knaxtech.com
Issued by R3
About this certificate
This digital certificate with serial number 04:35:cb:c8:95:48:d2:9a:55:c2:75:7e:aa:52:6c:32:6b:a8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=knaxtech.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:35:cb:c8:95:48:d2:9a:55:c2:75:7e:aa:52:6c:32:6b:a8Serial Number (int): 366754983944215407114532545514557811092392
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: cb:87:3e:0b:09:42:d8:fc:5f:c5:6b:03:2d:b7:4f:95:1a:8a:f9:16
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): db:85:e3:4c:46:9b:8c:e9:55:1f:53:b5:9d:9b:d8:82:cd:c9:bd:d5
Fingerprint (sha256): cd:ce:41:38:ab:f3:3e:06:bf:af:b6:21:70:42:f1:6e:70:b0:db:69:79:4a:80:3d:4a:d4:94:18:1a:84:21:98
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate knaxtech.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for knaxtech.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
knaxtech.com
www.knaxtech.com
www.knaxtech.com
Other certificates including the domain name knaxtech.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for knaxtech.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgISBDXLyJVI0ppVwnV+qlJsMmuoMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDkwNDM1NDZaFw0yNDA3MDgwNDM1NDVaMBcxFTATBgNVBAMT DGtuYXh0ZWNoLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANNh M5tzw99QIAncQXf9ifXXVT050zPTC9Tl7hz2Dk99Pb+q1BoxmNTezNh4ErlovFbQ /d0shhXC1iXS5pDzYOVqOlCSlz/5VkV0bzqnwwdjJwcz/FTy3M9SB2Qd2IT0YW5Z ZlGLv3o3MkLWX2xOl6vM9cJmjch3bEOpNPLqwyOPdUMsPAoVHQKgHMnHDPFGgg/b zdoDAlQvavz53cl8ZSI3TycijfIygCBhf+kknQd6ZmJf0ouUhxel1M1YzXz2HD4L ar/SNA6l82T/+/JfU49Yn0EXRhC/YIusyINlShn+NbFNI7t94PoXNeOW/MuxI3Ie O/W2mVZVuesSnXdsNkTY1PqmJFbWFHxXt7SUcK3224evM6P21ORlSZ3ggTLj3g/T L8/ru3S7OIwe3GwhS+cJ4fFx0TaeWiayE/++MfyANRLrISxTJ1cQvxThqpKYbKJR Rlu+5GmJS5MlIDMHvNhQ0K2O75oVwuRe1CzGXFaiZQsk0xb/2pnjIm0xvSnf1xY5 z7qT+sfWk5cLwLkr6jUeowYkU/6IWK3u7qomo+VYbC8oPZsuW+7aGP3XbiDrNz7b /0kLJoqjHyVt4510L8KA959YOIYonAM/RXbs7A14wcLjJAIoOJWQO6gEE6L3Za74 VDtBFNziGMFN7ys6nL/svshZ8Mimk//QwxmRK9hbAgMBAAGjggIhMIICHTAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFMuHPgsJQtj8X8VrAy23T5UaivkWMB8GA1UdIwQY MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v cjMuaS5sZW5jci5vcmcvMCkGA1UdEQQiMCCCDGtuYXh0ZWNoLmNvbYIQd3d3Lmtu YXh0ZWNoLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIE gfYEgfMA8QB3AN/hVuuqBa+1nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABjsFa 9FsAAAQDAEgwRgIhANYK1rJ/wy6pPkBmXY1GFafA0rRpNvGerA9IFQe7v07hAiEA plKAptQlNFlrQ1A2gNgCuYQAN5pQIeCXkuanYFjLKDkAdgA7U3d1Pi25gE6LMFsG /kA7Z9hPw/THvQANLXJv4frUFwAAAY7BWvuTAAAEAwBHMEUCIQCMiDM8jC19ImGS n+XAeXRWfZp3UuGpsB6sZLbTR8JSswIgNz8BchPnL/tl6zjI08h219NNRhzeFXEA pa/zqUVVuK8wDQYJKoZIhvcNAQELBQADggEBAEbP7b9ebMYOhblGOr4mwoSB1lR+ YP0WnKf6rbVKK3FDyp7myb3I7ch7T3VBHRRsN93Lz8VJvXdMep62EMkSwiCHmh05 hlL8ICnqYbjnyhnE/+8yI7ikIjznbvPTZYakjvMvgo1s9CNuD8kJRBRn6MwQUQKi exo34tfc/WLX1Zn/GE3yQ+2ZX8nnY52SVOsJXRzi6afeaDX6LaB/z2ZxZ2upNw0v qz9JcSAR+LbhXklqtnh7iw4jM3s8kWoKEZ23f5iVw1eItdOk8i8+i+3WCf1sz1k9 WAB7SlvMmeHe9ytdIRV5nPPWl2W6LleDdV1QPFYxG9cPKONB3GNczTgIaic= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA02Ezm3PD31AgCdxBd/2J 9ddVPTnTM9ML1OXuHPYOT309v6rUGjGY1N7M2HgSuWi8VtD93SyGFcLWJdLmkPNg 5Wo6UJKXP/lWRXRvOqfDB2MnBzP8VPLcz1IHZB3YhPRhbllmUYu/ejcyQtZfbE6X q8z1wmaNyHdsQ6k08urDI491Qyw8ChUdAqAcyccM8UaCD9vN2gMCVC9q/PndyXxl IjdPJyKN8jKAIGF/6SSdB3pmYl/Si5SHF6XUzVjNfPYcPgtqv9I0DqXzZP/78l9T j1ifQRdGEL9gi6zIg2VKGf41sU0ju33g+hc145b8y7Ejch479baZVlW56xKdd2w2 RNjU+qYkVtYUfFe3tJRwrfbbh68zo/bU5GVJneCBMuPeD9Mvz+u7dLs4jB7cbCFL 5wnh8XHRNp5aJrIT/74x/IA1EushLFMnVxC/FOGqkphsolFGW77kaYlLkyUgMwe8 2FDQrY7vmhXC5F7ULMZcVqJlCyTTFv/ameMibTG9Kd/XFjnPupP6x9aTlwvAuSvq NR6jBiRT/ohYre7uqiaj5VhsLyg9my5b7toY/dduIOs3Ptv/SQsmiqMfJW3jnXQv woD3n1g4hiicAz9FduzsDXjBwuMkAig4lZA7qAQTovdlrvhUO0EU3OIYwU3vKzqc v+y+yFnwyKaT/9DDGZEr2FsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 366754983944215407114532545514557811092392 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 04:35:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-08 04:35:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'knaxtech.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 862353913559887903117023064219825068133717728807677841321230892076845862396164523727390252379385426233613420625573636359543298057488135392668271064932537205819038983238006839052832065404374258605039413685300075874995982062974699356617093920307231264433218110983801585435602449997711648824924499828020660126150575835089780271992845307711381969000538730087993044164723576315203413329644168560969554027201862006091355709867903342024966457137454548183828331839074785977265154528345550202878009510549802636450735223716861729759495972748343717510827289303864436197376559355231590918860104336057279845269957574447194721951538380006534327355825563544732803482219978743881501954722486704530113920836920015622033215446790892309930598141158000160094659797408918292236954286785636463304891228754836218862186788462803638819746734326150006560865950355028103727880468734823639695870825513153811779485078119675273747900574428341870467027154727449031207287382804326484782213153674145214702435449295361391668765676418488168450532213206731445889767328032761156030596753122285872485475677659421962447571392624825580835566579632763484965131243200011670190214362493521729474330322713423828611085935792086582961170533971193226619771994820704374514684516443 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cb873e0b0942d8fc5fc56b032db74f951a8af916 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knaxtech.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.knaxtech.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ec15af45b0000040300483046022100d60ad6b27fc32ea93e40665d8d4615a7c0d2b46936f19eac0f481507bbbf4ee1022100a65280a6d42534596b43503680d802b98400379a5021e09792e6a76058cb28390076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ec15afb9300000403004730450221008c88333c8c2d7d2261929fe5c07974567d9a7752e1a9b01eac64b6d347c252b30220373f017213e72ffb65eb38c8d3c876d7d34d461cde157100a5aff3a94555b8af . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0046cfedbf5e6cc60e85b9463abe26c28481d6547e60fd169ca7faadb54a2b7143ca9ee6c9bdc8edc87b4f75411d146c37ddcbcfc549bd774c7a9eb610c912c220879a1d398652fc2029ea61b8e7ca19c4ffef3223b8a4223ce76ef3d36586a48ef32f828d6cf4236e0fc909441467e8cc105102a27b1a37e2d7dcfd62d7d599ff184df243ed995fc9e7639d9254eb095d1ce2e9a7de6835fa2da07fcf6671676ba9370d2fab3f49712011f8b6e15e496ab6787b8b0e23337b3c916a0a119db77f9895c35788b5d3a4f22f3e8bedd609fd6ccf593d58007b4a5bcc99e1def72b5d2115799cf3d69765ba2e5783755d503c56311bd70f28e341dc635ccd38086a27