cpawagner.com

Issued by R3

About this certificate

This digital certificate with serial number 03:e4:e0:cf:20:37:53:0c:5a:31:5c:aa:fc:24:c9:69:c7:14 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=cpawagner.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:e4:e0:cf:20:37:53:0c:5a:31:5c:aa:fc:24:c9:69:c7:14
Serial Number (int): 339220059983180605918357218091007591696148
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: dc:c4:40:67:29:fa:1d:56:91:5f:08:08:6c:db:72:88:fc:75:f5:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 74:bf:74:1b:f5:c9:1b:9e:26:c7:c6:41:c3:06:f7:98:ea:51:be:4c
Fingerprint (sha256): c9:59:08:21:ad:e3:b6:d3:25:63:45:41:bd:45:47:3c:6f:41:9d:da:33:a3:4f:4a:f5:d9:c1:38:3c:cb:c9:d0

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate cpawagner.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cpawagner.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cpawagner.com
www.cpawagner.com

Other certificates including the domain name cpawagner.com

(limited to 100 certificates)
cpawagner.com
portal.cpawagner.com
cpawagner.com
cpawagner.com

Certificate

The complete raw certificate details for cpawagner.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgISA+TgzyA3UwxaMVyq/CTJaccUMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MTMxMjIxMDFaFw0yNDA3MTIxMjIxMDBaMBgxFjAUBgNVBAMT
DWNwYXdhZ25lci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb
/KJa/WcC/75POjJolFkZcFBeoC5agP7n21Ia7QbySDK6uCv5DdrhkY96fXmhu6yb
uUrUNk6GOot4h0MgCA+FbBUx++R3qA9Rrl3egw/uu5R36XWT/L6WDBZNXP3SC9rU
PSGfcydabPrMG6O3TV+FPjeIOX7fl6zieQGBJCUfPg2eRQ0NQkz9kyz0krTfuQdp
5QWLZKRl3Oa1CwVRtkqpTPTuMq73g6FQOtdyv8So57pA1jN+Ngiqd9gXiAQWQt6e
XDpYz7kY+Ee0lmiDG/2fFkWAdq4Akms7X9VHus8RxBtAhxCCClUluwB0FIxbtNPp
yCnminDxB7QxI1bNSHuLAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFNzEQGcp+h1WkV8ICGzbcoj8dfUXMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MCsGA1UdEQQkMCKCDWNwYXdhZ25lci5jb22CEXd3dy5jcGF3YWduZXIuY29tMBMG
A1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAPxdL
T9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGO155TJwAABAMARzBFAiEA
nvcqS8vkRP7nRX4MZZbxNfaRXs7fzILxbDoRsvdFa3gCIDalEKF61lssej3qMY25
4iFbrdu7PqM4roxgmjFb0HDlAHUA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHR
wTu+UlwAAAGO155T3wAABAMARjBEAiA11BHfih5Ru1NV5P2bOvfIji2cluMT9HXO
4jvKNGRFTQIgSM/6r2XeQt9HwNQdMbiBOmbTXj2o3aWJ7Kj72lioMgswDQYJKoZI
hvcNAQELBQADggEBAJVKAOIQvgxlDUu6SWEB23qF0i0Pkd9idIatG3yOLKeLRjL2
ngqKZcCzpnObZg4aIcaj6tBOdAqUdPNyZ7Xa/mLWvmb4Sl/9GM9crJM9T7E4rwtm
gTeYK/ue08AOAVwN3bM4+sFGb8ezkzwVkaRgJv+5w0yeIfFIvaK+wnvu5eUvGgjS
MOSAd8ZrXkp43Zv2XB5YjsVvz/MGZEOwknfbNhYtO4OmkzG/WviiVw9Qn+GtKZ9t
JonXnlNG1rFA2CT11MliRs9RUhUzikwseCYW1fSzEE26lCFu6SP8dTyDWStbjH7q
VRdrmAiZzt5Pz6k7D7TtFybC3ALdtf7ZZyOuFFw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/yiWv1nAv++TzoyaJRZ
GXBQXqAuWoD+59tSGu0G8kgyurgr+Q3a4ZGPen15obusm7lK1DZOhjqLeIdDIAgP
hWwVMfvkd6gPUa5d3oMP7ruUd+l1k/y+lgwWTVz90gva1D0hn3MnWmz6zBujt01f
hT43iDl+35es4nkBgSQlHz4NnkUNDUJM/ZMs9JK037kHaeUFi2SkZdzmtQsFUbZK
qUz07jKu94OhUDrXcr/EqOe6QNYzfjYIqnfYF4gEFkLenlw6WM+5GPhHtJZogxv9
nxZFgHauAJJrO1/VR7rPEcQbQIcQggpVJbsAdBSMW7TT6cgp5opw8Qe0MSNWzUh7
iwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 339220059983180605918357218091007591696148
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-13 12:21:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-12 12:21:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cpawagner.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27770767355134949131678283609056747101036755745676120675832126085803401086536888854162110849771252003391267000722670767729872849041326480001673779982757992686044548156137972604029635982630964863625340429174389950933206867671814414752187786422392116254589912478874150295486203197948915077953746445596153223450940172115690919000049279845881231434799147596576814735256130958564959085791148999133364654389080145628759256358962802969758529607452234415300795884370970799372299808021684640509362951391458912779563338609723665658097404085721136332676892934016192797947598794014718078470724121797580230171259755750044144794507
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dcc4406729fa1d56915f08086cdb7288fc75f517
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpawagner.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cpawagner.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ed79e532700000403004730450221009ef72a4bcbe444fee7457e0c6596f135f6915ecedfcc82f16c3a11b2f7456b78022036a510a17ad65b2c7a3dea318db9e2215baddbbb3ea338ae8c609a315bd070e5007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ed79e53df0000040300463044022035d411df8a1e51bb5355e4fd9b3af7c88e2d9c96e313f475cee23bca3464454d022048cffaaf65de42df47c0d41d31b8813a66d35e3da8dda589eca8fbda58a8320b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00954a00e210be0c650d4bba496101db7a85d22d0f91df627486ad1b7c8e2ca78b4632f69e0a8a65c0b3a6739b660e1a21c6a3ead04e740a9474f37267b5dafe62d6be66f84a5ffd18cf5cac933d4fb138af0b668137982bfb9ed3c00e015c0dddb338fac1466fc7b3933c1591a46026ffb9c34c9e21f148bda2bec27beee5e52f1a08d230e48077c66b5e4a78dd9bf65c1e588ec56fcff3066443b09277db36162d3b83a69331bf5af8a2570f509fe1ad299f6d2689d79e5346d6b140d824f5d4c96246cf515215338a4c2c782616d5f4b3104dba94216ee923fc753c83592b5b8c7eea55176b980899cede4fcfa93b0fb4ed1726c2dc02ddb5fed96723ae145c