Namecheap.com

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (78 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 23.185.0.2
Reverse IP lookup: No records found
Nameserver: ns1-01.azure-dns.com.
Nameserver: ns2-01.azure-dns.net.
Nameserver: ns3-01.azure-dns.org.
Nameserver: ns4-01.azure-dns.info.

General Information

Common Name: admin.hrw.org
SANs: DNS:admin.hrw.orgDNS:archive.hrw.orgDNS:backend.hrw.orgDNS:careers.hrw.orgDNS:china.hrw.orgDNS:dailybrief.hrw.orgDNS:edit.hrw.orgDNS:hrw.orgDNS:humanrightswatch.comDNS:humanrightswatch.orgDNS:internap.hrw.orgDNS:jptest.hrw.orgDNS:legacy.hrw.orgDNS:pantheon.hrw.orgDNS:search.hrw.orgDNS:text.hrw.orgDNS:www.hrw.orgDNS:www.humanrightswatch.comDNS:www.humanrightswatch.orgDNS:www.legacy.hrw.org Total number of SANs: 20
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: 496b9437239df92e377bae2c5fda64c0a97
Not Before: Mar 18, 2024 09:14:11 GMT
Not After: Jun 16, 2024 09:14:10 GMT
Number of certs: 2
Revocation Status: good
OCSP Stapling: Supported
Server: nginx
HSTS: max-age=31622400; includeSubDomains; preload
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: admin.hrw.org

Decode this certificate for verbose information →
Subject Common Name admin.hrw.org
Issuer Common Name R3
Issuer Organization Let's Encrypt
Not Before: Mar 18, 2024 09:14:11 GMT
Not After: Jun 16, 2024 09:14:10 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 496b9437239df92e377bae2c5fda64c0a97
SHA1 Fingerprint: 9E:93:18:A2:2A:2D:33:1E:0B:42:9D:BD:B0:1C:CE:EB:69:65:F0:44
MD5 Fingerprint: D9:78:9F:D4:42:FA:25:41:58:83:67:E1:C7:55:6A:34

Certificate # 2 - Common Name: R3

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name R3
Subject Organization Let's Encrypt
Issuer Common Name ISRG Root X1
Issuer Organization Internet Security Research Group
Not Before: Sep 04, 2020 00:00:00 GMT
Not After: Sep 15, 2025 16:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 912b084acf0c18a753f6d62e25a75f5a
SHA1 Fingerprint: A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
MD5 Fingerprint: E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36

OpenSSL Handshake

depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = admin.hrw.org
verify return:1
CONNECTED(00000003)
OCSP response: 
======================================
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: C = US, O = Let's Encrypt, CN = R3
    Produced At: Mar 23 11:00:00 2024 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 48DAC9A0FB2BD32D4FF0DE68D2F567B735F9B3C4
      Issuer Key Hash: 142EB317B75856CBAE500940E61FAF9D8B14C2C6
      Serial Number: 0496B9437239DF92E377BAE2C5FDA64C0A97
    Cert Status: good
    This Update: Mar 23 11:00:00 2024 GMT
    Next Update: Mar 30 10:59:58 2024 GMT

    Signature Algorithm: sha256WithRSAEncryption
         5f:1e:18:e8:85:bc:1f:2a:59:bd:65:6d:6e:ad:4a:4f:58:0d:
         61:2e:fd:0d:81:3c:2e:c1:a8:68:d9:df:4d:b8:d0:94:db:71:
         78:1e:1c:ca:80:1b:43:76:41:52:08:a0:41:83:2c:a9:57:c4:
         fb:e0:b6:c5:c0:b2:27:b0:37:f1:6c:e5:18:c7:72:0f:7d:b0:
         c1:37:6c:7d:29:fe:30:51:6e:05:33:6c:44:ad:d0:e9:d2:0b:
         f8:01:c0:82:f4:73:73:bd:f6:a7:84:79:5d:50:2a:1d:9a:03:
         3b:e6:15:a2:f1:37:b1:92:04:37:45:ee:c0:d2:72:75:8b:08:
         ee:15:40:54:09:72:3a:1e:62:51:af:09:4a:ae:38:f1:45:e6:
         7f:11:e4:15:c0:0c:b3:92:a3:e7:38:f0:0c:d2:16:66:af:bb:
         54:ed:00:b8:bd:b6:df:81:f7:8b:2f:36:c4:f2:ba:91:8e:3a:
         c4:1a:86:06:05:a7:e9:5c:f6:4a:f2:04:5c:89:3a:8a:c4:9e:
         68:f0:e4:64:13:50:b0:29:4f:36:8e:55:a4:3f:d8:1e:74:66:
         39:87:00:f9:c0:d6:52:0a:b5:10:6e:7e:c7:40:9f:98:ed:37:
         de:1d:12:68:41:fc:ab:dc:da:c0:22:d9:56:14:0a:65:f5:ec:
         b9:26:2f:86
======================================
---
Certificate chain
 0 s:CN = admin.hrw.org
   i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISBJa5Q3I535Ljd7rixf2mTAqXMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMTgwOTE0MTFaFw0yNDA2MTYwOTE0MTBaMBgxFjAUBgNVBAMT
DWFkbWluLmhydy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA
dKd6a/TBnNxcCAyQFBfO3CM0cWsekizlrGvPOt2XDtP4ZkBAs+JS9JmYXdJxFDU2
LvszvC++PxYqASbqSaQgayoSvU3BU7/0z5t8vh4/LXLBXztbHtk5VUrglYkypy06
1ZnKcnPeNfrs11rT70H77j83hMBoulSfG7zeYxpMv6X/zJiKfSIi3HFndhEy8vyg
w70FaoWKCEJKzN8ilG58YeOkR6h0ll7touLsNx4+/DJdlaL9qXVhB4J0WSumRyCT
ybKE/8A/NCOTdt0oCXApAN29BHhjdv5swlWJsNZWtWqMvP7JuloAmI6Mo6an00ML
otk8m6NWwT6a9hHzLZlVAgMBAAGjggNlMIIDYTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFPqnMCJguLsYsLVvaKPMOXITyyIUMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MIIBbAYDVR0RBIIBYzCCAV+CDWFkbWluLmhydy5vcmeCD2FyY2hpdmUuaHJ3Lm9y
Z4IPYmFja2VuZC5ocncub3Jngg9jYXJlZXJzLmhydy5vcmeCDWNoaW5hLmhydy5v
cmeCEmRhaWx5YnJpZWYuaHJ3Lm9yZ4IMZWRpdC5ocncub3Jnggdocncub3JnghRo
dW1hbnJpZ2h0c3dhdGNoLmNvbYIUaHVtYW5yaWdodHN3YXRjaC5vcmeCEGludGVy
bmFwLmhydy5vcmeCDmpwdGVzdC5ocncub3Jngg5sZWdhY3kuaHJ3Lm9yZ4IQcGFu
dGhlb24uaHJ3Lm9yZ4IOc2VhcmNoLmhydy5vcmeCDHRleHQuaHJ3Lm9yZ4ILd3d3
Lmhydy5vcmeCGHd3dy5odW1hbnJpZ2h0c3dhdGNoLmNvbYIYd3d3Lmh1bWFucmln
aHRzd2F0Y2gub3JnghJ3d3cubGVnYWN5Lmhydy5vcmcwEwYDVR0gBAwwCjAIBgZn
gQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fc
ZUOwxrUuotq3iviabfUX2AAAAY5RDfA2AAAEAwBHMEUCIAb0RyYNxR5ARN2vCD82
O8+KJb+84WnqBszT+jP8bw2GAiEAzwPhVDpDA0VK9yYGPmRSyY8rhcQP7O/Qf4HI
Yrbue3sAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY5RDfBg
AAAEAwBHMEUCIQDcpBjrhBrJRnCMhgl91Ij3voRC7XJmpjQS3VsslbhwqgIgcjSB
LirMAAMeFC5pqN5sbTbiAnxpODulP7zAclcJCVcwDQYJKoZIhvcNAQELBQADggEB
ABLQrZ3RFda6MMWQQGao0pUo3/TYSqvJzpwrFqTFHlnVVvUmHItW8spEoNmyTXMZ
kjvv8YyMm2K28MEWQVs9OuPLepHFuW47je8Y0m/tBQVIjKqJYkpo7H2Lu0m6i6lP
ki8h9QJpdCMmXnPrQVeZlPAq9Mdn+yXgtBrnO1nDxFXflD/d96wv5aLOedFtZ98k
0grz/sLSRtTun9Am3uH+PhEmfdXJrvcH6GoJIthiZXyd9kwLl6XkeSHjJ9AMc1Tl
cRxYq2XaOhBPHaBcbaS1IOYgdgrhmUmhBbm/ohParceTTCscYh56z0uAbdpfsbON
TvUAdbU2OUe1aNmRxUWlX7M=
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = admin.hrw.org

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3967 bytes and written 382 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_128_GCM_SHA256
    Session-ID: 2A4D3B30078CA0F527B3D396774D2E852453FE6307B72A1761F72917AB35CF6F
    Session-ID-ctx: 
    Resumption PSK: FA89174DB185F56D8B27C85351CDAB73FFDCD79A15F8E371FC1401D5A8A37F3A
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 3600 (seconds)
    TLS session ticket:
    0000 - 9a c4 67 1f ce 3c 81 19-da 07 52 8f 54 23 17 b8   ..g..<....R.T#..
    0010 - 1e 20 79 54 04 23 2f 36-74 ae 63 a9 d2 3e f6 12   . yT.#/6t.c..>..
    0020 - bf 28 6e c3 e3 a2 40 53-3d 20 23 02 f9 8c d0 be   .(n...@S= #.....
    0030 - 1f bb 26 13 14 3c ba 2f-09 dc 39 46 0a b7 89 2e   ..&..<./..9F....
    0040 - d2 e9 91 fb 90 d5 d5 3b-17 d3 b6 54 6e 83 19 97   .......;...Tn...
    0050 - d8 77 3d 15 fa 44 48 a1-10 6c a0 6b 6d 19 d5 8c   .w=..DH..l.km...
    0060 - 23 fd 47 0d 35 8f ae 30-da d7 be a2 3d ae 41 29   #.G.5..0....=.A)
    0070 - 57 86 c6 e6 4e f7 31 dd-c5 d0 cc a6 42 dd df aa   W...N.1.....B...
    0080 - ba aa 10 17 2f 53 a4 18-6e d2 a1 07 47 c6 c6 14   ..../S..n...G...
    0090 - c0 91 f2 2c d6 63 e2 61-df 43 e9 59 2d ce 41 0e   ...,.c.a.C.Y-.A.

    Start Time: 1711710551
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 8192
---
read R BLOCK