firstmmj.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:72:08:5a:bb:7a:81:9c:aa:94:57:68:a2:ca:3e:3f:88:7c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=firstmmj.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:72:08:5a:bb:7a:81:9c:aa:94:57:68:a2:ca:3e:3f:88:7cSerial Number (int): 300140152557467816910002352490353627465852
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 06:c7:25:27:b8:fb:e9:2a:88:a0:4e:97:14:9d:66:18:33:0c:1a:b3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b8:22:c6:45:29:de:f2:e8:58:75:b2:48:5d:68:8a:38:25:52:4f:a4
Fingerprint (sha256): b2:97:6c:b5:30:0e:b1:f6:11:d2:92:94:03:bf:c8:bc:81:2a:0d:6d:9a:24:b4:04:d9:a0:8c:00:e4:bc:43:4a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate firstmmj.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for firstmmj.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
firstmmj.com
www.firstmmj.com
www.firstmmj.com
Other certificates including the domain name firstmmj.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for firstmmj.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYzCCBUugAwIBAgISA3IIWrt6gZyqlFdooso+P4h8MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjEwNjUxMjRaFw0x OTEyMjAwNjUxMjRaMBcxFTATBgNVBAMTDGZpcnN0bW1qLmNvbTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAK4lTivAIrmTz+rXcwi5cgfmTo7amMgxMxsL VHnhGNhpfgna28apfVVhz8+YQUPx3KO6ePPVQz1AkZRTTZlmqVgXNCeBQfFd9Dyv xc4H9v4oHGGTBqfLWGEuYwJDsvlL+ScC1nfjpRYjBeZ/0Fpzhy1dyCC+n6iDw5VF My37nkQIZp5xU+3Tc1IFjzBZyVg3gq++fFJANpsJPJrpxk746FnE5YPl9LgFY9bq mh+BkVXB3QVEChK4QHF+TmKMptpTM08P2cRLNh6BMy9FpDsih7R6h1utap6osw2C LGK6edEwEKbeiEkaPLraug9XPorocpks9f98tInIbvAkBlGuedV4LFrV3o3swubD PksHFznmAIeCqi+Oav6h9Uyb6nPpqIbDAxKEOfQiMQVNnIFdInrT+Ec5OBH48YLT 8lL0qoH27j8mtmRcaO0R+8PCidgVxLggDQPlf/oQAF6VwPuZKevZPaWtMl6iBpcC O6p28QDUyhi+cKY96nIBKX+qwNCII4hXlE48DaYbJxz7NnRh26f2t0rTGiRY0M7U dbsFgo3oYgy88h3N7SeQXYAjE5psLldLgRSASKEaBWlNMGorudOmGaUZ140OSgE3 pn5CqXuQGRHgO6Qg5SyrAS3mLGvudzeWLCPrYEBhVNeT6Lvk7As9bTkfJbio7gXF mzEHRM01AgMBAAGjggJ0MIICcDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAbHJSe4 ++kqiKBOlxSdZhgzDBqzMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wKQYDVR0RBCIwIIIMZmlyc3RtbWouY29tghB3d3cu Zmlyc3RtbWouY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYK KwYBBAHWeQIEAgSB9gSB8wDxAHcA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMB nd3x2/4AAAFtUs3XLAAABAMASDBGAiEAl4u0tXdps9oY1jU1VrqQAgN5jD3/Un6X fa7g1we32a8CIQC9NM6ZCdrM30z6JCEVZPQCXo4MZzweX13WMNISxHGayQB2AGPy 283oO8wszwtyhCdXazOkjWF3j711pjixx2hUS9iNAAABbVLN1yEAAAQDAEcwRQIg S2HWx73NxUjIUs/M8rSP5os3r3wXRA542Yeu2X07KqsCIQDKp1J75NOh1mv0mvoy KMQ44AB+FSl9P+dXW+kFJ2BisjANBgkqhkiG9w0BAQsFAAOCAQEAgmZitDI23h8k an6hSF0/OaU83Z4RJMGIuM7big647rlDARHLm7qaqVHdfGRdp8ay7iUlajwCHg8k sTQPFymDTNddv0jBiXdXEqSp40jZs2Gmol4TOIMq8lHEX3WfojC3FoxC/JyF6pCb Y2fU4cGzyXC0qEqpsKGKrCiiAeqTiq7umzAVd5yFSiokMbWB9hdqCoqEL4jHpnDU B/mkM509doiCpTpgG7+21fz5flmRFZdSXgIhTcZJ/Zdw3I5XWo0Iu+LdNt2xwRQ5 b7PzfjfH0rEJlGC9g2pLCFE948PhofYg8cCkLs5HFJbgZF06C6IEorSDXg3PFndW fuwwpFFgcA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAriVOK8AiuZPP6tdzCLly B+ZOjtqYyDEzGwtUeeEY2Gl+Cdrbxql9VWHPz5hBQ/Hco7p489VDPUCRlFNNmWap WBc0J4FB8V30PK/Fzgf2/igcYZMGp8tYYS5jAkOy+Uv5JwLWd+OlFiMF5n/QWnOH LV3IIL6fqIPDlUUzLfueRAhmnnFT7dNzUgWPMFnJWDeCr758UkA2mwk8munGTvjo WcTlg+X0uAVj1uqaH4GRVcHdBUQKErhAcX5OYoym2lMzTw/ZxEs2HoEzL0WkOyKH tHqHW61qnqizDYIsYrp50TAQpt6ISRo8utq6D1c+iuhymSz1/3y0ichu8CQGUa55 1XgsWtXejezC5sM+SwcXOeYAh4KqL45q/qH1TJvqc+mohsMDEoQ59CIxBU2cgV0i etP4Rzk4EfjxgtPyUvSqgfbuPya2ZFxo7RH7w8KJ2BXEuCANA+V/+hAAXpXA+5kp 69k9pa0yXqIGlwI7qnbxANTKGL5wpj3qcgEpf6rA0IgjiFeUTjwNphsnHPs2dGHb p/a3StMaJFjQztR1uwWCjehiDLzyHc3tJ5BdgCMTmmwuV0uBFIBIoRoFaU0waiu5 06YZpRnXjQ5KATemfkKpe5AZEeA7pCDlLKsBLeYsa+53N5YsI+tgQGFU15Pou+Ts Cz1tOR8luKjuBcWbMQdEzTUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300140152557467816910002352490353627465852 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-21 06:51:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-20 06:51:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firstmmj.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 710452570064244051516758750641347430524034015855957912289915299937305297133206300538547378748178911003464291397975376089200851603882714816069540813018289524543344009658399011683076370591475294266190058282169480722719852663755215548519009298558453345065755429255610992027817957770134486447741339614358392347353890824525587896696764771478592946095287968393539696727221350917877185096580601922049883828997149120485214871521179991425353312130061607556348726762558241737051298547039718384938549498335969234388105389688582788618235498523767849575681837969000055698899580340904224762551374941360258538342060155137793976897267197777430059720925621512362986944553682704128340482100021682716480482164628502852144639089731897385931848836557207044507965787979393717936014900602061317024211666340865026195524311882513633252185044594128390044189765305290523806320973321273066794590300177688752332038252964385837031333289056582579704677197573615107488213120263355516095589135907113957966751239929303638062272946786786121338503678979807086533194062361038581804153888687113323262998645497899424168415309445328565414236427105037745661039273929305405547405731037334274025536887571671280706703906267949554410996009959481704504850739481641836745352072501 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 06c72527b8fbe92a88a04e97149d6618330c1ab3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstmmj.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firstmmj.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016d52cdd72c0000040300483046022100978bb4b57769b3da18d6353556ba900203798c3dff527e977daee0d707b7d9af022100bd34ce9909daccdf4cfa24211564f4025e8e0c673c1e5f5dd630d212c4719ac900760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d52cdd721000004030047304502204b61d6c7bdcdc548c852cfccf2b48fe68b37af7c17440e78d987aed97d3b2aab022100caa7527be4d3a1d66bf49afa3228c438e0007e15297d3fe7575be905276062b2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00826662b43236de1f246a7ea1485d3f39a53cdd9e1124c188b8cedb8a0eb8eeb9430111cb9bba9aa951dd7c645da7c6b2ee25256a3c021e0f24b1340f1729834cd75dbf48c189775712a4a9e348d9b361a6a25e1338832af251c45f759fa230b7168c42fc9c85ea909b6367d4e1c1b3c970b4a84aa9b0a18aac28a201ea938aaeee9b3015779c854a2a2431b581f6176a0a8a842f88c7a670d407f9a4339d3d768882a53a601bbfb6d5fcf97e59911597525e02214dc649fd9770dc8e575a8d08bbe2dd36ddb1c114396fb3f37e37c7d2b1099460bd836a4b08513de3c3e1a1f620f1c0a42ece471496e0645d3a0ba204a2b4835e0dcf1677567eec30a4516070