28921.com
Issued by R3
About this certificate
This digital certificate with serial number 04:e8:69:38:84:ea:99:4f:de:2e:2d:57:6b:66:70:cb:98:2d was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=28921.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:e8:69:38:84:ea:99:4f:de:2e:2d:57:6b:66:70:cb:98:2dSerial Number (int): 427534515256745109698218547315165174143021
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: fa:35:27:e2:34:02:17:9d:bc:45:58:fc:bc:8d:ef:30:48:e5:72:6a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fc:1c:f2:48:23:88:db:8e:4e:b4:22:58:ae:53:c6:77:66:fa:dc:cd
Fingerprint (sha256): b9:e2:b7:23:5d:d4:d9:20:bf:a9:0a:3a:20:a2:b2:5f:e5:50:bc:39:79:9a:67:37:ec:18:41:a3:cc:59:e2:9a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate 28921.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for 28921.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
28921.com
Other certificates including the domain name 28921.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for 28921.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3zCCBMegAwIBAgISBOhpOITqmU/eLi1Xa2Zwy5gtMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjkwNDQ2NDRaFw0yNDAzMjgwNDQ2NDNaMBQxEjAQBgNVBAMT CTI4OTIxLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMd9el/n n87JMb/MD7OaRop3HFtJMbQTDXS65EuRR79udLfMQMs8QBO3JwgdBoOCsrDh93R+ lhFmmo3wdnBqweFqd7Av5xV1uTc2J+yWjAgtt8roM++rnC8BUwNrHvL9LUZ7iQmF xy3PIhieMsSTSRygZv0BDdG8CHFsI4WLJgfWNwJ2kdbd0DdbaeVuFK1LQo2+oaUT YHejUz0ZzcNmLGgSXZd8hYO9UGpeeW/5XmvdUVcv4T6DPnztoXmLmxZ0HSKS6CYG yLWxIjcF9E/Im2UeITDT9vznusbQ1TURRd6ne84CVeJzVOXb43ATPVhPPAGJyKLA z6xrO35e8SbBiu783jmmcsnd2/mxym45Tmk7V13zKVWMPwN6wHxHdp5dq+B2v/Uo YmMvzdVus6m0V7ekVsZnoOu9T2dYaRoTrdtouWqBytaTl1u7WYGMG3hn044H4X3E x9YUL89EWkoI2JiQzEjPpsqd52R3H8Spf41Y/QysRENCCXkUBqKiUCGRW4dvYZp1 khsiiuv16wEFYnSqosKeD3Eu85RaRdj80napq8R4yo+vo4OofLGFpsAVXDfp1gIU JmmOISYpiLmY2wVsgGPCY1PBr5FeU8V2KwQ62kWmNTV1EOiNMLe/v1hV6C10GVRi 9kINXDaqhBRwxREDsLjzvdF54sLKdyGMUR1HAgMBAAGjggILMIICBzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFPo1J+I0AhedvEVY/LyN7zBI5XJqMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCTI4OTIxLmNvbTATBgNVHSAEDDAKMAgG BmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABjLQcVeAAAAQDAEgwRgIhAIofi3+ln5/dOy0u moH5RTdXHNHotHgWzL9uQdULlLIPAiEAz/yS9nqFrK121ilUfL0TkFO9yO4C5HDV NNUD0tDMe1kAdQAp0DobtnSqcRzTA1tlV8FPiqeLT+g4lEnspFP5RL0kaAAAAYy0 HFacAAAEAwBGMEQCIHR275BbeRLXOrEFADKiCC7hfQihooGPTjNQF/1V+ZSvAiAG b2QmziYf5F+cyobCKO2WFOdhM39ekRme6X4ymuRPoTANBgkqhkiG9w0BAQsFAAOC AQEAUs8djIEtcZNxrdFHqXl+TQZlllzUSAcsjaHyw4nJflc3oEmYzj4Gg4zCRPx1 tljdCCVJjhGQEsjlxPPYHIp8Co3XQq0OOuJ/fRGbDfHT76m4p0Ag3nnA8yIW6ccH Kdw9PKMBOL1aEyPRafNDtcwIlwHyElj5JFPVfO1Z3WhRCvF9pX+5J/rz4/4JTTNv GOOViQNAMdEqKZ2BHKxUBkk7XAxnJWLHccgGkHpPIMv5YMLBoTrjw+ZLdOwj5ZDx JOIR5pL96PbuHoWUYToO+sQXm1NFSLGNqev2qAbU94MMqMwgE6a+QnDNJjm0/XrB j7rmh056jRRxNr0cMH9YjkrqLQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx316X+efzskxv8wPs5pG inccW0kxtBMNdLrkS5FHv250t8xAyzxAE7cnCB0Gg4KysOH3dH6WEWaajfB2cGrB 4Wp3sC/nFXW5NzYn7JaMCC23yugz76ucLwFTA2se8v0tRnuJCYXHLc8iGJ4yxJNJ HKBm/QEN0bwIcWwjhYsmB9Y3AnaR1t3QN1tp5W4UrUtCjb6hpRNgd6NTPRnNw2Ys aBJdl3yFg71Qal55b/lea91RVy/hPoM+fO2heYubFnQdIpLoJgbItbEiNwX0T8ib ZR4hMNP2/Oe6xtDVNRFF3qd7zgJV4nNU5dvjcBM9WE88AYnIosDPrGs7fl7xJsGK 7vzeOaZyyd3b+bHKbjlOaTtXXfMpVYw/A3rAfEd2nl2r4Ha/9ShiYy/N1W6zqbRX t6RWxmeg671PZ1hpGhOt22i5aoHK1pOXW7tZgYwbeGfTjgfhfcTH1hQvz0RaSgjY mJDMSM+myp3nZHcfxKl/jVj9DKxEQ0IJeRQGoqJQIZFbh29hmnWSGyKK6/XrAQVi dKqiwp4PcS7zlFpF2PzSdqmrxHjKj6+jg6h8sYWmwBVcN+nWAhQmaY4hJimIuZjb BWyAY8JjU8GvkV5TxXYrBDraRaY1NXUQ6I0wt7+/WFXoLXQZVGL2Qg1cNqqEFHDF EQOwuPO90Xniwsp3IYxRHUcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 427534515256745109698218547315165174143021 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-29 04:46:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-28 04:46:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '28921.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 813848801114100775010138459443434999530178519271852558141941663498431815183188664127840749857223368190660148453529252741608269175180815927751697640927024074075698014206352217513939686196797339106246821313920565107954030386140044661525300906293375651058649554649979489981451355479983019504612224241313319654769454483356850143751678718209128930141645885563926425797132231017240952978907304130069803170075139439706578665859512608383699417650676951402313451809161615628466169401011895696633426078902418393775202369548504739865636795277748678515247419981426011528752181556971631863498482052304991262131322269291729246200909486997188914757924652021052950455342054819549058439384410945590610105988034989039420740139905076873423013085830127362584067753163036318547483644162185487908872060672272194499735019037152415183835193921146598913929898480224059493367782675019461346487013943008473309991496915293873775728056539385480753468310724152337460212613362361584455154282369363965694939739321547009352814270520366003635158991092722167413389565534116704854118873389494604595208400339919461701800286733476420549657966197885727486625179074089544747028022469323585106675013759028274126277496948631504664422784902152984611756484633408190378572586311 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fa3527e23402179dbc4558fcbc8def3048e5726a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '28921.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cb41c55e000000403004830460221008a1f8b7fa59f9fdd3b2d2e9a81f94537571cd1e8b47816ccbf6e41d50b94b20f022100cffc92f67a85acad76d629547cbd139053bdc8ee02e470d534d503d2d0cc7b5900750029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018cb41c569c000004030046304402207476ef905b7912d73ab1050032a2082ee17d08a1a2818f4e335017fd55f994af0220066f6426ce261fe45f9cca86c228ed9614e761337f5e91199ee97e329ae44fa1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0052cf1d8c812d719371add147a9797e4d0665965cd448072c8da1f2c389c97e5737a04998ce3e06838cc244fc75b658dd0825498e119012c8e5c4f3d81c8a7c0a8dd742ad0e3ae27f7d119b0df1d3efa9b8a74020de79c0f32216e9c70729dc3d3ca30138bd5a1323d169f343b5cc089701f21258f92453d57ced59dd68510af17da57fb927faf3e3fe094d336f18e39589034031d12a299d811cac5406493b5c0c672562c771c806907a4f20cbf960c2c1a13ae3c3e64b74ec23e590f124e211e692fde8f6ee1e8594613a0efac4179b534548b18da9ebf6a806d4f7830ca8cc2013a6be4270cd2639b4fd7ac18fbae6874e7a8d147136bd1c307f588e4aea2d