www.cardray.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:de:8a:99:6e:73:dc:07:77:67:3e:b9:65:61:af:d2:98:5e was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.cardray.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:de:8a:99:6e:73:dc:07:77:67:3e:b9:65:61:af:d2:98:5eSerial Number (int): 337063773376811143867160476428937601390686
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c3:5c:8d:9c:57:84:de:99:8b:f0:72:ce:5b:57:a8:30:14:e8:7a:73
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 38:2e:f4:99:68:b7:c0:3d:a8:0d:5b:c6:dc:89:7b:0b:07:94:b1:b0
Fingerprint (sha256): c1:ff:69:e7:69:74:b9:1d:0d:57:11:4a:29:72:31:9b:28:ee:4c:1a:a7:70:f5:58:20:d4:f0:6b:a6:54:93:af
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.cardray.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cardray.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cardray.com
Other certificates including the domain name cardray.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.cardray.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVzCCBT+gAwIBAgISA96KmW5z3Ad3Zz65ZWGv0pheMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMjYwNjA4MDRaFw0y MDAzMjUwNjA4MDRaMBoxGDAWBgNVBAMTD3d3dy5jYXJkcmF5LmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBANA5W3Q2Hmrs84n/Oqw7gbyEviX8WFdy Rljva9tv1xnIs8LFRoba4Xwhaf64L4g2hj9u6i6nCaBfuoWsec4VcPYXyncRbyXt FNAyo2DDL3PK5gntlWVr6Of/7gHuXnZBpk7nn+E0XdPrF5qYWX4qSFiHYsDxaldJ XwU3oZD2GVTEhlnSPWsxN0gr8JTxWfHRfdrrRgiFzYcjjN4oD1/qbfNYR2GdcNAd +ERJsazznUdpOaGLDpFm5Pi3Grc3Mp60Bp4o5UESPo5eId1Y2LqeAIOClH3NalKC Z0nifErC2tOwn9cjb2rhR8KUo6/IMH/f3zHTEstsHsZnOZYMNC4eE2g6k+xUSt7/ R2CZ15kegzD3ann9dLQpCDQjicfwH/rf4pjHpOY/BHiYHe6KASJlaMpuc6Fsmr4J UxK/YNsCdtFZOBIKWFLWjpgszQFos/3cb0El6G4uYBbXo5Xsr8ZuYzlupk6XGmUP MoAmPmdFB36FMaoe8vEA90A0S1goIvIyz/hSYsYPZvgklt0OI5dFiQ7l8anvBtsR dcR6NUBWDhDCgmUVfJZ602CSpZZ2BIPA/aXNRCcyzexU2tbSyCCHR7aBdIN3ib40 k0qhSf+SwQF6SxkZuNEusZ2+NidQbG2KQQD6rjVGZMn5m2e0fvxbT6pGBQ2nmFhH xnEcBG3/U59vAgMBAAGjggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFMNc jZxXhN6Zi/ByzltXqDAU6HpzMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3LmNhcmRyYXkuY29t MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB 9gSB8wDxAHYA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFvQQiq PQAABAMARzBFAiBW5FATi2MPagG5i5U5Cvml7NcLfLuf7SEaB0HQqJ7lewIhAKVv 0JwMtSbi2nBnpwo55xW82R2JjrjT/eGmS3Ll+xVTAHcAsh4FzIuizYogTodm+Su5 iiUgZ2va+nDnsklTLe+LkF4AAAFvQQiqPgAABAMASDBGAiEAxyXYX1goFjW5Oi63 AtUP/iHdo6IJI96n2xI7re4gPoACIQDKl2ra3ym3cr6gWVwzABKvu+OeTu4Vyjqi 8nHNGR2V0zANBgkqhkiG9w0BAQsFAAOCAQEAf8U1S/XDNgz6orMmuKKYv1bbGu4G Lh12A4OpCbyo5dCBbs0xq4yteo2z5Dhu+EAW4/Ekh7xDMXibM6VBsLqiicgb2pn/ ORHzF/NWIruF5Q3Mt8w16iyrlIWykAuQb8Re+5HIooT7PsnqDyB8+0WiEoRAMMju 1QMbhim3Y7bESlVYm0om0kWQU2WvjpkU3xBAnSSXdnkTeqd9/qZ72NvRYogJozjl sBj4NZKxsIn7OfuLKJlV1TgGAIIMJKjMyTjdS+WKxNKuTe4yt9q1eJIKHr0xPhRC aNZcEZUAwJnKsjPWVclHTiNgDJzfnGdxWyqP/ERiKMKU4f/U75vo1dychQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0DlbdDYeauzzif86rDuB vIS+JfxYV3JGWO9r22/XGcizwsVGhtrhfCFp/rgviDaGP27qLqcJoF+6hax5zhVw 9hfKdxFvJe0U0DKjYMMvc8rmCe2VZWvo5//uAe5edkGmTuef4TRd0+sXmphZfipI WIdiwPFqV0lfBTehkPYZVMSGWdI9azE3SCvwlPFZ8dF92utGCIXNhyOM3igPX+pt 81hHYZ1w0B34REmxrPOdR2k5oYsOkWbk+LcatzcynrQGnijlQRI+jl4h3VjYup4A g4KUfc1qUoJnSeJ8SsLa07Cf1yNvauFHwpSjr8gwf9/fMdMSy2wexmc5lgw0Lh4T aDqT7FRK3v9HYJnXmR6DMPdqef10tCkINCOJx/Af+t/imMek5j8EeJgd7ooBImVo ym5zoWyavglTEr9g2wJ20Vk4EgpYUtaOmCzNAWiz/dxvQSXobi5gFtejleyvxm5j OW6mTpcaZQ8ygCY+Z0UHfoUxqh7y8QD3QDRLWCgi8jLP+FJixg9m+CSW3Q4jl0WJ DuXxqe8G2xF1xHo1QFYOEMKCZRV8lnrTYJKllnYEg8D9pc1EJzLN7FTa1tLIIIdH toF0g3eJvjSTSqFJ/5LBAXpLGRm40S6xnb42J1BsbYpBAPquNUZkyfmbZ7R+/FtP qkYFDaeYWEfGcRwEbf9Tn28CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 337063773376811143867160476428937601390686 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-26 06:08:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-25 06:08:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cardray.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 849480017445311312664482085303955252830869549094035354582006254865516711393212175010515515519440881812676012911850790889629919006393602179753020172119471961153602073831831044126037346789750962021446207499680228557953024079012575000055629645107604440249624526895109477583022421636891189990657232711104154670718859709175923033885042683267445120970625037145534393050396767489030882762259521762468366112878040011270566645076803235786402381860685429809367065879407159627615421390995582480612900413067555398773835034455240960181898131218262190585407420551995047598915657065939768222509238440416773325633963521109185154249694968717217026959466491262682599408159472179566276581232025503407136188955483665587593251018266758741840830597054388486080910205344731304367754659064081571067593795660429381492403466854043112905896241646247260583188007880638719685037257295658437636051899882983977548498207811511613222584795629630924536640022688960140671036801417819050585901217387913964697256669969460301597239204249329315186766589478618921456699170123185401840289828164615722214613699211200278837668045582806605759752005599013012343083685488187753828596334732162191668749195941188727499430299616795826303150053847908272326988571091842015647354822511 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c35c8d9c5784de998bf072ce5b57a83014e87a73 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cardray.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016f4108aa3d0000040300473045022056e450138b630f6a01b98b95390af9a5ecd70b7cbb9fed211a0741d0a89ee57b022100a56fd09c0cb526e2da7067a70a39e715bcd91d898eb8d3fde1a64b72e5fb1553007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f4108aa3e0000040300483046022100c725d85f58281635b93a2eb702d50ffe21dda3a20923dea7db123badee203e80022100ca976adadf29b772bea0595c330012afbbe39e4eee15ca3aa2f271cd191d95d3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007fc5354bf5c3360cfaa2b326b8a298bf56db1aee062e1d760383a909bca8e5d0816ecd31ab8cad7a8db3e4386ef84016e3f12487bc4331789b33a541b0baa289c81bda99ff3911f317f35622bb85e50dccb7cc35ea2cab9485b2900b906fc45efb91c8a284fb3ec9ea0f207cfb45a212844030c8eed5031b8629b763b6c44a55589b4a26d245905365af8e9914df10409d24977679137aa77dfea67bd8dbd1628809a338e5b018f83592b1b089fb39fb8b289955d5380600820c24a8ccc938dd4be58ac4d2ae4dee32b7dab578920a1ebd313e144268d65c119500c099cab233d655c9474e23600c9cdf9c67715b2a8ffc446228c294e1ffd4ef9be8d5dc9c85