stretchagency.com
Issued by R3
About this certificate
This digital certificate with serial number 04:e2:42:ff:f0:c3:df:32:d1:d3:be:86:cf:19:04:1a:94:01 was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=stretchagency.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:e2:42:ff:f0:c3:df:32:d1:d3:be:86:cf:19:04:1a:94:01Serial Number (int): 425442016617890683318919360899647459202049
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 1a:9d:59:fa:cd:f1:36:e7:c9:ab:7d:ab:2b:37:d7:c3:a4:76:38:75
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 85:e4:32:8a:22:7f:ec:df:09:89:41:ea:2e:e4:63:05:49:dc:a5:81
Fingerprint (sha256): aa:f4:01:e1:1d:d2:2b:bf:79:07:69:78:b2:3f:41:37:bf:4e:30:ee:6b:a7:81:b9:b6:b6:81:f7:40:45:fe:17
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate stretchagency.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stretchagency.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
stretchagency.com
Other certificates including the domain name stretchagency.com
(limited to 100 certificates)
proyectos.netsus.cl
projects.consolidinc.com
projects.sbensonlegal.com
projects.sbensonlegal.com
projects.samgi.com
projects.samgi.com
work.stretchagency.com
stretchagency.com
stretchagency.com
projects.consolidinc.com
projects.samgi.com
proyectos.netsus.cl
work.stretchagency.com
projects.sbensonlegal.com
projects.sbensonlegal.com
work.stretchagency.com
stretchagency.com
projects.consolidinc.com
projects.samgi.com
proyectos.netsus.cl
projects.consolidinc.com
projects.sbensonlegal.com
projects.sbensonlegal.com
projects.samgi.com
projects.samgi.com
work.stretchagency.com
stretchagency.com
stretchagency.com
projects.consolidinc.com
projects.samgi.com
proyectos.netsus.cl
work.stretchagency.com
projects.sbensonlegal.com
projects.sbensonlegal.com
work.stretchagency.com
stretchagency.com
projects.consolidinc.com
projects.samgi.com
proyectos.netsus.cl
Certificate
The complete raw certificate details for stretchagency.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7zCCBNegAwIBAgISBOJC//DD3zLR076GzxkEGpQBMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDMwMTI2NTRaFw0yNDA3MDIwMTI2NTNaMBwxGjAYBgNVBAMT EXN0cmV0Y2hhZ2VuY3kuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAuhgCGwr2ziJVI0L5kH6VpH9TRCLKZksQZHwJ5GJpypKWO9Eebr/DJc9gxnJg Pj3S5plPhymemMBTOiEWX6Sgr3+opo/GCpyglMov/Di6dKK5xbCkOf9WwH8WsD2B 8sNc31BEiJUP7YrhdR4LUZ+s5U3ducXScZ6JNCIUsfiFZSGAg2qGEbe9iVLnWXvv Kr3v+CTj6kWUBbi7MYqDHb4vyBRFM8F/zrzwEfaDwgsbkvkrl5Q70nhBAvYTSBRN Qo1ZaNEq6Htn3uLZvLq690bzvYOu2B5XCRfBacj2OQJPYEw6Qet6m3Z7bBIDbfDG K7sXB4yEsc2gypCOQvrDphsjTjV32qniSfDWCzVryX5Srp/GpbIuBZ0nPel6OS3v W3/3ToHghUEHAOHbPXIodRBumQiHchbfiWaocFcRQV0UVFvonXjoFhHr1aZve4+o GIu5aNwfxBu5w10w07YOFG+ut+Ol10b0jZker67y26WOhB+Zx/av/RN29O5DqNHo mDmuv8tViXl9KgHn2M90PsVoXSdKEM7cYm68DdQq7p8xom3dcJEAMP1N8KyvOm1C RpR3xnwliMVij04v7Guz5dXwcJNqBP8GaccnxT3hiKKqLnC5f9ap6Exa6Oib6rll qAXXrXxf5RkiVFk2OUotICFwlIY4jLSRg8nETDN9KgzpL0ECAwEAAaOCAhMwggIP MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUGp1Z+s3xNufJq32rKzfXw6R2OHUwHwYD VR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEG CCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0 dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHAYDVR0RBBUwE4IRc3RyZXRjaGFnZW5jeS5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA dgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY6hx9/rAAAEAwBH MEUCIQDangUC1xrFJd36jPvPHLlz1Q4/LMalc+1MfVR05+CjmAIgUkIFKhyUVkZz 9+SftkPvuC+sO5+njZmel9tI8jqy0TAAdgAZmBBxCfDWUi4wgNKeP2S7g24ozPkP Uo7u385KPxa0ygAAAY6hx+BMAAAEAwBHMEUCIFscV1LfqwHk5oy3k+WirmfEifnL /lFFY/0wZSkausIEAiEArlA8LoPj14pavhNZlY0ehW7EEim5K/7A/U2wGJbAsU8w DQYJKoZIhvcNAQELBQADggEBAFvCWul2yKZFLglJOMyFgP2NG8TRxdT8OiIxxtdO xXCCBj6F4SiC/G5WzXIkAyOWrXveYylsPm3nZXk3FlQIBbbkkaiQ1WYhg36c0d+/ HIvwav9RNIMJ615WrtyB16+/RBLd/dCRbxpGH3uYsIH7ahTZsnxckfwL1OKOVHSe Cb16mXQhB6cz4Z2gLynVXIi41+opTfzx9+3FZaFsb5dswoyJky5Xbu0ihFtfPUkT a4hShHXyZKlBHavGy4edg6xACZPG3PBf3CfrRrGBxfIpOdmkzw/WYgxIDRWKzAnL X1d0F6h5RV5GwPTOKgnmmudZr93Bxz/t/LSOyG0tIHa1f6w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuhgCGwr2ziJVI0L5kH6V pH9TRCLKZksQZHwJ5GJpypKWO9Eebr/DJc9gxnJgPj3S5plPhymemMBTOiEWX6Sg r3+opo/GCpyglMov/Di6dKK5xbCkOf9WwH8WsD2B8sNc31BEiJUP7YrhdR4LUZ+s 5U3ducXScZ6JNCIUsfiFZSGAg2qGEbe9iVLnWXvvKr3v+CTj6kWUBbi7MYqDHb4v yBRFM8F/zrzwEfaDwgsbkvkrl5Q70nhBAvYTSBRNQo1ZaNEq6Htn3uLZvLq690bz vYOu2B5XCRfBacj2OQJPYEw6Qet6m3Z7bBIDbfDGK7sXB4yEsc2gypCOQvrDphsj TjV32qniSfDWCzVryX5Srp/GpbIuBZ0nPel6OS3vW3/3ToHghUEHAOHbPXIodRBu mQiHchbfiWaocFcRQV0UVFvonXjoFhHr1aZve4+oGIu5aNwfxBu5w10w07YOFG+u t+Ol10b0jZker67y26WOhB+Zx/av/RN29O5DqNHomDmuv8tViXl9KgHn2M90PsVo XSdKEM7cYm68DdQq7p8xom3dcJEAMP1N8KyvOm1CRpR3xnwliMVij04v7Guz5dXw cJNqBP8GaccnxT3hiKKqLnC5f9ap6Exa6Oib6rllqAXXrXxf5RkiVFk2OUotICFw lIY4jLSRg8nETDN9KgzpL0ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 425442016617890683318919360899647459202049 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 01:26:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 01:26:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stretchagency.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 759196394359866342340573215174369148458346258852931608265795356817699932695382015296034470391185382753279705520233777418970199408282443733398266795772361481662085249030189238845629108963880722886088046940189248181608040830701466589805866148894074002833952391803714817311030116079692080107199126131732317159420236150640421343593579014804204467124528766932219977838390102537961595838229455055971161905528732775090095071379224413406697393138988623164300831149267147460036014664343603331225998681196575350887299553511888726204284546047078683989361646045457239650300016143332436302443767804889573420549918781439054972693387139756623328805760512402372188186735191647280330156012392811086401035415463342964421749101505401974417305614715194561426109995468708322560357420700783110826984840459263955320575935091660861444029611298324002923329274871230849024877414231351063137723443019473307858191448371508564788925804009211265190512605934534144119406978579039904541866347862326444310876881419679704754226031393129463428827373655920664933653069537270802519056447393782008464104495041277761325084113347730541312166854916409949607218133143018043777712943812744150302257311083965009972059910901196270547482559439352307012253794451067784513601482561 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1a9d59facdf136e7c9ab7dab2b37d7c3a4763875 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stretchagency.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ea1c7dfeb0000040300473045022100da9e0502d71ac525ddfa8cfbcf1cb973d50e3f2cc6a573ed4c7d5474e7e0a39802205242052a1c94564673f7e49fb643efb82fac3b9fa78d999e97db48f23ab2d1300076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018ea1c7e04c000004030047304502205b1c5752dfab01e4e68cb793e5a2ae67c489f9cbfe514563fd3065291abac204022100ae503c2e83e3d78a5abe1359958d1e856ec41229b92bfec0fd4db01896c0b14f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005bc25ae976c8a6452e094938cc8580fd8d1bc4d1c5d4fc3a2231c6d74ec57082063e85e12882fc6e56cd7224032396ad7bde63296c3e6de765793716540805b6e491a890d56621837e9cd1dfbf1c8bf06aff51348309eb5e56aedc81d7afbf4412ddfdd0916f1a461f7b98b081fb6a14d9b27c5c91fc0bd4e28e54749e09bd7a99742107a733e19da02f29d55c88b8d7ea294dfcf1f7edc565a16c6f976cc28c89932e576eed22845b5f3d49136b88528475f264a9411dabc6cb879d83ac400993c6dcf05fdc27eb46b181c5f22939d9a4cf0fd6620c480d158acc09cb5f577417a879455e46c0f4ce2a09e69ae759afddc1c73fedfcb48ec86d2d2076b57fac