www.rjico.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:59:7b:85:66:ed:63:3d:b3:ac:fe:89:85:d5:96:2d:2a:32 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.rjico.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:59:7b:85:66:ed:63:3d:b3:ac:fe:89:85:d5:96:2d:2a:32Serial Number (int): 291786176157821560669846924052378956933682
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 65:ff:c4:2e:b1:87:7e:31:b2:76:8e:0b:65:35:ca:4d:e2:5b:66:5b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 60:b1:d6:00:cb:4c:4c:90:25:e6:f8:ef:79:d5:85:dd:1a:46:7e:61
Fingerprint (sha256): a1:a6:34:0c:62:7c:82:28:e1:da:67:6d:71:3a:92:b9:1c:cf:c1:c1:6b:53:93:46:06:44:0a:3b:3d:9f:1f:b0
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.rjico.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.rjico.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.rjico.com
Other certificates including the domain name rjico.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.rjico.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA1l7hWbtYz2zrP6JhdWWLSoyMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTMwODUxNDhaFw0y MDAxMTEwODUxNDhaMBgxFjAUBgNVBAMTDXd3dy5yamljby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDh8WG5BEwJWLkkb3AJ39ro+nusFPgeTwlv WQjqMB+RdNYuuReU0qq91+N9NRupy9w2TutTV0bClQod/41BuJuZqsJjRVa/VcZK XKueBJVaOWOwzMbgtzSzACHUhGVNa6rv2dmHjxMwvHHTqljcvZ7THNv9ofeadUIF HGNjxtUTs8RKJigyYtkPJMognUyiN99skM5dF5MuyipxWKOzeRT/f5XeD3f1mc7U 6LS2iSnYNan4xMhz5gW6UgHPUa6SIpSDKF5E9t6n2DsK1Mh5089B06zbZMd9e6go K5Ni2xdSIKg7Uo74rwXHorcflD0m0kSXzy4XVt9iUBHmqigEXxs2nP1ExM/TgvX8 S2+oeyW5Hz8gRtKgKa3E3CbwoENPRLkB+e7JupOOztxP4pT9BjhM76WAnvjg5Iy0 eEmpt3cz/WaaD/6mPmzt8J+t/1dAWRJ2a9hrc+4J4t/Rbw+h95v+XhseG90nfo5b 0YRayuEVBSeJTk+ovgTddAfKSLVQpyaXCw6xU1We0nn36gR9f/bEg4EeY6ImfBmm 3Fq3q2x+TbvvUA8ufwH/3iK8lNExoUobmaw2ex1mYSCvLCJIdxNh345oV/GEe3xn uuk9UDNJYnvQSav/dExege1+/LQJjtogkHzBYnKW0Pc+gFSKFhGOZj8eyyM6Bgnh zRvey6ZbJwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRl/8Qu sYd+MbJ2jgtlNcpN4ltmWzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5yamljby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdQDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAW3Eh/mCAAAE AwBGMEQCIEMEhSjJxPJL9PWts8/j39goj88FoP9TDdguvQTnSM+9AiBYy5caIVr5 gqWExIBLNMzObt4HVtyRfkOiCpE4evOtxgB3ALIeBcyLos2KIE6HZvkruYolIGdr 2vpw57JJUy3vi5BeAAABbcSH+a8AAAQDAEgwRgIhAIB9YyT+5s9ORARAxRxYrrec HWyMzyC3sYS61p8ExWk2AiEAqVkO7pXiwRTCowbeUzjb3f4dYi/IXDRHAZvJz1Lo VMQwDQYJKoZIhvcNAQELBQADggEBAC79wPSZcwsCRimk0Pm24x6CjFQBaagpv3Sr SmF9Qx+316kocyMdh54iG06sXMleulYBPwjdcHFv2Tt3ljdzAS7hF3H7t5aqNbv0 QBvTrhYJTncoTbBwFxSAXl0oebBM0tqGdAUM7Tg375gSZ53is7qec9QLUj9UlQgu T1GEl3xpNR2BkIoOUrpnD5amlG9hOk18uG71NG7omEWqtPjAeCeQOQx+vFBqa2DE +YPPWpxOFM4Pn4slQdyvW3TeNZG37TSDbUWIP1I3BsnkeAFP3DxiDiH1V/r7tEwt IT+H3WBIUVEvYGur+na4dkMuM8T+vSaZLSDgeaBeANzb+ehKrac= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4fFhuQRMCVi5JG9wCd/a 6Pp7rBT4Hk8Jb1kI6jAfkXTWLrkXlNKqvdfjfTUbqcvcNk7rU1dGwpUKHf+NQbib marCY0VWv1XGSlyrngSVWjljsMzG4Lc0swAh1IRlTWuq79nZh48TMLxx06pY3L2e 0xzb/aH3mnVCBRxjY8bVE7PESiYoMmLZDyTKIJ1MojffbJDOXReTLsoqcVijs3kU /3+V3g939ZnO1Oi0tokp2DWp+MTIc+YFulIBz1GukiKUgyheRPbep9g7CtTIedPP QdOs22THfXuoKCuTYtsXUiCoO1KO+K8Fx6K3H5Q9JtJEl88uF1bfYlAR5qooBF8b Npz9RMTP04L1/EtvqHsluR8/IEbSoCmtxNwm8KBDT0S5AfnuybqTjs7cT+KU/QY4 TO+lgJ744OSMtHhJqbd3M/1mmg/+pj5s7fCfrf9XQFkSdmvYa3PuCeLf0W8Pofeb /l4bHhvdJ36OW9GEWsrhFQUniU5PqL4E3XQHyki1UKcmlwsOsVNVntJ59+oEfX/2 xIOBHmOiJnwZptxat6tsfk2771APLn8B/94ivJTRMaFKG5msNnsdZmEgrywiSHcT Yd+OaFfxhHt8Z7rpPVAzSWJ70Emr/3RMXoHtfvy0CY7aIJB8wWJyltD3PoBUihYR jmY/HssjOgYJ4c0b3sumWycCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 291786176157821560669846924052378956933682 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-13 08:51:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-11 08:51:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rjico.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 921766601009224347062265724734011065582243475105001078877808904372625054635859259837922924009462471632245557290492093943874872152961166563579136104355222029299649454994564128582886287486683713535837302815016628263655672078632923431243606204791329057665640438704369110422306455742884083007130268664826275183022617351629089383245580476714125588309705318801129680209947389914287660617847338235206483149378119289292716490714047432901110976385341341345779229682006056184713787066452739670715169445420010518839509101581922653273448472390044417341960182457896817373709360007801170639897428245440107032522553741177844124493429370537798545149837430915664376086423943155953602909760328209542107497034364056528713378295063894340158203682771382225036444554938728936268644371978136691825620181518404968753777695840111387196757178979432865421042199502639354141640319815881837774560132007181083345173619602871878034454519653339584022791024599948998372239946480481982220228972691608665417887796079468134581740085964557066635487684437377193103143925186736354298019735577751117387393439772137498785185144505724501922988693239103380910770868172038237853476203997616423436144169841987963993255384132805361191486841832670663036999419261868046434682952487 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 65ffc42eb1877e31b2768e0b6535ca4de25b665b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rjico.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016dc487f9820000040300463044022043048528c9c4f24bf4f5adb3cfe3dfd8288fcf05a0ff530dd82ebd04e748cfbd022058cb971a215af982a584c4804b34ccce6ede0756dc917e43a20a91387af3adc6007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016dc487f9af0000040300483046022100807d6324fee6cf4e440440c51c58aeb79c1d6c8ccf20b7b184bad69f04c56936022100a9590eee95e2c114c2a306de5338dbddfe1d622fc85c3447019bc9cf52e854c4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002efdc0f499730b024629a4d0f9b6e31e828c540169a829bf74ab4a617d431fb7d7a92873231d879e221b4eac5cc95eba56013f08dd70716fd93b77963773012ee11771fbb796aa35bbf4401bd3ae16094e77284db0701714805e5d2879b04cd2da8674050ced3837ef9812679de2b3ba9e73d40b523f5495082e4f5184977c69351d81908a0e52ba670f96a6946f613a4d7cb86ef5346ee89845aab4f8c0782790390c7ebc506a6b60c4f983cf5a9c4e14ce0f9f8b2541dcaf5b74de3591b7ed34836d45883f523706c9e478014fdc3c620e21f557fafbb44c2d213f87dd604851512f606babfa76b876432e33c4febd26992d20e079a05e00dcdbf9e84aada7