cityexpress.lv
Issued by R3
About this certificate
This digital certificate with serial number 03:15:c4:6b:cc:a0:41:c9:a5:27:71:78:04:14:07:4a:82:db was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cityexpress.lv
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:15:c4:6b:cc:a0:41:c9:a5:27:71:78:04:14:07:4a:82:dbSerial Number (int): 268743875913866579857117223662698506126043
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 42:3b:65:78:93:85:09:4a:99:f6:df:b7:7d:be:9a:61:62:22:e4:7d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a2:11:68:1a:36:a4:a9:d5:c0:27:96:73:9d:ef:d5:88:ae:ab:61:a5
Fingerprint (sha256): e0:8a:b6:18:b5:6d:6c:7d:9f:e0:3a:15:64:bf:58:ab:3c:71:40:91:31:31:18:0b:50:26:8f:b3:1a:d5:c7:37
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate cityexpress.lv
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cityexpress.lv
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.cityexpress.lv
cityexpress.lv
cityexpresslv.cityexpress.area.lv
www.cityexpresslv.cityexpress.area.lv
cityexpress.lv
cityexpresslv.cityexpress.area.lv
www.cityexpresslv.cityexpress.area.lv
Other certificates including the domain name cityexpress.lv
(limited to 100 certificates)
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.area.lv
www.cityexpresslv.cityexpress.area.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.area.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.area.lv
www.cityexpresslv.cityexpress.area.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.area.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
cityexpress.lv
Certificate
The complete raw certificate details for cityexpress.lv in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAxXEa8ygQcmlJ3F4BBQHSoLbMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMjkwMjM5MDZaFw0yNDA1MjkwMjM5MDVaMBkxFzAVBgNVBAMT DmNpdHlleHByZXNzLmx2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 2XiQMDXpLGz7DP+uJMqOK8VZKSQIJ9CtLeO3tZHh1sxTBOx9GjLfVi6C057xje3L Wunj6EoqltYb3T+WZw67L+SZ1PW3WUVEaK/HIxw+5VTuy5TKJfKz9e8AuAuMwwKa hLHJOqX/bH93c5DRqFQ2MeNxlKa6p9nCb4/tD03jj1sEP/ydjbZYJmS4Fm+hmmXA r7qnTougZWYQ99ovNASlF/PnHdfv2YVh/e3+NWXIwtztJU5vbHUtpxBLZvOzaSQc 8keIQBDUeeld2fgvJnBXPwiCb/a9EQIQTEZciOymarhvn5KnOPl7VKizMdpNAZeU atCykRHcv/YI2jk3Xv7guwIDAQABo4ICbDCCAmgwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBRCO2V4k4UJSpn237d9vpphYiLkfTAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzB1BgNVHREEbjBsghAqLmNpdHlleHByZXNzLmx2gg5jaXR5ZXhwcmVzcy5sdoIh Y2l0eWV4cHJlc3Nsdi5jaXR5ZXhwcmVzcy5hcmVhLmx2giV3d3cuY2l0eWV4cHJl c3Nsdi5jaXR5ZXhwcmVzcy5hcmVhLmx2MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB 2bu/qznYhHMAAAGN8vHAwQAABAMASDBGAiEAv8kgabmFHIvsGEoNRw7SEBc3uXG5 LMEkeZDVOATDjXsCIQDx8zlCQCvMUFrHuZUt4IEM8HRAIOXoTK3hiCQEKbZBBgB1 AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAABjfLxwM0AAAQDAEYw RAIgbgdLPPm2oQi3EQ3aK3LbPqQjEtsnXBJCyzPGZBHd600CIAcziGSKf5QyIq1q 8e9DZzl+vjJoIaFWMpBvRobOJjzrMA0GCSqGSIb3DQEBCwUAA4IBAQBOjJxAtE3k ig4TvNHfn+DZdzssfTxultnhdq7WUyDFhi80wXcXqD0XsXPSXngS7P1NxrUb3fD/ 697DoPhwpvzCxejUTYvwb44Q0++QkNhi+/TafVnARSEvy1w8L4arR8bF9U8xCWFT KXQPcOesgebZFBp6NSWrHPmfgCCBIQGoZVnV3yDkIXNf0A6hCfQsBQ+4yFFO0Plb vFdTwyZr8bdmXLnb3EKdrNMmbLWt4EFnpZBitROQf1aWBpL3prfXkMG8t7Bo1vfI C4u9Qy2QmQvnl5oxXCFEtDjkjHrr4o3VfMozWGSrEPZuWjjxRh4510UiKlGs0E/s IyTESXZbN5DX -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XiQMDXpLGz7DP+uJMqO K8VZKSQIJ9CtLeO3tZHh1sxTBOx9GjLfVi6C057xje3LWunj6EoqltYb3T+WZw67 L+SZ1PW3WUVEaK/HIxw+5VTuy5TKJfKz9e8AuAuMwwKahLHJOqX/bH93c5DRqFQ2 MeNxlKa6p9nCb4/tD03jj1sEP/ydjbZYJmS4Fm+hmmXAr7qnTougZWYQ99ovNASl F/PnHdfv2YVh/e3+NWXIwtztJU5vbHUtpxBLZvOzaSQc8keIQBDUeeld2fgvJnBX PwiCb/a9EQIQTEZciOymarhvn5KnOPl7VKizMdpNAZeUatCykRHcv/YI2jk3Xv7g uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 268743875913866579857117223662698506126043 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 02:39:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-29 02:39:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cityexpress.lv' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27453164124930863874174845100239167198104016857679008277666840188697174920590409239199104727435014720581156657402256899724288429335875182069469714939173776716798446225429144663892495784411160229367198920910524189475925824766569044182478108188782210231356709307700429071967898625671141445590838673482649372614028942887572070312691026483207542177542540312749220020503225162732955360230025134198883588461498642639407739514871473546810744163163579941652499249166762036508491754844583405904752666029989790729234241414324182044583934088362450330652556666609222407741510628052047857489005184192152181527816436921044156997819 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 423b65789385094a99f6dfb77dbe9a616222e47d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cityexpress.lv' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cityexpress.lv' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cityexpresslv.cityexpress.area.lv' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cityexpresslv.cityexpress.area.lv' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018df2f1c0c10000040300483046022100bfc92069b9851c8bec184a0d470ed2101737b971b92cc1247990d53804c38d7b022100f1f33942402bcc505ac7b9952de0810cf0744020e5e84cade188240429b64106007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018df2f1c0cd000004030046304402206e074b3cf9b6a108b7110dda2b72db3ea42312db275c1242cb33c66411ddeb4d0220073388648a7f943222ad6af1ef4367397ebe326821a15632906f4686ce263ceb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004e8c9c40b44de48a0e13bcd1df9fe0d9773b2c7d3c6e96d9e176aed65320c5862f34c17717a83d17b173d25e7812ecfd4dc6b51bddf0ffebdec3a0f870a6fcc2c5e8d44d8bf06f8e10d3ef9090d862fbf4da7d59c045212fcb5c3c2f86ab47c6c5f54f3109615329740f70e7ac81e6d9141a7a3525ab1cf99f8020812101a86559d5df20e421735fd00ea109f42c050fb8c8514ed0f95bbc5753c3266bf1b7665cb9dbdc429dacd3266cb5ade04167a59062b513907f56960692f7a6b7d790c1bcb7b068d6f7c80b8bbd432d90990be7979a315c2144b438e48c7aebe28dd57cca335864ab10f66e5a38f1461e39d745222a51acd04fec2324c449765b3790d7