gavinnewsom.com

Issued by R3

About this certificate

This digital certificate with serial number 04:5f:0c:49:0c:f1:8c:3b:b6:54:79:d9:9a:f7:5c:30:8b:0a was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=gavinnewsom.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:5f:0c:49:0c:f1:8c:3b:b6:54:79:d9:9a:f7:5c:30:8b:0a
Serial Number (int): 380792298620676535147193016751060671302410
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 2d:41:c6:6a:c2:33:9b:c8:9b:7d:2c:f8:97:df:67:1c:90:2b:7b:f0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3c:d3:94:6b:0e:14:3a:c1:18:8b:aa:7a:9f:12:32:38:cb:0f:84:3c
Fingerprint (sha256): a6:38:67:c3:23:a3:a5:80:72:37:4d:42:04:08:75:b6:64:c2:74:9b:7b:5f:8c:af:6a:f1:65:fe:6d:84:c0:d5

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate gavinnewsom.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gavinnewsom.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gavinnewsom.com
www.gavinnewsom.com

Other certificates including the domain name gavinnewsom.com

(limited to 100 certificates)
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
act.johnfetterman.com
gavinnewsom.com
www.gavinnewsom.com
sni32094.cloudflaressl.com
act.boldprogressives.org
act.ilhanomar.com
gavinnewsom.com
sni32094.cloudflaressl.com
act.ourrevolution.com
peoplesmillion.whitehelmets.org
act.colorofchange.org
sni32094.cloudflaressl.com
gavinnewsom.com
act.peoplesconvoy.com
act.elizabethwarren.com
sni32094.cloudflaressl.com
act.campaigntoendqualifiedimmunity.org
gavinnewsom.com
action.pollinis.org
act.jamieraskin.com
sni32094.cloudflaressl.com
gavinnewsom.com
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
gavinnewsom.com
gavinnewsom.com
gavinnewsom.com
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
act.gunsensevoter.org
www-default.actionkit.com
sni32094.cloudflaressl.com
act.realjusticepac.org
shop.gavinnewsom.com
gavinnewsom.com
act.powerthepolls.org
faithfulamerica.org
gavinnewsom.com
sni32094.cloudflaressl.com
act.abwt.org
sni32094.cloudflaressl.com
act.ruraldemocratsturnoutfund.com
shop.gavinnewsom.com
action.pollinis.org
act.defendvotingrights.org
act.jstreet.org
sni32094.cloudflaressl.com
act.democratic-strategy.org
gavinnewsom.com
gavinnewsom.com
act.progressflorida.org
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
sni32094.cloudflaressl.com
act.gavinnewsom.com
shop.gavinnewsom.com
shop.gavinnewsom.com
sni32094.cloudflaressl.com
gavinnewsom.com
act.nuestropac.com
act.jamieraskin.com
act.dsausa.org
gavinnewsom.com
www.nowarwithiran.org
act.bcndp.ca
sni32094.cloudflaressl.com

Certificate

The complete raw certificate details for gavinnewsom.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISBF8MSQzxjDu2VHnZmvdcMIsKMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA2MjgxMzMxNDhaFw0yMzA5MjYxMzMxNDdaMBoxGDAWBgNVBAMT
D2dhdmlubmV3c29tLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APSTetUdDhE6MnPQiGm9TXxT73vRxgxqyhmCNsSGQ49YNP2KVbx4s6D0Jo5IXIH3
8NAy7SHHaipmcFlEUJCnQD9thhgETPCy2h0xo9vwM7lOQmRjRDD3L2t2DVoEJPYW
PtLp17r/0+L3YE/9xW8Lh+11S7ruIPnM5WzM67lPmMueLNb8qdVuPza2gKvE/alV
GAS7adVL88NryeDECF3WnjUb4Eal1qUR4IMnmg/9g6ztcFwAeGGPrE7i2PxMboIf
BtOe7KBh8IkDWupsj+np3MCwJllNJad3m1vdYgI+Yw+aocCQkqesTW69dLow66v2
CitAVJvXRR99W5kAevA0JLkCAwEAAaOCAiYwggIiMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQULUHGasIzm8ibfSz4l99nHJAre/AwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wLwYDVR0RBCgwJoIPZ2F2aW5uZXdzb20uY29tghN3d3cuZ2F2aW5uZXdzb20u
Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
AHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGJAmrsigAABAMA
RzBFAiB7LG4mE/Z+Fps3Sy7YN+FyNHIAIQ0fPUVVsaOlPsTpxAIhAL8HwYTSI9V1
dhk5jVGwLoFAI3Qwo4vTvOFsEJQm7nM6AHYA6D7Q2j71BjUy51covIlryQPTy9ER
a+zraeF3fW0GvW4AAAGJAmrsqAAABAMARzBFAiEAuCNNh3Uv1P8NEyMYB8TmKeHD
JrLmjeUNPff8/xyNKf0CIG2FbgxD8tjNx50dmRVpKQ0WoZeZ1+MjkGqDAlPcj++3
MA0GCSqGSIb3DQEBCwUAA4IBAQCs1vwrCwZFygVyYY2w9+LNOMO8kZlWjjHwZ7Mx
Utz/ygX2qtuSRwc54P6VYgfaOCy2o29uiJODFkF88dMTKOO7+lFjvyRbYZ+RFlHE
+12M/hCJjfmujfGfLFbP6+P5esvHPbgjTujpnVYD62ffpnda5cEfvqnwhl6ViZrT
5o2XYymPqn8kTfnP/bHK0QT6BgxYh6ZJJSmlbSo+iikNqbe80wkCkCGxVfVtx7tU
ENU1Yz/lu8FPnKpNp/y0OJbHiIpoIZlxUcgjnRrPv3L5xad9dWtZMJecfaQ3rXrT
kOeh5M50NZg7H+A5zU1F7gnIEtDfDOFm3uvsyjewYthOZEfT
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JN61R0OEToyc9CIab1N
fFPve9HGDGrKGYI2xIZDj1g0/YpVvHizoPQmjkhcgffw0DLtIcdqKmZwWURQkKdA
P22GGARM8LLaHTGj2/AzuU5CZGNEMPcva3YNWgQk9hY+0unXuv/T4vdgT/3FbwuH
7XVLuu4g+czlbMzruU+Yy54s1vyp1W4/NraAq8T9qVUYBLtp1Uvzw2vJ4MQIXdae
NRvgRqXWpRHggyeaD/2DrO1wXAB4YY+sTuLY/Exugh8G057soGHwiQNa6myP6enc
wLAmWU0lp3ebW91iAj5jD5qhwJCSp6xNbr10ujDrq/YKK0BUm9dFH31bmQB68DQk
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 380792298620676535147193016751060671302410
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-28 13:31:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 13:31:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gavinnewsom.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30874871418674330599856582475032938667375268619443001630863980336265595132255055319191643458111097912849518683644418268103987213994455977559607858848119842980533392049063729003920357542074988987461137585846020662431659934377838370289619002655875385799518291331039036698807426681817568646147255938646103126008097680224992782780625624378043298116774876838353123724342507002380006971784078794529182989372683470709944523843444459913842097363110245276310289984800758291731507727636966622104526315616493280025870076217545288249244971934789372294783507838417764757756356243493322858302549568740438214483485562672125977044153
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2d41c66ac2339bc89b7d2cf897df671c902b7bf0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gavinnewsom.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gavinnewsom.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000189026aec8a000004030047304502207b2c6e2613f67e169b374b2ed837e172347200210d1f3d4555b1a3a53ec4e9c4022100bf07c184d223d5757619398d51b02e8140237430a38bd3bce16c109426ee733a007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000189026aeca80000040300473045022100b8234d87752fd4ff0d13231807c4e629e1c326b2e68de50d3df7fcff1c8d29fd02206d856e0c43f2d8cdc79d1d991569290d16a19799d7e323906a830253dc8fefb7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00acd6fc2b0b0645ca0572618db0f7e2cd38c3bc9199568e31f067b33152dcffca05f6aadb92470739e0fe956207da382cb6a36f6e88938316417cf1d31328e3bbfa5163bf245b619f911651c4fb5d8cfe10898df9ae8df19f2c56cfebe3f97acbc73db8234ee8e99d5603eb67dfa6775ae5c11fbea9f0865e95899ad3e68d9763298faa7f244df9cffdb1cad104fa060c5887a6492529a56d2a3e8a290da9b7bcd309029021b155f56dc7bb5410d535633fe5bbc14f9caa4da7fcb43896c7888a6821997151c8239d1acfbf72f9c5a77d756b5930979c7da437ad7ad390e7a1e4ce7435983b1fe039cd4d45ee09c812d0df0ce166deebecca37b062d84e6447d3