virginiachronicle.com
Issued by R3
About this certificate
This digital certificate with serial number 04:27:d7:c1:e4:30:1e:f2:94:ac:25:4a:3b:28:fb:43:98:1e was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=virginiachronicle.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:27:d7:c1:e4:30:1e:f2:94:ac:25:4a:3b:28:fb:43:98:1eSerial Number (int): 362006946797546960041668131031067262162974
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 75:fe:19:f0:dd:db:82:fc:ac:24:ec:f1:83:71:7d:43:ca:18:49:7d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 32:11:5d:ae:37:1d:e4:d4:31:56:d0:d9:d9:6c:ca:62:25:10:ac:df
Fingerprint (sha256): cd:b9:cf:ef:60:e8:ed:6a:ca:6e:73:fe:bc:74:73:e1:dd:ff:84:44:64:17:15:7c:02:46:dd:ed:88:3b:b8:32
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate virginiachronicle.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for virginiachronicle.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digitalvirginianewspapers.com
virginia.dlconsulting.com
virginiachronicle.com
www.digitalvirginianewspapers.com
www.virginiachronicle.com
virginia.dlconsulting.com
virginiachronicle.com
www.digitalvirginianewspapers.com
www.virginiachronicle.com
Other certificates including the domain name virginiachronicle.com
(limited to 100 certificates)
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
www.virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
www.virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
www.virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
www.virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
virginiachronicle.com
Certificate
The complete raw certificate details for virginiachronicle.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgISBCfXweQwHvKUrCVKOyj7Q5geMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDcxMjA4MDRaFw0yNDA4MDUxMjA4MDNaMCAxHjAcBgNVBAMT FXZpcmdpbmlhY2hyb25pY2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOtXVNLS6bt1oXNglLrrJviWydGbecTuCKt3WQzxPbFLJI/sVmE/pWFA u0rUs+ag8hTUc9Aq0rHdTuPM73Wgwv+LZ2Z6iTzOWFlfTy6ifrybw34SDYtf2w1S n6S2O1NL2sENRD6NnVX1iIR4ehUBF1CAlqF0XRzFKSCMV6YACtYmA6oaTuAF7/17 B1WPNPvVI9QOU7o5D6fQ+RFf4D8n0CHbC0Bault81PAvdMoR67sEx+i6zlgZ5t3x OOTLLT3t1493Q6arERMj7ScNA9QPWRUibdaqRtnJuXJILSP3zE63pzAjhhcz0VkW ipfI1fRa5hXNXj2MDFLXelN8O2QIvNECAwEAAaOCApIwggKOMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUdf4Z8N3bgvysJOzxg3F9Q8oYSX0wHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wgZoGA1UdEQSBkjCBj4IdZGlnaXRhbHZpcmdpbmlhbmV3c3BhcGVy cy5jb22CGXZpcmdpbmlhLmRsY29uc3VsdGluZy5jb22CFXZpcmdpbmlhY2hyb25p Y2xlLmNvbYIhd3d3LmRpZ2l0YWx2aXJnaW5pYW5ld3NwYXBlcnMuY29tghl3d3cu dmlyZ2luaWFjaHJvbmljbGUuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZ RnEftZsAAAGPUysaOQAABAMARzBFAiA85+1J3yL4HMc3Rkawx+3YxmNi0NjclLSH RSnCYC8fTQIhAL1VXVZmw3AVDXIpp0YTzhsmE5DehIBhMUYzOo68uAbGAHYA3+FW 66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGPUysa8AAABAMARzBFAiBI 7qxP6y8SMnVcBmlq7pH1zI7wMW+YMMDbUYVqZvztWAIhALWv6062bJ9PHJV9fl3w aGXVjP7BX2g7T1IWWYzeOGIkMA0GCSqGSIb3DQEBCwUAA4IBAQA3jjfBdYNsa1nC t/OdJyihdNxL2nYM//S+wBhoKxWGKAHV7oEZ/OHKYb2Z/sgPxKpjQVVv4sv+iLZv D91Givz0kKWLmzvrlZuezqOPMx2WoWmN0/tFoEAflN2iGYSPlVRkCe6TmjXNjX1m L1/nHYGT2MUs+hWlBSb9F+1RpN2pJGmaq8jPgZBK27Xtwq34Gjc69rXRRbfzDU1x Eg6vWDKmLnoFp/I21rnppDEGTqmyUyF/XgmvzGFZsKn9HOOm1iSGhIFsbFRl/IbS u5Qol1hxA2g/SeJ9bcEcmv0awW+mEpG9c9l3i332fLI8MygxVCFBwi8jryXWspap 4utcgEZz -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61dU0tLpu3Whc2CUuusm +JbJ0Zt5xO4Iq3dZDPE9sUskj+xWYT+lYUC7StSz5qDyFNRz0CrSsd1O48zvdaDC /4tnZnqJPM5YWV9PLqJ+vJvDfhINi1/bDVKfpLY7U0vawQ1EPo2dVfWIhHh6FQEX UICWoXRdHMUpIIxXpgAK1iYDqhpO4AXv/XsHVY80+9Uj1A5TujkPp9D5EV/gPyfQ IdsLQFq6W3zU8C90yhHruwTH6LrOWBnm3fE45MstPe3Xj3dDpqsREyPtJw0D1A9Z FSJt1qpG2cm5ckgtI/fMTrenMCOGFzPRWRaKl8jV9FrmFc1ePYwMUtd6U3w7ZAi8 0QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 362006946797546960041668131031067262162974 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-07 12:08:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-05 12:08:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'virginiachronicle.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29709066356766064619103987676209555389802532076712298895612694642641356930911945738533521742719085893679026534513194469638620683776501906543631559494729913127419059448772487415131319487485249198748775069855620711270517724666795874547804245766319419578968037822572570703890988196130044611318739068585116889199373216381259257587403020253462203501786083131453073225112697741392821072572062148467876384997461396963274825141710641963084974245594505763826683448320806163311313825351212844719582179599360554444000140788635561573238660084092364020525374400061061101560297184540461791642923444421884106241030027478917957860561 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 75fe19f0dddb82fcac24ecf183717d43ca18497d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (146 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digitalvirginianewspapers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'virginia.dlconsulting.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'virginiachronicle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.digitalvirginianewspapers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.virginiachronicle.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f532b1a39000004030047304502203ce7ed49df22f81cc7374646b0c7edd8c66362d0d8dc94b4874529c2602f1f4d022100bd555d5666c370150d7229a74613ce1b261390de8480613146333a8ebcb806c6007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f532b1af00000040300473045022048eeac4feb2f1232755c06696aee91f5cc8ef0316f9830c0db51856a66fced58022100b5afeb4eb66c9f4f1c957d7e5df06865d58cfec15f683b4f5216598cde386224 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00378e37c175836c6b59c2b7f39d2728a174dc4bda760cfff4bec018682b15862801d5ee8119fce1ca61bd99fec80fc4aa6341556fe2cbfe88b66f0fdd468afcf490a58b9b3beb959b9ecea38f331d96a1698dd3fb45a0401f94dda219848f95546409ee939a35cd8d7d662f5fe71d8193d8c52cfa15a50526fd17ed51a4dda924699aabc8cf81904adbb5edc2adf81a373af6b5d145b7f30d4d71120eaf5832a62e7a05a7f236d6b9e9a431064ea9b253217f5e09afcc6159b0a9fd1ce3a6d6248684816c6c5465fc86d2bb942897587103683f49e27d6dc11c9afd1ac16fa61291bd73d9778b7df67cb23c332831542141c22f23af25d6b296a9e2eb5c804673