gemmio.com

Issued by R3

About this certificate

This digital certificate with serial number 04:00:c6:1a:88:81:9c:c8:ca:4e:9e:14:63:33:3c:b3:66:5b was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=gemmio.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:00:c6:1a:88:81:9c:c8:ca:4e:9e:14:63:33:3c:b3:66:5b
Serial Number (int): 348712468638601383297880489979766985942619
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 1e:8d:f4:f4:28:0a:fa:3a:78:4c:ff:88:94:4b:bd:de:a3:68:ab:18
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): b1:1b:2c:1e:56:66:6f:3b:ad:a0:ce:43:3f:43:9b:eb:67:aa:15:63
Fingerprint (sha256): f7:b2:85:1e:65:5b:39:14:39:ba:c1:e5:68:58:37:90:85:a1:b9:7b:33:32:73:9f:21:4d:7f:ad:d6:04:e4:29

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate gemmio.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gemmio.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gemmio.com
www.gemmio.com

Other certificates including the domain name gemmio.com

(limited to 100 certificates)
gemmio.com
gemmio.com
gemmio.com.ng
www.broadline.myworkportal.ie
www.felipebastias.cl
www.gemmio.com
gemmio.com

Certificate

The complete raw certificate details for gemmio.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISBADGGoiBnMjKTp4UYzM8s2ZbMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMDIwOTAyMTJaFw0yMzEyMzEwOTAyMTFaMBUxEzARBgNVBAMT
CmdlbW1pby5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCYRlfv
Fi6EDlZ2FL33dPDELwqc2skv+x4RfhGyHdTovkBzhlLUzQ+0W2R3f2w2qL8jPMxx
cL9JlNWOmZh9lbEWvvuxrH3wW0JmEh/b3wttrR7LwHEyT0UrTh4U3E8R9lQlk5os
lGwr9z/TS1L3LzciJ1JP46MPzqL5357cHnqKmTLnajxEWPg5YoiMnYqe5GBKF6qq
RZPCBX49HnrIAZQuATX8TEnEd6wbuTD28QbelGoLP3XW3Vno2UprWKz04B+EnVgM
uIJRkIeKwIJtYeLLI/2FWQMx83436d5Se6TDfYFThZAdrakh3Kz9L+ZeNLHNwssB
5noZym9yYziLgMyl0Enc32PGJQ5i3SA9Z3wtawiIx4yTq1nnm/q/3jtNFoRHnkAZ
DTgkw4oHnUIG5MqT3gnuKuidl+bnw2KXhI5J2Z42M1HGXoTz7iKoBbNzqpqGW8Q0
M4ROKUX08j8Hb0FyC0Og1BiYL7vFWeaVIDxV1fkhz6sOfDIEC/6ZGDmWjR0MLdYT
pvsIbNOnxWirO2xEbFET7bIrgkD+AQ4+YfJ44Dtt0L0iqAL0ayc8sXKLdDs7D0f7
J+NRD0gxVZbhClKw8fWAp3gp+p4qXLOehjnEkM5IMevonv0cjPLUmgWCQtI0Y7eN
XmvZ1CJVdohXM5+TC67emuDlxFo/nioE6e1/SQIDAQABo4ICHDCCAhgwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBQejfT0KAr6OnhM/4iUS73eo2irGDAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggpnZW1taW8uY29tgg53d3cuZ2VtbWlv
LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiu/WmBoAAAQD
AEcwRQIhAK5OaP5aACfCQWzGGB71bJrIML8HdH1eXHLN/09Q3+JbAiBViRKXYXFa
mfcqP/Ga1fqArPQ8Tbszc1aurhAl54dNAwB2AK33vvp8/xDIi509nB4+GGq0Zyld
z7EMJMqFhjTr3IKKAAABiu/WmIgAAAQDAEcwRQIhAIn17YzJ0/UEg6oi2/BXEtQK
Q8XbXLrJp0WRlnkJ1o6NAiA9vOGs9bntMegN6goq4uhXi/vqDVpf2I+NvTUL9Puj
EjANBgkqhkiG9w0BAQsFAAOCAQEAApkiFMAX6DnJjsLoGW7yWXl3aGOD8sI7bwAq
QjwT7pncJmGtgiSsFHAFSddfD5pELXDdSNlafMvGyuhSUXT8jUCZUOhg/PwNjdKQ
WEc25wLKfAMAxkRR393VWu8pOyRDlx9UB2RYwCJSt7n6PaORMLYG7QU5JNuHLshm
AeAIdLRvlkI1f3+fgZyJVUsj6LfY69wnk4xJRq9fqicWXNfekmrapob+0QB24zQ3
DvQ5X63l2JHcPBo2INW44jPDHD0J0n7lznWTdSa4C/k1TfVpUEukupXWsqgoLk9y
zMxfUT9aMbj1FtuOgs/r4QrpchiFERC0tQRjs7rIdQOXFs6EtQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmEZX7xYuhA5WdhS993Tw
xC8KnNrJL/seEX4Rsh3U6L5Ac4ZS1M0PtFtkd39sNqi/IzzMcXC/SZTVjpmYfZWx
Fr77sax98FtCZhIf298Lba0ey8BxMk9FK04eFNxPEfZUJZOaLJRsK/c/00tS9y83
IidST+OjD86i+d+e3B56ipky52o8RFj4OWKIjJ2KnuRgSheqqkWTwgV+PR56yAGU
LgE1/ExJxHesG7kw9vEG3pRqCz911t1Z6NlKa1is9OAfhJ1YDLiCUZCHisCCbWHi
yyP9hVkDMfN+N+neUnukw32BU4WQHa2pIdys/S/mXjSxzcLLAeZ6GcpvcmM4i4DM
pdBJ3N9jxiUOYt0gPWd8LWsIiMeMk6tZ55v6v947TRaER55AGQ04JMOKB51CBuTK
k94J7ironZfm58Nil4SOSdmeNjNRxl6E8+4iqAWzc6qahlvENDOETilF9PI/B29B
cgtDoNQYmC+7xVnmlSA8VdX5Ic+rDnwyBAv+mRg5lo0dDC3WE6b7CGzTp8Voqzts
RGxRE+2yK4JA/gEOPmHyeOA7bdC9IqgC9GsnPLFyi3Q7Ow9H+yfjUQ9IMVWW4QpS
sPH1gKd4KfqeKlyznoY5xJDOSDHr6J79HIzy1JoFgkLSNGO3jV5r2dQiVXaIVzOf
kwuu3prg5cRaP54qBOntf0kCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 348712468638601383297880489979766985942619
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-02 09:02:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-31 09:02:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gemmio.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 621226899938849691416657834592585623211490338601309635054857594203222838429502647302445919145356788751634106944089053526084436369449564827108468990228933595362111397139008932012332900768631063846260711578778739162724920858153576589934083384844464944862167214444302209576276190533689729591266743940287911614883604521226822105256238770681789093016102156914899500593536716149705130948943083039474842438089631525576052744380215655358018282212856262576038368083467259657642047964817509382711438925550481736834125085659539817694110024230357191558379866389912376521051854053089812872387955580209298514103256817137930424139865276261841622992479495414140842906261958233943014655424575437923010110488708933981550802080746343463660126321547547816104229018742847211496580161007545582509281934458081927350749437499825421454908986168474115272826191029697915883421340806845171594828495185371909504861906334089699765947336757942124653658932272461440803806524569282617914161563413246174709188819606298004845352808055346243631547219603731801989743843814973701338231355058426335283475867458811145804412098722696285518489175129151315123374018623195642408627853817658382208093805411801549837779368920716084021887361372146273260174355517940641194832658249
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1e8df4f4280afa3a784cff88944bbddea368ab18
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gemmio.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gemmio.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018aefd6981a0000040300473045022100ae4e68fe5a0027c2416cc6181ef56c9ac830bf07747d5e5c72cdff4f50dfe25b02205589129761715a99f72a3ff19ad5fa80acf43c4dbb337356aeae1025e7874d03007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018aefd69888000004030047304502210089f5ed8cc9d3f50483aa22dbf05712d40a43c5db5cbac9a74591967909d68e8d02203dbce1acf5b9ed31e80dea0a2ae2e8578bfbea0d5a5fd88f8dbd350bf4fba312
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0002992214c017e839c98ec2e8196ef2597977686383f2c23b6f002a423c13ee99dc2661ad8224ac14700549d75f0f9a442d70dd48d95a7ccbc6cae8525174fc8d409950e860fcfc0d8dd290584736e702ca7c0300c64451dfddd55aef293b2443971f54076458c02252b7b9fa3da39130b606ed053924db872ec86601e00874b46f9642357f7f9f819c89554b23e8b7d8ebdc27938c4946af5faa27165cd7de926adaa686fed10076e334370ef4395fade5d891dc3c1a3620d5b8e233c31c3d09d27ee5ce75937526b80bf9354df569504ba4ba95d6b2a8282e4f72cccc5f513f5a31b8f516db8e82cfebe10ae97218851110b4b50463b3bac875039716ce84b5