www.fontanafredda.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:24:78:a0:0c:03:48:f0:15:bd:fe:1c:c2:ed:7e:30:98:d0 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.fontanafredda.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:24:78:a0:0c:03:48:f0:15:bd:fe:1c:c2:ed:7e:30:98:d0Serial Number (int): 360859647306835499645287229555122298198224
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: e7:26:4f:4c:b8:11:4e:f9:04:67:df:f2:78:02:ff:8c:0e:e9:56:c6
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 60:37:23:4a:91:e2:19:7e:99:ac:65:98:c2:2d:10:b5:6f:f8:5e:8a
Fingerprint (sha256): 0d:d4:0f:b5:1b:a8:f4:d8:76:0a:5a:4b:ac:f3:4b:cc:05:27:cb:21:f0:11:02:d0:9e:8b:d9:e9:8f:8b:f9:8f
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.fontanafredda.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.fontanafredda.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.fontanafredda.org
Other certificates including the domain name fontanafredda.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.fontanafredda.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYjCCBUqgAwIBAgISBCR4oAwDSPAVvf4cwu1+MJjQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDIyMzAxMjZaFw0y MDAzMDEyMzAxMjZaMCAxHjAcBgNVBAMTFXd3dy5mb250YW5hZnJlZGRhLm9yZzCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsxpDHLk8aGpDlKOYb3Qxau pUWxzjIkUgGKL/Pw8L4Bu6jfaqtnr9Uit9Jf+61Nu/R9MaHHMfRZIYUsRFnPRPgu Q2hjR2L1NO7sNW379046jmlc5MOVFV2kJpqT0bIzeS8yZf2aEwvdmAzYPyku2dI6 ew0pIz2jU0g+8bp9M36UQ1s98BlFj3y3gUzD0L5VcDfDqEMzk3rw0sRC0sihaghL xZQ0jyQxZ8P6bHsQWkXf5bewdVa78NzJJxY6BdfgLTTagdxSPUs4WBCYDjZcD2Jm WOFTjMoUfdZa1iv6T3xltCMwqJUOoZ+h3QlNeEn8Q28q4XLxEWLEmvGlpd3N1K/c NCJC29rmCpjHbi+EJ8Oc00UiNQtTR7SwlzzzUyr6lg6Le4HjHbtlQE3TpHoYuTnJ j+/n/qaLVuj8ROfqptKrcyiUGYX5zHkNfJZ5QFDtTwMK0JpwMZwlWEKiUuqniVvM z1Wo9+HJAIwsFfkvIf4fCdXqBIt4ZqJG1PLq9pLzVeivm4DUPo+R8YWmR4JlJiYF U9R6sLfwAMpmsDAw7HqC80tKQi1k1vX7KrZvM9wGc7ub9+6oB+NAbs3qn88eTUGq zRswvC6ILr+UHBzY0Eh6DhKcA8j1ZFygmzwGKU6XsbdSPxy9QmqCZCEILitm5fue q4mlNdVlAhAa6XR8QvIrAgMBAAGjggJqMIICZjAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFOcmT0y4EU75BGff8ngC/4wO6VbGMB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIAYDVR0RBBkwF4IVd3d3LmZvbnRh bmFmcmVkZGEub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHYAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklT Le+LkF4AAAFuyQ/NIAAABAMARzBFAiAQLaSrLQlsyqH8RKZCW98Yo/5ak5fy6bod B8RY3uDubQIhAIb79fwD4u36HzTm8TjNN0BKlGip1X+gORd/cxh/DWkyAHYAb1N2 rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFuyQ/PMwAABAMARzBFAiEA moB6YFUySxiGR+dehzrtHgE9w0ksIyhuNEk/BwhSvK0CICyJFGEU2SB8pQynZ9BT m0xKUFwvCklWQKAS+wn4GYmqMA0GCSqGSIb3DQEBCwUAA4IBAQAencQscx5MabjB 1tzHyJd4m3bCfkX5glrqIzzRJ0FIKVl6ee6xhxma7+qsj/WT0aRl9zyt8apzPG5Y z9r5bmgEbhQ4ezAyFD6lGPvESswvGSV+41UfXePFX6ncxI5kE4y1WR2pMjYxO/5G oBIW08PnKySfKumpbEAzRoHbgBe5CoXZk7IPTPLLdWVh1Y1wFlwKP7pb9b0Bcszq d9W5pKN3MkA66AZ3iRwoPrc1ptPj7q76w3figFTT4OOEDlno5z2CA+n3JE1vpvqM igixeNLmB3Ui+IiCnn+D5Fdt2INpAfNS3sWXaGS2Gk7VFoCpm8/Ljvs8bYgT2z77 AsXzicsF -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyzGkMcuTxoakOUo5hvdD Fq6lRbHOMiRSAYov8/DwvgG7qN9qq2ev1SK30l/7rU279H0xoccx9FkhhSxEWc9E +C5DaGNHYvU07uw1bfv3TjqOaVzkw5UVXaQmmpPRsjN5LzJl/ZoTC92YDNg/KS7Z 0jp7DSkjPaNTSD7xun0zfpRDWz3wGUWPfLeBTMPQvlVwN8OoQzOTevDSxELSyKFq CEvFlDSPJDFnw/psexBaRd/lt7B1Vrvw3MknFjoF1+AtNNqB3FI9SzhYEJgONlwP YmZY4VOMyhR91lrWK/pPfGW0IzColQ6hn6HdCU14SfxDbyrhcvERYsSa8aWl3c3U r9w0IkLb2uYKmMduL4Qnw5zTRSI1C1NHtLCXPPNTKvqWDot7geMdu2VATdOkehi5 OcmP7+f+potW6PxE5+qm0qtzKJQZhfnMeQ18lnlAUO1PAwrQmnAxnCVYQqJS6qeJ W8zPVaj34ckAjCwV+S8h/h8J1eoEi3hmokbU8ur2kvNV6K+bgNQ+j5HxhaZHgmUm JgVT1Hqwt/AAymawMDDseoLzS0pCLWTW9fsqtm8z3AZzu5v37qgH40Buzeqfzx5N QarNGzC8Loguv5QcHNjQSHoOEpwDyPVkXKCbPAYpTpext1I/HL1CaoJkIQguK2bl +56riaU11WUCEBrpdHxC8isCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 360859647306835499645287229555122298198224 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 23:01:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-01 23:01:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.fontanafredda.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 828958836359211006374041187724627308141371656779292267350809677186155845763930287843148996014899773816552890732561298225380104529080073834569078051572515465271712944856732398580758650095433319878648826196962992706997858172313428438315102572195895907661936912229970336124130309524747736829736420904160014076526160061200192128131232525684899632286681749199619545331061241581986816417914533765040244586175108303507485928146323882184770973539367598766440352148419483546358863294424652569550760287413633750432006473015356429800225619869322692080551543496156259154795669906998788291510988983671156509055600081985422975584232661809108572447689246101119248869351007739146550763346845297463335934590824268469021375993976291462534651311462106656604344097262465451669503006640537506949381827997767952355496410180505649058822038118988462928506219665159517745178176665776695060456175669875264455964676233297667795685555737777559133991978358338074492825063601796560346610612939248862990536760859144342963225964023777603470313185594062068124732197464193230719878552727135230486855238714231209267838692606522387797234668245076234651914557908745742944506864349341117528698283082563377764389151855772625289189769438620932313100219771310068783143645739 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e7264f4cb8114ef90467dff27802ff8c0ee956c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fontanafredda.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016ec90fcd2000000403004730450220102da4ab2d096ccaa1fc44a6425bdf18a3fe5a9397f2e9ba1d07c458dee0ee6d02210086fbf5fc03e2edfa1f34e6f138cd37404a9468a9d57fa039177f73187f0d69320076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016ec90fcf3300000403004730450221009a807a6055324b188647e75e873aed1e013dc3492c23286e34493f070852bcad02202c89146114d9207ca50ca767d0539b4c4a505c2f0a495640a012fb09f81989aa . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001e9dc42c731e4c69b8c1d6dcc7c897789b76c27e45f9825aea233cd127414829597a79eeb187199aefeaac8ff593d1a465f73cadf1aa733c6e58cfdaf96e68046e14387b3032143ea518fbc44acc2f19257ee3551f5de3c55fa9dcc48e64138cb5591da93236313bfe46a01216d3c3e72b249f2ae9a96c40334681db8017b90a85d993b20f4cf2cb756561d58d70165c0a3fba5bf5bd0172ccea77d5b9a4a37732403ae80677891c283eb735a6d3e3eeaefac377e28054d3e0e3840e59e8e73d8203e9f7244d6fa6fa8c8a08b178d2e6077522f888829e7f83e4576dd8836901f352dec5976864b61a4ed51680a99bcfcb8efb3c6d8813db3efb02c5f389cb05