nghiemdo.com

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:ab:ec:a3:9e:24:44:19:12:7f:f6:bc:b1:05:eb:4c:c0:bf was issued on by Let's Encrypt .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

nghiemdo.com

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:ab:ec:a3:9e:24:44:19:12:7f:f6:bc:b1:05:eb:4c:c0:bf
Serial Number (int): 145615118034127911740423603747011448062143
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: 14:81:d0:18:7d:f8:d1:a0:1e:f5:1d:1f:f5:89:ce:f1:34:65:e4:a2
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 15:c4:01:bd:dd:84:87:a3:52:cd:83:4d:96:8d:19:d1:f5:e8:c7:d2
Fingerprint (sha256): 5e:61:e7:3f:c1:49:98:b0:2a:0f:6d:17:7d:86:7e:de:e0:02:de:3d:1f:c7:81:b7:79:4f:43:d3:17:6b:92:a6

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on nghiemdo.com
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

nghiemdo.com
www.nghiemdo.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGDjCCBPagAwIBAgISAavso54kRBkSf/a8sQXrTMC/MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAxMjQyMTM3MDBaFw0x NjA0MjMyMTM3MDBaMBcxFTATBgNVBAMTDG5naGllbWRvLmNvbTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAMcfckzuEBYctg92m9DHaNuQ6DOJB798nwPU 80hPnfYjZXRmRIg5Auw6y6B6n9DDyW9jErEXgJDqlYlJWCRhD++euORkvSBSBTpq gHPF2EFwhasf5qnbSN9tpKFDY2AbMsTcQ88dBIx+HKj5aHCSVYOoShc6tI36Yy+U dTuokxnPnoEVhdCy5KILsVoPPdkfgobKsddr3YNelzSw1Eklbr0sZ2J+fgG5WDTz Rv9EydoBHZIVcA5knKyqfsc8IKrKTIATfwSUtzDKUQm+g2HijThpvQWueYTAwZnx QGG4iBZrxcGQUn9ZSRZZFef3JOiCg6KvLBg8FWOhCvQIHPQ0vw8Cfw1/pqYWddzK ArfFm5OrDFhChi9E3bCv8vPc4ALvztDkD8VmkkNXmRYViI68W/0f8hsfyD1Ueg+W NRGEbmsioz08lnFsuAWkMjvwPe0xSKUYbLfWFJFrxq6SH86ScQ8H7vnhL2F8VPLq mD7iUQQmDMEfIZ4VsIbbhfhWOT49FL66Wc4yvk8EyVkOS1Cs9k7twbBQirhA+9E1 a3PINDK5pH1xWpqt3Yio/rO2AqBnhBr7JIUbEyhfdJige36JObkYF+uzJBE7rbeg 8G1izkc8sD1yfE7IjBVEDJPIRpi3EdFwcaDezPiisyGxk4L8PX87vvuQ5o2yOjmd glqX36exAgMBAAGjggIfMIICGzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBSB0Bh9 +NGgHvUdH/WJzvE0ZeSiMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgx LmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 MS5sZXRzZW5jcnlwdC5vcmcvMCkGA1UdEQQiMCCCDG5naGllbWRvLmNvbYIQd3d3 Lm5naGllbWRvLmNvbTCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC 3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUg cmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29y ZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBz Oi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IB AQB9poSmb2Abh6FMpu9fIsKz2B5iZ6JC0qRnXWk/86r/JqwmpmHzsFaWEdjsHkJ8 f0FgNwbGC/8MuYI8xRRfI0VMkf2ewiCgvT9IlYgmv6C1BmTr8jypZsfmWoSLIdqt F7OwuWcabWIHbj6kt4F5P8wTJ0PunlUzUtOCIImxnzd4a2u42wTkr2Y5azamk6wW hhWU5wh+zEfjxqsqxnwW/UWwt1EdlBvoCZx3+m8NeLPeP4YcN2LJhLVMALATDVIV HjfQc6BFMmcXtzoOyujPgKCTHlSuV7k4TbQBhldv4mJ8J1cEcvX7wzEtqthew4vP fUteGZSKhgaIZy63PCX8xsdU -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxx9yTO4QFhy2D3ab0Mdo 25DoM4kHv3yfA9TzSE+d9iNldGZEiDkC7DrLoHqf0MPJb2MSsReAkOqViUlYJGEP 75645GS9IFIFOmqAc8XYQXCFqx/mqdtI322koUNjYBsyxNxDzx0EjH4cqPlocJJV g6hKFzq0jfpjL5R1O6iTGc+egRWF0LLkoguxWg892R+Chsqx12vdg16XNLDUSSVu vSxnYn5+AblYNPNG/0TJ2gEdkhVwDmScrKp+xzwgqspMgBN/BJS3MMpRCb6DYeKN OGm9Ba55hMDBmfFAYbiIFmvFwZBSf1lJFlkV5/ck6IKDoq8sGDwVY6EK9Agc9DS/ DwJ/DX+mphZ13MoCt8Wbk6sMWEKGL0TdsK/y89zgAu/O0OQPxWaSQ1eZFhWIjrxb /R/yGx/IPVR6D5Y1EYRuayKjPTyWcWy4BaQyO/A97TFIpRhst9YUkWvGrpIfzpJx Dwfu+eEvYXxU8uqYPuJRBCYMwR8hnhWwhtuF+FY5Pj0UvrpZzjK+TwTJWQ5LUKz2 Tu3BsFCKuED70TVrc8g0MrmkfXFamq3diKj+s7YCoGeEGvskhRsTKF90mKB7fok5 uRgX67MkETutt6DwbWLORzywPXJ8TsiMFUQMk8hGmLcR0XBxoN7M+KKzIbGTgvw9 fzu++5DmjbI6OZ2CWpffp7ECAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 145615118034127911740423603747011448062143 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-24 21:37:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-23 21:37:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nghiemdo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 812350304190415185600404012268798498905979771504112597650720667937610204749935701610344382600252785742068704995901716340021195768103542959530031241559368832914635888201533709604098272986867590611912997761745683016411908818313550528774062877708456959800677321490930718887733715093827478653212325999050509140165089383645825642295217541965835743311069574541660226027925770517742635146839882296317785366590986977178107082437284060629107367534553142674429585148167559654916829009068785758066343544081821010085593990481711656081725366029068182088006012108318434556813949640189543645844510183426321969133403201668543889069158404926325995674492511765179675257446832074266610587709462200487276812394317050628700972694204204206308722321521548353028311629282888147290680333531053069969190999429270519533365965586394176593775644911905090229168619779122138139402239136067247935011638300194023898618979108442222455599971026730716091482660712725650308544098501499980981373043897162348038951288544876492780202700381638339800533527571381760173929394536944144408184639262438504120248377029727513139269210544360040349801607016140232744833605711180850040829859736958950325217408614691293290308223129703008176213501671352318345188593942763574737317636017 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1481d0187df8d1a01ef51d1ff589cef13465e4a2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nghiemdo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nghiemdo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007da684a66f601b87a14ca6ef5f22c2b3d81e6267a242d2a4675d693ff3aaff26ac26a661f3b0569611d8ec1e427c7f41603706c60bff0cb9823cc5145f23454c91fd9ec220a0bd3f48958826bfa0b50664ebf23ca966c7e65a848b21daad17b3b0b9671a6d62076e3ea4b781793fcc132743ee9e553352d3822089b19f37786b6bb8db04e4af66396b36a693ac16861594e7087ecc47e3c6ab2ac67c16fd45b0b7511d941be8099c77fa6f0d78b3de3f861c3762c984b54c00b0130d52151e37d073a045326717b73a0ecae8cf80a0931e54ae57b9384db40186576fe2627c27570472f5fbc3312daad85ec38bcf7d4b5e19948a860688672eb73c25fcc6c754