ristomattila.fi
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:08:cf:e1:60:4f:f0:4d:55:31:6e:5e:5e:9f:a5:f8:8a:90 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ristomattila.fi
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:08:cf:e1:60:4f:f0:4d:55:31:6e:5e:5e:9f:a5:f8:8a:90Serial Number (int): 351447723077773858897255573206066766842512
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 6d:69:9b:19:b5:59:bf:2b:8c:ff:ae:a0:10:3d:bc:92:5c:77:1e:e9
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 43:4a:76:3a:59:83:73:f1:21:86:b2:fb:d3:6a:1d:bb:0a:59:5f:24
Fingerprint (sha256): 00:18:eb:1a:b2:6c:7a:b2:2d:0b:97:20:0d:d6:88:29:aa:8f:43:76:66:68:ce:04:9c:68:4a:9c:86:98:35:a5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ristomattila.fi
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ristomattila.fi
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ristomattila.fi
www.ristomattila.fi
www.ristomattila.fi
Other certificates including the domain name ristomattila.fi
(limited to 100 certificates)
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
www.ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
ristomattila.fi
www.ristomattila.fi
Certificate
The complete raw certificate details for ristomattila.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISBAjP4WBP8E1VMW5eXp+l+IqQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMjgxNjQ1MjlaFw0x ODAxMjYxNjQ1MjlaMBoxGDAWBgNVBAMTD3Jpc3RvbWF0dGlsYS5maTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKXJVhkSAZLtd9dlq79MvAzK+oh4inGp +0JB72VNb6Sv5Q4e+LK5PHpxN3QJylTHhRaC7pU58YUuacOOipbFGJqeUMtISR9n kRUmOF6+wOUfWIJhj7cjexpwOgrCp6wADHayGYKXT1xuIp43o74YcAf1wNXKrIxR m2aNT43zLVADg5e/7t3/3/+P+tMT9ybxm+/Q/8Hd2IYlVwbSwbIlnjnAp+eeU3/z 2MyA7zYxjRohEswUmPFptFmadoUsF5GibbNE8f33BDYXEerx48Vhpu231eqpkPYO hhhU+bu4LJ1WGg3DQ0Dpyd4KFOc1CgfDi7/HriEOko6AH+g8J/myoQ0CAwEAAaOC AiQwggIgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUbWmbGbVZvyuM/66gED28klx3 HukwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu b3JnLzAvBgNVHREEKDAmgg9yaXN0b21hdHRpbGEuZmmCE3d3dy5yaXN0b21hdHRp bGEuZmkwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHW MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYB BQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1 cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdp dGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNl bmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAFdyOS6CA y45ap8VuVeCs3XvRIlB4jDQRLtjAITy2Sht5OeFJq9rkcww0o1AwQ3eKyM3pvus7 ImizOHBYBrgVE1nsu6Oc4oUSzPokHWQ3njiTyvyOcPF8547ynDZtLB+F6e26qJQi 0QvWXaBUoXbri7pv5+GNYlDcHXmAHHdNrhNR69jzlwJTHcOQMs5HgNbZCZbjOr4F N+OIwsmKNiz4+A7teQVXg+7GifisooSMFKXTZLMSjaPJM+HLYovswMSj67Wimx0h w0GSeHf7L4HGAMbP67JfSLcb/KBXSxsqQR7W7FSfVNU8394QUoJL2dE1KN58s2cJ AVh/pvHMa4kWfA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApclWGRIBku1312Wrv0y8 DMr6iHiKcan7QkHvZU1vpK/lDh74srk8enE3dAnKVMeFFoLulTnxhS5pw46KlsUY mp5Qy0hJH2eRFSY4Xr7A5R9YgmGPtyN7GnA6CsKnrAAMdrIZgpdPXG4injejvhhw B/XA1cqsjFGbZo1PjfMtUAODl7/u3f/f/4/60xP3JvGb79D/wd3YhiVXBtLBsiWe OcCn555Tf/PYzIDvNjGNGiESzBSY8Wm0WZp2hSwXkaJts0Tx/fcENhcR6vHjxWGm 7bfV6qmQ9g6GGFT5u7gsnVYaDcNDQOnJ3goU5zUKB8OLv8euIQ6SjoAf6Dwn+bKh DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 351447723077773858897255573206066766842512 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-28 16:45:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-26 16:45:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ristomattila.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20928602959127521364553788756278614921790612668792237065712086796098837493612834903682772716006033636371076117896058541515361573692747217285277173450898259163965483368123844818223094328266076877135117138355886557792280130489709199806940232116085361250135543652179558118089776361233589289419486877702101783026258164950840017919441959873943585179103471367964148737372264604636361796382466373207692639593785732248461112918360986168960468438175751247182649983552685190810611462219364252166067829064142550245491946845147431256756232079931874972852775455608126433501224513821055467812686062124866552686744240866301282787597 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6d699b19b559bf2b8cffaea0103dbc925c771ee9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ristomattila.fi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ristomattila.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0015dc8e4ba080cb8e5aa7c56e55e0acdd7bd12250788c34112ed8c0213cb64a1b7939e149abdae4730c34a3503043778ac8cde9beeb3b2268b338705806b8151359ecbba39ce28512ccfa241d64379e3893cafc8e70f17ce78ef29c366d2c1f85e9edbaa89422d10bd65da054a176eb8bba6fe7e18d6250dc1d79801c774dae1351ebd8f39702531dc39032ce4780d6d90996e33abe0537e388c2c98a362cf8f80eed79055783eec689f8aca2848c14a5d364b3128da3c933e1cb628becc0c4a3ebb5a29b1d21c341927877fb2f81c600c6cfebb25f48b71bfca0574b1b2a411ed6ec549f54d53cdfde1052824bd9d13528de7cb3670901587fa6f1cc6b89167c