play.church
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:b6:5c:02:0a:25:66:f1:58:f8:d3:ca:fd:e7:76:89:0f:00 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=play.church
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:b6:5c:02:0a:25:66:f1:58:f8:d3:ca:fd:e7:76:89:0f:00Serial Number (int): 410502834072645113558619277238592197955328
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ed:1d:71:16:69:34:3d:0b:d3:75:e3:d2:b5:9a:b7:33:41:b6:22:72
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 38:d5:20:8e:df:7e:b4:5a:7b:6a:71:f0:46:d9:84:9e:40:09:98:39
Fingerprint (sha256): e1:74:0d:33:d7:28:e7:65:42:66:cc:aa:fc:90:f2:e8:4d:c8:d5:17:15:de:c5:50:9c:fe:80:58:ca:cc:97:b5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate play.church
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for play.church
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
play.church
www.play.church
www.play.church
Other certificates including the domain name play.church
(limited to 100 certificates)
play.church
play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
play.church
play.church
play.church
api.play.church
play.church
play.church
play.church
play.church
play.church
api.play.church
api.play.church
api.play.church
api.play.church
api.play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
api.play.church
play.church
play.church
api.play.church
api.play.church
play.church
play.church
play.church
api.play.church
play.church
play.church
play.church
play.church
play.church
api.play.church
api.play.church
api.play.church
api.play.church
api.play.church
api.play.church
api.play.church
play.church
Certificate
The complete raw certificate details for play.church in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgISBLZcAgolZvFY+NPK/ed2iQ8AMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDUwMDMyNTZaFw0y MDAyMDMwMDMyNTZaMBYxFDASBgNVBAMTC3BsYXkuY2h1cmNoMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk19gsZrdOYis082RHyy2E1Iyt0E1hex1AS3 OPhoSMwztR4jRT9mRGWUuii1p+kezwZAND+7vEejFsHA0YifO7KOjjFFYlQZHVmk K82K48i+C3oH/MwNkYBWcWN6VwXrwrq20IfQ0w2Hb0gK9EPlEebzRi5lpponK4C4 Xusu8BoD9BWr1f3UEiP7oewm7oZLfc8veVDpyqCCC+SjMAo3bc4Z+8G9/R1ktqqx JhAk+WLUlch77zpdArjtbAHuUfcbfwf0BjxBi3dmJRpgU6j2JJr6L8N8B/gncpCv /Oc0o3F6m9Ac4G6CA6EoSQhdImiXaVxp9et/VbasFM6P9mkZdQIDAQABo4ICczCC Am8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTtHXEWaTQ9C9N149K1mrczQbYicjAf BgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEw LgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcw LwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcv MCcGA1UdEQQgMB6CC3BsYXkuY2h1cmNogg93d3cucGxheS5jaHVyY2gwTAYDVR0g BEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0 cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEGBgorBgEEAdZ5AgQCBIH3BIH0APIA dwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW45MYO5AAAEAwBI MEYCIQCryk9T3a4ueoicnmh8xk8sRppJMgZB3uaeUAZt0lf28wIhAIcu0ibHSOA2 kw9sf4U2wOVQjNthO1o8TQ/hw6hnoW2HAHcAb1N2rDHwMRnYmQCkURX/dxUcEdkC wQApBo2yCJo32RMAAAFuOTGD7QAABAMASDBGAiEAxTC2yy3Gch5Z9DPF3B6ZEuDR kyUfdL6CqIlpvXncKQQCIQCThtvtpFeeX8rXiLtrC4tYbN3/OaYk0tIvNYhgpmmo HDANBgkqhkiG9w0BAQsFAAOCAQEAFLEkdLgAmlRInYBRadN18rQuc0LZcItA8MOy NAxC+WEdTM6AZscNg+FoBOJjHeRVOnhBIIda0rP3fM6conS9at6cNyKT4YuWrdeW tlCDP4BGofkBnWF7Bl12EK9jgyAxSkNWldkpANtSXqklq7w6Pq3BVy9+EubTkuj0 sB1wf6G8OsWL+4LPxmEfjOZ7wMot7X6r2LL1BD5KXOjrkvqtgQevdlL4Q4JLKK8Z B2xyjktzjmYuCuE4NZsuQ4+VC3oJxNQMMPzRUZ31bmSiatn1Rzz5PGRfPUsN5PN8 pmMaQO4cZVnnf+HTaBG0NqidNIBKPa3Dg23R/gdkpvIxhQJKUw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk19gsZrdOYis082RHyy 2E1Iyt0E1hex1AS3OPhoSMwztR4jRT9mRGWUuii1p+kezwZAND+7vEejFsHA0Yif O7KOjjFFYlQZHVmkK82K48i+C3oH/MwNkYBWcWN6VwXrwrq20IfQ0w2Hb0gK9EPl EebzRi5lpponK4C4Xusu8BoD9BWr1f3UEiP7oewm7oZLfc8veVDpyqCCC+SjMAo3 bc4Z+8G9/R1ktqqxJhAk+WLUlch77zpdArjtbAHuUfcbfwf0BjxBi3dmJRpgU6j2 JJr6L8N8B/gncpCv/Oc0o3F6m9Ac4G6CA6EoSQhdImiXaVxp9et/VbasFM6P9mkZ dQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 410502834072645113558619277238592197955328 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-05 00:32:56 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-03 00:32:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'play.church' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25033396262906159594378422080536130878333860316621899978970382317299381822315986448458433467366431478365049472640627759676216578471646263795372741480754466631682238132912280990484219654507177335632827039072565121745101483761066176485824482835479236143548564547927126120018650309767913388948921725197206785841904833410793579158075207409542995838786297686953445795321000114399265742749390314470350398350078604654509850003971270566904859838126255825285038019976378837698192955329235928910349461081108893075090507681442596227547269174096903832299602453682519609268285686401864341764649104154533633290661220759523432143221 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ed1d711669343d0bd375e3d2b59ab73341b62272 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'play.church' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.play.church' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e393183b90000040300483046022100abca4f53ddae2e7a889c9e687cc64f2c469a49320641dee69e50066dd257f6f3022100872ed226c748e036930f6c7f8536c0e5508cdb613b5a3c4d0fe1c3a867a16d870077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016e393183ed0000040300483046022100c530b6cb2dc6721e59f433c5dc1e9912e0d193251f74be82a88969bd79dc29040221009386dbeda4579e5fcad788bb6b0b8b586cddff39a624d2d22f358860a669a81c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0014b12474b8009a54489d805169d375f2b42e7342d9708b40f0c3b2340c42f9611d4cce8066c70d83e16804e2631de4553a784120875ad2b3f77cce9ca274bd6ade9c372293e18b96add796b650833f8046a1f9019d617b065d7610af638320314a435695d92900db525ea925abbc3a3eadc1572f7e12e6d392e8f4b01d707fa1bc3ac58bfb82cfc6611f8ce67bc0ca2ded7eabd8b2f5043e4a5ce8eb92faad8107af7652f843824b28af19076c728e4b738e662e0ae138359b2e438f950b7a09c4d40c30fcd1519df56e64a26ad9f5473cf93c645f3d4b0de4f37ca6631a40ee1c6559e77fe1d36811b436a89d34804a3dadc3836dd1fe0764a6f23185024a53