sanl.co.za
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:28:a3:9a:7d:d7:fd:59:7d:06:ac:7c:b3:95:71:9d:61:c1 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=sanl.co.za
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:28:a3:9a:7d:d7:fd:59:7d:06:ac:7c:b3:95:71:9d:61:c1Serial Number (int): 362277904733321344065095997964738033967553
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0f:23:53:7f:35:09:56:54:d1:44:15:09:e6:5f:75:d7:19:9a:b6:e3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 17:7b:da:86:5d:06:9b:51:15:2d:20:5d:dd:59:e6:74:95:ab:a2:99
Fingerprint (sha256): e2:a2:7e:91:e4:34:80:11:99:ce:a0:0e:56:d7:ef:c2:88:89:10:02:2b:8c:b6:bc:c8:b7:41:a8:99:88:3e:32
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate sanl.co.za
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sanl.co.za
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sanl.co.za
www.sanl.co.za
www.sanl.co.za
Other certificates including the domain name sanl.co.za
(limited to 100 certificates)
Certificate
The complete raw certificate details for sanl.co.za in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWzCCBUOgAwIBAgISBCijmn3X/Vl9Bqx8s5VxnWHBMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MTkwNTA2MzJaFw0x OTA4MTcwNTA2MzJaMBUxEzARBgNVBAMTCnNhbmwuY28uemEwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQDORVdakFTflqIUQrN8ZepxzS/hh8tsAtpBSHIf dxO0+VR/msZmcxfa7ZCsEhTozk04OS2kazQb6YCSsiwMc2sYqt8Ft6okTbZ/mzHq Ic+M+e7/N5avhW7qINFPl9PM7fpxr3pJ/dafZusQwmCNENDSNytwYAO2KgZTA6EY deqZV1KIyJ2/eDSO7SX8KoKCIrcWYybBlltaaxmfSuE3YvFfvkYHfD64f2PCa3+9 Y+mC7CuhaA4aUiGV6k3QJTRs90G+rLylz8+ov8DSIVy7/9apntEz+cBtuukaIvs4 qkzUBk93PnsZuT2g5wo+uUM5YdQF3jCAJN2uJnN0YWyx7+ztgGYexp9rwJEFKejJ /wb02l2G/1qD54zj7NhxIQij0Z6yUL6yZymuYLntaETmiocjdgcLpBKSoOc5LuU+ Ipt3JVD97DAG182M4ZBBsGvPBvrh7rGPWYJk+zk4eMwBXQ1lS6sLjUDRN1rZ8n9h yXDMu8Af8dnpOETqshMjrz1aXUOxcjGVKSoavckY6P9vnShFHVXMlEQN/ptGwcyu xV01S4u3zs1WLUAQNzzcCMQjGgCWVc23Z26lI6z24tWCJrOGyuDJMUfpLu8wCEHH kPhqGp3nZTnsWDryzuKEzfD5t5NyaLqeDfjMZ5W8QPj12pDnAVA87u6CrDGpsREF 8tKVuwIDAQABo4ICbjCCAmowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQPI1N/NQlW VNFEFQnmX3XXGZq24zAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMCUGA1UdEQQeMByCCnNhbmwuY28uemGCDnd3dy5zYW5s LmNvLnphMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHW eQIEAgSB9ASB8QDvAHUAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYA AAFqzrLnoQAABAMARjBEAiA1CKiOPI3NSf+Ur7M1Wy2dlIViVXNzYf1oR/DxXjtd xwIgDhOLa0/J9SugSRzcQEpqBi2wkCg7L74dnZQ73Hfa8VwAdgApPFGWVMg5Zbqq UPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWrOsuelAAAEAwBHMEUCIBk7XyHrra+Y ZAX+PMSZa7/j9cxl7TmWWxCiC5i8D6bUAiEAkafA3n63iGjLVC22AlgGuhcK3EDZ YmVCOZ1swgKA284wDQYJKoZIhvcNAQELBQADggEBAH3lpgLGhDF+auaIS5PRA7rI 5Uhh/T+09/YHSzJwRvK3oGKzBGydupwoB7Jp/sI+f20tK8NFnyEF0uoCZSB4KEsN LUzbydD0Y7jASp00c2/k3vZ65qhljOgT7MbpQ+JYADbENmtYcZEFPg8X0ioKUWBm nWWILeBjsTjT6KAWoIDgaUk0BnkFUIbHLhEPQwQCRGOGfZ6eg8Ejcr8YSVgkILvu dabn3DS1h4jFYjiZP6RbBYHG+1Lvu6saaDLog8XHHeE5Z8Kjxib9d3FbzA4U88hh qC8e5PFsTUyjSz7ARJk0q0ohYLN8Rp3E+iTA8Oa+sD0b6hG/b3FeLjFtO5YdE+k= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzkVXWpBU35aiFEKzfGXq cc0v4YfLbALaQUhyH3cTtPlUf5rGZnMX2u2QrBIU6M5NODktpGs0G+mAkrIsDHNr GKrfBbeqJE22f5sx6iHPjPnu/zeWr4Vu6iDRT5fTzO36ca96Sf3Wn2brEMJgjRDQ 0jcrcGADtioGUwOhGHXqmVdSiMidv3g0ju0l/CqCgiK3FmMmwZZbWmsZn0rhN2Lx X75GB3w+uH9jwmt/vWPpguwroWgOGlIhlepN0CU0bPdBvqy8pc/PqL/A0iFcu//W qZ7RM/nAbbrpGiL7OKpM1AZPdz57Gbk9oOcKPrlDOWHUBd4wgCTdriZzdGFsse/s 7YBmHsafa8CRBSnoyf8G9Npdhv9ag+eM4+zYcSEIo9GeslC+smcprmC57WhE5oqH I3YHC6QSkqDnOS7lPiKbdyVQ/ewwBtfNjOGQQbBrzwb64e6xj1mCZPs5OHjMAV0N ZUurC41A0Tda2fJ/YclwzLvAH/HZ6ThE6rITI689Wl1DsXIxlSkqGr3JGOj/b50o RR1VzJREDf6bRsHMrsVdNUuLt87NVi1AEDc83AjEIxoAllXNt2dupSOs9uLVgiaz hsrgyTFH6S7vMAhBx5D4ahqd52U57Fg68s7ihM3w+beTcmi6ng34zGeVvED49dqQ 5wFQPO7ugqwxqbERBfLSlbsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 362277904733321344065095997964738033967553 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-19 05:06:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-17 05:06:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sanl.co.za' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 841511707386627250731983964409291786386935305312037468160908008116390632978429552644637630062895239233409946453894663818602882111725258249591592965482790504061006128390213343865197479663428459838874389135497764449265365128864603205000494910364806665447881049372971152159101038349710528915099612260102871960720146095092001558022435201084078899167779956199927060435468576240058152516229959723314575870232798484202180462575662978815446421627936456786614028202181380520925538512534552650217563500753280879942767501474212038080198077168361907564503420748486613083290595309436541955876603826917238791363810661648286638009476838530942423908701644124639150099877920213247642198790602218213057372639717621452971463132813954748893003724212284558500872165343664232833157589450805520301734976914939702392997813656352510750072412591425611987395417844898471879600072204376078696602009220355177016372302692166330368580969312003756501096986390864622641931876344394716447383108618497456470915372125343032214923718857422900061118098197439757924578011929751426016235173787053338592751990808872450051281346850790505785054986229630740537633358302768663589134859202096806164921672243093319639149067489740081432221262422992082213943754309659386166715258299 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0f23537f35095654d1441509e65f75d7199ab6e3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sanl.co.za' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sanl.co.za' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016aceb2e7a1000004030046304402203508a88e3c8dcd49ff94afb3355b2d9d94856255737361fd6847f0f15e3b5dc702200e138b6b4fc9f52ba0491cdc404a6a062db090283b2fbe1d9d943bdc77daf15c007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016aceb2e7a500000403004730450220193b5f21ebadaf986405fe3cc4996bbfe3f5cc65ed39965b10a20b98bc0fa6d402210091a7c0de7eb78868cb542db6025806ba170adc40d9626542399d6cc20280dbce . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007de5a602c684317e6ae6884b93d103bac8e54861fd3fb4f7f6074b327046f2b7a062b3046c9dba9c2807b269fec23e7f6d2d2bc3459f2105d2ea02652078284b0d2d4cdbc9d0f463b8c04a9d34736fe4def67ae6a8658ce813ecc6e943e2580036c4366b587191053e0f17d22a0a5160669d65882de063b138d3e8a016a080e06949340679055086c72e110f4304024463867d9e9e83c12372bf1849582420bbee75a6e7dc34b58788c56238993fa45b0581c6fb52efbbab1a6832e883c5c71de13967c2a3c626fd77715bcc0e14f3c861a82f1ee4f16c4d4ca34b3ec0449934ab4a2160b37c469dc4fa24c0f0e6beb03d1bea11bf6f715e2e316d3b961d13e9