legtest.nyassembly.gov
Issued by R3
About this certificate
This digital certificate with serial number 03:eb:27:f9:03:b3:ac:98:0a:2e:f3:b1:26:03:42:b2:f7:00 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=legtest.nyassembly.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:eb:27:f9:03:b3:ac:98:0a:2e:f3:b1:26:03:42:b2:f7:00Serial Number (int): 341356346870537150872399439213846395549440
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 9c:0a:81:3e:82:47:48:44:da:07:15:64:e3:71:58:5b:a4:3f:13:ea
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 32:ba:88:6f:5e:1f:66:86:40:39:6c:42:fc:fd:fa:79:65:3c:8f:54
Fingerprint (sha256): a9:98:ba:43:47:39:09:6c:97:35:4b:82:f1:0e:2d:ee:a1:80:42:08:20:bc:5a:f7:6f:06:8c:fe:de:f6:03:80
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate legtest.nyassembly.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for legtest.nyassembly.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
legtest.nyassembly.gov
Other certificates including the domain name nyassembly.gov
(limited to 100 certificates)
z4.nysa.us
www.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z4.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
nyassembly.gov
server9.nyassembly.gov
nyassembly.gov
test.nyassembly.gov
mog.nyassembly.gov
nyassembly.gov
z4.nysa.us
nyassembly.gov
preview.nyassembly.gov
z4.nysa.us
nyassembly.gov
www.nyassembly.gov
preview.nyassembly.gov
nyassembly.gov
intern.nyassembly.gov
z4.nysa.us
server9.nyassembly.gov
nyassembly.gov
legtest.nyassembly.gov
nyassembly.gov
www.nyassembly.gov
z4.nysa.us
legtest.nyassembly.gov
www.nyassembly.gov
legtest.nyassembly.gov
test.nyassembly.gov
nyassembly.gov
nyassembly.gov
mog.nyassembly.gov
www.nyassembly.gov
mog.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
www.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z4.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
nyassembly.gov
server9.nyassembly.gov
nyassembly.gov
test.nyassembly.gov
mog.nyassembly.gov
nyassembly.gov
z4.nysa.us
nyassembly.gov
preview.nyassembly.gov
z4.nysa.us
nyassembly.gov
www.nyassembly.gov
preview.nyassembly.gov
nyassembly.gov
intern.nyassembly.gov
z4.nysa.us
server9.nyassembly.gov
nyassembly.gov
legtest.nyassembly.gov
nyassembly.gov
www.nyassembly.gov
z4.nysa.us
legtest.nyassembly.gov
www.nyassembly.gov
legtest.nyassembly.gov
test.nyassembly.gov
nyassembly.gov
nyassembly.gov
mog.nyassembly.gov
www.nyassembly.gov
mog.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
Certificate
The complete raw certificate details for legtest.nyassembly.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISA+sn+QOzrJgKLvOxJgNCsvcAMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA1MDMwOTA4MTdaFw0yMzA4MDEwOTA4MTZaMCExHzAdBgNVBAMT FmxlZ3Rlc3Qubnlhc3NlbWJseS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDracZh0MMeEhiGyBSp2Q0VVe2P7xNrljRStDVeGwoVq9VmJTibgP8N D2ct/PDz1kmD52DWGKmmwofL1ruv0U+6bKzGDWMhcmRrOGL+9esDfYJqtMWkXf+y hpZ7Devqt0VNKG8Wo1+WE2ksiyMdSG7U6xfHeNRnFdmnISL4jkvePqD7VifFJTwn 95HlNxU442guhCIJF/PX+exmWlKlGjvgFLwFh/AKtN/V1Sa2T90F6OBqNrOOXjKw gV45XlIPy0jnrS553z6/2dovMXUHsUUVCmy/uxAruVocHm3NChhLldYHrITUUB4T WXztHKvHnIRiTCuUPCWjKp0PDWWYXOV5AgMBAAGjggJQMIICTDAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFJwKgT6CR0hE2gcVZONxWFukPxPqMB8GA1UdIwQYMBaAFBQu sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s ZW5jci5vcmcvMCEGA1UdEQQaMBiCFmxlZ3Rlc3Qubnlhc3NlbWJseS5nb3YwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHx AO8AdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYfhFYfTAAAE AwBHMEUCIQCVkjqXd7CuG2gOHQBnK0pf+4MFIGFrEnt4dqUgCb2KCgIgNuI9I4G9 DgN4d7CIqQfWnJVLFsUXNNSsSy3G3X1QH0oAdQCt9776fP8QyIudPZwePhhqtGcp Xc+xDCTKhYY069yCigAAAYfhFYhtAAAEAwBGMEQCIDMEBq1YdJEzQN4A7GSn5Aq3 2LaJZIrGL2iicMjmFoRNAiAmeHssZacb1UpWvFc9KEhWln9r1V5ktsgDiicVt2gg PjANBgkqhkiG9w0BAQsFAAOCAQEAtp4P4RGKjKJ1jekKGDeQqBU8ZjNItjQnTU8N VU761fbfzM7ztzBzxeF1cKyhT9xjsUsR5TCeF9/ZbZnfO9ked/fcUtfST0GfEah6 kBVyGKdGflhOtvC7dA8nxlD3Iowhn0UKE6ppmU5LO1Qk77wibnIVWVPAPDPHDxaz cQNxi8yyZfxuD0IcWBOp3FnaIDDOxDk60u8dCzhnQFJndqW5BW/L28AwWdzAJdFJ n5p7RbVymyTGXVMMt9IaaW8Cvw1xvqaCJ/wZ1iAyIAVJ5r46ShKOG0epJtXbawBu DrwWXN+oM+mRp26E13onDWX49avt/eDXIpBe0N5YCtccfWo36w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62nGYdDDHhIYhsgUqdkN FVXtj+8Ta5Y0UrQ1XhsKFavVZiU4m4D/DQ9nLfzw89ZJg+dg1hippsKHy9a7r9FP umysxg1jIXJkazhi/vXrA32CarTFpF3/soaWew3r6rdFTShvFqNflhNpLIsjHUhu 1OsXx3jUZxXZpyEi+I5L3j6g+1YnxSU8J/eR5TcVOONoLoQiCRfz1/nsZlpSpRo7 4BS8BYfwCrTf1dUmtk/dBejgajazjl4ysIFeOV5SD8tI560ued8+v9naLzF1B7FF FQpsv7sQK7laHB5tzQoYS5XWB6yE1FAeE1l87Ryrx5yEYkwrlDwloyqdDw1lmFzl eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 341356346870537150872399439213846395549440 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-03 09:08:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-01 09:08:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'legtest.nyassembly.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29718161229042826814946613409679134986889311199489031737926959742377523820052782940616815473242291719438492148992983680076001581668161197096919753320837767762371772096289748379878804217838563076705377104137927298579561301932594512364590291230209637919026365428361248410679337187213509112842102695979820219960410555516065318418688509831729979536223422873961280219979150480092093384152829100381197494856987795295568231209454041198125110600642552255189606190885607074450341112663331578587964149187863632266635091582940967114277237713673908427557357925325147909613439710036762708527602272328540908133813478707416547517817 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9c0a813e82474844da071564e371585ba43f13ea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legtest.nyassembly.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000187e11587d3000004030047304502210095923a9777b0ae1b680e1d00672b4a5ffb830520616b127b7876a52009bd8a0a022036e23d2381bd0e037877b088a907d69c954b16c51734d4ac4b2dc6dd7d501f4a007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000187e115886d00000403004630440220330406ad5874913340de00ec64a7e40ab7d8b689648ac62f68a270c8e616844d022026787b2c65a71bd54a56bc573d284856967f6bd55e64b6c8038a2715b768203e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b69e0fe1118a8ca2758de90a183790a8153c663348b634274d4f0d554efad5f6dfcccef3b73073c5e17570aca14fdc63b14b11e5309e17dfd96d99df3bd91e77f7dc52d7d24f419f11a87a90157218a7467e584eb6f0bb740f27c650f7228c219f450a13aa69994e4b3b5424efbc226e72155953c03c33c70f16b37103718bccb265fc6e0f421c5813a9dc59da2030cec4393ad2ef1d0b386740526776a5b9056fcbdbc03059dcc025d1499f9a7b45b5729b24c65d530cb7d21a696f02bf0d71bea68227fc19d62032200549e6be3a4a128e1b47a926d5db6b006e0ebc165cdfa833e991a76e84d77a270d65f8f5abedfde0d722905ed0de580ad71c7d6a37eb