dunhuang.work
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:59:79:f6:a9:6a:90:db:6e:20:cd:a7:4d:bc:89:3c:48:56 was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=dunhuang.work
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:59:79:f6:a9:6a:90:db:6e:20:cd:a7:4d:bc:89:3c:48:56Serial Number (int): 291784105779931676936208536275693738936406
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0d:46:75:39:dc:a1:1d:91:3c:de:6c:ba:56:41:04:c5:40:88:dc:de
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7a:d8:66:c9:69:cb:86:fa:16:a8:44:59:5d:19:78:e8:5d:43:d1:44
Fingerprint (sha256): cd:02:c5:c0:04:b5:4a:d8:0f:7c:b6:0a:bb:08:16:bf:c9:08:7a:23:b2:95:55:3a:19:0f:c9:2d:b3:ae:5e:17
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate dunhuang.work
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dunhuang.work
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dunhuang.work
holylandexpeditions.com
idispositivo.com
iowapark.work
westdesmoines.work
holylandexpeditions.com
idispositivo.com
iowapark.work
westdesmoines.work
Other certificates including the domain name dunhuang.work
(limited to 100 certificates)
Certificate
The complete raw certificate details for dunhuang.work in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgISA1l59qlqkNtuIM2nTbyJPEhWMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MDYwMDA3MTdaFw0x OTA3MDUwMDA3MTdaMBgxFjAUBgNVBAMTDWR1bmh1YW5nLndvcmswggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyG82hvRXX8C6SyHPhZ8T71sp0C0pIlQpE M3JuhOcMyEJ5Mj37J3Ipx1uj7SQQj2aB+Bf7375MiapJXkI1fUqwRK8xcnJU6kVi n4/PB2CL6v4awtX175jltye1MJE6cLIgx9LBdkpOWXis2vvo/xHJgqSpHZOwfnMs Up+8cbrfq/b7FQFhp+fRxe6U8RTZrDS7Ml5W5P8rNl7Hl+gGUT6PAcRsfZw+xDDE pTQfor/UZY/YKzAccwMXg8VqrYN9YR81/+8CtZF+SGZncCXN2qfh+nq2XY8aUJmm jOcrNTHiLZqitb8ugpgnPzUhISImIr5PiP7an8t8rWb8+XVdrwH9AgMBAAGjggKx MIICrTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFA1GdTncoR2RPN5sulZBBMVAiNze MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y Zy8wZgYDVR0RBF8wXYINZHVuaHVhbmcud29ya4IXaG9seWxhbmRleHBlZGl0aW9u cy5jb22CEGlkaXNwb3NpdGl2by5jb22CDWlvd2FwYXJrLndvcmuCEndlc3RkZXNt b2luZXMud29yazBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisG AQQB1nkCBAIEgfYEgfMA8QB2AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQ e8xWAAABafAvfSYAAAQDAEcwRQIgXDwsOouiY9k6P2dyDMnfZ+q8L+mryWPR+JWH MV62PegCIQDatP/azx+wj2Tuy1TrNUukwKNAFLP/Dw6GC8U0K6Ka5wB3ACk8UZZU yDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABafAvfaUAAAQDAEgwRgIhAKMI Jo8Uad9hQ1E0Gm1pTpNiW97AHi3Sq0Wkp1pSTp3lAiEA/biSdvoAYVM5bxqXLAXN E52di++cVbTxjxTpUygVH/swDQYJKoZIhvcNAQELBQADggEBAFxLOeKPZWRftNje cAaqmz4BKn6dzL1C3Ky+BJbJ4wskb8zNSYcjAOx7TEWz0k+KYgceQRMK68aNWR4t 7InEmVDqF8kxloDFYcUAjAizGERl6Bg3ZxhU03pWsMMsJGcmTOLs9EN6cgZZT7yl zi7pdyJVVFq20K5xa8cIZ4+4HfCSKJIsyVzXZcjMba/3laHVhl4EF7sok3DX2pqm 2NIh81U0una3P+BfBrG8/BRyvlH0F70lRG9SAmpT9HbGXBrib/0VgHax1dGX9dHf HpFwOYuBDuMhNAK83Kkt/W/LdxjoBgIKPNpE2toioYKzKDRjsSuUsnJLzOF01Zjp /t88y1w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshvNob0V1/Aukshz4WfE +9bKdAtKSJUKRDNyboTnDMhCeTI9+ydyKcdbo+0kEI9mgfgX+9++TImqSV5CNX1K sESvMXJyVOpFYp+Pzwdgi+r+GsLV9e+Y5bcntTCROnCyIMfSwXZKTll4rNr76P8R yYKkqR2TsH5zLFKfvHG636v2+xUBYafn0cXulPEU2aw0uzJeVuT/KzZex5foBlE+ jwHEbH2cPsQwxKU0H6K/1GWP2CswHHMDF4PFaq2DfWEfNf/vArWRfkhmZ3Alzdqn 4fp6tl2PGlCZpoznKzUx4i2aorW/LoKYJz81ISEiJiK+T4j+2p/LfK1m/Pl1Xa8B /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 291784105779931676936208536275693738936406 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-06 00:07:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-05 00:07:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dunhuang.work' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22484128577121380837953916034976335877655320315118606250150947491404984883229683177749848717717120227651414912619825429379491683358983375063737393307400183494776536281088330134070687113476454301999881451250480477135172067302886116754481305509742404064301718269072387859357027953810403342647386094355505709648877355808879110057148780201082180984147906504467300343009756819131098513794277312185552006139381426839259242125871968287303243807270834071283328349527239325254858153944481030764186476007056735331377725987755657511473119548128878803516704097698031576842527681716576262183468322801803088567013247483662671217149 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0d467539dca11d913cde6cba564104c54088dcde . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dunhuang.work' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'holylandexpeditions.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idispositivo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowapark.work' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'westdesmoines.work' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000169f02f7d26000004030047304502205c3c2c3a8ba263d93a3f67720cc9df67eabc2fe9abc963d1f89587315eb63de8022100dab4ffdacf1fb08f64eecb54eb354ba4c0a34014b3ff0f0e860bc5342ba29ae7007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000169f02f7da50000040300483046022100a308268f1469df614351341a6d694e93625bdec01e2dd2ab45a4a75a524e9de5022100fdb89276fa006153396f1a972c05cd139d9d8bef9c55b4f18f14e95328151ffb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005c4b39e28f65645fb4d8de7006aa9b3e012a7e9dccbd42dcacbe0496c9e30b246fcccd49872300ec7b4c45b3d24f8a62071e41130aebc68d591e2dec89c49950ea17c9319680c561c5008c08b3184465e81837671854d37a56b0c32c2467264ce2ecf4437a7206594fbca5ce2ee9772255545ab6d0ae716bc708678fb81df09228922cc95cd765c8cc6daff795a1d5865e0417bb289370d7da9aa6d8d221f35534ba76b73fe05f06b1bcfc1472be51f417bd25446f52026a53f476c65c1ae26ffd158076b1d5d197f5d1df1e9170398b810ee3213402bcdca92dfd6fcb7718e806020a3cda44dada22a182b3283463b12b94b2724bcce174d598e9fedf3ccb5c