cpawagner.com
Issued by R3
About this certificate
This digital certificate with serial number 03:e4:e0:cf:20:37:53:0c:5a:31:5c:aa:fc:24:c9:69:c7:14 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cpawagner.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:e4:e0:cf:20:37:53:0c:5a:31:5c:aa:fc:24:c9:69:c7:14Serial Number (int): 339220059983180605918357218091007591696148
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: dc:c4:40:67:29:fa:1d:56:91:5f:08:08:6c:db:72:88:fc:75:f5:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 74:bf:74:1b:f5:c9:1b:9e:26:c7:c6:41:c3:06:f7:98:ea:51:be:4c
Fingerprint (sha256): c9:59:08:21:ad:e3:b6:d3:25:63:45:41:bd:45:47:3c:6f:41:9d:da:33:a3:4f:4a:f5:d9:c1:38:3c:cb:c9:d0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate cpawagner.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cpawagner.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cpawagner.com
www.cpawagner.com
www.cpawagner.com
Other certificates including the domain name cpawagner.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for cpawagner.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgISA+TgzyA3UwxaMVyq/CTJaccUMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTMxMjIxMDFaFw0yNDA3MTIxMjIxMDBaMBgxFjAUBgNVBAMT DWNwYXdhZ25lci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb /KJa/WcC/75POjJolFkZcFBeoC5agP7n21Ia7QbySDK6uCv5DdrhkY96fXmhu6yb uUrUNk6GOot4h0MgCA+FbBUx++R3qA9Rrl3egw/uu5R36XWT/L6WDBZNXP3SC9rU PSGfcydabPrMG6O3TV+FPjeIOX7fl6zieQGBJCUfPg2eRQ0NQkz9kyz0krTfuQdp 5QWLZKRl3Oa1CwVRtkqpTPTuMq73g6FQOtdyv8So57pA1jN+Ngiqd9gXiAQWQt6e XDpYz7kY+Ee0lmiDG/2fFkWAdq4Akms7X9VHus8RxBtAhxCCClUluwB0FIxbtNPp yCnminDxB7QxI1bNSHuLAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFNzEQGcp+h1WkV8ICGzbcoj8dfUXMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv MCsGA1UdEQQkMCKCDWNwYXdhZ25lci5jb22CEXd3dy5jcGF3YWduZXIuY29tMBMG A1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAPxdL T9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGO155TJwAABAMARzBFAiEA nvcqS8vkRP7nRX4MZZbxNfaRXs7fzILxbDoRsvdFa3gCIDalEKF61lssej3qMY25 4iFbrdu7PqM4roxgmjFb0HDlAHUA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHR wTu+UlwAAAGO155T3wAABAMARjBEAiA11BHfih5Ru1NV5P2bOvfIji2cluMT9HXO 4jvKNGRFTQIgSM/6r2XeQt9HwNQdMbiBOmbTXj2o3aWJ7Kj72lioMgswDQYJKoZI hvcNAQELBQADggEBAJVKAOIQvgxlDUu6SWEB23qF0i0Pkd9idIatG3yOLKeLRjL2 ngqKZcCzpnObZg4aIcaj6tBOdAqUdPNyZ7Xa/mLWvmb4Sl/9GM9crJM9T7E4rwtm gTeYK/ue08AOAVwN3bM4+sFGb8ezkzwVkaRgJv+5w0yeIfFIvaK+wnvu5eUvGgjS MOSAd8ZrXkp43Zv2XB5YjsVvz/MGZEOwknfbNhYtO4OmkzG/WviiVw9Qn+GtKZ9t JonXnlNG1rFA2CT11MliRs9RUhUzikwseCYW1fSzEE26lCFu6SP8dTyDWStbjH7q VRdrmAiZzt5Pz6k7D7TtFybC3ALdtf7ZZyOuFFw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/yiWv1nAv++TzoyaJRZ GXBQXqAuWoD+59tSGu0G8kgyurgr+Q3a4ZGPen15obusm7lK1DZOhjqLeIdDIAgP hWwVMfvkd6gPUa5d3oMP7ruUd+l1k/y+lgwWTVz90gva1D0hn3MnWmz6zBujt01f hT43iDl+35es4nkBgSQlHz4NnkUNDUJM/ZMs9JK037kHaeUFi2SkZdzmtQsFUbZK qUz07jKu94OhUDrXcr/EqOe6QNYzfjYIqnfYF4gEFkLenlw6WM+5GPhHtJZogxv9 nxZFgHauAJJrO1/VR7rPEcQbQIcQggpVJbsAdBSMW7TT6cgp5opw8Qe0MSNWzUh7 iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 339220059983180605918357218091007591696148 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-13 12:21:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-12 12:21:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cpawagner.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27770767355134949131678283609056747101036755745676120675832126085803401086536888854162110849771252003391267000722670767729872849041326480001673779982757992686044548156137972604029635982630964863625340429174389950933206867671814414752187786422392116254589912478874150295486203197948915077953746445596153223450940172115690919000049279845881231434799147596576814735256130958564959085791148999133364654389080145628759256358962802969758529607452234415300795884370970799372299808021684640509362951391458912779563338609723665658097404085721136332676892934016192797947598794014718078470724121797580230171259755750044144794507 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dcc4406729fa1d56915f08086cdb7288fc75f517 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpawagner.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cpawagner.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ed79e532700000403004730450221009ef72a4bcbe444fee7457e0c6596f135f6915ecedfcc82f16c3a11b2f7456b78022036a510a17ad65b2c7a3dea318db9e2215baddbbb3ea338ae8c609a315bd070e5007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ed79e53df0000040300463044022035d411df8a1e51bb5355e4fd9b3af7c88e2d9c96e313f475cee23bca3464454d022048cffaaf65de42df47c0d41d31b8813a66d35e3da8dda589eca8fbda58a8320b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00954a00e210be0c650d4bba496101db7a85d22d0f91df627486ad1b7c8e2ca78b4632f69e0a8a65c0b3a6739b660e1a21c6a3ead04e740a9474f37267b5dafe62d6be66f84a5ffd18cf5cac933d4fb138af0b668137982bfb9ed3c00e015c0dddb338fac1466fc7b3933c1591a46026ffb9c34c9e21f148bda2bec27beee5e52f1a08d230e48077c66b5e4a78dd9bf65c1e588ec56fcff3066443b09277db36162d3b83a69331bf5af8a2570f509fe1ad299f6d2689d79e5346d6b140d824f5d4c96246cf515215338a4c2c782616d5f4b3104dba94216ee923fc753c83592b5b8c7eea55176b980899cede4fcfa93b0fb4ed1726c2dc02ddb5fed96723ae145c