www.sfoco.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:da:a6:b5:53:86:ea:f3:38:a7:6f:b1:05:a4:2e:1c:dd:a6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.sfoco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:da:a6:b5:53:86:ea:f3:38:a7:6f:b1:05:a4:2e:1c:dd:a6Serial Number (int): 335740007131206300222403763966914802277798
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 52:ab:62:2f:12:0e:cb:78:9d:27:70:37:1b:77:6d:cf:93:bc:d3:15
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 26:53:17:df:62:31:9d:c4:1a:58:d2:53:ff:8c:14:bb:4c:9f:ed:db
Fingerprint (sha256): a4:f9:ae:7b:6c:e8:17:2a:46:86:e0:37:9c:41:5e:91:93:bc:ed:f6:07:21:6c:cc:a5:91:11:5d:42:5e:11:9f
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.sfoco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.sfoco.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.sfoco.com
Other certificates including the domain name sfoco.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.sfoco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA9qmtVOG6vM4p2+xBaQuHN2mMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjMxNTUzNDRaFw0y MDA1MjMxNTUzNDRaMBgxFjAUBgNVBAMTDXd3dy5zZm9jby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDY1P+WgCWZTwWZyhta75CcXlTzE4Io7lHr /tMqBaS3aJm5TXfkiaKI5v1RHIqXDXBszZ+IeTdPH03ArmbC122sf3ZyZRJQvIkp LDXCkZgbId/YlQJ3ac3M3rHRiKisb7o71YDmbW86sBC+bhwUhPLSM9Ogt2haK9hG CTY4AlMZ3qjRSrYk2yQkPL/mAzyaWRLtejMyqP6kEUJss2y5lO7Hg6wbDxkXtCOM /KyTof00e60dosyz/RZSsaRlXrfT4lx9lrfhk1q33O+7yQmctrKyTiuk134YI3vR Su2g940tIukf0grR4efmoAel4zjml2FrZ8R+H+WlafL8vZIelCC0mKQ2zUE1Ht5T JJkYRFqt7uhO6thevJ34z4qJD+ptvVDt8i5oq+ss7wttJ4thl+pYiu4a5p5cSoyk R3Jt3Ao/lPsAizpa9hasVhBuYe6YbJG/mB3qEC/iG59jSUgLcNkh6bt6LQanovrc gpMTCa+zM1Y/2twRy29rl05GXWfiBGnbTK2lTWcLDLrFR/DuEIgVZWSy3ZSuBpqu +ymYjDkAhnzApKf5DI3bKTGJoDc2H80jXKeaFr/sPIJfSo9PCf43XjjaZra9YksK 5awkpLJVfpObKMIi6tkML1mKyGol/BBZw17QMLvTaj+y94d3emziicM9dyYne1/2 C8stecMoNQIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRSq2Iv Eg7LeJ0ncDcbd23Pk7zTFTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5zZm9jby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAXBy+BESAAAE AwBHMEUCIBmTOPgwACD4eg6vo/gXnjwmAfD9Ergy45FFwRVN0QP9AiEAv6OBj4Uq GLUli/aann/K7CNWOuyDwnPCswKe02q15BcAdgAHt1wb5X1o//Gwxh0jFce65ld8 V5S3au68YToaadOiHAAAAXBy+BE4AAAEAwBHMEUCIQCJs/u1UI15L2TU9uH74hfu mm3acZ5VGy0zbu4nhgglDgIgB+GABMb0LhlOCK93oh6yKehYk+Zb3myH+utK3l2/ wNAwDQYJKoZIhvcNAQELBQADggEBADY0PDRQmzUVns7ipXWinIpHG0/gSLUIeT/q YVFZaNb3vinH1m/mei4+sp6CJqtF+giBuiWBerjNuD/aVbQCTEDOi76ljkjJXT7l 6UQr5EtHLo/pKDenslWHmp+rZXKfkVZRDfyqInYZLvRJJyVb3fAYdemlq/AybUXF yaWvL4cOMMkspYUN+RjIjqGZpGkw2AqBWHy/NkU+n1/XF5djDF3rWvHyUwBeogvn uyU9kHsPzUCttZPwE5mYbPLEgc4ZpO6LVB3+Iu/laz5Ic41qG1GFnlkOQSKtVKqO OG5Svb8BLSIv6vDN3FQRo6uPv0CwAl3KqBk0xXmX5LNju9c0Hhw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2NT/loAlmU8FmcobWu+Q nF5U8xOCKO5R6/7TKgWkt2iZuU135ImiiOb9URyKlw1wbM2fiHk3Tx9NwK5mwtdt rH92cmUSULyJKSw1wpGYGyHf2JUCd2nNzN6x0YiorG+6O9WA5m1vOrAQvm4cFITy 0jPToLdoWivYRgk2OAJTGd6o0Uq2JNskJDy/5gM8mlkS7XozMqj+pBFCbLNsuZTu x4OsGw8ZF7QjjPysk6H9NHutHaLMs/0WUrGkZV630+JcfZa34ZNat9zvu8kJnLay sk4rpNd+GCN70UrtoPeNLSLpH9IK0eHn5qAHpeM45pdha2fEfh/lpWny/L2SHpQg tJikNs1BNR7eUySZGERare7oTurYXryd+M+KiQ/qbb1Q7fIuaKvrLO8LbSeLYZfq WIruGuaeXEqMpEdybdwKP5T7AIs6WvYWrFYQbmHumGyRv5gd6hAv4hufY0lIC3DZ Iem7ei0Gp6L63IKTEwmvszNWP9rcEctva5dORl1n4gRp20ytpU1nCwy6xUfw7hCI FWVkst2UrgaarvspmIw5AIZ8wKSn+QyN2ykxiaA3Nh/NI1ynmha/7DyCX0qPTwn+ N1442ma2vWJLCuWsJKSyVX6TmyjCIurZDC9ZishqJfwQWcNe0DC702o/sveHd3ps 4onDPXcmJ3tf9gvLLXnDKDUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 335740007131206300222403763966914802277798 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-23 15:53:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-23 15:53:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sfoco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 884597484391971712564986247208071716892836188713286264634635927843441017561607058553696356157321738104643225027893319470559159592778619065419482359331450514090406755217861757078636675296965694971254267120717488515966475680619307563806287329140021664952927882694014904573350517131052503785401189889175338478101765945091459684909688370887576248968256342105563034506486619334638869457606540547303677866822090755394023282631889295087764776445649468321730822407252455707140541476715322008102004530160562058103329187671608949222808155952525088693053023191105560174878693090789605945461962527253320774446409397473899206735128084844035354756528039974128802361706298529725333481105582654543552207783670768752948105991740501188024975328988029497180216066258926671701369903727511766975621698698713324785173524223484048473615005881079753593789456044696070866279021422541547032134563853177625446057609436973655996666204685720534032133453598233999955157619524702327563760600120387476243817598686641973069813425280365698878216919161083243889525048251435301397003861592238084812176760649164277908858599665806022817775223255438881404413095573896690243455608803431382401200589872606484388634954576467419017732109600703269254710716408739098700158281781 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 52ab622f120ecb789d2770371b776dcf93bcd315 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sfoco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000017072f8111200000403004730450220199338f8300020f87a0eafa3f8179e3c2601f0fd12b832e39145c1154dd103fd022100bfa3818f852a18b5258bf69a9e7fcaec23563aec83c273c2b3029ed36ab5e41700760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017072f81138000004030047304502210089b3fbb5508d792f64d4f6e1fbe217ee9a6dda719e551b2d336eee278608250e022007e18004c6f42e194e08af77a21eb229e85893e65bde6c87faeb4ade5dbfc0d0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0036343c34509b35159ecee2a575a29c8a471b4fe048b508793fea61515968d6f7be29c7d66fe67a2e3eb29e8226ab45fa0881ba25817ab8cdb83fda55b4024c40ce8bbea58e48c95d3ee5e9442be44b472e8fe92837a7b255879a9fab65729f9156510dfcaa2276192ef44927255bddf01875e9a5abf0326d45c5c9a5af2f870e30c92ca5850df918c88ea199a46930d80a81587cbf36453e9f5fd71797630c5deb5af1f253005ea20be7bb253d907b0fcd40adb593f01399986cf2c481ce19a4ee8b541dfe22efe56b3e48738d6a1b51859e590e4122ad54aa8e386e52bdbf012d222feaf0cddc5411a3ab8fbf40b0025dcaa81934c57997e4b363bbd7341e1c