witqualis.com
Issued by R3
About this certificate
This digital certificate with serial number 04:3c:f1:16:86:4c:4d:7f:20:fa:d8:1d:b5:7c:86:c9:52:95 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=witqualis.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:3c:f1:16:86:4c:4d:7f:20:fa:d8:1d:b5:7c:86:c9:52:95Serial Number (int): 369186546643700558161361966995610549179029
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 6b:46:04:b8:9e:24:69:b9:69:a0:43:06:f4:a2:73:7e:a9:7d:76:35
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 26:c1:e4:c1:fd:8d:14:61:7a:15:c2:d4:1b:da:36:f4:7c:dc:43:49
Fingerprint (sha256): e8:11:85:e9:47:dc:db:87:76:8e:2b:61:61:07:76:f6:d6:cf:df:e3:84:6a:c3:e9:73:04:e8:c9:ec:7a:cd:55
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate witqualis.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for witqualis.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.witqualis.com
witqualis.com
witqualis.com
Other certificates including the domain name witqualis.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for witqualis.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgISBDzxFoZMTX8g+tgdtXyGyVKVMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MjEwOTQzNDBaFw0yNDA4MTkwOTQzMzlaMBgxFjAUBgNVBAMT DXdpdHF1YWxpcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB pOSFEsk/tSba+p9hkpzetIrs+ENZHrl78ezIf9SiEIfmgN4vbY322If8mgYNoCwy sN7kjSJ2Oe161wX5JUidXfqml+NLw91IPu52roaN2aFr9ZJr1RPLwAUXFLybTiOo BMI8lpuaJh8DXK7bFhgWNrF/k2mepxqCxwAbL61DYbP8rjhqiUJvg9WPl9XG0VSQ Qnx0cn52dyowKCiXiDKQeMT7J4ecKkOx6Vdj0BFl0k44dJPD/2Nx+EflrppWhEgl DHE7Zl0zhLP6u3A+ICmggNqhUnZ+sKzHNgi16tyEdLGnZB2l/XyteGVqddUDHc/k xDkG6cLFKy254dZmRlCBAgMBAAGjggIiMIICHjAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFGtGBLieJGm5aaBDBvSic36pfXY1MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv MCkGA1UdEQQiMCCCDyoud2l0cXVhbGlzLmNvbYINd2l0cXVhbGlzLmNvbTATBgNV HSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AO7N0GTV 2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABj5q/65YAAAQDAEgwRgIhAOLv 1xFt3S/ZkW648hUB0I5DV2uJBWNk6usQxJolJ9JmAiEA7Mlbos8vZlUgEFw/KEnf 0jHxGSJZ5LGrmHNMKJQJm2AAdwDf4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHB O75SXAAAAY+av+xcAAAEAwBIMEYCIQDojsvNjj9Gf2wrynZOLS8y4dZvk4pDGKi9 XJsy32kldwIhANZncZSX6/CrIabEt6Mn1KEofKqvX7boo37v2GI9hU08MA0GCSqG SIb3DQEBCwUAA4IBAQCb3FN4rTDoUEk8FLPmgcvfr1KbLX3X4SD0H0egcxwZQTje 4VPdEUU1ktw2aKUV0gDtO2ZPBRHKtPXwXXv2sc14u9aaEVG4rc9SwLPZELEDriBJ 1+l1UjfMPbjTALA+9PodYxJYT7Aq6aOeuj6QRHVSlMG521PJPdVDFXkZQNL3cIIP yaaPhlyXtwDqqcjw8Ct+5TsDKsLtW2lW8cJQPNnHqWMu4Vf7VW6qIMm4ZcbZfthk cyEKnfGfCCYr9wOIJKUPRjaprF5aiacuinXAAXih90oWGDtkwi5I8927d9hLINgB qGH5/RXvRsIeAoGBnJ15WRb8SIC/w0XhRhVPgzzD -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaTkhRLJP7Um2vqfYZKc 3rSK7PhDWR65e/HsyH/UohCH5oDeL22N9tiH/JoGDaAsMrDe5I0idjntetcF+SVI nV36ppfjS8PdSD7udq6Gjdmha/WSa9UTy8AFFxS8m04jqATCPJabmiYfA1yu2xYY Fjaxf5NpnqcagscAGy+tQ2Gz/K44aolCb4PVj5fVxtFUkEJ8dHJ+dncqMCgol4gy kHjE+yeHnCpDselXY9ARZdJOOHSTw/9jcfhH5a6aVoRIJQxxO2ZdM4Sz+rtwPiAp oIDaoVJ2frCsxzYIterchHSxp2Qdpf18rXhlanXVAx3P5MQ5BunCxSstueHWZkZQ gQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 369186546643700558161361966995610549179029 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 09:43:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-19 09:43:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'witqualis.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24445304457420235487977502918522222091316309033377784114349984972946254356186270500431350994804784799726625501744098007571140575977912500348720099116587705663917924247287296245167092670463556374227976049002979063317176035593704996435500433070808930490345062459218553812633324703949527987155266329336872591184994859279780005723616747094873320446336755597942357518981115093244129688844698310354771980075242963809872904332673043457913910221606827844645879983443650538334383583780866272112179186507367811518737124795387642599608017233949368862257199529927085461862748257182225401347951710611623900609108737647987923505281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6b4604b89e2469b969a04306f4a2737ea97d7635 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.witqualis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'witqualis.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f9abfeb960000040300483046022100e2efd7116ddd2fd9916eb8f21501d08e43576b89056364eaeb10c49a2527d266022100ecc95ba2cf2f665520105c3f2849dfd231f1192259e4b1ab98734c2894099b60007700dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f9abfec5c0000040300483046022100e88ecbcd8e3f467f6c2bca764e2d2f32e1d66f938a4318a8bd5c9b32df692577022100d667719497ebf0ab21a6c4b7a327d4a1287caaaf5fb6e8a37eefd8623d854d3c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009bdc5378ad30e850493c14b3e681cbdfaf529b2d7dd7e120f41f47a0731c194138dee153dd11453592dc3668a515d200ed3b664f0511cab4f5f05d7bf6b1cd78bbd69a1151b8adcf52c0b3d910b103ae2049d7e9755237cc3db8d300b03ef4fa1d6312584fb02ae9a39eba3e9044755294c1b9db53c93dd54315791940d2f770820fc9a68f865c97b700eaa9c8f0f02b7ee53b032ac2ed5b6956f1c2503cd9c7a9632ee157fb556eaa20c9b865c6d97ed86473210a9df19f08262bf7038824a50f4636a9ac5e5a89a72e8a75c00178a1f74a16183b64c22e48f3ddbb77d84b20d801a861f9fd15ef46c21e0281819c9d795916fc4880bfc345e146154f833cc3