fortress.today
Issued by R3
About this certificate
This digital certificate with serial number 03:ac:fc:49:c9:eb:77:c4:d6:60:98:11:75:61:e3:fc:57:c0 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=fortress.today
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ac:fc:49:c9:eb:77:c4:d6:60:98:11:75:61:e3:fc:57:c0Serial Number (int): 320200773493710642700796304603273485899712
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 83:86:9e:cb:b9:83:54:e4:5e:e5:05:b1:b6:0d:cb:7d:41:93:f0:59
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 06:6e:03:85:0c:f0:4b:a8:6e:27:4b:66:ff:cc:4d:a7:33:cb:c7:7d
Fingerprint (sha256): d2:92:a2:cf:e8:7f:6f:b1:42:bc:e0:79:1e:5c:eb:c9:7f:64:79:42:e6:e3:d9:33:f8:07:4a:29:55:30:2c:fe
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate fortress.today
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fortress.today
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.fortress.today
fortress.today
fortress.today
Other certificates including the domain name fortress.today
(limited to 100 certificates)
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
fortress.today
Certificate
The complete raw certificate details for fortress.today in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISA6z8Scnrd8TWYJgRdWHj/FfAMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMDMyMjUxNTNaFw0yNDA0MDIyMjUxNTJaMBkxFzAVBgNVBAMT DmZvcnRyZXNzLnRvZGF5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA otrRbg77M0qHBjvQfm25KDkndKE06e58mo1ek/K5VpDRblUz1mbTbcaFiSUgqNNg Q9qoFtceoMyXuziIToOqs55fG8Bk87JTpovMiis7XKtg01m9dGy7F/o4OpHjzA6M DWliKstwtSWsaQFgPYZxxUtc24G+pZaCjJoUq4Rf/ssPsNJZJV6J5bJhU33168HU r63S05EkNbZl78DJP01WXwCnuV5emHUyJU/R8Sb0UbkZ6glut+iQA8yA6b2P58VR ZrTooRpXmQknACMZ1NCLIeBZ1fuapavv7gs4r3JzDKMXPdFbFxOwE35wiWw3ZtBQ bBnpSNMCvkvJ359RZ3b+MQIDAQABo4ICIzCCAh8wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBSDhp7LuYNU5F7lBbG2Dct9QZPwWTAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzArBgNVHREEJDAighAqLmZvcnRyZXNzLnRvZGF5gg5mb3J0cmVzcy50b2RheTAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AEiw 42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjNG9mjYAAAQDAEgwRgIh AObU4+pp/zZ3RXzHSEblg62t/tv3vl7nwC/5G2hN18MRAiEAzZY3q2GpanUp+hYo kGXqLA9F6XffxjPQO5al/nQmxesAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIK n+ZnTFo6dAAAAYzRvZp7AAAEAwBHMEUCIDLZfBs0njtXLiuNdjUytTThGSz6Lp5s eEGeBwXzqO5TAiEAu9AoeK5g7t4hkAfhqiZ4gidE7tfnTWWr9BP1fQcGvDYwDQYJ KoZIhvcNAQELBQADggEBAKB+QaxvHiY9ScZmj4MsvXfPnKkCoo84f0Shu/oSIYJO 6NyiT5eHT5oxjJVNAZy+EME46vpNu6KaxfuOG8G7GtC+DnQrx9lPm8zL5KB02ZXq /DQuNB8/3LhVOz0p8yTxxRk6nxdhGr+YYlg6wxnm5h4t/JkbadR53Huwyvm2qIux TgKeOOBpppsmPnB+K4p6pbPkABNYm37gYo2T1/3p/lPvFgH4zIqF6lFk3V9xrf5u Xgsf23KfGSymNozuLDi2j9O7HxV5nbks40ExH5WezkPYJ8L7cw0GNAMXAqHSQzbd eMM+V+EDp7hryNLFlob5O8aXSlQED3FU2W/e1WrMifQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotrRbg77M0qHBjvQfm25 KDkndKE06e58mo1ek/K5VpDRblUz1mbTbcaFiSUgqNNgQ9qoFtceoMyXuziIToOq s55fG8Bk87JTpovMiis7XKtg01m9dGy7F/o4OpHjzA6MDWliKstwtSWsaQFgPYZx xUtc24G+pZaCjJoUq4Rf/ssPsNJZJV6J5bJhU33168HUr63S05EkNbZl78DJP01W XwCnuV5emHUyJU/R8Sb0UbkZ6glut+iQA8yA6b2P58VRZrTooRpXmQknACMZ1NCL IeBZ1fuapavv7gs4r3JzDKMXPdFbFxOwE35wiWw3ZtBQbBnpSNMCvkvJ359RZ3b+ MQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 320200773493710642700796304603273485899712 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-03 22:51:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-02 22:51:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fortress.today' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20558508624123733617217683550960284362639023749097997545059629580261498341829914727126084511017118336452483826408803493408520843594446351853087061429527774516886694417254507659213201902108099926817729856197708448079889491763227803029707518828238437257358590972338682395033890916083045368957226855583122706529582086357691437040512244081584528100761779029429580185394136396822094887892135455722959828851226311709666345586668808005251087602572182085283675209988149276553897306615264501637863709986731600692776577163991550002347638223619293292883006836770134504394870662043874134564336340220569206988792724656975934586417 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 83869ecbb98354e45ee505b1b60dcb7d4193f059 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fortress.today' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fortress.today' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cd1bd9a360000040300483046022100e6d4e3ea69ff3677457cc74846e583adadfedbf7be5ee7c02ff91b684dd7c311022100cd9637ab61a96a7529fa16289065ea2c0f45e977dfc633d03b96a5fe7426c5eb00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cd1bd9a7b0000040300473045022032d97c1b349e3b572e2b8d763532b534e1192cfa2e9e6c78419e0705f3a8ee53022100bbd02878ae60eede219007e1aa2678822744eed7e74d65abf413f57d0706bc36 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a07e41ac6f1e263d49c6668f832cbd77cf9ca902a28f387f44a1bbfa1221824ee8dca24f97874f9a318c954d019cbe10c138eafa4dbba29ac5fb8e1bc1bb1ad0be0e742bc7d94f9bcccbe4a074d995eafc342e341f3fdcb8553b3d29f324f1c5193a9f17611abf9862583ac319e6e61e2dfc991b69d479dc7bb0caf9b6a88bb14e029e38e069a69b263e707e2b8a7aa5b3e40013589b7ee0628d93d7fde9fe53ef1601f8cc8a85ea5164dd5f71adfe6e5e0b1fdb729f192ca6368cee2c38b68fd3bb1f15799db92ce341311f959ece43d827c2fb730d0634031702a1d24336dd78c33e57e103a7b86bc8d2c59686f93bc6974a54040f7154d96fded56acc89f4