exterso.com
Issued by R3
About this certificate
This digital certificate with serial number 03:61:bb:14:9c:fb:85:b6:a4:70:e9:b5:ac:b6:97:01:1b:cf was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=exterso.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:61:bb:14:9c:fb:85:b6:a4:70:e9:b5:ac:b6:97:01:1b:cfSerial Number (int): 294592920051744270128701940670238560426959
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7b:cd:00:46:78:2a:4a:8d:d5:05:af:ce:10:20:c6:8b:40:ea:8b:43
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 41:c6:25:c4:e8:cf:81:b8:4d:71:b7:9c:71:17:5b:3c:fc:91:00:d9
Fingerprint (sha256): a7:bf:36:00:22:3e:bf:57:16:da:f1:20:d9:7e:0d:c0:1d:50:ba:1b:06:ec:cd:7f:db:ed:27:94:7a:0f:71:d5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate exterso.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for exterso.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
exterso.com
Other certificates including the domain name exterso.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for exterso.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4zCCBMugAwIBAgISA2G7FJz7hbakcOm1rLaXARvPMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTIwNzMyMzRaFw0yNDA0MTEwNzMyMzNaMBYxFDASBgNVBAMT C2V4dGVyc28uY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmRoF w7xjngLnES6oZkDlgS2jnNpOIZLzdRpRfzquUOJaAoEWJkvfaHbh+bE/KTe6tvk0 6Z7/8YKUsTdcWJiecjLmDELFYvGWd3HJSOALGlNCw7wPjeo4kVfkL/+IPRALacnY MmVVF8WInImp14CTBw3djVMI+suFFmobGT5j3Tq5O3L4SUJB/p0f8oPoQAP26EOV jLgiDsMu+EkB0o5krcSu76n16Frf3n0g5Ei1ut8MD6Xb3rOh/q0wumo6DECMdHn8 fmt+zENd1KzeeFU3AKbrjRUqkk7OLdNCP274tWJftdDqmmnpBPy30TtqKMdaFkVo m1avDZcxDkm51IhIp3z1BKtFX70fonXVn+lfe8jtKOUkPLI7O7zxCklTp/yYTVPS CNjzjBMkUZOrb3b1je4bqw5tyifR75qyYGuzfET525PvROlkr/F8zUTyjnKGs+yH aQOyTkt7sQGkeyKU27Fmtyh8bHVptGD0XMPc0CJva4wxBUrRctRac5X3+OPmURHY 5nrUwjvFcHO4NHjbwgj2JmwlpEAJg/UvWTlEqzaYwFHIjXujOPQgFa+KZThwK8Jn VIgiq5bTTYEHvMSKYTwiU4jQq6iQVScJbIP+SWgE2r62UGhk4rTwC1Qo+58LpI3u VySawue7A1l5uRUyRKnc6+ZtC6aM3GvRF+crmZkCAwEAAaOCAg0wggIJMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUe80ARngqSo3VBa/OECDGi0Dqi0MwHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wFgYDVR0RBA8wDYILZXh0ZXJzby5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQBIsONr2qZHNA/l agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYz8zS+3AAAEAwBGMEQCICDttCW/GqFN hBqPF6mMD6/JU9gF0jHEqEXnoR9RgP5RAiAMamH8nwL3V6Bavt8Qm8M352pZK9fu YLw5zAGDlNUC/gB3AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAAB jPzNMEYAAAQDAEgwRgIhAP8hWGlyK8NGjRIz3t3Cd/eeh3w9/reC6GOEubPIMddZ AiEAnlhsW/tezzfAWAVX3ltxcA2xgFijgsImKnWTjz7xKwEwDQYJKoZIhvcNAQEL BQADggEBAJYnny0uT01x4ug+3fZQVrwnRD4RgnwwHBajO78PzaQnEu9g9PCLXniW lzlpvja0SLT/HwLGKlOxie15AnPh5cgOgtaGFWBm6zKPlgCxuU4RJ1IbVo1WNv6L 57NeJg/3k9aRMqDDQ7Py8F8e6+65VnB7TCWW1nCyCK29fBaUPIoLTlJUpz6IQFci 2ssMP5vJAB9NNVqnLYmn+qGTiyWGvrRUg/y6yuxbeRunXnjngyAj/mvYZvWjAHgv r8AAye54OoutXO+Nu0uO0fnGLySipejPdskkZMoHuszi2KK9g+UEOIMphBG6Nokx ehVFwyoI4nGX1xX9gkismUxZjUxWxY4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmRoFw7xjngLnES6oZkDl gS2jnNpOIZLzdRpRfzquUOJaAoEWJkvfaHbh+bE/KTe6tvk06Z7/8YKUsTdcWJie cjLmDELFYvGWd3HJSOALGlNCw7wPjeo4kVfkL/+IPRALacnYMmVVF8WInImp14CT Bw3djVMI+suFFmobGT5j3Tq5O3L4SUJB/p0f8oPoQAP26EOVjLgiDsMu+EkB0o5k rcSu76n16Frf3n0g5Ei1ut8MD6Xb3rOh/q0wumo6DECMdHn8fmt+zENd1KzeeFU3 AKbrjRUqkk7OLdNCP274tWJftdDqmmnpBPy30TtqKMdaFkVom1avDZcxDkm51IhI p3z1BKtFX70fonXVn+lfe8jtKOUkPLI7O7zxCklTp/yYTVPSCNjzjBMkUZOrb3b1 je4bqw5tyifR75qyYGuzfET525PvROlkr/F8zUTyjnKGs+yHaQOyTkt7sQGkeyKU 27Fmtyh8bHVptGD0XMPc0CJva4wxBUrRctRac5X3+OPmURHY5nrUwjvFcHO4NHjb wgj2JmwlpEAJg/UvWTlEqzaYwFHIjXujOPQgFa+KZThwK8JnVIgiq5bTTYEHvMSK YTwiU4jQq6iQVScJbIP+SWgE2r62UGhk4rTwC1Qo+58LpI3uVySawue7A1l5uRUy RKnc6+ZtC6aM3GvRF+crmZkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294592920051744270128701940670238560426959 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 07:32:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-11 07:32:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'exterso.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 624600240106142019652472910426244767359694018198005613030008105214551596356478256291320900820166718632951289587414803853397624617314204355520802271158479376679003713211258343218406116360620021031257931652610917514672931410888482320483712564250771966727149338083948153906235607979727730450913598160462237773708367100835016661575265799800765181145092992548463654861078414571605144260944278563962622651086099632195106678456822141494504101373831803507286672040211207331818019954300598641323138159726453506944824546966377125159230005033464992266406577411913212907430375733640903769255321074953606248291738334142019437037382067046170804568574812583372073675096039190392014256665149605260594472570124137908442848523889946258166492851727107220815811330572283631086226039507027583994495159046067736417704975000307711849521800888736614955341697802820803681112219751934767971671346073981126574915663301815573876918565213700987757475180476883425526106282660753471044398018501119043905879601179156262599219479726987728227218518953332654286459659059734568911331635437876026625196675656156148522564657710327514880249408890978068992245128500914779443396121750271663100722594432036646462743272050255036242471892926876726762381626460421415388110887321 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7bcd0046782a4a8dd505afce1020c68b40ea8b43 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exterso.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cfccd2fb70000040300463044022020edb425bf1aa14d841a8f17a98c0fafc953d805d231c4a845e7a11f5180fe5102200c6a61fc9f02f757a05abedf109bc337e76a592bd7ee60bc39cc018394d502fe007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cfccd30460000040300483046022100ff215869722bc3468d1233deddc277f79e877c3dfeb782e86384b9b3c831d7590221009e586c5bfb5ecf37c0580557de5b71700db18058a382c2262a75938f3ef12b01 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0096279f2d2e4f4d71e2e83eddf65056bc27443e11827c301c16a33bbf0fcda42712ef60f4f08b5e7896973969be36b448b4ff1f02c62a53b189ed790273e1e5c80e82d686156066eb328f9600b1b94e1127521b568d5636fe8be7b35e260ff793d69132a0c343b3f2f05f1eebeeb956707b4c2596d670b208adbd7c16943c8a0b4e5254a73e88405722dacb0c3f9bc9001f4d355aa72d89a7faa1938b2586beb45483fcbacaec5b791ba75e78e7832023fe6bd866f5a300782fafc000c9ee783a8bad5cef8dbb4b8ed1f9c62f24a2a5e8cf76c92464ca07bacce2d8a2bd83e5043883298411ba3689317a1545c32a08e27197d715fd8248ac994c598d4c56c58e