bass.li

Issued by R3

About this certificate

This digital certificate with serial number 03:f3:94:37:d6:6f:78:f3:4e:6e:63:1b:60:49:2e:66:07:a0 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=bass.li

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:f3:94:37:d6:6f:78:f3:4e:6e:63:1b:60:49:2e:66:07:a0
Serial Number (int): 344222488626039587087255469615910771623840
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 45:ee:a8:8b:b9:6c:aa:d4:aa:db:25:29:8d:6d:2e:17:47:b1:19:da
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 33:5e:9c:4e:2f:8f:5c:eb:f5:6d:8b:36:f1:8c:52:ad:a0:86:44:10
Fingerprint (sha256): eb:d6:eb:3d:d9:61:be:f9:16:6b:15:09:9f:d4:1e:8e:3c:1d:3f:98:4a:65:e1:ef:ee:24:7d:ed:66:b5:41:ac

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate bass.li

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bass.li

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bass.li
www.bass.li

Other certificates including the domain name bass.li

(limited to 100 certificates)
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li
bass.li

Certificate

The complete raw certificate details for bass.li in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISA/OUN9ZvePNObmMbYEkuZgegMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MDIwOTEyMzFaFw0yNDA3MzEwOTEyMzBaMBIxEDAOBgNVBAMT
B2Jhc3MubGkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDnDoYhrKwJ
e+B7qc8k3sbm4OTbLHKIpwxhcfPlh0nZ3PLUrhXl5ZATktpnjiZxBNyinej/8vjz
oWLm6yp8nf3RbD4iEQXHQQi4a6VtHqOUhtzqCOqlwb/1C9vOe1jSdLsOG8zeGJ2i
VxmsPcVVmO8PNrHMsFnHupiIm9NpaXq8GgKP0lDYh11ZJg8UOrrntB94qaXcCwOI
5ptRbsHaEOjxEEECbn3X5h0daOziLhGedsndXSpHGmfAKQTDcfyknhBWDJ4lnceP
Trv1AP9wySdGLMQP4Zhjy/3Svkt3i3GB24BzDWsHa2JbdeMUnpmz7AtMSPucSmwv
CkG2eX2u0ZEECzgoOksW1qU0EOFzdP32WGGcPuOTA5xsvp/wTzrv+BDhYX8KWa88
lrQDJRWSAHQwXw0JTM16yty64TCUpXcKzjMCm6I6mpsbgykRMbzP23S2TxYh3EZV
36cKX6G+eHq5MRDkC1C7MG/epiD9r+v2i4qRT2xLKn/g8+w1TfFH2lQ4rn7rToqK
LZr1j36Bdhh3cGaHhQf3bf7+9EkXGiyiVklvQHTTGsi43wKFEndgkFLiVT3pJ9ux
yI74Beb5aFCxdx5VubqJymuMlCLd7HnVygIIgib+JZ6nxbgnrygOmYV/Nt6e/fqT
C8RvopXPp8Y4t378hMBWkf3vbg74tgcyZQIDAQABo4ICFTCCAhEwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBRF7qiLuWyq1KrbJSmNbS4XR7EZ2jAfBgNVHSMEGDAWgBQU
LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG
FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku
bGVuY3Iub3JnLzAfBgNVHREEGDAWggdiYXNzLmxpggt3d3cuYmFzcy5saTATBgNV
HSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AEiw42va
pkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjzjKlEcAAAQDAEcwRQIhANDC
N/UMXYBqKJ4fdLkOUpU+AjKSddhST0T+dr8KCIfLAiBjZwuOhc0CxaIEr6VqQ42t
tIoMt+VAw/f01QQj7MEppgB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZx
H7WbAAABjzjKlEUAAAQDAEYwRAIgfH8hTLtCbnQEEFw3PUc7zXOq13kalsuN/hQ/
LyGW/c4CIA3IKCqa+6dLCIE9RRHxRZXJtpPNbKMkZiM2SkFFq9x3MA0GCSqGSIb3
DQEBCwUAA4IBAQAjnN8fqC2utwsZvwKleJnVXT2wSfnEd5agtqd/ZqiKa2vRyOqf
HhhilGWph3yAoO6V/xohwgda2GdIRX22kiUstbaAn95li946/V/f+YeZ9tReAQUL
a/MZhuHgcTEFr+eVHzu0PruFy0pskBdUix8rO0vVXC6Ol19BuUDIRw39BhHKXTBg
VqVItFJVIGybDfIwbSaHVxBGMT/03/DETKqxfpFd8Te/NMKhninw70FEHqNcgapT
xLKdQt7IbIM/KjCdDcLwQPnOPewAqSz6erec6DzNRKZ4DeurI6H3+2NJS4xgXK/0
+9s/l4TOn+Jz1VqQZ5x0USLIZ1/NT/upaYrw
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5w6GIaysCXvge6nPJN7G
5uDk2yxyiKcMYXHz5YdJ2dzy1K4V5eWQE5LaZ44mcQTcop3o//L486Fi5usqfJ39
0Ww+IhEFx0EIuGulbR6jlIbc6gjqpcG/9QvbzntY0nS7DhvM3hidolcZrD3FVZjv
DzaxzLBZx7qYiJvTaWl6vBoCj9JQ2IddWSYPFDq657QfeKml3AsDiOabUW7B2hDo
8RBBAm591+YdHWjs4i4RnnbJ3V0qRxpnwCkEw3H8pJ4QVgyeJZ3Hj0679QD/cMkn
RizED+GYY8v90r5Ld4txgduAcw1rB2tiW3XjFJ6Zs+wLTEj7nEpsLwpBtnl9rtGR
BAs4KDpLFtalNBDhc3T99lhhnD7jkwOcbL6f8E867/gQ4WF/ClmvPJa0AyUVkgB0
MF8NCUzNesrcuuEwlKV3Cs4zApuiOpqbG4MpETG8z9t0tk8WIdxGVd+nCl+hvnh6
uTEQ5AtQuzBv3qYg/a/r9ouKkU9sSyp/4PPsNU3xR9pUOK5+606Kii2a9Y9+gXYY
d3Bmh4UH923+/vRJFxosolZJb0B00xrIuN8ChRJ3YJBS4lU96SfbsciO+AXm+WhQ
sXceVbm6icprjJQi3ex51coCCIIm/iWep8W4J68oDpmFfzbenv36kwvEb6KVz6fG
OLd+/ITAVpH9724O+LYHMmUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 344222488626039587087255469615910771623840
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-02 09:12:31 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-31 09:12:30 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bass.li'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 942629234993493816998793803720693502266374439819699124093866592645439361363108180719070535892182150561204173162447604635818963121770399188997376621093253781128003625764326361272455043341021231953535515199151155287070249269995190807748453850834379311470827270618472183258954476335943680224457510976343650907621545447615044779009144081734602778390599928325749649559921626007970676872634400802634095132815554507579721419868270977828278771851255019326701648437627994205268152018760634011733886292021421159233528841122356953007226892339652100565243156640669214259333832932139700004929226219004779215276356471986037403863747816110260212696974670599380292018323971714354849981428647169452285988829614741464768739463724578250058621793290239325873439853415947622641367729251741608618155592251613694047932825746488008613609022507695943736255356045049274811528094023146287773457826125800384826063324170291332416805720035896397353646946228892647965250250692584974738878486415952818528741236416518782326320586845679883678396528439004716082289401231815967326886994788418949055599112889605228589395473692084735672713017834211207948334719147395470114341808454630709716931273213231781105191758858509436738232563024134334227111907789020167603170521701
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							45eea88bb96caad4aadb25298d6d2e1747b119da
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bass.li'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bass.li'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f38ca94470000040300473045022100d0c237f50c5d806a289e1f74b90e52953e02329275d8524f44fe76bf0a0887cb022063670b8e85cd02c5a204afa56a438dadb48a0cb7e540c3f7f4d50423ecc129a6007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f38ca9445000004030046304402207c7f214cbb426e7404105c373d473bcd73aad7791a96cb8dfe143f2f2196fdce02200dc8282a9afba74b08813d4511f14595c9b693cd6ca3246623364a4145abdc77
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00239cdf1fa82daeb70b19bf02a57899d55d3db049f9c47796a0b6a77f66a88a6b6bd1c8ea9f1e18629465a9877c80a0ee95ff1a21c2075ad86748457db692252cb5b6809fde658bde3afd5fdff98799f6d45e01050b6bf31986e1e0713105afe7951f3bb43ebb85cb4a6c9017548b1f2b3b4bd55c2e8e975f41b940c8470dfd0611ca5d306056a548b45255206c9b0df2306d2687571046313ff4dff0c44caab17e915df137bf34c2a19e29f0ef41441ea35c81aa53c4b29d42dec86c833f2a309d0dc2f040f9ce3dec00a92cfa7ab79ce83ccd44a6780debab23a1f7fb63494b8c605caff4fbdb3f9784ce9fe273d55a90679c745122c8675fcd4ffba9698af0