www.bregal.com

Issued by R10

About this certificate

This digital certificate with serial number 04:8d:87:57:be:bf:cc:a5:d6:f4:d1:ce:85:1f:cc:db:a6:b3 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.bregal.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:8d:87:57:be:bf:cc:a5:d6:f4:d1:ce:85:1f:cc:db:a6:b3
Serial Number (int): 396608858841004705271585324657966738810547
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 0b:9e:87:18:1e:62:8b:14:f1:bd:18:d0:a9:13:e2:8f:4b:c0:d1:b3
AuthorityKeyId: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (sha1): 43:e8:4f:59:4f:5f:6e:64:b4:c2:c5:0a:d6:0e:34:7f:7c:0a:ca:a3
Fingerprint (sha256): f1:d7:1c:e7:e9:9c:8c:49:7a:38:40:76:9c:50:e4:dc:cb:6b:a1:36:95:ee:e5:3b:b4:9a:0e:ce:bb:ca:42:6a

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation information

OCSP Server: http://r10.o.lencr.org

Check the revocation status for certificate www.bregal.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.bregal.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bregal.com
www.bregal.com

Other certificates including the domain name bregal.com

(limited to 100 certificates)
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com

Certificate

The complete raw certificate details for www.bregal.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISBI2HV76/zKXW9NHOhR/M26azMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjQwNjExMTkxNTI0WhcNMjQwOTA5MTkxNTIzWjAZMRcwFQYDVQQD
Ew53d3cuYnJlZ2FsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AIWhbKzMyyNynD+y+lt8oAJmF79BcNImVm/H3QeYqgFli+jm93WbsZJGqacAcVwn
XdQVtkTOguQyRdmEX9SJCn5Bq4NPlLM8kRBQCRhNfFcF9dhUag2+KbMYUak/DsFM
nM29XwCcHU8i8VcgEY+LGaACbVlUoA4K30cl3oQ95XmBGjKl/+qmViAWh42wTlsk
+F6boHtwdlHqkNDRkdboMmUyuxLRIkyevkbfIBVvoGTranz4C4SjtTz2BE6lcvvC
bY8kLrMpXBGZyNkXQ1IuHE9EG+zML4LyXi8yEMjtQeqELK5TxbP9mMX9IG6jQ4nY
1VLmo//s7QjdxDsfHd2SeBcCAwEAAaOCAh4wggIaMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUC56HGB5iixTxvRjQqRPij0vA0bMwHwYDVR0jBBgwFoAUu7zDR6XkvKnG
w6RyDBCNojXhyOgwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRwOi8v
cjEwLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjEwLmkubGVuY3Iu
b3JnLzAlBgNVHREEHjAcggpicmVnYWwuY29tgg53d3cuYnJlZ2FsLmNvbTATBgNV
HSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AD8XS0/X
IkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABkAjw7AMAAAQDAEcwRQIgdgcQ
e5CoZBfu16i7VuFT6NNDMm9pcV3KVeEHr5PlGUcCIQD7KOgvq2EoMGl0wA1LvgNo
SSCHb6o5DBUsBunXAk+r3gB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s5
2IRzAAABkAjw7AcAAAQDAEcwRQIgdaek3/JgNh7UilYgMQqWu3eBXHfDuA28qotl
+idzETsCIQDzyE+Mg/4dYLOVYYJU17XtY5fgj/eK+2RfL8AUbhpHFzANBgkqhkiG
9w0BAQsFAAOCAQEAW60nCoIZTs3UCGYG6oG0pSJbRjXBQJZp6NMQkR1lf9muj3q5
Iusan8nVCOvJjWe646FJAduNVRQwVSVzbaF3/Flo0qQ6exbnJD9RhbPXZrHGsh9y
gl74+gmdwK3fes6o50rNFI20kLVofipYU98sB9CK3DxloBxAiBU+nQt/iFwos79i
wmV+3EcPVOBGmN2TGnE0EUogGNQplY2z5ZF7HqXUp7I7O46UtCrdRviUBtPeRTdn
Hyi8PqRWPgYRE7OxIY70ZE+U2WN7U1nlyo1gUMypP9XtPVOdcxFpHjtBThYbFmcD
VTe59W8n/eaqPt0qtmpI6WLE8k1SsILFrGMN7g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaFsrMzLI3KcP7L6W3yg
AmYXv0Fw0iZWb8fdB5iqAWWL6Ob3dZuxkkappwBxXCdd1BW2RM6C5DJF2YRf1IkK
fkGrg0+UszyREFAJGE18VwX12FRqDb4psxhRqT8OwUyczb1fAJwdTyLxVyARj4sZ
oAJtWVSgDgrfRyXehD3leYEaMqX/6qZWIBaHjbBOWyT4Xpuge3B2UeqQ0NGR1ugy
ZTK7EtEiTJ6+Rt8gFW+gZOtqfPgLhKO1PPYETqVy+8JtjyQusylcEZnI2RdDUi4c
T0Qb7MwvgvJeLzIQyO1B6oQsrlPFs/2Yxf0gbqNDidjVUuaj/+ztCN3EOx8d3ZJ4
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 396608858841004705271585324657966738810547
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-11 19:15:24 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-09 19:15:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bregal.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16869295953998686724151836383409235081662499117141394074074411293909568868174469291329245062715359498113260282566682306510525015759188343907414264259553727707884498435376274724346666645729619176673372556678892768689463074784234782840563290299564950754163075007775087373211711147236650788677351929798395248096485293511317468310375073426165291064729010611070151805595877635559910731581879649060718139792223020830298936787155871589688334645007709672831100426610182443069917925012532846496370452245612012731764058283747279562581341441118121406160564074776871233214790951714652899688930549415014982459515909867595669600279
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0b9e87181e628b14f1bd18d0a913e28f4bc0d1b3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bregal.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bregal.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000019008f0ec03000004030047304502207607107b90a86417eed7a8bb56e153e8d343326f69715dca55e107af93e51947022100fb28e82fab6128306974c00d4bbe03684920876faa390c152c06e9d7024fabde00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000019008f0ec070000040300473045022075a7a4dff260361ed48a5620310a96bb77815c77c3b80dbcaa8b65fa2773113b022100f3c84f8c83fe1d60b395618254d7b5ed6397e08ff78afb645f2fc0146e1a4717
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005bad270a82194ecdd4086606ea81b4a5225b4635c1409669e8d310911d657fd9ae8f7ab922eb1a9fc9d508ebc98d67bae3a14901db8d5514305525736da177fc5968d2a43a7b16e7243f5185b3d766b1c6b21f72825ef8fa099dc0addf7acea8e74acd148db490b5687e2a5853df2c07d08adc3c65a01c4088153e9d0b7f885c28b3bf62c2657edc470f54e04698dd931a7134114a2018d429958db3e5917b1ea5d4a7b23b3b8e94b42add46f89406d3de4537671f28bc3ea4563e061113b3b1218ef4644f94d9637b5359e5ca8d6050cca93fd5ed3d539d7311691e3b414e161b1667035537b9f56f27fde6aa3edd2ab66a48e962c4f24d52b082c5ac630dee