bernareggio.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:47:e5:4d:17:20:05:32:ec:2e:a3:95:ed:0d:5f:67:da:6d was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=bernareggio.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:47:e5:4d:17:20:05:32:ec:2e:a3:95:ed:0d:5f:67:da:6dSerial Number (int): 285801699333592554833517458083725936417389
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: af:71:1b:25:b2:df:30:fd:41:bf:90:f7:a2:15:9d:1b:56:5a:5e:97
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f6:5d:78:cb:ab:67:20:14:6a:ab:03:1d:21:84:f2:2e:ac:12:91:96
Fingerprint (sha256): 01:0d:b5:5e:54:3f:c6:92:48:b4:f4:01:30:20:2d:9b:71:ee:45:49:eb:20:e8:9b:67:e4:45:c4:79:0c:ec:b0
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate bernareggio.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bernareggio.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bernareggio.org
Other certificates including the domain name bernareggio.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for bernareggio.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVjCCBT6gAwIBAgISA0flTRcgBTLsLqOV7Q1fZ9ptMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjgyMzEzMzlaFw0x OTEwMjYyMzEzMzlaMBoxGDAWBgNVBAMTD2Jlcm5hcmVnZ2lvLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBALoSG2xcbS9Ka26XFciW3gLVkywrGjXv KyqoZgPoO7dULmILNNu0NfNp2LLdF23S1OUUXsc6bl22YT4kVWYxkXT6ZGuqzs4G syt2VZIxLpLXcxSdqBdviPAQ8WgMDplIqhJsNXvhUi0p2J7Mf6E1j3Q0zbuaxWrP itKtEYQnHxBzuPSHBR2sNZndFlasurzwOD0XwMtXBf+9L+1svQyCdAjBJRA4N0L+ 8n0iUPBYDCVtilam4gz8VnKdNiZEsASTgrxNM4pwuWtW38rO+Mh2cmFaiRKoAjZk fO8Hp/MsAF6bZKF9GzACfd68j1LSFfE8caDHNwHANtV8LodFjt5uNqR9mOdn+qPN HKLiNFuQoRNBOMdkYfqVrMfo5fc1HzCh1z23haZ48CblobUBukXUQFFfy6d0Br0N SEt+p/C0ePEba8bg5JzmQgduTpiG5yKNImLL+7Ca5mt8AkRmWEWXxCJQcMefs0uy d8TTgUOIA95Prog+2JXP0J1efpZZ5Jz96dj2y/teMdjF5b+WZDOurbCWeKGy1ayt nYNeG1LQh/K31nbwF4g2RGD9KCMTfsq1RFX9BnSLBeKsfb+es+2Yx25sZGlJx4BH GATTz2aGstc9GHsVV2RfAi+T7HjPMobYEPcjB/86Z/+j8CKXN1eWwEGJrJ6tehGx rlJrk2ctCr3TAgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFK9x GyWy3zD9Qb+Q96IVnRtWWl6XMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPYmVybmFyZWdnaW8ub3Jn MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHUA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x2/4AAAFsOxNa xgAABAMARjBEAiBURg6XDoglrNzs7O8dJ8pwozOOpzqstXqHXsPF3bYsDQIgJxBw 7YeaWpOCuAuXnkAr9OVFWDoAK9Gyldy/bHEN0UwAdwBj8tvN6DvMLM8LcoQnV2sz pI1hd4+9daY4scdoVEvYjQAAAWw7E1iQAAAEAwBIMEYCIQDpiQyNqkWGGKJBi74e To5C361fQ7zTpsvS+0PCQyxaRAIhAMiRrgNk5fxXukoWsrA7uWBVQ0MjLO0FxG5j pF8CosQsMA0GCSqGSIb3DQEBCwUAA4IBAQBTtHKvZLwx0YiHKYoaU4ZFQVmDGpSe wa1pRc6mPR186qdLifA2BNNvRxFFa88PlG4Q9CFW6usq/k4n3WVU9fh0ZshiCF5o qzvsxzjR9tvyEygyZEDe4SC633hA4/zHTDmqTqs9Hr4Lw6qamDxwVx1BCMRNTSCL XBK8Ho/Z5iXaL+PM6eP43LbYNG1ff8Or2aUsZszJ+J4nO7PFsfIRI7KYhS3lkgMd 0V1cKLX6QcRzXQG2C0Lw5ZOkClmk1bcWtuG9xU4TlN9OTWUJYH0L66xePSEtU77M x67ltxYmZ0jP56OXLw7YSN6mRIMfwyuk04ghlUy9THHQNaNmDds4rk2F -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuhIbbFxtL0prbpcVyJbe AtWTLCsaNe8rKqhmA+g7t1QuYgs027Q182nYst0XbdLU5RRexzpuXbZhPiRVZjGR dPpka6rOzgazK3ZVkjEuktdzFJ2oF2+I8BDxaAwOmUiqEmw1e+FSLSnYnsx/oTWP dDTNu5rFas+K0q0RhCcfEHO49IcFHaw1md0WVqy6vPA4PRfAy1cF/70v7Wy9DIJ0 CMElEDg3Qv7yfSJQ8FgMJW2KVqbiDPxWcp02JkSwBJOCvE0zinC5a1bfys74yHZy YVqJEqgCNmR87wen8ywAXptkoX0bMAJ93ryPUtIV8TxxoMc3AcA21Xwuh0WO3m42 pH2Y52f6o80couI0W5ChE0E4x2Rh+pWsx+jl9zUfMKHXPbeFpnjwJuWhtQG6RdRA UV/Lp3QGvQ1IS36n8LR48RtrxuDknOZCB25OmIbnIo0iYsv7sJrma3wCRGZYRZfE IlBwx5+zS7J3xNOBQ4gD3k+uiD7Ylc/QnV5+llnknP3p2PbL+14x2MXlv5ZkM66t sJZ4obLVrK2dg14bUtCH8rfWdvAXiDZEYP0oIxN+yrVEVf0GdIsF4qx9v56z7ZjH bmxkaUnHgEcYBNPPZoay1z0YexVXZF8CL5PseM8yhtgQ9yMH/zpn/6PwIpc3V5bA QYmsnq16EbGuUmuTZy0KvdMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 285801699333592554833517458083725936417389 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-28 23:13:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-26 23:13:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bernareggio.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 759102353736532190403856675486210120297845269768316903699883198355385945609324108287648585147249589222872862806085697557260288214371322506192454641678324428779397972470567442989967093667692758142963121053621697725887233339430832940389745766115608327211099086763040375462151476258182355696823330073231355877775782545708938709350414041718150295853643278653816029580082657291869842039875625901912905211020999526633295654639613703134049608187040261526549721005498318438369482214895440262852132767913575919542160374410604410758342115958162488714998070682706873875866019373561758026908713780116311726202800421111501245292551425599113853975363776692213910392115993628937356452594120983732096022043586328759049577147280113933693201962484620274349376994120682280300469194568601102175477781281472992853837046814667973894907370143154535086370044626126651116201799353597283433096196852542374150102863706133909362541626447124853810274990031414834969609371286811867770832653792023991702024971626313527187001890258885518970950855806628533031481008203416346447697145569988332008595922696198801387867426784458893006403697060662539009640431959137021240276464881578190622766428918180732073591944124914739364844912707715001859768230623104404277290515923 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) af711b25b2df30fd41bf90f7a2159d1b565a5e97 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bernareggio.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016c3b135ac60000040300463044022054460e970e8825acdcececef1d27ca70a3338ea73aacb57a875ec3c5ddb62c0d0220271070ed879a5a9382b80b979e402bf4e545583a002bd1b295dcbf6c710dd14c00770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016c3b1358900000040300483046022100e9890c8daa458618a2418bbe1e4e8e42dfad5f43bcd3a6cbd2fb43c2432c5a44022100c891ae0364e5fc57ba4a16b2b03bb960554343232ced05c46e63a45f02a2c42c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0053b472af64bc31d18887298a1a5386454159831a949ec1ad6945cea63d1d7ceaa74b89f03604d36f4711456bcf0f946e10f42156eaeb2afe4e27dd6554f5f87466c862085e68ab3becc738d1f6dbf21328326440dee120badf7840e3fcc74c39aa4eab3d1ebe0bc3aa9a983c70571d4108c44d4d208b5c12bc1e8fd9e625da2fe3cce9e3f8dcb6d8346d5f7fc3abd9a52c66ccc9f89e273bb3c5b1f21123b298852de592031dd15d5c28b5fa41c4735d01b60b42f0e593a40a59a4d5b716b6e1bdc54e1394df4e4d6509607d0bebac5e3d212d53beccc7aee5b716266748cfe7a3972f0ed848dea644831fc32ba4d38821954cbd4c71d035a3660ddb38ae4d85