thisisneedle.co.uk
Issued by R3
About this certificate
This digital certificate with serial number 03:13:22:c2:9d:64:5f:fc:a7:f9:42:71:85:c4:d2:07:84:32 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=thisisneedle.co.uk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:13:22:c2:9d:64:5f:fc:a7:f9:42:71:85:c4:d2:07:84:32Serial Number (int): 267848427016516644185125971060836394304562
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 46:ab:63:17:ac:13:bc:c7:5e:f3:0f:b9:f0:8e:53:ed:52:78:99:95
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5a:d8:68:74:28:a2:21:36:99:cc:42:32:46:48:2f:9e:01:ee:18:eb
Fingerprint (sha256): be:c5:76:62:15:5a:75:fc:3f:4b:3b:2c:e1:dd:ca:e2:d2:e8:73:4e:30:b9:bb:8a:48:58:3d:6a:2b:4e:07:33
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate thisisneedle.co.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thisisneedle.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thisisneedle.co.uk
www.thisisneedle.co.uk
www.thisisneedle.co.uk
Other certificates including the domain name thisisneedle.co.uk
(limited to 100 certificates)
thisisneedle.co.uk
thisisneedle.co.uk
clients.thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
clients.thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
clients.thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
clients.thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
clients.thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
clients.thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
thisisneedle.co.uk
Certificate
The complete raw certificate details for thisisneedle.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgISAxMiwp1kX/yn+UJxhcTSB4QyMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MDMyMzUxMjBaFw0yMzEyMDIyMzUxMTlaMB0xGzAZBgNVBAMT EnRoaXNpc25lZWRsZS5jby51azCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmntjERJcBQWqmyMiR0jUQUZXraNPjrkb82kXfAYgb7lq86BTUHqTbeNVZt 8680EhaLjKirR4yIsxtCAUf4GoloS70y4CKauHdamtG7ud03/jajj0OsehmL78o2 Qb2VNTGxKY7ItxC0iLKeA3kd6i4pS5WUzw3ZXuWFcFENshIipAxrLj3phz8nKiYw eCT4HR7Qlv9I9aGfiw4zFUyxIg6q/OQrvKTOmI5hoWrh0TBENT3woZF4PVIZ6sK1 TXcORuN23iNe3RYZ32YExowi5KjBO881m0LTVfALaR37ufnqYNKL4Ktu4WVqjSH7 QCUCPRf+AmCTEhKIDsRvPRZamlECAwEAAaOCAi0wggIpMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQURqtjF6wTvMde8w+58I5T7VJ4mZUwHwYDVR0jBBgwFoAUFC6zF7dY VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy Lm9yZy8wNQYDVR0RBC4wLIISdGhpc2lzbmVlZGxlLmNvLnVrghZ3d3cudGhpc2lz bmVlZGxlLmNvLnVrMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHcAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGK XawvtwAABAMASDBGAiEA8VU155nm8Gt6iaPdIE85SzMUPvxmA1VfAV6hfY5GSTsC IQC9iA0HFKgu9//zO3FK1WjKIZqGGmyiiJT04M8e7zXC2wB2AOg+0No+9QY1MudX KLyJa8kD08vREWvs62nhd31tBr1uAAABil2sL7EAAAQDAEcwRQIgAeaayXj5GU8s TzvmuI0vGbylIB+DghFtbnSvsx/t0MACIQCO6SvbwHrx/dGs2aiY7mdkOGlBLLK1 RlNYCpZLJDOZDjANBgkqhkiG9w0BAQsFAAOCAQEAKxmcBIZLXbE+v+/UetJ5c5yV 2pF1TIbMI0BxVT4vp++z1/PRlOBEBL0aQ8p/b2HPZsUs4NtmetmUn2ncVaUDNRwx ISIhKVCX962vt8R6a/MPRVTM+m/5YWRkWeELZ2OKfv7pnGTFEVUgPlXY4RfncHtM pdymUXhMlBOmxdRlB2HpovxpZeXcii2xfwWHEHu1KhNbRHMWNv07VhRcI5izWuJ/ 0hgeaLPpwl9kD0l5Otr6V2kRRDjUylxThr36doOy4YNQFPycGyjjJ2kZSmqCJKUt CxXEg3pg8aRMGD2OpmWKTprGnhHmkuUUYVkypTISbwyayQyvJUYqPvCs2AUXKw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyae2MRElwFBaqbIyJHSN RBRleto0+OuRvzaRd8BiBvuWrzoFNQepNt41Vm3zrzQSFouMqKtHjIizG0IBR/ga iWhLvTLgIpq4d1qa0bu53Tf+NqOPQ6x6GYvvyjZBvZU1MbEpjsi3ELSIsp4DeR3q LilLlZTPDdle5YVwUQ2yEiKkDGsuPemHPycqJjB4JPgdHtCW/0j1oZ+LDjMVTLEi Dqr85Cu8pM6YjmGhauHRMEQ1PfChkXg9UhnqwrVNdw5G43beI17dFhnfZgTGjCLk qME7zzWbQtNV8AtpHfu5+epg0ovgq27hZWqNIftAJQI9F/4CYJMSEogOxG89Flqa UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 267848427016516644185125971060836394304562 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-03 23:51:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-02 23:51:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thisisneedle.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25456601012979472499494361152317613961461289858043406122682304136104954196028015581406922671214487927156729477226954392657275466640079730504591352007335991971897995180314126916724401650341312542758962722383783773903420017382694626448551038712493606842558119192394456178449053635157141406244711524094899333764107618375482354626765443776826066248130121805837974609480546560883069450917182776991938577110857362097130271759968229471405129297516301904022262756841172585793227194804055335961402849498090899260321156985574639640670677150714248999408849840462763013409817272996497104683422357672148353198990871181367099169361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 46ab6317ac13bcc75ef30fb9f08e53ed52789995 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thisisneedle.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thisisneedle.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a5dac2fb70000040300483046022100f15535e799e6f06b7a89a3dd204f394b33143efc6603555f015ea17d8e46493b022100bd880d0714a82ef7fff33b714ad568ca219a861a6ca28894f4e0cf1eef35c2db007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018a5dac2fb10000040300473045022001e69ac978f9194f2c4f3be6b88d2f19bca5201f8382116d6e74afb31fedd0c00221008ee92bdbc07af1fdd1acd9a898ee67643869412cb2b54653580a964b2433990e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002b199c04864b5db13ebfefd47ad279739c95da91754c86cc234071553e2fa7efb3d7f3d194e04404bd1a43ca7f6f61cf66c52ce0db667ad9949f69dc55a503351c31212221295097f7adafb7c47a6bf30f4554ccfa6ff961646459e10b67638a7efee99c64c51155203e55d8e117e7707b4ca5dca651784c9413a6c5d4650761e9a2fc6965e5dc8a2db17f0587107bb52a135b44731636fd3b56145c2398b35ae27fd2181e68b3e9c25f640f49793adafa5769114438d4ca5c5386bdfa7683b2e1835014fc9c1b28e32769194a6a8224a52d0b15c4837a60f1a44c183d8ea6658a4e9ac69e11e692e514615932a532126f0c9ac90caf25462a3ef0acd805172b