www.legaminbastille.fr
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:23:be:77:77:e4:ff:fd:65:94:ce:9e:7d:24:3e:db:7b:81 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.legaminbastille.fr
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:23:be:77:77:e4:ff:fd:65:94:ce:9e:7d:24:3e:db:7b:81Serial Number (int): 273499914271788874724671204520739200531329
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 56:71:ce:2e:73:6b:01:2d:3e:6c:ac:df:98:a4:b5:8d:da:a9:8e:68
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 6f:f6:11:49:f0:bc:36:83:1c:34:5a:03:89:10:6d:09:48:76:36:20
Fingerprint (sha256): 00:01:7d:73:f8:90:90:d4:f0:42:9f:10:a9:95:b9:c0:b5:6f:79:2f:47:42:8f:cd:c7:03:a4:62:b0:37:7b:2b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate www.legaminbastille.fr
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.legaminbastille.fr
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
legaminbastille.fr
www.legaminbastille.fr
www.legaminbastille.fr
Other certificates including the domain name legaminbastille.fr
(limited to 100 certificates)
www.legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
legaminbastille.fr
Certificate
The complete raw certificate details for www.legaminbastille.fr in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJDCCBQygAwIBAgISAyO+d3fk//1llM6efSQ+23uBMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMjUxNTE4MDBaFw0x NzA2MjMxNTE4MDBaMCExHzAdBgNVBAMTFnd3dy5sZWdhbWluYmFzdGlsbGUuZnIw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQClPQbeWqfEpTMILkVAwv1t Q4o4AaIIJmTgfo5kQzVMmAtxZ9sW5aCeaU/AzC4LePrMb6sHwVTSlDwkiYoRvCtz mHJIz9HSAK0qaco/4onoTZ008D+wZ8qdBTMJUpiDoKoilensd7mjUb0gaaOy4U3k Z++n6u1W6gdfnU4c87dC0K1zC/7o5Bfk8p41/z9N1x023ruClkT0dE5GAat9rnEP kHnqe/jcc7A30It+oQGkx6rLRsp+leOFzRc2ra3Z7RdkUnLNY4trbwMrAULI7KPa 7P3EIewVNTTtOUIVBysudN29R8/SvfxsB8D+MvHb0m9YBahrXkGoQzZ4j17mBxtD nVdyHvZCACrZ2T3WkTwq6kLqKn3dCok3JgzBh/GWRxf7ELRmSkdK+X25Bon31Ad+ o4i3XTHNT1jkSfkOegwwnKOxEpwsjqz4xYOf9/CpBhwb8BPm/xfNa6h3fba1v+Zo DvFewTO6BAcbguO3JAZiJI5+jzKWJ/FIk7zy543kgHvJNw/OqbCgl/MiBOdOoyML puHe/5hITb2ZT1X/U5PtJfBHYQ/RB0fqHUVRIuNeq0rtlZZ0bl1nBhNpFH8gvGEp p4ajB3BY5GKwMVYZeYoLyNyAd2BS7fBTkB7O8ELWbPRBIPpppJykuGev21ViOGaM NzgIw5tRP0gySnm7xABMEQIDAQABo4ICKzCCAicwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBRWcc4uc2sBLT5srN+YpLWN2qmOaDAfBgNVHSMEGDAWgBSoSmpjBH3duubR ObemRWXv86jsoTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9v Y3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8v Y2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzA1BgNVHREELjAsghJsZWdhbWlu YmFzdGlsbGUuZnKCFnd3dy5sZWdhbWluYmFzdGlsbGUuZnIwgf4GA1UdIASB9jCB 8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENl cnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFy dGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRl IFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0 b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAW2wrLkC9UNJt8SUowgcYmzqaBGvYsGYF 8UfttIaMMmPRRPIlRsFbLTwhm0iXR2Zkh88MJrfEwgqGLtmzEOkpVS3ssL6VK7bH fassg2ZE3ceRC1Cmv71I5EKvZi4NUz76MA2/VAMCDI0YJfWruK9+0txCi/EGDZB1 pLAaOqsiO3MPVl0UOH5tNwCm4GUSv6G6YBlme8F+WIlqasD3xGfspGBwo6vudrNh U4g+GH/uDAxBAHdpud6yb5iq3xB1JBEHa2FcWe0LPhcRrE2B8bdS6d27IKUL2lTP HSoPwL3ZXQYpy1F/x36QNAa7l8kaL3KeJpfiQ79NhrJtlPFErwAd3g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApT0G3lqnxKUzCC5FQML9 bUOKOAGiCCZk4H6OZEM1TJgLcWfbFuWgnmlPwMwuC3j6zG+rB8FU0pQ8JImKEbwr c5hySM/R0gCtKmnKP+KJ6E2dNPA/sGfKnQUzCVKYg6CqIpXp7He5o1G9IGmjsuFN 5Gfvp+rtVuoHX51OHPO3QtCtcwv+6OQX5PKeNf8/TdcdNt67gpZE9HRORgGrfa5x D5B56nv43HOwN9CLfqEBpMeqy0bKfpXjhc0XNq2t2e0XZFJyzWOLa28DKwFCyOyj 2uz9xCHsFTU07TlCFQcrLnTdvUfP0r38bAfA/jLx29JvWAWoa15BqEM2eI9e5gcb Q51Xch72QgAq2dk91pE8KupC6ip93QqJNyYMwYfxlkcX+xC0ZkpHSvl9uQaJ99QH fqOIt10xzU9Y5En5DnoMMJyjsRKcLI6s+MWDn/fwqQYcG/AT5v8XzWuod322tb/m aA7xXsEzugQHG4LjtyQGYiSOfo8ylifxSJO88ueN5IB7yTcPzqmwoJfzIgTnTqMj C6bh3v+YSE29mU9V/1OT7SXwR2EP0QdH6h1FUSLjXqtK7ZWWdG5dZwYTaRR/ILxh KaeGowdwWORisDFWGXmKC8jcgHdgUu3wU5AezvBC1mz0QSD6aaScpLhnr9tVYjhm jDc4CMObUT9IMkp5u8QATBECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 273499914271788874724671204520739200531329 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-25 15:18:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-23 15:18:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.legaminbastille.fr' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 674113801482877297251031883776852746702223090858893360383664158571526756173758109831014399761841737089874195600540583981531492302528586894351649702846123901302439962217286437738144594201990218496386600636528955210555744238864223101836571044870502779020973902383552164320108715831953987579585474634867528919108692090513089129634720188382922837062613427594998268545735179833215186882064922939216471128114157844597991031016908888458788168468442644508226579756581650827945693191742496968458743167141923666912969844719431763764625759127420355076613536908614267960693065919241079296052273843072603603525101504979242698099045295270917940779112220909133343751272007080882784384081467639449901929605994387160187280761686832400286337889839218245977340783885406597329144618115474336451684419808749893937427660925575827693340242427081696977297254723080132956667918035688263586724929907976442525185748542090840940123721972743403369181108958156995425214247882495205591919711055883256002502298710949317048399959478765352012653741948309050395248705782718197638017171888932184181668196023271301332985697805003848433208328577974998760545518190902429398198090019967542936895762489329856540686540087662920525356037553557967737896881195960616074635922449 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5671ce2e736b012d3e6cacdf98a4b58ddaa98e68 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legaminbastille.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.legaminbastille.fr' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005b6c2b2e40bd50d26df12528c207189b3a9a046bd8b06605f147edb4868c3263d144f22546c15b2d3c219b489747666487cf0c26b7c4c20a862ed9b310e929552decb0be952bb6c77dab2c836644ddc7910b50a6bfbd48e442af662e0d533efa300dbf5403020c8d1825f5abb8af7ed2dc428bf1060d9075a4b01a3aab223b730f565d14387e6d3700a6e06512bfa1ba6019667bc17e58896a6ac0f7c467eca46070a3abee76b36153883e187fee0c0c41007769b9deb26f98aadf10752411076b615c59ed0b3e1711ac4d81f1b752e9ddbb20a50bda54cf1d2a0fc0bdd95d0629cb517fc77e903406bb97c91a2f729e2697e243bf4d86b26d94f144af001dde