agreatcity.com
Issued by R3
About this certificate
This digital certificate with serial number 04:8e:15:8d:ef:2a:d8:53:4b:a8:06:92:3d:50:cb:aa:16:ab was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=agreatcity.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:8e:15:8d:ef:2a:d8:53:4b:a8:06:92:3d:50:cb:aa:16:abSerial Number (int): 396797890582473212600911179793012645041835
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 5a:1c:88:ad:9b:67:b3:1c:84:a9:96:5f:9d:8f:09:c7:a4:e5:42:df
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ae:f1:2f:bd:fa:bb:04:65:a4:3e:41:23:b3:77:b5:27:16:54:3f:1a
Fingerprint (sha256): e9:92:3f:7e:d8:4d:83:54:59:27:0e:cd:fc:8a:e5:ef:a3:cc:80:dc:8c:4b:f3:89:9d:5d:31:76:10:b3:fd:2b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate agreatcity.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for agreatcity.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
agreatcity.com
www.agreatcity.com
www.agreatcity.com
Other certificates including the domain name agreatcity.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for agreatcity.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISBI4Vje8q2FNLqAaSPVDLqharMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTkwMTIxMzVaFw0yNDA3MTgwMTIxMzRaMBkxFzAVBgNVBAMT DmFncmVhdGNpdHkuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA u+ZzeV2NB+MroWvDO0+OPmG/etsgQ71y+PAeC6i9pEGvW/k7kg91lqqSb4TCEqUs zt/a16oqTL5GX1ROmEs7F9VjQzS2sBFKbWQaAVDP+eHnV5bbAf95h0bJ/ApdptH5 WHu4SMZDBXlJdYlcPKulXEh74S130wKHc8Mm/aJtTTWj3cnNVlTgzLjhaRtsM7qs lBpsM7QBlzD61SHhsh1ILSt8uSW+y13OrDHnb7c+Sxzayb1bY5Nv1If+9/z680mN Aq8tYkdCIQ/kTHs4Ouxqp3ISf2bv9Qa6aHHPjYp1ownVdAkL4XBZ/PJimMZhOnWk 4fSnoB0G2BAcYoAFLpOEw6Lvu1tBdVQwYvWhMKeJOAGITuBVfOCNZx8Op8P4hXkW g+r1bvUtSvVF6BjBI8qDSPp3KoC0tuLuFlNDHaQ9zb1fxXiwGNJxexqr3zWGwpY4 iMPNuroVuL+jXxXxN/rkU7M8FniblPglSszvL/RHysmARESi8r5ih0typbk6DM7n N6M4PZUsleaCwl67/QQS3YMsAYF/IoW2W7EwgKbVw1eJbtSmn1SEjAxkLaAguR10 bDem98mdEnau1jCGwW3h0qdsuel21RNULjWbNpRwHHLBFfYb+m52A7gYjdxXtf1g 0H2Y43fPGsxdF2sGawENNlJKdh3WqUTVlxZDpiX3iz0CAwEAAaOCAiMwggIfMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUWhyIrZtnsxyEqZZfnY8Jx6TlQt8wHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIOYWdyZWF0Y2l0eS5jb22CEnd3 dy5hZ3JlYXRjaXR5LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB 1nkCBAIEgfQEgfEA7wB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABjvQowSEAAAQDAEcwRQIhAMcYi/cBvHsgE8FvjjlJwkP2IrRgrM49YEZCKPu1 DoRHAiASfXx5gqFUlgPJ1B0lTuE8doDHFVTmAHhbu8X2enBMTgB1AO7N0GTV2xrO xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjvQowRgAAAQDAEYwRAIgHGtXO+sy 59Vj+m60l/j3pR88Sl+BP49U6OT7/Kl2TSkCIFexHa8UNxvwZm+tGH8M8GXTr85b 3Ki1PJwonLPEjYqtMA0GCSqGSIb3DQEBCwUAA4IBAQCozTzsNOox5Bzjy05OR4ys 8wDAh6BdB+l2FbviG8Rt2s16xMX81HQtJKDsalidS8X/ENYagYj6jMLj78T2bVmJ oB6Be5CCKGQO2iZt85LHXs/5td+WfvAEBlOWkF39XBjg0iE0ICC3EdW9s31g4JdK y0xOW8qneM9nCQesIVgQ4Y0Zgz2qaXZsHzsOGJavwzUUsxc+7g9ozdO8Uu7hs/Kw BNVldiqacGchOjnaMSUEx9hpRrVbAH663dPf6hwavjgGHeeMRIDpmozveyhQuxts Q/YnqcdSVB5UhkM+eSawMKWhMRt6HGYNSKnkq3W2O7mGZ8EMLOOFZCjW0saYmqco -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu+ZzeV2NB+MroWvDO0+O PmG/etsgQ71y+PAeC6i9pEGvW/k7kg91lqqSb4TCEqUszt/a16oqTL5GX1ROmEs7 F9VjQzS2sBFKbWQaAVDP+eHnV5bbAf95h0bJ/ApdptH5WHu4SMZDBXlJdYlcPKul XEh74S130wKHc8Mm/aJtTTWj3cnNVlTgzLjhaRtsM7qslBpsM7QBlzD61SHhsh1I LSt8uSW+y13OrDHnb7c+Sxzayb1bY5Nv1If+9/z680mNAq8tYkdCIQ/kTHs4Ouxq p3ISf2bv9Qa6aHHPjYp1ownVdAkL4XBZ/PJimMZhOnWk4fSnoB0G2BAcYoAFLpOE w6Lvu1tBdVQwYvWhMKeJOAGITuBVfOCNZx8Op8P4hXkWg+r1bvUtSvVF6BjBI8qD SPp3KoC0tuLuFlNDHaQ9zb1fxXiwGNJxexqr3zWGwpY4iMPNuroVuL+jXxXxN/rk U7M8FniblPglSszvL/RHysmARESi8r5ih0typbk6DM7nN6M4PZUsleaCwl67/QQS 3YMsAYF/IoW2W7EwgKbVw1eJbtSmn1SEjAxkLaAguR10bDem98mdEnau1jCGwW3h 0qdsuel21RNULjWbNpRwHHLBFfYb+m52A7gYjdxXtf1g0H2Y43fPGsxdF2sGawEN NlJKdh3WqUTVlxZDpiX3iz0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 396797890582473212600911179793012645041835 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-19 01:21:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-18 01:21:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'agreatcity.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 766565934248293066523776041324036890783710271202565166610962637629058190082967103626404238781009473274586237705434864131520493582238302217626673263298625366368158464590560132180657940962076324008222320251358359179047450512273634040103599246694375576405927773423386202317452997667454289721858756611197002618712927229349853581749670266071206315936557306264495799995141020138804030130973477313943722291910926943303358134084261164656545773604903059842082612725664072274942687679408202536885480646673644803806728786868980970230172533938544860252772892582675726936550123612489370114792002208386961905904594733091472273412301222455604171394402010327751865691719745914061678337732272657028040679892481456782317840830589307696705642966159365019855509314578973667462346608552732426602257028476573264038714810350232473036683485212210748591134223653043373428652694620355108157302460030268806171731742516396643739093948416376443669412407787412431671193658414124709546652940505809825734866138155495695584833551703424126699772479710329218721382625915846916275535881861730257993279789102800579634455952603612780756806615289851683864312747181764034841392737447365252856049485795838770104277148199061325931946094295554663147898974685653899160837393213 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a1c88ad9b67b31c84a9965f9d8f09c7a4e542df . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agreatcity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agreatcity.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ef428c1210000040300473045022100c7188bf701bc7b2013c16f8e3949c243f622b460acce3d60464228fbb50e84470220127d7c7982a1549603c9d41d254ee13c7680c71554e600785bbbc5f67a704c4e007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ef428c118000004030046304402201c6b573beb32e7d563fa6eb497f8f7a51f3c4a5f813f8f54e8e4fbfca9764d29022057b11daf14371bf0666fad187f0cf065d3afce5bdca8b53c9c289cb3c48d8aad . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a8cd3cec34ea31e41ce3cb4e4e478cacf300c087a05d07e97615bbe21bc46ddacd7ac4c5fcd4742d24a0ec6a589d4bc5ff10d61a8188fa8cc2e3efc4f66d5989a01e817b908228640eda266df392c75ecff9b5df967ef004065396905dfd5c18e0d221342020b711d5bdb37d60e0974acb4c4e5bcaa778cf670907ac215810e18d19833daa69766c1f3b0e1896afc33514b3173eee0f68cdd3bc52eee1b3f2b004d565762a9a7067213a39da312504c7d86946b55b007ebaddd3dfea1c1abe38061de78c4480e99a8cef7b2850bb1b6c43f627a9c752541e5486433e7926b030a5a1311b7a1c660d48a9e4ab75b63bb98667c10c2ce3856428d6d2c6989aa728