www.bregal.com
Issued by R10
About this certificate
This digital certificate with serial number 04:8d:87:57:be:bf:cc:a5:d6:f4:d1:ce:85:1f:cc:db:a6:b3 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.bregal.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:8d:87:57:be:bf:cc:a5:d6:f4:d1:ce:85:1f:cc:db:a6:b3Serial Number (int): 396608858841004705271585324657966738810547
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0b:9e:87:18:1e:62:8b:14:f1:bd:18:d0:a9:13:e2:8f:4b:c0:d1:b3
AuthorityKeyId: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8
Fingerprint (sha1): 43:e8:4f:59:4f:5f:6e:64:b4:c2:c5:0a:d6:0e:34:7f:7c:0a:ca:a3
Fingerprint (sha256): f1:d7:1c:e7:e9:9c:8c:49:7a:38:40:76:9c:50:e4:dc:cb:6b:a1:36:95:ee:e5:3b:b4:9a:0e:ce:bb:ca:42:6a
Issuing Certificate URL: http://r10.i.lencr.org/
Revocation information
OCSP Server: http://r10.o.lencr.orgCheck the revocation status for certificate www.bregal.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bregal.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bregal.com
www.bregal.com
www.bregal.com
Other certificates including the domain name bregal.com
(limited to 100 certificates)
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
*.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
www.bregal.com
Certificate
The complete raw certificate details for www.bregal.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+DCCA+CgAwIBAgISBI2HV76/zKXW9NHOhR/M26azMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTAwHhcNMjQwNjExMTkxNTI0WhcNMjQwOTA5MTkxNTIzWjAZMRcwFQYDVQQD Ew53d3cuYnJlZ2FsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AIWhbKzMyyNynD+y+lt8oAJmF79BcNImVm/H3QeYqgFli+jm93WbsZJGqacAcVwn XdQVtkTOguQyRdmEX9SJCn5Bq4NPlLM8kRBQCRhNfFcF9dhUag2+KbMYUak/DsFM nM29XwCcHU8i8VcgEY+LGaACbVlUoA4K30cl3oQ95XmBGjKl/+qmViAWh42wTlsk +F6boHtwdlHqkNDRkdboMmUyuxLRIkyevkbfIBVvoGTranz4C4SjtTz2BE6lcvvC bY8kLrMpXBGZyNkXQ1IuHE9EG+zML4LyXi8yEMjtQeqELK5TxbP9mMX9IG6jQ4nY 1VLmo//s7QjdxDsfHd2SeBcCAwEAAaOCAh4wggIaMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUC56HGB5iixTxvRjQqRPij0vA0bMwHwYDVR0jBBgwFoAUu7zDR6XkvKnG w6RyDBCNojXhyOgwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRwOi8v cjEwLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjEwLmkubGVuY3Iu b3JnLzAlBgNVHREEHjAcggpicmVnYWwuY29tgg53d3cuYnJlZ2FsLmNvbTATBgNV HSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AD8XS0/X IkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABkAjw7AMAAAQDAEcwRQIgdgcQ e5CoZBfu16i7VuFT6NNDMm9pcV3KVeEHr5PlGUcCIQD7KOgvq2EoMGl0wA1LvgNo SSCHb6o5DBUsBunXAk+r3gB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s5 2IRzAAABkAjw7AcAAAQDAEcwRQIgdaek3/JgNh7UilYgMQqWu3eBXHfDuA28qotl +idzETsCIQDzyE+Mg/4dYLOVYYJU17XtY5fgj/eK+2RfL8AUbhpHFzANBgkqhkiG 9w0BAQsFAAOCAQEAW60nCoIZTs3UCGYG6oG0pSJbRjXBQJZp6NMQkR1lf9muj3q5 Iusan8nVCOvJjWe646FJAduNVRQwVSVzbaF3/Flo0qQ6exbnJD9RhbPXZrHGsh9y gl74+gmdwK3fes6o50rNFI20kLVofipYU98sB9CK3DxloBxAiBU+nQt/iFwos79i wmV+3EcPVOBGmN2TGnE0EUogGNQplY2z5ZF7HqXUp7I7O46UtCrdRviUBtPeRTdn Hyi8PqRWPgYRE7OxIY70ZE+U2WN7U1nlyo1gUMypP9XtPVOdcxFpHjtBThYbFmcD VTe59W8n/eaqPt0qtmpI6WLE8k1SsILFrGMN7g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaFsrMzLI3KcP7L6W3yg AmYXv0Fw0iZWb8fdB5iqAWWL6Ob3dZuxkkappwBxXCdd1BW2RM6C5DJF2YRf1IkK fkGrg0+UszyREFAJGE18VwX12FRqDb4psxhRqT8OwUyczb1fAJwdTyLxVyARj4sZ oAJtWVSgDgrfRyXehD3leYEaMqX/6qZWIBaHjbBOWyT4Xpuge3B2UeqQ0NGR1ugy ZTK7EtEiTJ6+Rt8gFW+gZOtqfPgLhKO1PPYETqVy+8JtjyQusylcEZnI2RdDUi4c T0Qb7MwvgvJeLzIQyO1B6oQsrlPFs/2Yxf0gbqNDidjVUuaj/+ztCN3EOx8d3ZJ4 FwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 396608858841004705271585324657966738810547 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-11 19:15:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-09 19:15:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bregal.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16869295953998686724151836383409235081662499117141394074074411293909568868174469291329245062715359498113260282566682306510525015759188343907414264259553727707884498435376274724346666645729619176673372556678892768689463074784234782840563290299564950754163075007775087373211711147236650788677351929798395248096485293511317468310375073426165291064729010611070151805595877635559910731581879649060718139792223020830298936787155871589688334645007709672831100426610182443069917925012532846496370452245612012731764058283747279562581341441118121406160564074776871233214790951714652899688930549415014982459515909867595669600279 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0b9e87181e628b14f1bd18d0a913e28f4bc0d1b3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bregal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bregal.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000019008f0ec03000004030047304502207607107b90a86417eed7a8bb56e153e8d343326f69715dca55e107af93e51947022100fb28e82fab6128306974c00d4bbe03684920876faa390c152c06e9d7024fabde00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000019008f0ec070000040300473045022075a7a4dff260361ed48a5620310a96bb77815c77c3b80dbcaa8b65fa2773113b022100f3c84f8c83fe1d60b395618254d7b5ed6397e08ff78afb645f2fc0146e1a4717 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005bad270a82194ecdd4086606ea81b4a5225b4635c1409669e8d310911d657fd9ae8f7ab922eb1a9fc9d508ebc98d67bae3a14901db8d5514305525736da177fc5968d2a43a7b16e7243f5185b3d766b1c6b21f72825ef8fa099dc0addf7acea8e74acd148db490b5687e2a5853df2c07d08adc3c65a01c4088153e9d0b7f885c28b3bf62c2657edc470f54e04698dd931a7134114a2018d429958db3e5917b1ea5d4a7b23b3b8e94b42add46f89406d3de4537671f28bc3ea4563e061113b3b1218ef4644f94d9637b5359e5ca8d6050cca93fd5ed3d539d7311691e3b414e161b1667035537b9f56f27fde6aa3edd2ab66a48e962c4f24d52b082c5ac630dee