secured.exchange
Issued by R3
About this certificate
This digital certificate with serial number 04:f3:de:00:69:7e:6f:f8:51:e8:19:40:bc:13:f7:c1:60:e7 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=secured.exchange
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:f3:de:00:69:7e:6f:f8:51:e8:19:40:bc:13:f7:c1:60:e7Serial Number (int): 431432849643563694428589556963929544024295
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: bc:76:44:e9:cb:c7:4f:88:92:c7:35:b4:89:54:e3:a4:78:d2:b9:e0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): cc:de:f2:79:4f:43:44:c7:7f:4b:25:99:31:22:3a:22:c0:7c:5a:cf
Fingerprint (sha256): e6:f0:6e:70:64:2b:48:de:d5:b8:e8:c0:3f:20:ef:5a:bc:8e:7a:72:67:63:8b:33:37:d2:86:ee:28:1a:ba:bb
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate secured.exchange
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for secured.exchange
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
secured.exchange
www.secured.exchange
www.secured.exchange
Other certificates including the domain name secured.exchange
(limited to 100 certificates)
Certificate
The complete raw certificate details for secured.exchange in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGAzCCBOugAwIBAgISBPPeAGl+b/hR6BlAvBP3wWDnMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjEwNTA1NTdaFw0yNDA0MjAwNTA1NTZaMBsxGTAXBgNVBAMT EHNlY3VyZWQuZXhjaGFuZ2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQDseHmgZ0q79f34M1AyxZJ0qsaUNfqzAPvOLxzrkBzZjhm+TSu1jSZFod/MSpsf xET8KyTYZcGKqEcvH21ebwj9a7dd0bBt28rqJ4g2woOp7oO0LKCeRNNGzyv0M3Sv PMqydlXeYyvzvBa8R8w3YIKOpLM14Lr1oHQGCBaNBeoZr8KPJvLGieYyIURQIdb8 dpNQsM3KHn1a6oUA0qbwEtCydrPS+cdP8Z7MDb/x0ek4cS5/ScmnJWUSLFplsQM4 BdQPPAx8/sUHmRPODx7tFbpuBzbluC6KULZatwDKO2Z2X8bNpi2mRJ4f10g6hCCr p8FuHzT4K+3wiEKf3P4tUb99EN4keYoa6csv1rYxDi0kgvTGxrOxQ6UN+lA7iDXS jQZJPvh2RBHfAdk8PD1nxMuxcR9opjsdVLGB4HAWGKyD2PmpQaeMXt6ZeApUS0c0 Ls/sqjP18Cwy2D3CFCCySSf/uzbgRXBq6G7HsjLjnKk4/wjOUV98+qOeBma1XLpT 6xSy3LZ41e19FeU4riSYLJ7y34lsccSHax3bD6dRpUE8mJw1JPt68CjNW4YYpxYy 9iI6eiBoyMZmR8PF4BOOpIViJrIPMudbDOlUIgcYP5/uXjsz+RMSwn0xnwlH3rSD anw6wammCp7XYMJS9gf35JWeRjxa8yS6/2aoKyO+bSpz2QIDAQABo4ICKDCCAiQw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS8dkTpy8dPiJLHNbSJVOOkeNK54DAfBgNV HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0 cDovL3IzLmkubGVuY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVkLmV4Y2hhbmdl ghR3d3cuc2VjdXJlZC5leGNoYW5nZTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQG CisGAQQB1nkCBAIEgfUEgfIA8AB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0t cm/h+tQXAAABjSqgMfUAAAQDAEYwRAIgN2Rxf7fsXcTGAQ4t2H4piKZAGi6p4yPS oj+eYntKA+ACIAo+Vt+xyfcz/Hw/4DEqycTn0spGOCygsmSCqt/ZtTmQAHcASLDj a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNKqAx/gAABAMASDBGAiEA zThFw0G/hCJAgtB8kKFp/qifgYPuUmPXxtIYcWPhm9gCIQC43eU1mwZWJ444BrQW 10x1JNviHcVqrJEUPatN9oF4qjANBgkqhkiG9w0BAQsFAAOCAQEAnmhR7fGD5W0/ MxZl6QhISFwwbsbP/4VzYGphhicfrhvRbadXLW2EVPUcNc8KaSwywWfOoVRKyAUQ m1/hDiFqMcLfAQPSHVkcIISmywvDKnj0lZZaHw7iLQvYUzz3sCbj1okBEiLdI/Ko 5RmA0huPM/iPdD2nbTONUDS32jewMRjWlOpmuODlKkFrkvnx0mMEZ1XIHCHwPOFp +33ZNcLqZoNsxDbM16KfcNHE1+fPPHGS/7HSt2TP9i6uiozGA+Z91gM4JGL55QaE AML7MPgd3nktjjm73bAnKvzg8YBHzreX0uGxx2c6emzunS8VthT5bnRsrwuGYtDU aNxLJmQjmw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7Hh5oGdKu/X9+DNQMsWS dKrGlDX6swD7zi8c65Ac2Y4Zvk0rtY0mRaHfzEqbH8RE/Csk2GXBiqhHLx9tXm8I /Wu3XdGwbdvK6ieINsKDqe6DtCygnkTTRs8r9DN0rzzKsnZV3mMr87wWvEfMN2CC jqSzNeC69aB0BggWjQXqGa/CjybyxonmMiFEUCHW/HaTULDNyh59WuqFANKm8BLQ snaz0vnHT/GezA2/8dHpOHEuf0nJpyVlEixaZbEDOAXUDzwMfP7FB5kTzg8e7RW6 bgc25bguilC2WrcAyjtmdl/GzaYtpkSeH9dIOoQgq6fBbh80+Cvt8IhCn9z+LVG/ fRDeJHmKGunLL9a2MQ4tJIL0xsazsUOlDfpQO4g10o0GST74dkQR3wHZPDw9Z8TL sXEfaKY7HVSxgeBwFhisg9j5qUGnjF7emXgKVEtHNC7P7Koz9fAsMtg9whQgskkn /7s24EVwauhux7Iy45ypOP8IzlFffPqjngZmtVy6U+sUsty2eNXtfRXlOK4kmCye 8t+JbHHEh2sd2w+nUaVBPJicNST7evAozVuGGKcWMvYiOnogaMjGZkfDxeATjqSF YiayDzLnWwzpVCIHGD+f7l47M/kTEsJ9MZ8JR960g2p8OsGppgqe12DCUvYH9+SV nkY8WvMkuv9mqCsjvm0qc9kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 431432849643563694428589556963929544024295 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-21 05:05:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-20 05:05:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secured.exchange' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 964715904516087951788588050615075946124694544124565539093069642576474406252200979941294638662889943034146530569935014001620180841592665805808155931328543515503835250198928815665552373681488248724926078621531244170604044247967658018543938982350572482154587060902803726537196328191109804792839749838711196651051490855121632334501083372112176983395090567216480397760167699203526809021840609245914202864710418324039152547465198848589621410058649335874182135047375728916144022707663893627335772972145840867232418572014418232095688295207340442105416041989087355372778141885775329620730900475990534160493795565151942595930592975363193147101827124336879243971537482424338115494944196842279653990661060449076364798288600235602327414029420284845904993503734312029937609851458428279563835989544431024205674699889789820789169999945658506950985474337500188079922204180024901642995512045694838601616887943275308398189687431328245807404802597407238584945713508682893943272468183300825602071622236637065252131495741160094412912382374174733522428274052768101144909129700549567476251865839641583536198637231112589390506006591654193171444474003407315616881084716617139374227156450571599562173791091565779099782749245428497608216024800119819629100692441 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bc7644e9cbc74f8892c735b48954e3a478d2b9e0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secured.exchange' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.secured.exchange' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d2aa031f5000004030046304402203764717fb7ec5dc4c6010e2dd87e2988a6401a2ea9e323d2a23f9e627b4a03e002200a3e56dfb1c9f733fc7c3fe0312ac9c4e7d2ca46382ca0b26482aadfd9b5399000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d2aa031fe0000040300483046022100cd3845c341bf84224082d07c90a169fea89f8183ee5263d7c6d2187163e19bd8022100b8dde5359b0656278e3806b416d74c7524dbe21dc56aac91143dab4df68178aa . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009e6851edf183e56d3f331665e90848485c306ec6cfff8573606a6186271fae1bd16da7572d6d8454f51c35cf0a692c32c167cea1544ac805109b5fe10e216a31c2df0103d21d591c2084a6cb0bc32a78f495965a1f0ee22d0bd8533cf7b026e3d689011222dd23f2a8e51980d21b8f33f88f743da76d338d5034b7da37b03118d694ea66b8e0e52a416b92f9f1d263046755c81c21f03ce169fb7dd935c2ea66836cc436ccd7a29f70d1c4d7e7cf3c7192ffb1d2b764cff62eae8a8cc603e67dd603382462f9e5068400c2fb30f81dde792d8e39bbddb0272afce0f18047ceb797d2e1b1c7673a7a6cee9d2f15b614f96e746caf0b8662d0d468dc4b2664239b