valida.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:58:6f:95:b5:37:68:c1:a9:49:3c:ec:6f:71:ee:aa:a6:27 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=valida.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:58:6f:95:b5:37:68:c1:a9:49:3c:ec:6f:71:ee:aa:a6:27Serial Number (int): 291430027719593479838230066330536000529959
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a2:19:1f:71:58:f0:82:7e:09:1b:db:ee:b2:a4:51:30:a1:41:0f:c7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 41:c5:29:1c:da:af:6c:ba:89:eb:7e:6d:e5:18:bc:97:9a:6c:f5:a0
Fingerprint (sha256): 00:ac:9c:e1:e8:04:d6:ec:df:8e:5f:43:20:56:eb:67:d8:32:bd:bb:b9:d2:2e:c6:15:6b:35:43:17:2d:4f:52
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate valida.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for valida.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
valida.org
www.valida.org
www.valida.org
Other certificates including the domain name valida.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for valida.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWjCCBUKgAwIBAgISA1hvlbU3aMGpSTzsb3HuqqYnMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMTkwMzA0MzVaFw0y MDAyMTcwMzA0MzVaMBUxEzARBgNVBAMTCnZhbGlkYS5vcmcwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQD00cWS3VqGL77L0eq7bj53k6BzgzK+zj3yMZy2 LeANm1Cn/pMsOJaLm+twOO+9ihvb83Sfp4ThiB7eZP39eH+gd/xKARmM26Tzpltv u/mQnjHTP/dEOT8HzBqlYfnqNAudFYsbPShH2rPgPfgwVuWiivccP233dKZ8QaD7 FeMkEIQmCjM614Uv/ibM0/ObcFXYcw4edhI/0WiUnou7o5c3n6BLrvOqseXKdRnn xOI5zohD66KeU4APbCDP8Mr6U7QjPAazxQ19MGPh7u1FsJwqr/Ltu6l/5fAd+Hw7 q4DJGb4/1KpKnvpuKCNlAecXyoOM7H42I31UzqeGREQjhLU/hH8fNoYpZPlBeaON RIG81wqYX8IQB91w8xAsnjxFhNqFVOzKAQpf+cFN9kPdScYe3vtvvlJiQsSQ77Ww ZvO4qsaERorcKm97aXgA43WFSPKsdlfIl9NblRXBny+TTiwJXoFHj1X3BL2xmI3K n3PcPufA9y2xAZBIqADKXry9yuQDM2sDZpmP/IyAmoGGyaTkPE8+2Fpimob6svY2 lG8NMZ3y0bqYFVYZkJlXUNLYCTZw8TFjyNKqZQwogIVA4WuDkqPB0eLMSOU0PvNR 6M2kClk/oe+WlQmfLI/G6NRuuacRLatARUL7TtVr2iVgV+V2ryqFJF/VrTOOLQp+ jfPA0wIDAQABo4ICbTCCAmkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSiGR9xWPCC fgkb2+6ypFEwoUEPxzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMCUGA1UdEQQeMByCCnZhbGlkYS5vcmeCDnd3dy52YWxp ZGEub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHW eQIEAgSB8wSB8ADuAHUAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgA AAFugdVhFgAABAMARjBEAiA79HyerV7ivUFKySB4PEUT+X9cbw3f4laxpQ2khthh FQIgS0yZR7d+hDDlu/zxB4x2wCyHMBqQFr2homa+2W4mQzIAdQCyHgXMi6LNiiBO h2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW6B1WEHAAAEAwBGMEQCIE7OIk8qmMW+ /YAqpmWcL921/1ZaBs9etc2oCDUuFXlOAiAeQr+++RpLKGfRLnT2kGZrKqal1uuS vVayt9xImw/nqDANBgkqhkiG9w0BAQsFAAOCAQEABmm2pCiMx2SD4MEidgLwWapf tAbu1coG0asVDexeDhwEYTUx7EjwgvfgeabqTltF97fx8c0is0Bgo9kNjD/DpzJ+ WQcEbLHKsb49tfSOzMzc6Z40V2uxV28FzrixxHwF00oaxQyjM+bflA4FiG4AJCfY UQuy2Xr9rlmFbgSeJc8d9hyUYlnLQF16cfn2LTUEpnVjke/52Rvcf8o6wZCWkvh9 h+iS8yiqZHljvUH6A1nHkc7A4ffcsZyiy3pFwaiTBpsy/dQbSREnStvdHR80acOF FRPipesOc8nCsiV2wYUqE77374wl/Kz4pnJNS0zCtUYv4h4cdd1qoV9KcYx4CA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9NHFkt1ahi++y9Hqu24+ d5Ogc4Myvs498jGcti3gDZtQp/6TLDiWi5vrcDjvvYob2/N0n6eE4Yge3mT9/Xh/ oHf8SgEZjNuk86Zbb7v5kJ4x0z/3RDk/B8wapWH56jQLnRWLGz0oR9qz4D34MFbl oor3HD9t93SmfEGg+xXjJBCEJgozOteFL/4mzNPzm3BV2HMOHnYSP9FolJ6Lu6OX N5+gS67zqrHlynUZ58TiOc6IQ+uinlOAD2wgz/DK+lO0IzwGs8UNfTBj4e7tRbCc Kq/y7bupf+XwHfh8O6uAyRm+P9SqSp76bigjZQHnF8qDjOx+NiN9VM6nhkREI4S1 P4R/HzaGKWT5QXmjjUSBvNcKmF/CEAfdcPMQLJ48RYTahVTsygEKX/nBTfZD3UnG Ht77b75SYkLEkO+1sGbzuKrGhEaK3Cpve2l4AON1hUjyrHZXyJfTW5UVwZ8vk04s CV6BR49V9wS9sZiNyp9z3D7nwPctsQGQSKgAyl68vcrkAzNrA2aZj/yMgJqBhsmk 5DxPPthaYpqG+rL2NpRvDTGd8tG6mBVWGZCZV1DS2Ak2cPExY8jSqmUMKICFQOFr g5KjwdHizEjlND7zUejNpApZP6HvlpUJnyyPxujUbrmnES2rQEVC+07Va9olYFfl dq8qhSRf1a0zji0Kfo3zwNMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 291430027719593479838230066330536000529959 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-19 03:04:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-17 03:04:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'valida.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 998776098558643670437814124974910019800708251754622753750369986984056836872718638786901051098096265333518376707097593002493908958054155599237552807774683533837615880255421256596780961075727038693233755833123572155026994725523036104589413531948779302564559254418187752774855303427995113041907286396425327954479866375541553510832801195289323550535726342238386160895330545485604810652278664439322753713249247297067018783922717178167479422277152264166908312666369055668961919361756402458464282875428268368609580440993315044783083464052745218608634732861536490655615607891787837667671997104263314318850245280931490404318320492481572780077418453052134612171309945037916307392566966060098135216977266256823582233116511694218274136111954444844601505693101052279365420060059143400312747791520312013531757402774055783239753391466829822494032748242095432813352930898397938375530395088356367756739150854751437519583703910563177573874645621148283549807450415934153454229170705578144520295515522939804692323777236963806129549912962121069323772334585323699891430691258208013033738401108670268802579329963838952899200170629142139611933358673348844144132967734239738383962667861390627395764370063433766147878997898353338878371643275480807145058058451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a2191f7158f0827e091bdbeeb2a45130a1410fc7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valida.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.valida.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016e81d56116000004030046304402203bf47c9ead5ee2bd414ac920783c4513f97f5c6f0ddfe256b1a50da486d8611502204b4c9947b77e8430e5bbfcf1078c76c02c87301a9016bda1a266bed96e264332007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e81d56107000004030046304402204ece224f2a98c5befd802aa6659c2fddb5ff565a06cf5eb5cda808352e15794e02201e42bfbef91a4b2867d12e74f690666b2aa6a5d6eb92bd56b2b7dc489b0fe7a8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000669b6a4288cc76483e0c1227602f059aa5fb406eed5ca06d1ab150dec5e0e1c04613531ec48f082f7e079a6ea4e5b45f7b7f1f1cd22b34060a3d90d8c3fc3a7327e5907046cb1cab1be3db5f48eccccdce99e34576bb1576f05ceb8b1c47c05d34a1ac50ca333e6df940e05886e002427d8510bb2d97afdae59856e049e25cf1df61c946259cb405d7a71f9f62d3504a6756391eff9d91bdc7fca3ac1909692f87d87e892f328aa647963bd41fa0359c791cec0e1f7dcb19ca2cb7a45c1a893069b32fdd41b4911274adbdd1d1f3469c3851513e2a5eb0e73c9c2b22576c1852a13bef7ef8c25fcacf8a6724d4b4cc2b5462fe21e1c75dd6aa15f4a718c7808