cgski.co.uk
Issued by R3
About this certificate
This digital certificate with serial number 03:2a:f2:a8:f2:92:3a:45:16:e2:99:9d:06:be:05:e5:16:d4 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cgski.co.uk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:2a:f2:a8:f2:92:3a:45:16:e2:99:9d:06:be:05:e5:16:d4Serial Number (int): 275951267606740808362927869553657636001492
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 01:f4:95:18:0f:d6:68:e4:ac:8b:6e:70:7b:15:96:34:c8:39:eb:6f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 7e:95:e0:6d:49:e2:7e:cc:16:2f:79:9e:bc:83:1c:ba:80:7d:2f:36
Fingerprint (sha256): ce:8c:9e:97:28:10:7d:13:f2:b0:af:d7:f1:c6:bc:af:94:db:96:b2:ac:83:81:f8:f9:46:33:ac:41:8c:00:3a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate cgski.co.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cgski.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cgski.co.uk
www.cgski.co.uk
www.cgski.co.uk
Other certificates including the domain name cgski.co.uk
(limited to 100 certificates)
Certificate
The complete raw certificate details for cgski.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgISAyryqPKSOkUW4pmdBr4F5RbUMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDEyMzM1MDJaFw0yNDA2MzAyMzM1MDFaMBYxFDASBgNVBAMT C2Nnc2tpLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdAV lkNwJi+0hv6955rEpeE4I08FKZ+6umokvw0SNZfXkb6HNvz84zVxgMKp5vNNxVGA wNnTO81CY4h84rM75SKyHkJU0w5Twpf8QLjX8FQe+bCSnjaFTgEhD8RQnXUvKO4N eBL1TGRL0sd5+CoWlFRvsKbzMJBVsNrdN3VBB/eTUvWB3LOpcVvCCyK3AAxkHuo1 PyKcrKh61MAf+NFSR8So/nyDuTtP/mSJ9LSPjAuh1H0xNS8i/Z3P73znIuGYcObW VHRvSaIflG+b44jIHhbuizgG+EpOnVdsdQaTr1yZmCMIfpXo4wwLnYRC4bSHmI9Q 4/Nr2pig36K3vKFQTwIDAQABo4ICHjCCAhowDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQB9JUYD9Zo5KyLbnB7FZY0yDnrbzAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAn BgNVHREEIDAeggtjZ3NraS5jby51a4IPd3d3LmNnc2tpLmNvLnVrMBMGA1UdIAQM MAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYASLDja9qmRzQP 5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGOnDsZ3QAABAMARzBFAiEA9G8SiVt7 UWGXhbVQQuCc60f0sdC3sWFn3zknC0Hp2WoCIHTC/viQ/U+ynlMq4PZvpuqyrLge 9znorYL1MRrjgDTuAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcA AAGOnDsZ6wAABAMARzBFAiEA4u+s6lf6IHaaEHotlWqTYAIY1+vSZoKGex0lI1gd sfYCIG6cW/CXQXfWdrpcbYoNEWD+mIAI/f8OaADQOT1wsGPeMA0GCSqGSIb3DQEB CwUAA4IBAQAgC6FcHnjH1UHtYvbeXaYG3XMF8A0Q5fz2XL26a7dzSfe0J7Du/Hdi czTP0+ixUl5Ao0v5+70FaYo0gq7pnti88BIpNJImx0apzlHlNmMc32UTAvBNkeI3 g2/Z8yTQOexxWfVWzf//+NItXgF42I5vkPUGbmAhYSuhUKqVkiL0L/FcIGWnDptg E0TuGAXPzknAWw0qer7Em8afx3ZkoICytda07Btg/aRAcNZ3xYbcp56nSL8YQQQQ SD3dLMuXzpZv5ZpqKt0LOBeIkCX0ivMnEvvM5wrz7DZgV6RAwKPxzBg/+ycb3CzQ 0nKUTiB5z8KTHsdP97M0g15h2q5dFinP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdAVlkNwJi+0hv6955rE peE4I08FKZ+6umokvw0SNZfXkb6HNvz84zVxgMKp5vNNxVGAwNnTO81CY4h84rM7 5SKyHkJU0w5Twpf8QLjX8FQe+bCSnjaFTgEhD8RQnXUvKO4NeBL1TGRL0sd5+CoW lFRvsKbzMJBVsNrdN3VBB/eTUvWB3LOpcVvCCyK3AAxkHuo1PyKcrKh61MAf+NFS R8So/nyDuTtP/mSJ9LSPjAuh1H0xNS8i/Z3P73znIuGYcObWVHRvSaIflG+b44jI HhbuizgG+EpOnVdsdQaTr1yZmCMIfpXo4wwLnYRC4bSHmI9Q4/Nr2pig36K3vKFQ TwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 275951267606740808362927869553657636001492 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-01 23:35:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-30 23:35:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cgski.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22951743403399090679370940660261085245713833531013616781173242037095453030852384786410759746173586615079882598462713646899455137772714538831643286310537234500411042771738809587019592098073819846373628107912552760744538629008638652535868352719097101906952921311403622966634639890887542601082133742104650470200849861166525804720436208275065276606148753956152429933348936091278453321754861861048971982400455373081160120009232627570883852338076657687402366958001159792544109686764259064713545793753276380457490330842357745452840340715454487508459805666250371343128931226923881772556442502256227013714693489246346649096271 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 01f495180fd668e4ac8b6e707b159634c839eb6f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cgski.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cgski.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e9c3b19dd0000040300473045022100f46f12895b7b51619785b55042e09ceb47f4b1d0b7b16167df39270b41e9d96a022074c2fef890fd4fb29e532ae0f66fa6eab2acb81ef739e8ad82f5311ae38034ee0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e9c3b19eb0000040300473045022100e2efacea57fa20769a107a2d956a93600218d7ebd26682867b1d2523581db1f602206e9c5bf0974177d676ba5c6d8a0d1160fe988008fdff0e6800d0393d70b063de . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00200ba15c1e78c7d541ed62f6de5da606dd7305f00d10e5fcf65cbdba6bb77349f7b427b0eefc77627334cfd3e8b1525e40a34bf9fbbd05698a3482aee99ed8bcf01229349226c746a9ce51e536631cdf651302f04d91e237836fd9f324d039ec7159f556cdfffff8d22d5e0178d88e6f90f5066e6021612ba150aa959222f42ff15c2065a70e9b601344ee1805cfce49c05b0d2a7abec49bc69fc77664a080b2b5d6b4ec1b60fda44070d677c586dca79ea748bf18410410483ddd2ccb97ce966fe59a6a2add0b3817889025f48af32712fbcce70af3ec366057a440c0a3f1cc183ffb271bdc2cd0d272944e2079cfc2931ec74ff7b334835e61daae5d1629cf