magicalmusicforlife.com
Issued by R3
About this certificate
This digital certificate with serial number 04:9b:58:e7:56:1c:7e:29:eb:91:e4:0f:eb:8a:92:23:96:67 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=magicalmusicforlife.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:9b:58:e7:56:1c:7e:29:eb:91:e4:0f:eb:8a:92:23:96:67Serial Number (int): 401311083830534502819402874296149966296679
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 05:23:8e:77:96:4a:51:45:f4:76:32:ae:54:89:87:ef:17:91:49:41
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 53:d8:98:bd:d6:77:2d:df:cf:25:3e:2e:3a:4b:74:e1:e9:95:41:fb
Fingerprint (sha256): bb:f5:6f:d0:89:e7:ec:6b:01:aa:60:2a:98:6b:6f:82:f4:b6:13:60:20:9d:88:67:b6:b4:b1:d9:44:e5:66:e1
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate magicalmusicforlife.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for magicalmusicforlife.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
magicalmusicforlife.com
Other certificates including the domain name magicalmusicforlife.com
(limited to 100 certificates)
potatoplastic.com
magicalmusicforlife.com
35701.com
www.magicalmusicforlife.com
gerilla.org
www.magicalmusicforlife.com
magicalmusicforlife.com
www.magicalmusicforlife.com
www.sallie.com
magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
www.magicalmusicforlife.com
www.magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
35701.com
www.magicalmusicforlife.com
gerilla.org
www.magicalmusicforlife.com
magicalmusicforlife.com
www.magicalmusicforlife.com
www.sallie.com
magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
magicalmusicforlife.com
www.magicalmusicforlife.com
www.magicalmusicforlife.com
magicalmusicforlife.com
Certificate
The complete raw certificate details for magicalmusicforlife.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgISBJtY51YcfinrkeQP64qSI5ZnMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTUxMzEwMTZaFw0yNDA1MTUxMzEwMTVaMCIxIDAeBgNVBAMT F21hZ2ljYWxtdXNpY2ZvcmxpZmUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAvxySZqfbAnU/pxDgFYFkxj/Gm1zsVufUiUMyxmySwf4ijHH1pvIb T7jBdOGKV/yVaqvZQi1Sm7x6iR24eJdu058BadoKD8rhFzQUVs3z27Kb056y2bUf mPwlviNfUZnIK/ZQsyEF4gpWo6FMz5wyo4Lr6Rr2iTjL75AWmUu2+60V7UB9KPJi gt11ZQ9KqnlTeTkrgpmUx4jhs8LcJzR0qfAFclWL9jjdlsGxYlSDX8CAp4Nc5j/U hwmWIOeX50ywcrWVDJdUbcjnCwFoNetA6IJsBLgG+7lE47NjhIOFrlv2Aowfu49M y2v+s4Iq3nTelTOmUB7i4dgawJBJX8eJgGbyQbxbOVcLxXX8vNRd/AMY7jiyry0s TVU1nxv6MB/QLktrqmmu4UKJ9d0STfGqHRBkp4tMUHaQnnWhS2SJTAsxdRH/MsK4 A6/NSZYRi87NtGMUHbag+Fe73VXl+KE4dkcoNE5AKdv2Eat5bRCgdNAd1TnCydO6 sfQUZoOHWk80jn6hpVOpnAV3RWiO275CjopspbIaao9r7THiWLtIdx7wZl2E+S0p USGyuUU8MzSjL2Qj9DubtVl6lCy5IP+Bzy5QiagAOvm1ozCTzE1SrVJYhqcqqEOi 2SgqPy5XADEuRBS1KTFJ2+tFy7Hj2qU+I3ICaCdMO5EY8wNSUVNWSkkCAwEAAaOC AhkwggIVMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUBSOOd5ZKUUX0djKuVImH7xeR SUEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEE STBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUH MAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wIgYDVR0RBBswGYIXbWFnaWNhbG11 c2ljZm9ybGlmZS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5 AgQCBIH1BIHyAPAAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AY2tGpRTAAAEAwBHMEUCIATRjDxTO/51iU/7sLphTdqub/WzzI9jIOi3pgDt3JLy AiEAwRFpf5u73L4ISMcVKgdXGYvC3isb1pvlVResTjZAlnAAdgB2/4g/Crb7lVHC Ycz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY2tGpTjAAAEAwBHMEUCIQDrST3shw2G 8IaHQvzmEROlteNRZePvdEZ3QDerAeEPagIgOWin0fQ9Q7FwxdFyZhNszM9WjHjN hYzGIDt5jSTXG1cwDQYJKoZIhvcNAQELBQADggEBAJyZvsuKS7wiB8VhAyZqqnK2 7sTQcoVTerR+BMkoc2xXtQ0eXuCXhjFOYiNheFXHK7G6gCEyQfqboklyrqg0D0xV SUeOSq4Pt7rYpwYjdzagKqx2rPLLKUa8C2e5tql68r0rfrZfXC/SkAmO43Mskahp 9k3JohH30HTWs5fFqgGTZRyV1zMFLi1EPU6kYtcnTbSXjSwK/M6H1gz69k5ifkBY R/oitpCJIeQUXOKi80dF1RwLCav5hXdPcvUYNwdyMgyqKz7SpBLvvhfDvDCqwkxm gF7nQBkiIOSVEo9VwjZYc/sUeh2Yn85qqoT/gRuIqG0rt/jtzvfP2lurNTUBxKM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvxySZqfbAnU/pxDgFYFk xj/Gm1zsVufUiUMyxmySwf4ijHH1pvIbT7jBdOGKV/yVaqvZQi1Sm7x6iR24eJdu 058BadoKD8rhFzQUVs3z27Kb056y2bUfmPwlviNfUZnIK/ZQsyEF4gpWo6FMz5wy o4Lr6Rr2iTjL75AWmUu2+60V7UB9KPJigt11ZQ9KqnlTeTkrgpmUx4jhs8LcJzR0 qfAFclWL9jjdlsGxYlSDX8CAp4Nc5j/UhwmWIOeX50ywcrWVDJdUbcjnCwFoNetA 6IJsBLgG+7lE47NjhIOFrlv2Aowfu49My2v+s4Iq3nTelTOmUB7i4dgawJBJX8eJ gGbyQbxbOVcLxXX8vNRd/AMY7jiyry0sTVU1nxv6MB/QLktrqmmu4UKJ9d0STfGq HRBkp4tMUHaQnnWhS2SJTAsxdRH/MsK4A6/NSZYRi87NtGMUHbag+Fe73VXl+KE4 dkcoNE5AKdv2Eat5bRCgdNAd1TnCydO6sfQUZoOHWk80jn6hpVOpnAV3RWiO275C jopspbIaao9r7THiWLtIdx7wZl2E+S0pUSGyuUU8MzSjL2Qj9DubtVl6lCy5IP+B zy5QiagAOvm1ozCTzE1SrVJYhqcqqEOi2SgqPy5XADEuRBS1KTFJ2+tFy7Hj2qU+ I3ICaCdMO5EY8wNSUVNWSkkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 401311083830534502819402874296149966296679 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-15 13:10:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-15 13:10:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'magicalmusicforlife.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 779667341586658701812253540024703757810906966150572128036295525853801633442160441017778010350669616202021165706742930727963509310769344100725765814747293180495683293929173553746892685594944024711841174887867127760339988740094702467202244985799871583578800021266719915590979772567590609405749936190221060548045326172059218305517546381801839802497605032373718439514769619646302336159478863513522545740185053191371050824492546868413329909652763421062050654036478522682049770684984749393509952376717944117053854140936882723433387903002035619661584791496058772161716509885020470104174808289515342832018430466476939817545638308859993102913165311775279548858762003541811495282195637730743086924450588238974386848681306910569626191071261882411519810134899541725354409294494894944217065366231291731015645174426655371125798826420249183506035565639950890024158397325244241381092998546112098251154687658849450108316449358964390500662402990152663866277923525392234535310821122219049466761720338200372337932976585464188856318202996597491289853867290979512426243645223293441296683873935548505310753107379511662072992843939358883177650272398717332625669046005429795403045156254124456671993757723814882483648736654274181038532958904263817244557331017 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 05238e77964a5145f47632ae548987ef17914941 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'magicalmusicforlife.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dad1a94530000040300473045022004d18c3c533bfe75894ffbb0ba614ddaae6ff5b3cc8f6320e8b7a600eddc92f2022100c111697f9bbbdcbe0848c7152a0757198bc2de2b1bd69be55517ac4e3640967000760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018dad1a94e30000040300473045022100eb493dec870d86f0868742fce61113a5b5e35165e3ef7446774037ab01e10f6a02203968a7d1f43d43b170c5d17266136ccccf568c78cd858cc6203b798d24d71b57 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009c99becb8a4bbc2207c56103266aaa72b6eec4d07285537ab47e04c928736c57b50d1e5ee09786314e6223617855c72bb1ba80213241fa9ba24972aea8340f4c5549478e4aae0fb7bad8a706237736a02aac76acf2cb2946bc0b67b9b6a97af2bd2b7eb65f5c2fd290098ee3732c91a869f64dc9a211f7d074d6b397c5aa0193651c95d733052e2d443d4ea462d7274db4978d2c0afcce87d60cfaf64e627e405847fa22b6908921e4145ce2a2f34745d51c0b09abf985774f72f518370772320caa2b3ed2a412efbe17c3bc30aac24c66805ee740192220e495128f55c2365873fb147a1d989fce6aaa84ff811b88a86d2bb7f8edcef7cfda5bab353501c4a3