www.knmed.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:1b:ae:97:e3:a5:6e:32:f2:b5:65:6b:16:16:f2:56:0e:38 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.knmed.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:1b:ae:97:e3:a5:6e:32:f2:b5:65:6b:16:16:f2:56:0e:38Serial Number (int): 270756556027452024361552971560573195390520
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 9a:3f:f5:89:23:ab:73:7c:2d:37:37:95:cd:e6:a7:be:35:61:6a:5f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 14:c0:6a:e5:55:f4:3a:c2:01:fa:02:77:64:55:5a:91:a9:c7:46:48
Fingerprint (sha256): e5:96:e3:2e:1a:ff:ae:5b:31:e6:c2:72:1d:c5:97:92:09:d6:cb:2d:bf:b5:25:35:86:99:cd:4e:93:a7:49:48
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.knmed.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.knmed.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.knmed.com
Other certificates including the domain name knmed.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.knmed.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISAxuul+OlbjLytWVrFhbyVg44MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTEwNDMzNTFaFw0y MDA1MTEwNDMzNTFaMBgxFjAUBgNVBAMTDXd3dy5rbm1lZC5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC1M6NeMxwfDCA7Xb6bkDhw/VHZSliNXsqA 8nEiFDKGlsyOZgmZqeL+SBRM0S6etMZXGBabuozEyPyrTOr9sCq5lsnX3j+K0qV+ j6lLpRLPdUdp8QHD4GMA+GJQTEBGo+8LZr21FsC+0J01EQeuT1dY+q0bm2xqtUKA obVeEYRM79UAaLY1M428k/thwlMWlsYfSOqCJhgQoQYw6rfVRhjYalEBmNz3VTQ4 JJLheRI0pgzKeKaWAxhk+ckNBKVr+YAQtPGJIZ3bxq7VE9KkSeRqVsJPLsOKYwtW YKRx0P6a3oQk/4qSUqudrR12NJ1EcOhaYN/bRpQdPorYcKq9HbJ/MZ8WIQG0i4Br 0Apqyp5XluK9QBjkogNzz4iCHJ55chRnDn5z90wnD5lZj9Fjy/EyP9PXoE9YHNqv wjy5GYsvxFSOGTOu1UQ70ximkX6x3fPwMMBa7HlGYKFi/NC+dZuCp5R5CgpjVfoa iT25kSb48FYYZsVX40CJRPEHiShzM2WHelBL79OZFZj/6YFV8vXIJcRVm88L7dZz QZzAQZHZoOT7LsO6pgrgRiXkyhrnBCkxcbVOImzFzZnkiuxCOekq6ROlfWBH6zcT ZIrmrmB4i8KiMI4P7Xq0g+Tawr5D3D8xJraZXEh7gW5YpfddN3ePPbVeMEhWnMG4 +qOl3Sd8dQIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSaP/WJ I6tzfC03N5XN5qe+NWFqXzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5rbm1lZC5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAXAyvUw2AAAE AwBHMEUCIQDfwR3rrXo2xfe+jsuHcqCaOnwIutK446HgYx5DYNvg9QIgQzsCNW1G g5/zs6/1hNyeKkvObHKyn5q98U7GtSFDUKQAdgAHt1wb5X1o//Gwxh0jFce65ld8 V5S3au68YToaadOiHAAAAXAyvUxjAAAEAwBHMEUCICFznbP8u0DRguaYv/EIt4Xd GqilxMIi5db3Av6s377CAiEAiDAwLAxB39CI2jzLfoffQt9YBCTT1R6aX0t/WfXY SkswDQYJKoZIhvcNAQELBQADggEBACobloYmWgQdmGnWQQczC3sLrs5IX4rZ8P5f +a6W8hliEvA0ESe96QJ41cg5JRXNWVCbt0HidIqgIbDPHji0IOwvzY98qrxMDJ9m dKTtLTROvTCPIZIfFbGCFwssxpzClYIP7p/euzJf5P2dnhlwNQBLW3YcsIE38sIt mjB6DH4f/LxGx8XSm4LSujHt4w6Qw19JP1QqWIO1m4vGdRy46GfUh6Kje8dNoNCX asj5F2nWQFFEDpA8mLLSQ9nj022EChvGibJTW2TgHtIZUHjN9NOcIfhPWlib8znr +XMDdMxyz+BhyGGPTqFHGReQuIaFfTcEPYwwGtrnQoBBb9hAOw8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtTOjXjMcHwwgO12+m5A4 cP1R2UpYjV7KgPJxIhQyhpbMjmYJmani/kgUTNEunrTGVxgWm7qMxMj8q0zq/bAq uZbJ194/itKlfo+pS6USz3VHafEBw+BjAPhiUExARqPvC2a9tRbAvtCdNREHrk9X WPqtG5tsarVCgKG1XhGETO/VAGi2NTONvJP7YcJTFpbGH0jqgiYYEKEGMOq31UYY 2GpRAZjc91U0OCSS4XkSNKYMynimlgMYZPnJDQSla/mAELTxiSGd28au1RPSpEnk albCTy7DimMLVmCkcdD+mt6EJP+KklKrna0ddjSdRHDoWmDf20aUHT6K2HCqvR2y fzGfFiEBtIuAa9AKasqeV5bivUAY5KIDc8+IghyeeXIUZw5+c/dMJw+ZWY/RY8vx Mj/T16BPWBzar8I8uRmLL8RUjhkzrtVEO9MYppF+sd3z8DDAWux5RmChYvzQvnWb gqeUeQoKY1X6Gok9uZEm+PBWGGbFV+NAiUTxB4koczNlh3pQS+/TmRWY/+mBVfL1 yCXEVZvPC+3Wc0GcwEGR2aDk+y7DuqYK4EYl5Moa5wQpMXG1TiJsxc2Z5IrsQjnp KukTpX1gR+s3E2SK5q5geIvCojCOD+16tIPk2sK+Q9w/MSa2mVxIe4FuWKX3XTd3 jz21XjBIVpzBuPqjpd0nfHUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 270756556027452024361552971560573195390520 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-11 04:33:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-11 04:33:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.knmed.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 739238487629255810679149404787492545607753786292757824257438771107640352661998176138798290813496896890513240222029100444384517715972248218039898073007279469402952439881319278951178395787952785598546828599351709213048449285147708183216479785021899245138816819287051857736787402862787622892805953969542623992173079787901153836034905262997727099606067212822188363647378245523228515800569752837559469256960568636383685735483275866321567253937267206514323303022585822619651732914954768572786482293186319618874805829058329096511057543149275840561162957066772003043490285171240185978902624191250084298336757197532557128917604626877655742680974729166335538102465706628764136158012549037023604214381026362516037079995753540430710332799038490967728973414533611086070080433499777466588777064639015079713342590432958468512067859499848742251444889242428323446858934574524884183643317952038589082022930845923940304970333740011104993978405361209963674577703270845066403308396312113614651009446227535426464109027774816604147250477809313536772982277299602700559372003502958173528838896931422134571425655345891318180509198766869409431146273031898386391535491140827990730089976724379793356041348185631275368412487496483871893875831787579898943557303413 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9a3ff58923ab737c2d373795cde6a7be35616a5f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.knmed.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000017032bd4c360000040300473045022100dfc11debad7a36c5f7be8ecb8772a09a3a7c08bad2b8e3a1e0631e4360dbe0f50220433b02356d46839ff3b3aff584dc9e2a4bce6c72b29f9abdf14ec6b5214350a400760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017032bd4c630000040300473045022021739db3fcbb40d182e698bff108b785dd1aa8a5c4c222e5d6f702feacdfbec20221008830302c0c41dfd088da3ccb7e87df42df580424d3d51e9a5f4b7f59f5d84a4b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002a1b9686265a041d9869d64107330b7b0baece485f8ad9f0fe5ff9ae96f2196212f0341127bde90278d5c8392515cd59509bb741e2748aa021b0cf1e38b420ec2fcd8f7caabc4c0c9f6674a4ed2d344ebd308f21921f15b182170b2cc69cc295820fee9fdebb325fe4fd9d9e197035004b5b761cb08137f2c22d9a307a0c7e1ffcbc46c7c5d29b82d2ba31ede30e90c35f493f542a5883b59b8bc6751cb8e867d487a2a37bc74da0d0976ac8f91769d64051440e903c98b2d243d9e3d36d840a1bc689b2535b64e01ed2195078cdf4d39c21f84f5a589bf339ebf9730374cc72cfe061c8618f4ea147191790b886857d37043d8c301adae74280416fd8403b0f