mindgil.com
Issued by R3
About this certificate
This digital certificate with serial number 03:dd:2b:bf:7e:26:88:bc:68:f4:a0:41:58:22:50:c1:c9:ac was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mindgil.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:dd:2b:bf:7e:26:88:bc:68:f4:a0:41:58:22:50:c1:c9:acSerial Number (int): 336597411975963469870570375884201638611372
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d9:2a:c2:0d:99:62:95:28:b8:ca:92:72:bb:3c:03:bc:ca:88:c3:d5
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 57:35:0e:7f:77:48:d7:92:ee:eb:4d:95:f9:51:38:1e:0c:96:0b:d9
Fingerprint (sha256): db:9a:0a:cc:02:b1:55:b1:ba:85:66:18:4e:c8:2f:28:25:c0:58:89:e3:79:6a:8b:6e:64:28:46:c1:e6:61:5c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mindgil.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mindgil.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mindgil.com
Other certificates including the domain name mindgil.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for mindgil.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgISA90rv34miLxo9KBBWCJQwcmsMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTQxNzA3MjZaFw0yNDA1MTQxNzA3MjVaMBYxFDASBgNVBAMT C21pbmRnaWwuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyvx2 WnjEGNCezc+mDnb0GBe58y27zqSntY2XhQHtiB6uUz/9Crk3Gi7K447pRbR3q2MW or26hj/q8mTv96m4R6tm3XsYMfC01nXgkIRPoGD6pzytdE3Vh5uesmliFIYkqb/z 99WrxQmyRUF6JCAKqAyKlVoEPsY5lrzgME2ZZ81igyRKph5MLFr6gJr+Pp5UDDEr OF60DjCriM67G04+OsPZFrcGwq2sEjPxhb3M/aE0K2RWJ3dhxiL7YLa0gjMT1FpD x6W58RtWELjtNBt4tQ04mCr7RkqvWSsPNJUhQJQS2Z0l8whmW4WzJrDmUtLIXePw AzEdjey9gmGPub+55w3SBV4CM1wuqwiLN88QKW73dwQ50tMeV7cKGcGpu6RVXPZs HlZFz2afyx2lE71pmr8OG4MXIBNcvhL3Pp+dAXH2JJLoFEhPOqAuHA1iENGr80vR Pdxk4weyAtTw7w16MyvHj859TsjBYSfOK68F6Zd6aO1KLjXdYRWkbP6seipB2zb4 ms/A2Simu1t43YfOeNq04WaHfEiyUPAOGXj8KPX+IiyTw/d77cVVBBNsPElSpM0/ XWHrqwqXDEC3w0Y5ZratbSbNeGVH3A5cUcYgB0SgvSybkxpFv1tnQJuCGTgTIvKo On955BhLYZlZcD1t8nPzoPRJALRxssQyW0QIlSUCAwEAAaOCAgwwggIIMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU2SrCDZlilSi4ypJyuzwDvMqIw9UwHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wFgYDVR0RBA8wDYILbWluZGdpbC5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgA7U3d1Pi25gE6L MFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY2ozVm+AAAEAwBHMEUCIBQrbCNRFcqr lf1oTaNQk3TpQGeB9ZqJQO3vH9nYHFr0AiEAidsLRU+b7QDOBtRN98ikYsb6FQwF YpDmdphCC0j/FE0AdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AY2ozVt1AAAEAwBGMEQCIFcvjgAB697ayihY7V5uKk1Z7dfuBjn552YrxJ4g9Odr AiAuRm9dxCWiQtjbXf2MGLfLBqfJB8QZ9x+95x0unDbd8DANBgkqhkiG9w0BAQsF AAOCAQEAgAtPJ64QW4tLfLd4fjOrYTKQ9Um9JfPjDmQvbsaNnNp3FTg37WYNL1FY GNujdupo6zwef9nCbznjUqKSJNCyjR+s8Y/JWoS0mIYmV9bI1jOvk8Zi/ZiC/Os8 dLoo6wqjVZ7Tx8kc3h0sVKQEZ/rZQuCWtNxRFDigxzlw9OOJpRFDs480r+my+VkR 8jLGMg/myekbK6PAe9VgbOhQf/J8EVVPc0u5jM+dtCDd8+1ha+40YMCpU81aycFP kmahEqFh3DEOrv76pHDu6CYo9P8QVM+B/Eh3Ew90n4b5TZ7ngeRF59Zt3Dwd8UUc dRbaHx1x0wQGMSUnu5fKL7P3pmPWMw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyvx2WnjEGNCezc+mDnb0 GBe58y27zqSntY2XhQHtiB6uUz/9Crk3Gi7K447pRbR3q2MWor26hj/q8mTv96m4 R6tm3XsYMfC01nXgkIRPoGD6pzytdE3Vh5uesmliFIYkqb/z99WrxQmyRUF6JCAK qAyKlVoEPsY5lrzgME2ZZ81igyRKph5MLFr6gJr+Pp5UDDErOF60DjCriM67G04+ OsPZFrcGwq2sEjPxhb3M/aE0K2RWJ3dhxiL7YLa0gjMT1FpDx6W58RtWELjtNBt4 tQ04mCr7RkqvWSsPNJUhQJQS2Z0l8whmW4WzJrDmUtLIXePwAzEdjey9gmGPub+5 5w3SBV4CM1wuqwiLN88QKW73dwQ50tMeV7cKGcGpu6RVXPZsHlZFz2afyx2lE71p mr8OG4MXIBNcvhL3Pp+dAXH2JJLoFEhPOqAuHA1iENGr80vRPdxk4weyAtTw7w16 MyvHj859TsjBYSfOK68F6Zd6aO1KLjXdYRWkbP6seipB2zb4ms/A2Simu1t43YfO eNq04WaHfEiyUPAOGXj8KPX+IiyTw/d77cVVBBNsPElSpM0/XWHrqwqXDEC3w0Y5 ZratbSbNeGVH3A5cUcYgB0SgvSybkxpFv1tnQJuCGTgTIvKoOn955BhLYZlZcD1t 8nPzoPRJALRxssQyW0QIlSUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336597411975963469870570375884201638611372 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-14 17:07:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 17:07:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mindgil.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 828111368919688207170563763015501245695582906559342507099603208838216204354434791711001548882328329958066437344099375672900990106377645666796170378785944604426710817302242882327021311456302504286102547195543191752632078271728432897604601047678287497481581767188973409441320590978433942752807179847495392614648021622154298394548700473257191241624316728110451310600621647546909819225047816373626710083645551156989087012507573131868455950814150366879660683955541350214893296545141323139476463320505378290791208019572302944698830483685768171694675516297559810215589900094385364799315268699739622408205754854004713199621187725613625651972773343576711204209364427301292273463351442047154777499199257241042533351108665940718062529054496281259893821183473104472568997724811450311188286744502224450241092169115007928003898371695791001286746518673806880116014698959150958990926992053741102530361564155676671789886696778159086947275523065705523219309910072756120357145033229599250126000677705935662044754156421401108460087983928218405963659800456133955951389793977021935606847151930540921047717731809710337922831189025707903458021358027278298925912313115495482601914034398943491273229226460624336605973508442140896529116415548417730326058013989 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d92ac20d99629528b8ca9272bb3c03bcca88c3d5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mindgil.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018da8cd59be00000403004730450220142b6c235115caab95fd684da3509374e9406781f59a8940edef1fd9d81c5af402210089db0b454f9bed00ce06d44df7c8a462c6fa150c056290e67698420b48ff144d00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018da8cd5b7500000403004630440220572f8e0001ebdedaca2858ed5e6e2a4d59edd7ee0639f9e7662bc49e20f4e76b02202e466f5dc425a242d8db5dfd8c18b7cb06a7c907c419f71fbde71d2e9c36ddf0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00800b4f27ae105b8b4b7cb7787e33ab613290f549bd25f3e30e642f6ec68d9cda77153837ed660d2f515818dba376ea68eb3c1e7fd9c26f39e352a29224d0b28d1facf18fc95a84b498862657d6c8d633af93c662fd9882fceb3c74ba28eb0aa3559ed3c7c91cde1d2c54a40467fad942e096b4dc511438a0c73970f4e389a51143b38f34afe9b2f95911f232c6320fe6c9e91b2ba3c07bd5606ce8507ff27c11554f734bb98ccf9db420ddf3ed616bee3460c0a953cd5ac9c14f9266a112a161dc310eaefefaa470eee82628f4ff1054cf81fc4877130f749f86f94d9ee781e445e7d66ddc3c1df1451c7516da1f1d71d30406312527bb97ca2fb3f7a663d633