sakura-tempesta.or.jp
Issued by R3
About this certificate
This digital certificate with serial number 03:94:f3:c7:3c:9d:94:53:a5:7f:95:cf:13:07:79:5b:19:cf was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=sakura-tempesta.or.jp
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:94:f3:c7:3c:9d:94:53:a5:7f:95:cf:13:07:79:5b:19:cfSerial Number (int): 312022684999059518157945157653938791193039
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4c:bc:30:d1:0e:23:ad:4f:55:ae:6b:e7:2e:ec:94:1b:b1:28:31:94
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): cc:82:ba:05:a4:69:d9:56:e0:51:b3:d5:87:6e:29:b5:74:a2:9e:6c
Fingerprint (sha256): a6:f7:ea:af:4d:50:ed:72:64:1e:0e:91:af:e6:a3:3d:2f:58:63:80:c9:12:5f:18:8c:8d:ea:10:e1:89:2a:ab
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate sakura-tempesta.or.jp
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sakura-tempesta.or.jp
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sakura-tempesta.or.jp
www.sakura-tempesta.or.jp
www.sakura-tempesta.or.jp
Other certificates including the domain name sakura-tempesta.or.jp
(limited to 100 certificates)
Certificate
The complete raw certificate details for sakura-tempesta.or.jp in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISA5TzxzydlFOlf5XPEwd5WxnPMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDUxMTQ0MDJaFw0yNDA3MDQxMTQ0MDFaMCAxHjAcBgNVBAMT FXNha3VyYS10ZW1wZXN0YS5vci5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAMZrLXNUebTGRnJ6VHqoZRAdg/WtdB5nuAKFd7SuI0V2+srQDLqVtvg4 uxjd2QinvF+87Ec+aO/2CHlgcFTVzso76GUnqcVT2r+sgB4FVMgqOejG/c9pyC5i Z2OuOCgBcDVHaZcWuDy8JLAd2GMGNgbZCwuY/CNrxxXMvC5whz+HctRfjLu+aU3a 9ZYrMg6PSD0THWZn1ODudsLrb7Sg2DH798fPXoHg+irXjsEqcGrGVLP1pZ/iTas9 VNiyrBVvkEF3FL7PxwxTBS/chcMCcGyA4bvg6x4oy9kO7O3nbHUAGGOe5MvdDR1z rMFkUXKcaLQ51q6J6rk38qnZj9DuyKsCAwEAAaOCAjEwggItMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUTLww0Q4jrU9VrmvnLuyUG7EoMZQwHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wOwYDVR0RBDQwMoIVc2FrdXJhLXRlbXBlc3RhLm9yLmpwghl3d3cu c2FrdXJhLXRlbXBlc3RhLm9yLmpwMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYK KwYBBAHWeQIEAgSB9ASB8QDvAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/ qznYhHMAAAGOrkmX7QAABAMARzBFAiEA3PyIT3OJ0mrDxEzKoA+Bk5KJb+bv75iw +fheIcJ4X84CIExa4DTjw0ZjQ/mq7BZce3kj01GctlnjXYEdYd+tKyyGAHUA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGOrkmX7AAABAMARjBEAiBP TujT6M338hxm++v9Kk58dcknav/sWLxTVDlo3wTfLAIgfIjn2Mf4WHhWvlkvpfym 7XZqpig0qdD189LwuZvgy5gwDQYJKoZIhvcNAQELBQADggEBAJCjdCJ5oRvks3UW qP1FwxBboVw9rAekVeciW1CYcjnw17wpttqnHYZ7NYcsZfzdjyYHpS28rjiq5lPm +CyufEsgATEGcXyarGf+8HRZC5rcrmVma50wd4jOG+UPs5n+p7Q95X7F9yiJzJty uRUKBfHLr3BRbJnqSMissxcegrIxO0ERH56pW/hUmL8R1fFM1SGgSunwHvbQMsVL ltpLxtNp6CfWowCkz7GfMGQD3tguWAeXpWH8oKn1LWEOzkgqkGyYTMG4i0x8N9Vt HOvmFoqq+mUPiQHuGsQuIzQLL1ZJ9Bp9D8D5P/kuUcjFGwsqVde9AWvymtvkdqSQ VFphWwg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmstc1R5tMZGcnpUeqhl EB2D9a10Hme4AoV3tK4jRXb6ytAMupW2+Di7GN3ZCKe8X7zsRz5o7/YIeWBwVNXO yjvoZSepxVPav6yAHgVUyCo56Mb9z2nILmJnY644KAFwNUdplxa4PLwksB3YYwY2 BtkLC5j8I2vHFcy8LnCHP4dy1F+Mu75pTdr1lisyDo9IPRMdZmfU4O52wutvtKDY Mfv3x89egeD6KteOwSpwasZUs/Wln+JNqz1U2LKsFW+QQXcUvs/HDFMFL9yFwwJw bIDhu+DrHijL2Q7s7edsdQAYY57ky90NHXOswWRRcpxotDnWronquTfyqdmP0O7I qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 312022684999059518157945157653938791193039 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-05 11:44:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-04 11:44:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sakura-tempesta.or.jp' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25048035598561094359491990599287713273959776758834985570527290245666846828997767161558647290797188730025142074667292272279217326343336967606197668671950445840242825686424335750825083719231997291488317770778352800532498635707884766076426441979303360063039025229963420252863230469684634882475729165389349054317931891566783263423817494437491039429677749717594583861835189204155472545896364049521748436252457712256903597392732618688777986999058596392331886533398546966693647880457845019536188978759041612365070811359578376040640898212524223041879044307838801581703079841657849156756142346233018012620141202076361611462827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4cbc30d10e23ad4f55ae6be72eec941bb1283194 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sakura-tempesta.or.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sakura-tempesta.or.jp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018eae4997ed0000040300473045022100dcfc884f7389d26ac3c44ccaa00f819392896fe6efef98b0f9f85e21c2785fce02204c5ae034e3c3466343f9aaec165c7b7923d3519cb659e35d811d61dfad2b2c86007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018eae4997ec000004030046304402204f4ee8d3e8cdf7f21c66fbebfd2a4e7c75c9276affec58bc53543968df04df2c02207c88e7d8c7f8587856be592fa5fca6ed766aa62834a9d0f5f3d2f0b99be0cb98 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0090a3742279a11be4b37516a8fd45c3105ba15c3dac07a455e7225b50987239f0d7bc29b6daa71d867b35872c65fcdd8f2607a52dbcae38aae653e6f82cae7c4b20013106717c9aac67fef074590b9adcae65666b9d307788ce1be50fb399fea7b43de57ec5f72889cc9b72b9150a05f1cbaf70516c99ea48c8acb3171e82b2313b41111f9ea95bf85498bf11d5f14cd521a04ae9f01ef6d032c54b96da4bc6d369e827d6a300a4cfb19f306403ded82e580797a561fca0a9f52d610ece482a906c984cc1b88b4c7c37d56d1cebe6168aaafa650f8901ee1ac42e23340b2f5649f41a7d0fc0f93ff92e51c8c51b0b2a55d7bd016bf29adbe476a490545a615b08