www.massima.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:08:bd:be:44:98:3e:22:ca:46:66:8e:a2:ae:12:3e:d2:30 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.massima.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:08:bd:be:44:98:3e:22:ca:46:66:8e:a2:ae:12:3e:d2:30Serial Number (int): 264311328749520482244592185777767390827056
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b1:dc:80:eb:27:de:a9:71:5f:6a:87:4a:7b:64:4d:23:e1:ad:40:08
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b6:82:69:f0:f7:92:51:18:e6:bb:1f:37:15:ee:6b:71:37:28:fe:d3
Fingerprint (sha256): 09:13:86:ed:ab:16:b1:0f:d3:74:ba:2c:6e:5b:26:c6:64:34:44:7e:ed:40:72:7c:2b:a3:7b:dc:80:67:47:41
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.massima.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.massima.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.massima.org
Other certificates including the domain name massima.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.massima.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWDCCBUCgAwIBAgISAwi9vkSYPiLKRmaOoq4SPtIwMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMjExNjE4MTVaFw0y MDA0MjAxNjE4MTVaMBoxGDAWBgNVBAMTD3d3dy5tYXNzaW1hLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAN2rmJ1554sef+xe6PFHwMUni96ohnoo gBL8ww/JoiAK/x1OX6VFpMssfOaCY/t96uPhIht+upxRsc4MOcaCIUXuRah5YY3V XHkO8OfuxWW9TzUTdx4faewHfCKH0G2ngcE7qeZ4syc7oKCW2PmTjr9xc1o/9k8h 1XYzo8pq7XW5Pkf4Ljs0NBQNdbTUk2pBp07J3mLON4NfacC0c5IBXeN3ZWeg6mkc Yvc4GmKLH9h6F9q/WrPa2vi8PMI3GlprFpCex9b9yVW3KaFbb8WXRzKG7Zvdkuet MZmMcPsvzsQkxx8LpEEJLO+3J0NJhsbc6k8BdteDhF1Lj0NHINIzgLrXNdWusAjI qNp5dZa1Ig+aAfbYVOTcqiaUklo27v4HPJKqa3/btjSuUrElOPn9st1BQZoCSnl6 WQx+VKagbuZ88oC9HpcoLTsgNDZWQrMXmI93Ja5VNOYpOB+qYd1AKlrmI+HGJbfS +Rd+r80JFFba2gLbrdeYr/Nvwu6lliRvMfxwIlzufPtueODTzlXDh0oT8xhTv+DZ OFP6sGLD5OAUMM/j7ZejFfaADdCItIakqMmgnXLV0lSCk0CUMwWbdWlP++kMhT4T I9h0ybLxxM80WqTEH7zgTG19PeYUf3WYO7G3M5enonm/v00UURmudwK3riaL5X51 RRogPkMMU8z9AgMBAAGjggJmMIICYjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLHc gOsn3qlxX2qHSntkTSPhrUAIMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3Lm1hc3NpbWEub3Jn MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB 9wSB9ADyAHcA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFvyRyn YwAABAMASDBGAiEAiGgARtke8mTOcGjkf1gZwXJfImYIsG4qy9e5tSUV7WgCIQCa REcfvOC8Y0KVssONPenQX+Y6RfFzNAiWVGgt4kIfkQB3ALIeBcyLos2KIE6HZvkr uYolIGdr2vpw57JJUy3vi5BeAAABb8kcp1kAAAQDAEgwRgIhAMFUGh3c8YQvoSEY NZvoDOnmdP3vWFI2gjLF33YsA45XAiEA89GzCF4nW7KwnvX52fiWRkXoWBA3jjSw ZGKjvXXQbVMwDQYJKoZIhvcNAQELBQADggEBAHpP5u8DV3+l4jPFHuK/yUo+gUzT 9L4GaB+9G1cPMPvzjiyl94s2+6STCB4eZ7fuXpgSfT8NGJOXMavvcsACse2CpLz2 FLgyxNs3niE2mysQ+uNcz6jOSs6/drpe8DL+LL7RoBWH0XcNXutKgjeahz7HRJWf 1S/mNsf1NDurEu8k/ZcqJbaD8HZEKR/ydoS9R7gdq6Hp/6NCRlS1pyzH7m5ineJz bxgHOWMe8d72+SLlf6G1MowZVlZe1gnyOw4C7g4Md01hsxHrQS+M0oG2YjCgHa6n ehxejC2UJhFFiIiDtTucAvcSm/3Hp6Fzbb+FhBUGM7fChGL/t+AWTFzbcrg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3auYnXnnix5/7F7o8UfA xSeL3qiGeiiAEvzDD8miIAr/HU5fpUWkyyx85oJj+33q4+EiG366nFGxzgw5xoIh Re5FqHlhjdVceQ7w5+7FZb1PNRN3Hh9p7Ad8IofQbaeBwTup5nizJzugoJbY+ZOO v3FzWj/2TyHVdjOjymrtdbk+R/guOzQ0FA11tNSTakGnTsneYs43g19pwLRzkgFd 43dlZ6DqaRxi9zgaYosf2HoX2r9as9ra+Lw8wjcaWmsWkJ7H1v3JVbcpoVtvxZdH Mobtm92S560xmYxw+y/OxCTHHwukQQks77cnQ0mGxtzqTwF214OEXUuPQ0cg0jOA utc11a6wCMio2nl1lrUiD5oB9thU5NyqJpSSWjbu/gc8kqprf9u2NK5SsSU4+f2y 3UFBmgJKeXpZDH5UpqBu5nzygL0elygtOyA0NlZCsxeYj3clrlU05ik4H6ph3UAq WuYj4cYlt9L5F36vzQkUVtraAtut15iv82/C7qWWJG8x/HAiXO58+2544NPOVcOH ShPzGFO/4Nk4U/qwYsPk4BQwz+Ptl6MV9oAN0Ii0hqSoyaCdctXSVIKTQJQzBZt1 aU/76QyFPhMj2HTJsvHEzzRapMQfvOBMbX095hR/dZg7sbczl6eieb+/TRRRGa53 AreuJovlfnVFGiA+QwxTzP0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 264311328749520482244592185777767390827056 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-21 16:18:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-20 16:18:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.massima.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 904335914138920947247755785916383469614928957960216113995650903652911510509367965179902566722093711835503714291057249641948685545363186782852934155500164904495843205980369070473509586795238125608818895872867358996815214284168187399824279452646867298488607778571678391428245125748584612691678488507084929926908347509880534531607492703206725731874643797854197990768748804713220502159408725881330616551061348362215253375921600858399826591923408387931809967657580610945389993933586257041472275064932919018675519621634933502591934579896857302014891722635841224161434248754325990963130178529492106322961939237960048870859899759195458901634659211399209933167435932577117803111783709519918941705638821268594518618559400138678135085451722973169502817912030617939221768865602561307104076514630767711937017982660224014007684629385100530873136685845790269406328342259151016280908772271383995136914820885329302268112923925084323294274423073616566560225900313077050291846154122963962750144904246952926668939035309926496228869417604686000073818730071813396449780907269535553573263047766921641341416397717294234222624574312698104515385123653231857445712378271744131199187322033212594293799115010001937612143801607823041724653482630411122902020902141 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b1dc80eb27dea9715f6a874a7b644d23e1ad4008 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.massima.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016fc91ca763000004030048304602210088680046d91ef264ce7068e47f5819c1725f226608b06e2acbd7b9b52515ed680221009a44471fbce0bc634295b2c38d3de9d05fe63a45f17334089654682de2421f91007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016fc91ca7590000040300483046022100c1541a1ddcf1842fa12118359be80ce9e674fdef5852368232c5df762c038e57022100f3d1b3085e275bb2b09ef5f9d9f8964645e85810378e34b06462a3bd75d06d53 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007a4fe6ef03577fa5e233c51ee2bfc94a3e814cd3f4be06681fbd1b570f30fbf38e2ca5f78b36fba493081e1e67b7ee5e98127d3f0d18939731abef72c002b1ed82a4bcf614b832c4db379e21369b2b10fae35ccfa8ce4acebf76ba5ef032fe2cbed1a01587d1770d5eeb4a82379a873ec744959fd52fe636c7f5343bab12ef24fd972a25b683f07644291ff27684bd47b81daba1e9ffa3424654b5a72cc7ee6e629de2736f180739631ef1def6f922e57fa1b5328c1956565ed609f23b0e02ee0e0c774d61b311eb412f8cd281b66230a01daea77a1c5e8c2d94261145888883b53b9c02f7129bfdc7a7a1736dbf8584150633b7c28462ffb7e0164c5cdb72b8