pianecrati.com

Issued by R3

About this certificate

This digital certificate with serial number 04:af:d8:9e:32:1e:a3:c6:ef:9d:f0:43:90:a7:b0:9f:e9:bd was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=pianecrati.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:af:d8:9e:32:1e:a3:c6:ef:9d:f0:43:90:a7:b0:9f:e9:bd
Serial Number (int): 408286492584746419637382339787938315889085
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 53:7a:01:b8:35:8b:de:6b:98:b3:8e:a1:ab:dc:05:64:86:d9:0e:22
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 08:dd:a8:da:4e:bd:24:f4:49:5e:6f:58:7e:57:3a:05:6b:d1:bc:cf
Fingerprint (sha256): 06:1b:ed:6c:ba:f8:c0:a4:49:e2:20:cf:fa:67:12:0c:2f:fd:a2:67:cc:d3:d5:23:d7:39:2b:64:9d:55:2e:1b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate pianecrati.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for pianecrati.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pianecrati.com

Other certificates including the domain name pianecrati.com

(limited to 100 certificates)
pianecrati.com
magnati.com
pianecrati.com
www.pianecrati.com
www.pianecrati.com
pianecrati.com
www.basada.com
pianecrati.com
www.pianecrati.com
673.me
pianecrati.com
www.pianecrati.com
pianecrati.com
pianecrati.com
www.pianecrati.com

Certificate

The complete raw certificate details for pianecrati.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISBK/YnjIeo8bvnfBDkKewn+m9MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMTExNjQyNDhaFw0yNDAzMTAxNjQyNDdaMBkxFzAVBgNVBAMT
DnBpYW5lY3JhdGkuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
rFuFOmSWdhKYtTAsQ6ZpiG+7v9CzYGugl4Wfb3WF+HNPCE+DGdBndkRESVpswulE
sLkblGZfc/+bPyo7UW/5JnPV8c5H2rHC5eh3Kn4s+GGnMUwn2Gacby1x3sP0i0wP
wT7KH09Z/28p66zWdvK0HKIggLBNG1EtetAlV4Dsbmzrc19lPmMMNM8N3y5EoHFb
nfZnKhjh+iYoRhHlA0fieYY3ow1zOKJuqjKKDjqtU1FQZ4iGldU+G1M3CkWvuh9I
xjKRFMNJwIwSoX8PrNSfdH1CWt3ar/ZUMjtWXp9OhilIKiFlqNbrOmTpCTNK60Em
vLMF69pMjoC3ZKTrBGXEdAE9e3kAtplZGPP+eNainzuN7+RLQ8MjZ+hiQaKNCd4h
KOuvysj3mS9B+RTaDT/mQ/slVV8njsRAJ0YH0mxtEcetdtRT3NY7Krtmb1/dXMTm
kvllVOliRHZFx0ZrxWe+9GPPyYNkH1PfXnQJnccK4lHYkzrBy7nxnhr6K+BEhTf4
Nf19VpJM5pfvscl2TvH0IlkdXbUMr+FYyS88ZczJgoZszx8DM6w6R/rKuXy1WM5l
8ojVgvYixmefgxQLDJxGS5Av1+oiVZ2dkJRIcKAgMlu2zJaNWFxalvHYMXgU2E4x
yZy4gCkjBbcVa3r8RCyHdA/uLqwrRPBk2Muc/pZlUJkCAwEAAaOCAhAwggIMMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUU3oBuDWL3muYs46hq9wFZIbZDiIwHwYDVR0j
BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9yMy5pLmxlbmNyLm9yZy8wGQYDVR0RBBIwEIIOcGlhbmVjcmF0aS5jb20wEwYD
VR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBIsONr
2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYxZ+W9VAAAEAwBHMEUCIQCh
ykRZMAUw+Xxm67DAvJ9mdXVDByQ1ZMWY97TUwHBuHwIgVPPK5BAEwh7DsHHZYmXA
ALsv4W0pl7fbuULYyaCgk28AdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3ivia
bfUX2AAAAYxZ+W9WAAAEAwBHMEUCIEN4uW80J+FiI8hDZ1WKdbmiO1zBj4QNluLC
67jBXPEgAiEA/iGkVCPGsvdbCiigN1wg3Z/jjwrjOkamH9ZB0NUYq+kwDQYJKoZI
hvcNAQELBQADggEBAEct2AiT3nabdZaaqc8QAHTCkay3hFvP9Dmn7aN4PrWsfZmh
RiGSv8Jnw56oHRn4HjBWnyHXsnYcg42DrScjAIMCFyFQyZEDhnG/PXxNlu6eqLSN
Q9lUiFl1m5ByzEsQIr0Iap2XGWHkk8Nw73dMiSoIVzIRlhcEGYZEeDZXfrSrmMsa
/h119N1t4lzZR5dtO0s80Gas4nLZO3QNgoXE7apqqAJ+8H6pyuGU/Efwt+T1AtWI
TR21SiHvh44ffM2XI3Mvj+QDUmulHT1noOyk8M8VldfSX99mcI1psojieojmqLHF
gXiFzmI/sgNDbd2Fxq1tBqRVavO8ez/G0zT3t1w=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArFuFOmSWdhKYtTAsQ6Zp
iG+7v9CzYGugl4Wfb3WF+HNPCE+DGdBndkRESVpswulEsLkblGZfc/+bPyo7UW/5
JnPV8c5H2rHC5eh3Kn4s+GGnMUwn2Gacby1x3sP0i0wPwT7KH09Z/28p66zWdvK0
HKIggLBNG1EtetAlV4Dsbmzrc19lPmMMNM8N3y5EoHFbnfZnKhjh+iYoRhHlA0fi
eYY3ow1zOKJuqjKKDjqtU1FQZ4iGldU+G1M3CkWvuh9IxjKRFMNJwIwSoX8PrNSf
dH1CWt3ar/ZUMjtWXp9OhilIKiFlqNbrOmTpCTNK60EmvLMF69pMjoC3ZKTrBGXE
dAE9e3kAtplZGPP+eNainzuN7+RLQ8MjZ+hiQaKNCd4hKOuvysj3mS9B+RTaDT/m
Q/slVV8njsRAJ0YH0mxtEcetdtRT3NY7Krtmb1/dXMTmkvllVOliRHZFx0ZrxWe+
9GPPyYNkH1PfXnQJnccK4lHYkzrBy7nxnhr6K+BEhTf4Nf19VpJM5pfvscl2TvH0
IlkdXbUMr+FYyS88ZczJgoZszx8DM6w6R/rKuXy1WM5l8ojVgvYixmefgxQLDJxG
S5Av1+oiVZ2dkJRIcKAgMlu2zJaNWFxalvHYMXgU2E4xyZy4gCkjBbcVa3r8RCyH
dA/uLqwrRPBk2Muc/pZlUJkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 408286492584746419637382339787938315889085
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 16:42:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 16:42:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pianecrati.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 703157259182885188787657987471042556563785574706541814092798825235440724434913950373604981444074836599400092914767017823688051846588661555140323362206940614952453248459194589677168573583220969182840459191651967100799182720165469323411123088565246948776498492262903793116103956541015508031556851562502327976145123655630072356090876759507759751045276100762762188344305082496167522176542270774590131935847624979348419267306325886876147922473518874886619668657019135716074548526188403236900857215424470176631730912018669143410853538254888597739369329690112722921068588953035880968515265287065995258677214696258847136131847051461131883658721145320118781535596041936189611082166943058392553190708748525218121861131287621639249568824782411143724603077196959155523349088913617483919899145917349005609223371730187431621520597370515961821626062658236365541584805691863440739831427610160501351287307639745430234371035652925921979546953628845402874526698250671119205329382901257255608139018673519524729702182341979283372738852694877960934344474358443571804493804677300451157505322107702902572409204316254770247841014379578401812434033742404661241463190810298034584863269417315652907823885083152792330998348510016092950963763408412639381139312793
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							537a01b8358bde6b98b38ea1abdc056486d90e22
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pianecrati.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c59f96f550000040300473045022100a1ca4459300530f97c66ebb0c0bc9f6675754307243564c598f7b4d4c0706e1f022054f3cae41004c21ec3b071d96265c000bb2fe16d2997b7dbb942d8c9a0a0936f007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c59f96f56000004030047304502204378b96f3427e16223c84367558a75b9a23b5cc18f840d96e2c2ebb8c15cf120022100fe21a45423c6b2f75b0a28a0375c20dd9fe38f0ae33a46a61fd641d0d518abe9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00472dd80893de769b75969aa9cf100074c291acb7845bcff439a7eda3783eb5ac7d99a1462192bfc267c39ea81d19f81e30569f21d7b2761c838d83ad2723008302172150c991038671bf3d7c4d96ee9ea8b48d43d9548859759b9072cc4b1022bd086a9d971961e493c370ef774c892a085732119617041986447836577eb4ab98cb1afe1d75f4dd6de25cd947976d3b4b3cd066ace272d93b740d8285c4edaa6aa8027ef07ea9cae194fc47f0b7e4f502d5884d1db54a21ef878e1f7ccd9723732f8fe403526ba51d3d67a0eca4f0cf1595d7d25fdf66708d69b288e27a88e6a8b1c5817885ce623fb203436ddd85c6ad6d06a4556af3bc7b3fc6d334f7b75c