www.johnheathtravel.com
Issued by R3
About this certificate
This digital certificate with serial number 04:9c:c2:05:ec:4f:3c:42:3e:ad:7c:bd:3b:65:3a:dd:35:1b was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.johnheathtravel.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:9c:c2:05:ec:4f:3c:42:3e:ad:7c:bd:3b:65:3a:dd:35:1bSerial Number (int): 401791093952300293726364993051159837881627
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0d:56:59:e0:56:06:93:64:89:b4:50:6c:a2:9e:1d:be:74:9f:fd:05
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 65:e6:7d:41:dc:c8:55:34:68:97:38:c5:c9:82:a8:9e:f8:a8:3a:15
Fingerprint (sha256): fc:66:78:bb:3a:40:22:88:d0:89:e2:bb:1c:45:6e:a5:66:1b:65:cb:18:32:84:70:e7:9b:95:3b:e9:5d:9d:e0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.johnheathtravel.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.johnheathtravel.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
johnheathtravel.com
www.johnheathtravel.com
www.johnheathtravel.com
Other certificates including the domain name johnheathtravel.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.johnheathtravel.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGEDCCBPigAwIBAgISBJzCBexPPEI+rXy9O2U63TUbMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MTMwOTQyNTZaFw0yNDA4MTEwOTQyNTVaMCIxIDAeBgNVBAMT F3d3dy5qb2huaGVhdGh0cmF2ZWwuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAqV89Ix5glFzZDA/MVbJs+O/XqYO7eu4TWLoU4U6jYccKsVsI1jvK luy/25UXyZcwTq+uzlcFjPuO+/qxPiHIDFgjVUsUxSkGrnYX+FDRkksnXlWd7lrz pA6a3i0qZWAbzDmMxqskCCrkyWYQaIPXYN5ZWWCCrd5F1Ru1zsQ14cBctwEEC0mP 6ODbdJivYZibEOQll7tH84TkCY2KjEZi8C9mHBkPqyiyK6n9wNlCQsR05won+D3N vfVkHDhgyDnqbBXQErVPa8mWtITayn+L3bg/3J8aWFiUQvZLoM0dKOLYOTruYjWL 3/eJX/DxtD4sYoSdJmaqK8OxASRat7oQN7gytAwtlwe4nBY+/djEnrwnEV1BpWbw 3V7OD0iAafEGa1nP3COb/7AD7czDjGig1RpRVoNAML7sjL7THcUMcjya8ZPimeKh ob28t4Y1LJcEs8Y5j+ha9xRYoLuk1Dtmpe0Z5UhY0desitvNkZmlv7qdoEBQBqV3 r9v7PZwxonno1iQrjJ7LiIYpbUNVXBxBzgjomU/aw4gs9XDHLd7blScUg8jPaeUy KfO8jUa6jy681uCRDUAHosV9DzEgRhAy0W1AhzarPlwMBQbN/gPxkrJe22K5K/eo yuq9YiPl5W2wPExY8ZiLwEHGyiH2Bw2BzQZy7lnUArvsDkwJ3HKkNsUCAwEAAaOC Ai4wggIqMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUDVZZ4FYGk2SJtFBsop4dvnSf /QUwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEE STBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUH MAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wNwYDVR0RBDAwLoITam9obmhlYXRo dHJhdmVsLmNvbYIXd3d3LmpvaG5oZWF0aHRyYXZlbC5jb20wEwYDVR0gBAwwCjAI BgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwBIsONr2qZHNA/lagL6 nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY9xjGGYAAAEAwBIMEYCIQDhmI/cxYq3ivDI TrWyeBwznJDpi2x/8ExuqjWYN1QQkgIhAI8Avwknjg6uIpYdUHHBBY9DdznhgjSQ uDVvtXuyw8taAHUAGZgQcQnw1lIuMIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoAAAGP cYxh2gAABAMARjBEAiAskRFm4dg0xG5lJ0noRuW2bcK17PO75+evcF7lEXzF1gIg ZQ8Z91EjwFaWhxX5BBIQQ1jbE4oD9fw0UgR53QLt4oQwDQYJKoZIhvcNAQELBQAD ggEBAJgcfgIb9q9NyVo76QWr2Q3R6if/OuQVz+nFNA5Jc/nx43LmecIr8konFWPL zvLuxE6bnfjMub5qK+yQZSZS9RTJFaTaeBiRJez759WolwXvr0pyWkLkfPqjTSa0 Ca4Xc+a9OqGLRPaYF1VfT4p6TSTU7hpLrsN8sxvF54gW5TCcFFvU7H16H/RNtPdl t0YTYLJvYUtLvT4OP5Wr0eg+R3IAS0ZOmMmPO1jEAI07xaWfPUvmEY4lYXGFJ8pZ bC+4z+S61RR7T+0EIK8ZqCmHywT4O0Syk+F6/PV86ln9eCgH6MzvuOH/Ne4Ankhn usQdnFhmfA13RI8VELwhEr+Estg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqV89Ix5glFzZDA/MVbJs +O/XqYO7eu4TWLoU4U6jYccKsVsI1jvKluy/25UXyZcwTq+uzlcFjPuO+/qxPiHI DFgjVUsUxSkGrnYX+FDRkksnXlWd7lrzpA6a3i0qZWAbzDmMxqskCCrkyWYQaIPX YN5ZWWCCrd5F1Ru1zsQ14cBctwEEC0mP6ODbdJivYZibEOQll7tH84TkCY2KjEZi 8C9mHBkPqyiyK6n9wNlCQsR05won+D3NvfVkHDhgyDnqbBXQErVPa8mWtITayn+L 3bg/3J8aWFiUQvZLoM0dKOLYOTruYjWL3/eJX/DxtD4sYoSdJmaqK8OxASRat7oQ N7gytAwtlwe4nBY+/djEnrwnEV1BpWbw3V7OD0iAafEGa1nP3COb/7AD7czDjGig 1RpRVoNAML7sjL7THcUMcjya8ZPimeKhob28t4Y1LJcEs8Y5j+ha9xRYoLuk1Dtm pe0Z5UhY0desitvNkZmlv7qdoEBQBqV3r9v7PZwxonno1iQrjJ7LiIYpbUNVXBxB zgjomU/aw4gs9XDHLd7blScUg8jPaeUyKfO8jUa6jy681uCRDUAHosV9DzEgRhAy 0W1AhzarPlwMBQbN/gPxkrJe22K5K/eoyuq9YiPl5W2wPExY8ZiLwEHGyiH2Bw2B zQZy7lnUArvsDkwJ3HKkNsUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 401791093952300293726364993051159837881627 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-13 09:42:56 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-11 09:42:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.johnheathtravel.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 690977583727048704129660744601491224404567749234654204807263697683328489817065415708918830136964077662122910385258900475770520124605292337167791611926738724529523866363515372714913750443747382599537606274819865844824342599606260864542596336297645164159445588315938873681744286092352482820538962030711617320591972927986539960402891365326948260802823602009528444139464174435653976487893544312367868664474139861159942759464271196034052089610841464249351076637218801103758819917314935376507598811268296877339752218022500787907988560523440724389729675603965625891303485669644017149874905724206560149576541344476311359570059685288057696885790113276194073753569399580351067912349136624295320242160723910364438030703269897767264602791147499908126457827596852873507972241171401500290583395799941989976798643542381581108852702751482104798425010527289351133031429219921253385007046128870287448548486190568023961422866732723911440541399342569988733790045828758776977564480073389605956894874931138356298656275776952737445418656656403445079068433160821044558854469851538412687771805843405455000903910337451879324444226566407067338011940805121024546790061400483968320603891208223273158562396196474123954974695860439783976841468291121271940764153541 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0d5659e05606936489b4506ca29e1dbe749ffd05 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnheathtravel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnheathtravel.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f718c61980000040300483046022100e1988fdcc58ab78af0c84eb5b2781c339c90e98b6c7ff04c6eaa3598375410920221008f00bf09278e0eae22961d5071c1058f437739e1823490b8356fb57bb2c3cb5a0075001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f718c61da000004030046304402202c911166e1d834c46e652749e846e5b66dc2b5ecf3bbe7e7af705ee5117cc5d60220650f19f75123c056968715f90412104358db138a03f5fc34520479dd02ede284 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00981c7e021bf6af4dc95a3be905abd90dd1ea27ff3ae415cfe9c5340e4973f9f1e372e679c22bf24a271563cbcef2eec44e9b9df8ccb9be6a2bec90652652f514c915a4da78189125ecfbe7d5a89705efaf4a725a42e47cfaa34d26b409ae1773e6bd3aa18b44f69817555f4f8a7a4d24d4ee1a4baec37cb31bc5e78816e5309c145bd4ec7d7a1ff44db4f765b7461360b26f614b4bbd3e0e3f95abd1e83e4772004b464e98c98f3b58c4008d3bc5a59f3d4be6118e2561718527ca596c2fb8cfe4bad5147b4fed0420af19a82987cb04f83b44b293e17afcf57cea59fd782807e8ccefb8e1ff35ee009e4867bac41d9c58667c0d77448f1510bc2112bf84b2d8