DV SSL/TLS Certificate for fiesoli.it

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the fiesoli.it DV SSL/TLS Certificate

This certificate with serial number 05:c5:de:25:1e:d0:a4:87:c2:23:28:19:e9:f9:8a:05:2d:c0 for fiesoli.it was issued on by Let's Encrypt.

With 6 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We found a BIMI record with a (Verified) Mark Certificate (VMC/MC) for fiesoli.it, check the certificate details of the fiesoli.it BIMI certificate. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for fiesoli.it provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:c5:de:25:1e:d0:a4:87:c2:23:28:19:e9:f9:8a:05:2d:c0
Serial Number (int): 502892337297276793223712262793737108008384
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: e4:07:2f:5b:ea:58:c6:9f:55:72:57:d9:ec:49:93:32:84:60:94:fc
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 19:f3:8a:1e:5f:09:15:38:2d:80:0f:54:02:50:4e:a8:86:d3:f1:6f
Fingerprint (SHA-256): f8:5a:df:ec:af:6c:17:c6:45:50:94:ef:20:83:82:79:b7:84:8f:36:60:60:63:a9:4f:23:6e:10:f8:67:34:6e

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/65.crl

Check the revocation status for certificate fiesoli.it
6
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for fiesoli.it

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

biotuscany.info
biotuscany.org
fiesoli.it
www.biotuscany.info
www.biotuscany.org
www.fiesoli.it

X.509 Certificate

The complete raw X.509 certificate details for fiesoli.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISBcXeJR7QpIfCIygZ6fmKBS3AMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTMwMTIwNTEzWhcNMjUwODI4MTIwNTEyWjAVMRMwEQYDVQQD
EwpmaWVzb2xpLml0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT4H
KR+S+fAacOFOD4LDMhcDrtKLthrFEk7qW7O4ITW3Lo/PAC/6tXjGrI3/9bIiSpyl
5WH/2JYF2wk7wl6dkMmKo3KChAT+VYZb+8pCRKlXPvJn+gPRRZbIPfFsHFXC45t8
x29jUqFeMlaLLXixs9yqShw1MmspwMqmWQncJDAX11TxpNQZWZby0XjU9rPTUk2w
boXedYix95sqU82dKXh50HOsQwfAILbZEtW2N9ep+Hd5Yd2UUIug4yOOInDwiWu2
qh6tM3xRdA1N9qBX4+3JpL+PRTZWWUJ5dUabHhFszW6sNvYUqjG31GoHAj7K0RTk
fQ1OI9XyR8+KXfsmowIDAQABo4ICdDCCAnAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBTkBy9b6ljGn1VyV9nsSZMyhGCU/DAfBgNVHSMEGDAWgBTFz0ak6vTDwHpslcQt
sF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTEu
aS5sZW5jci5vcmcvMG8GA1UdEQRoMGaCD2Jpb3R1c2NhbnkuaW5mb4IOYmlvdHVz
Y2FueS5vcmeCCmZpZXNvbGkuaXSCE3d3dy5iaW90dXNjYW55LmluZm+CEnd3dy5i
aW90dXNjYW55Lm9yZ4IOd3d3LmZpZXNvbGkuaXQwEwYDVR0gBAwwCjAIBgZngQwB
AgEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMS5jLmxlbmNyLm9yZy82NS5j
cmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDd3Mo0ldfhFgXnlTL6x5/4PRxQ
39sAOhQSdgosrLvIKgAAAZchSo8GAAAEAwBHMEUCIBpyftg1FZBWhYuJ6SmT7Ejg
tmYEFDRC4eKIJtLm0re9AiEAxtp7LUpcSRA8AkBLKWfDE7Bkqe0AKX7tTZWu4rYa
uPwAdgDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAZchSpahAAAE
AwBHMEUCIQCBkXW0x9XfLwcU/CRgfGpjHUXeyF0j80pn8S+L9KA9CQIgGoWQgkZ1
VIi2GInsq/7Ab63Pd3WdWkdG3KO/SAeRHG8wDQYJKoZIhvcNAQELBQADggEBAJn1
4jryHQPVso1VjTo8jzQRmEWiVDAxKuiH2hupm3sQlyX/3fEr/2GRGDYySd5h6VTM
tonK9OMmiJyhlxreogUnQ5QsChCt0S9EGhLPc3lQRX4XzD30uU5b6OaR1ovQCswc
XLkGimbcPVhWBbu4UWsJjAb60juC99ztRDpg9G1+SZQ8HGp0jpBstGXSwjvdE/PT
nCroiIMWGpDpOrnZIhe5qtlml6IQLVwtJAPxdCA2ICuMLbGupW5Yo5T11l6Dr5Qe
XCmXHrEgpqBpfYjojAT6GtiNqqr1tZsv8et7gCKNVxt3NTNQFjsH0Ryh3wNn0Z8Y
D4vY0NrfFUsl9EaCkEM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT4HKR+S+fAacOFOD4LD
MhcDrtKLthrFEk7qW7O4ITW3Lo/PAC/6tXjGrI3/9bIiSpyl5WH/2JYF2wk7wl6d
kMmKo3KChAT+VYZb+8pCRKlXPvJn+gPRRZbIPfFsHFXC45t8x29jUqFeMlaLLXix
s9yqShw1MmspwMqmWQncJDAX11TxpNQZWZby0XjU9rPTUk2wboXedYix95sqU82d
KXh50HOsQwfAILbZEtW2N9ep+Hd5Yd2UUIug4yOOInDwiWu2qh6tM3xRdA1N9qBX
4+3JpL+PRTZWWUJ5dUabHhFszW6sNvYUqjG31GoHAj7K0RTkfQ1OI9XyR8+KXfsm
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 502892337297276793223712262793737108008384
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-30 12:05:13 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-28 12:05:12 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fiesoli.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24899533210931179130634858223529190188904352064408021130104244230688470136274750733567007267308660881759262270597337537171933480665485075466415115535372932357264065444287254580385893277397278228988032012525712010250615958688349510536987636483989420101702796246238082496483748894683530767036885713750994151543427235450989109268921576155545995569935736184240350520842831427899421818821383576669701472714047976226968160676627572237275408174984102504294648794570622728332770396076300302370335326270508271677666006246713817435157507901174637171088612326860351675520596402174202127058160440955965189858335864197666926438051
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e4072f5bea58c69f557257d9ec499332846094fc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biotuscany.info'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biotuscany.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fiesoli.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.biotuscany.info'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.biotuscany.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fiesoli.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/65.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000197214a8f06000004030047304502201a727ed835159056858b89e92993ec48e0b66604143442e1e28826d2e6d2b7bd022100c6da7b2d4a5c49103c02404b2967c313b064a9ed00297eed4d95aee2b61ab8fc007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197214a96a10000040300473045022100819175b4c7d5df2f0714fc24607c6a631d45dec85d23f34a67f12f8bf4a03d0902201a85908246755488b61889ecabfec06fadcf77759d5a4746dca3bf4807911c6f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0099f5e23af21d03d5b28d558d3a3c8f34119845a25430312ae887da1ba99b7b109725ffddf12bff619118363249de61e954ccb689caf4e326889ca1971adea2052743942c0a10add12f441a12cf737950457e17cc3df4b94e5be8e691d68bd00acc1c5cb9068a66dc3d585605bbb8516b098c06fad23b82f7dced443a60f46d7e49943c1c6a748e906cb465d2c23bdd13f3d39c2ae88883161a90e93ab9d92217b9aad96697a2102d5c2d2403f1742036202b8c2db1aea56e58a394f5d65e83af941e5c29971eb120a6a0697d88e88c04fa1ad88daaaaf5b59b2ff1eb7b80228d571b77353350163b07d11ca1df0367d19f180f8bd8d0dadf154b25f446829043