loripsum.net
Issued by R3
About this certificate
This digital certificate with serial number 03:ef:c1:d2:b3:79:48:28:11:80:94:4b:1b:fb:6c:06:39:7d was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=loripsum.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ef:c1:d2:b3:79:48:28:11:80:94:4b:1b:fb:6c:06:39:7dSerial Number (int): 342921978515072071863157667131672123292029
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a4:82:c9:d7:ab:b1:63:40:53:f7:9c:09:58:77:47:45:17:86:f2:15
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): e7:7e:40:1e:89:a6:70:ce:1f:7a:87:43:b6:69:63:32:55:0c:a6:27
Fingerprint (sha256): c2:05:a7:27:fa:23:6f:f8:a9:6f:26:73:4d:b3:d2:d8:a6:29:4f:af:e7:bb:58:7d:79:8b:c3:e4:3f:7c:d5:a3
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate loripsum.net
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for loripsum.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
loripsum.net
test.loripsum.net
www.loripsum.net
www.test.loripsum.net
test.loripsum.net
www.loripsum.net
www.test.loripsum.net
Other certificates including the domain name loripsum.net
(limited to 100 certificates)
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
loripsum.net
Certificate
The complete raw certificate details for loripsum.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGIjCCBQqgAwIBAgISA+/B0rN5SCgRgJRLG/tsBjl9MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTMyMjE1NDlaFw0yNDAzMTIyMjE1NDhaMBcxFTATBgNVBAMT DGxvcmlwc3VtLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL65 yb2KH/sChB7rdemLzAUxj2k5gVLohzMrUTS4LBgmdwdCSEDLSb4dmtsZSkkaDp2a vL/Zq2vl2MjHm15atq9eGRMrtWHX6iRDbZbOuGIwCwr1/6Ik+wn7cxEaY56HTURm e5JHMYVcEdcBcMjPG4zXj3oCMER/MGavPobkUUn4NLTF5+TL7ymaCwfP2neO9YCt sR8PGMOkdP4+nI3NvhSMJV8ayz1IXeRPsWYfMq+d1Hh3LryLxSM0M3AWhDZVnNhP ZtP7ZmXajYMJyqqQmy9yS66nzOQLxezo/XAQDSg2ZJNNRI+ti89deB2Ll1bfjVaE iMOgLU5qcRiDAs+LMeuY5I5G3l4Y+NJ40l9AuYIxT7/wcEhc9li3j+vMbvBRpy6g zdXywbdlGkmHh8gSWMEUSJolO2us88m2fQnXqkS2SiEJZO3+1wQD8+5UtMHGfFO8 y31VTQZC0lRPkJeThXPOl5FwcGStURHfsHWgfcChKHNvCInxbXFBSsjTuTPK04sm tdEuFCGMMOnsdJ9nzkXkVaIhvPXLwvir5DIRCcK8mZ2YBMpWjPiVVEIoRiN7F6St SFbWYQZfahkh5GMIWifHXK7d+R6PF6G1M4si342aVI3gInn3nuejeO1GKSBIEK0g WwbG/x1OKSM7/92UfLtB/kcLmKmc4pwSdVBteHrdAgMBAAGjggJLMIICRzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFKSCydersWNAU/ecCVh3R0UXhvIVMB8GA1UdIwQY MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v cjMuaS5sZW5jci5vcmcvMFMGA1UdEQRMMEqCDGxvcmlwc3VtLm5ldIIRdGVzdC5s b3JpcHN1bS5uZXSCEHd3dy5sb3JpcHN1bS5uZXSCFXd3dy50ZXN0Lmxvcmlwc3Vt Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA 8QB3AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjGV3DJAAAAQD AEgwRgIhANQLW/NwFlOgLlBpnW84RuuRvqvIuQz7GF2nxqS2+4ehAiEAj/5Y0XaN uta84LbsgJBz+RnD0j60FaTebJ2TaPSQG9EAdgBIsONr2qZHNA/lagL6nTDrHFIB y1bdLIHZu7+rOdiEcwAAAYxldwzbAAAEAwBHMEUCIQD4WC+vC7hCDuiSA4VXvSWO b92SwM2jAQ5cVV1uoWUyfAIgGWxalr4Epoj14NNcer4bnTYGTrBw6PCzgOg92hEc wiswDQYJKoZIhvcNAQELBQADggEBAEoZCAE/SQSMED15yrl0BLd4hc11Lp74OuzV djSCen2RKAGmCTilS7IjcIW+caJrSElYabKEQjpWAmXRFwYjIz8AFSsz6xYSvZnf hyiEVH3MoYiH9Uv8sjdbXJ6WMxXs+68pUxI9K9CKXrPS7dB4FzlrZgIIsuhAYFnI EqQKt9jA7FOy8mWJZkwbhUiUVINeJEfMIG0l0Kpb0WAmyAjclOci3LmyTIFHlxPR gP/3D5orH947lPvHs+4YuSIbK8Sx0x9GKXUsidYBQyhvElh3GCKqx+kosjXk79Yz MYrqiAwNTrlhh/oi9vnEl+IUbqhptj+eZjmWK4lbEaaQO45FCJA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvrnJvYof+wKEHut16YvM BTGPaTmBUuiHMytRNLgsGCZ3B0JIQMtJvh2a2xlKSRoOnZq8v9mra+XYyMebXlq2 r14ZEyu1YdfqJENtls64YjALCvX/oiT7CftzERpjnodNRGZ7kkcxhVwR1wFwyM8b jNePegIwRH8wZq8+huRRSfg0tMXn5MvvKZoLB8/ad471gK2xHw8Yw6R0/j6cjc2+ FIwlXxrLPUhd5E+xZh8yr53UeHcuvIvFIzQzcBaENlWc2E9m0/tmZdqNgwnKqpCb L3JLrqfM5AvF7Oj9cBANKDZkk01Ej62Lz114HYuXVt+NVoSIw6AtTmpxGIMCz4sx 65jkjkbeXhj40njSX0C5gjFPv/BwSFz2WLeP68xu8FGnLqDN1fLBt2UaSYeHyBJY wRRImiU7a6zzybZ9CdeqRLZKIQlk7f7XBAPz7lS0wcZ8U7zLfVVNBkLSVE+Ql5OF c86XkXBwZK1REd+wdaB9wKEoc28IifFtcUFKyNO5M8rTiya10S4UIYww6ex0n2fO ReRVoiG89cvC+KvkMhEJwryZnZgEylaM+JVUQihGI3sXpK1IVtZhBl9qGSHkYwha J8dcrt35Ho8XobUziyLfjZpUjeAiefee56N47UYpIEgQrSBbBsb/HU4pIzv/3ZR8 u0H+RwuYqZzinBJ1UG14et0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342921978515072071863157667131672123292029 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 22:15:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-12 22:15:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'loripsum.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 778093111632963576423100532594468117153335839097893541028009965682499340612974958604000934248303249202709054987033627734200541672721981002682961686962212569026023698348420486325450646329915928978822546399977817275812939848999381046371957102799670676498942421620233466681145008967498617954606440627769310340169091700903595946612292125316512430707869142812727820612239072673784267289676120740897963827755667788465302703429987140760025655495234457482506822745883463772533937772207424005236936975541077704688720308407984451498512140867102009040117722305833378022070081033668040002014153974551325341340264471904481060342001041351970193727412901011818877805097649955557725735306188054624311647191410329051651869036887061270693030769837321550135343948916594093758967489510638904292011703333369509721924232848342866689789906379035187662614861274350586672650929729032150721497274971909387383997786418472975982775317814426080050973185068261428370664927965789787240004972588842239616035408040779219303414452758294009998977521459595761238773148295789081274386706897957859668270287682790607184101115055866576408092904778917648587487587356922247135970070212814515235976472636682942601359645419750137684083225684308196548961721435283916682746690269 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a482c9d7abb1634053f79c09587747451786f215 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'loripsum.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.loripsum.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.loripsum.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.test.loripsum.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c65770c900000040300483046022100d40b5bf3701653a02e50699d6f3846eb91beabc8b90cfb185da7c6a4b6fb87a10221008ffe58d1768dbad6bce0b6ec809073f919c3d23eb415a4de6c9d9368f4901bd100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c65770cdb0000040300473045022100f8582faf0bb8420ee892038557bd258e6fdd92c0cda3010e5c555d6ea165327c0220196c5a96be04a688f5e0d35c7abe1b9d36064eb070e8f0b380e83dda111cc22b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004a1908013f49048c103d79cab97404b77885cd752e9ef83aecd57634827a7d912801a60938a54bb2237085be71a26b48495869b284423a560265d1170623233f00152b33eb1612bd99df872884547dcca18887f54bfcb2375b5c9e963315ecfbaf2953123d2bd08a5eb3d2edd07817396b660208b2e8406059c812a40ab7d8c0ec53b2f26589664c1b85489454835e2447cc206d25d0aa5bd16026c808dc94e722dcb9b24c81479713d180fff70f9a2b1fde3b94fbc7b3ee18b9221b2bc4b1d31f4629752c89d60143286f1258771822aac7e928b235e4efd633318aea880c0d4eb96187fa22f6f9c497e2146ea869b63f9e6639962b895b11a6903b8e450890