www.pieveemanuele.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:a2:1f:a3:46:31:49:a3:c0:8d:7f:fd:98:6d:0e:a2:c5:ee was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.pieveemanuele.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:a2:1f:a3:46:31:49:a3:c0:8d:7f:fd:98:6d:0e:a2:c5:eeSerial Number (int): 403616941004163933825271768817382098912750
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 2e:4f:d1:4e:03:0b:ff:d6:4f:cc:fd:01:be:38:58:35:40:4a:bf:02
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): dd:b5:f6:c6:74:ac:aa:b2:fc:fb:30:94:17:81:e2:04:02:59:5f:80
Fingerprint (sha256): 0a:0a:c9:44:ad:b1:98:9d:17:e3:e4:15:cd:ab:12:60:43:f4:d0:f0:50:37:79:9d:04:d9:f0:7d:fd:e6:0b:57
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.pieveemanuele.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.pieveemanuele.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.pieveemanuele.org
Other certificates including the domain name pieveemanuele.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.pieveemanuele.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYjCCBUqgAwIBAgISBKIfo0YxSaPAjX/9mG0OosXuMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDIyMzAyMzBaFw0y MDAzMDEyMzAyMzBaMCAxHjAcBgNVBAMTFXd3dy5waWV2ZWVtYW51ZWxlLm9yZzCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOhDQRpra3N676112vI7B3gf 2cev2lBUnc0aS7S4k4+7h76voKfus/7c/hOE1T1aZvXQq4EzW/ZvmsHFmfFQCM8c /1kJK78tH7j2bjQrQ91qi3hCajiUMRn3Cn6Q+f0/jucWdcqa2xyfPrqHKFSolvY+ WK28s7fyTt6fJ8BAx1k6Ef9f+QP+fzVvZy2+eVpYX5ModlCCLxkR9KUIN2eQ5oME seetSnO+Wj0by7+hVx1wb9rp4PzHktuQwVrkOYVjG/9MEiVXPB3hsXrRZ/8geLdM Ji/ZselIWT2HZ66KupS5+id7e3+2eSiYlpUKhIUcvKd9AdNClCQDPgkgNsXs6/kZ tJ11n5MLyMiHlz5Jq5UxdK45MDd8ms2fhYxO6XT6e8QpuRM6NOOmuPjJWQ3ajZi4 4AQmkna2BolJ5xZ897Kdza3t8LwG8ncTcTJNb2L8iQm/MQ857zTlF8nvT0avGMiW TzM4fWCCdP3/wBagjMYLPdpXrXl6xWp64ELMkEQZN5+tArsa3oCZ0NqhcNdn7EW/ AmZs7Iylgb62jjB9/If7RvKJJYNJAvMz8jd7v1NavkkozufF0xEKnSyRYB+DD64B ELYw2ycuz7RjM2UNM6OieGEKvHtSo2gj94eSMBJQIJgUqMoVvf+2HrgAw//2EwNA 0fIAW6QUTNkuqbD0jOnNAgMBAAGjggJqMIICZjAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFC5P0U4DC//WT8z9Ab44WDVASr8CMB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIAYDVR0RBBkwF4IVd3d3LnBpZXZl ZW1hbnVlbGUub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHYAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6 GmnTohwAAAFuyRDH5QAABAMARzBFAiBxnh6ypYiHJkZAYgAi4rUIesztNfVwvCiI qQlxlP5AEwIhALGrsNONdqmMwiXK1ZOMs20kJqUpmW/U+geQJTtfYZz5AHYAb1N2 rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFuyRDIVAAABAMARzBFAiEA ozlH845MlDdzb+r69H+djiTvAqLrC0q+A3vSAqrlXS8CIFf7WwwJEAHZ7/8Gf2mo 7SNZ/4QAmUNL5KqBPKQfxx5kMA0GCSqGSIb3DQEBCwUAA4IBAQAH1LDIA73LPZLr rqpxSsbB916qfHmdFF3EY8oir5+lGfds+nD2czSnW+DpgDv4YxbX0tAD9/J5ozL8 DmbSlSFJAvo8oTYe10nZGk/5DbHylzFFIZN0AwzF8UhldpkUvovsiZZROR0KTlfP xM+41lAO3+MTDkuticJDY7YLiDd+w3Z/lL+hBUbLKQKSQ3boHb5ncGe8idIiKHVU MDlsugLCNiClcPjGntQaGF6hSDGUJ3ALlhlufFR9sFSLESy+Ojz88CVp4DEHn37+ 2U5sJwjpZlQlgs2/9nt6pW4H+Rf180tGIXskP9LEnvjrr0SVU3eaLEtyDglm/blE KU5CbuBe -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ENBGmtrc3rvrXXa8jsH eB/Zx6/aUFSdzRpLtLiTj7uHvq+gp+6z/tz+E4TVPVpm9dCrgTNb9m+awcWZ8VAI zxz/WQkrvy0fuPZuNCtD3WqLeEJqOJQxGfcKfpD5/T+O5xZ1yprbHJ8+uocoVKiW 9j5Yrbyzt/JO3p8nwEDHWToR/1/5A/5/NW9nLb55Wlhfkyh2UIIvGRH0pQg3Z5Dm gwSx561Kc75aPRvLv6FXHXBv2ung/MeS25DBWuQ5hWMb/0wSJVc8HeGxetFn/yB4 t0wmL9mx6UhZPYdnroq6lLn6J3t7f7Z5KJiWlQqEhRy8p30B00KUJAM+CSA2xezr +Rm0nXWfkwvIyIeXPkmrlTF0rjkwN3yazZ+FjE7pdPp7xCm5Ezo046a4+MlZDdqN mLjgBCaSdrYGiUnnFnz3sp3Nre3wvAbydxNxMk1vYvyJCb8xDznvNOUXye9PRq8Y yJZPMzh9YIJ0/f/AFqCMxgs92leteXrFanrgQsyQRBk3n60CuxregJnQ2qFw12fs Rb8CZmzsjKWBvraOMH38h/tG8oklg0kC8zPyN3u/U1q+SSjO58XTEQqdLJFgH4MP rgEQtjDbJy7PtGMzZQ0zo6J4YQq8e1KjaCP3h5IwElAgmBSoyhW9/7YeuADD//YT A0DR8gBbpBRM2S6psPSM6c0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 403616941004163933825271768817382098912750 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 23:02:30 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-01 23:02:30 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.pieveemanuele.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 947549195828778550915062850315369168428789704108397369100569751330641662163205133601764632615267104993381475281589145624354516799982387634891100626818802556558712495560172182027169097381692921844766565168571068400669497466109540202796967901828135759992462075953942084041260091024943140830796344464052100048432224948580467413185936775640456880378284530316556812033620523152455552004887563890701033251810520440833702776836426967023308744960446373287679738899940491630155320359141276465614647715922508086922251834640739862450579599890375443024283843638157380495850399320692112241185083475842234241524951778582651239107681041438694434779833437826684295409425922580246437201770676591468092667001897108054974632255245868627066191190328573390277588154135932356582054544263087298201024844538969584691497456915707244738152019548121022010420980655596264826157715817656710956906741037548263031685891667991323466524918109393095569605697909889929955745418657953046314991405082482829106774594723612773335985911140832394135482689240325397924492959474698916735697130768448424086914326036599478998025078886201553424789043178107809132446569051779754119917140117057882797133854826240603797144065373498784338344168380686474239659300205819231933937019341 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2e4fd14e030bffd64fccfd01be385835404abf02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pieveemanuele.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ec910c7e500000403004730450220719e1eb2a58887264640620022e2b5087acced35f570bc2888a9097194fe4013022100b1abb0d38d76a98cc225cad5938cb36d2426a529996fd4fa0790253b5f619cf90076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016ec910c8540000040300473045022100a33947f38e4c9437736feafaf47f9d8e24ef02a2eb0b4abe037bd202aae55d2f022057fb5b0c091001d9efff067f69a8ed2359ff840099434be4aa813ca41fc71e64 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0007d4b0c803bdcb3d92ebaeaa714ac6c1f75eaa7c799d145dc463ca22af9fa519f76cfa70f67334a75be0e9803bf86316d7d2d003f7f279a332fc0e66d295214902fa3ca1361ed749d91a4ff90db1f2973145219374030cc5f14865769914be8bec899651391d0a4e57cfc4cfb8d6500edfe3130e4bad89c24363b60b88377ec3767f94bfa10546cb2902924376e81dbe677067bc89d22228755430396cba02c23620a570f8c69ed41a185ea148319427700b96196e7c547db0548b112cbe3a3cfcf02569e031079f7efed94e6c2708e966542582cdbff67b7aa56e07f917f5f34b46217b243fd2c49ef8ebaf449553779a2c4b720e0966fdb944294e426ee05e