957642260f6abcdc76edd3e6b1274bc9d0aedc534cdcadb67a8f2e3b38e28e7ca9625b5fda67c191ace8567eaef374d90a4529bfd7684093645df0f2053bb6afa2f64b05540d192dc8bb9544c4084a9036df53b0375583ac2861666aeddc55ad7dfb2e26ff8abe3f932c7abd5202e2a201b8d55cb74c58158332b48b228be72f55d7b0d9dc14b826cea4be15f877ad968415