www.terni.co
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:7c:c4:3c:d2:20:ae:e3:d9:7f:e6:fa:af:27:66:5c:f9:76 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.terni.co
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:7c:c4:3c:d2:20:ae:e3:d9:7f:e6:fa:af:27:66:5c:f9:76Serial Number (int): 303792715780357908822367129325459673512310
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 37:a1:87:c1:a4:2a:48:4c:2e:19:e9:3a:d7:f2:ba:de:cc:31:64:37
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): fe:bf:a5:95:dc:32:02:ca:c3:b3:39:58:62:49:0c:60:c9:f1:35:8d
Fingerprint (sha256): 16:26:2a:83:d3:93:f4:55:dd:87:cc:27:da:1a:f4:1f:90:a6:13:62:96:b1:14:90:87:64:4d:5b:44:9b:10:92
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.terni.co
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.terni.co
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.terni.co
Other certificates including the domain name terni.co
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.terni.co in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTjCCBTagAwIBAgISA3zEPNIgruPZf+b6rydmXPl2MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDYyMzAzNDBaFw0y MDA1MDYyMzAzNDBaMBcxFTATBgNVBAMTDHd3dy50ZXJuaS5jbzCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBALvJRGet1QKa4SLTvq3YD4UOqnV51POMivLK P+7ckuvj4/1Va9WXmsq/WMP2G2hiR+X34WvDjqtIjkQHRNqNLh5V+033MsDuI9mw /iwsN68nxj4is5NbeLRjW5WTS2QWXQHjw9CKNw8eIAKoXqlczeJhOfD6j5i9HtzT FdSV7WPNYr3lr/uVeSKiIdFtmXGWS0RNQNAEAEzIbXeqrnKmUZBnYFK+vaFxaDQ8 mvHDq8ri1pSQatgfPHMvbFQQQeDnJ10Hw9W6intfUt1i1fGT7rrzPdns8XeUFpbB 2Lc7ooWeslgz7jM8z8NZ9Q++s22jYBvcTaX6fCggYHO2EKMaBRH+kLrn+kfy2WPa AtOjmPolHctrNJ/ztbiXtb/YB3x9LiAvLpq7yJSd1rOvWTLe3Is9VJVuoGuTGvp3 YGMajlwO02UR2uIU61Br2WEew5urIECfYd0hn/fkfO3P09L75/JBhVYjuPBD0uYO eXDQMm8xvLFfLzBw4r+oyRzuCZA/BoVcrUhc1tgokEWPt+HJZRDtOpDhYfk9RJdm GK2MYB9CiNsV9eiq48BE4F0txxY2vvVP4H1ziUvgNZJMBjvHjznfitdT1ZANqRXq c+Xjx5Djxx0Y4qtS4lutegJf1Sn6p7cwb1m16ekn8QM8MzTIu/CEhKY6CQsNeCFz 3jAHc5EdAgMBAAGjggJfMIICWzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDehh8Gk KkhMLhnpOtfyut7MMWQ3MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMd3d3LnRlcm5pLmNvMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADu AHUAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwHPWS2wAABAMA RjBEAiANseImvj5140IJac/Qc6Q+qr3QFVBdJp8pZQklOU2LcAIgfY14GuZD3SCK jQseos0ko7sZjAhMvm/MdXTyBBcFv8gAdQDnEvKwN34aYvuOyQxhhPHqezfLVh0R Jlvz4PNL8kFUbgAAAXAc9ZLmAAAEAwBGMEQCIC4faqgFrBT5ybOI0UVzIPxgYtah 9RxBeWPFkGiGasl6AiBNnJdU65sbJ4wE2hUxo6HEREVF3TfCOv+Mh2VasnIYHjAN BgkqhkiG9w0BAQsFAAOCAQEAczwW7ePuuGsivSClW/NMQ0Ul/wY+pFN6WxF7xLNH Dx5IVPRnpbhSlaEonzo5uC8ic0HiHYPkvlLFg/12Pdt4YHBQSpUE0fRW5CxG62u3 9AIXSMvqOwb1Zmx2gVuO+6B47ueoV21/vHtpHHFSo97mrxPEzeJ0eofE8mZCG0G6 V/YuJK3XG+NoI1ZEpvQJqkJqBDXalwdZx7W8/ClgpC9pgbz7a/E0MgwrZRP6efsD 5FCoK6GcZuYl7bSTVZgNgvcUEK7SSTvaoOjS0PbtdBJKcd060VMWFYxhsOujNgf1 2vfAgNt0I8SyY9cILi7cQUIRBjToMLf80nE0YXqxnaE2Wg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu8lEZ63VAprhItO+rdgP hQ6qdXnU84yK8so/7tyS6+Pj/VVr1Zeayr9Yw/YbaGJH5ffha8OOq0iORAdE2o0u HlX7TfcywO4j2bD+LCw3ryfGPiKzk1t4tGNblZNLZBZdAePD0Io3Dx4gAqheqVzN 4mE58PqPmL0e3NMV1JXtY81iveWv+5V5IqIh0W2ZcZZLRE1A0AQATMhtd6qucqZR kGdgUr69oXFoNDya8cOryuLWlJBq2B88cy9sVBBB4OcnXQfD1bqKe19S3WLV8ZPu uvM92ezxd5QWlsHYtzuihZ6yWDPuMzzPw1n1D76zbaNgG9xNpfp8KCBgc7YQoxoF Ef6Quuf6R/LZY9oC06OY+iUdy2s0n/O1uJe1v9gHfH0uIC8umrvIlJ3Ws69ZMt7c iz1UlW6ga5Ma+ndgYxqOXA7TZRHa4hTrUGvZYR7Dm6sgQJ9h3SGf9+R87c/T0vvn 8kGFViO48EPS5g55cNAybzG8sV8vMHDiv6jJHO4JkD8GhVytSFzW2CiQRY+34cll EO06kOFh+T1El2YYrYxgH0KI2xX16KrjwETgXS3HFja+9U/gfXOJS+A1kkwGO8eP Od+K11PVkA2pFepz5ePHkOPHHRjiq1LiW616Al/VKfqntzBvWbXp6SfxAzwzNMi7 8ISEpjoJCw14IXPeMAdzkR0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303792715780357908822367129325459673512310 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-06 23:03:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-06 23:03:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.terni.co' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 766100856997856440498189425803789405583979869286606510616547962402368783516474948650286266581092526529555495768692260640248383759234904898940615409270297821011850812410287392070201595919840759821041259842857801969293059190620525885755288157602179867362113138192122876830548069782378333195700082535520951415473970907491083797726517428528270000185927390415712145904413863233000550240823326385278545182471917834928691394050463261279320340326746610487896756849703875734903207699317096171517021123453618355273910424407676281980039260555294754939954315167950009077497163598383252862064600591811709962706882048358130517180635217728107827071014932978515771571971814320933305852919887026480082584613297665396288203546220116116488882082408909987974029854124689033194008308965229591899467916671792502691895495142901500447232008173857721239834602817968762237528138477680357419602604508522322038928297304170672401308555728691936835168702057011837722607248477895623278690514947450521078784759844907024439222786312946823989343450768947167212335625420433539640877648321595234679304280387010078243376968933351161221709347855428717180024347445288492841100626608675864620983719752150125048871724409833251057954595162239113039285437926667572211487052061 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 37a187c1a42a484c2e19e93ad7f2badecc316437 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.terni.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001701cf592db000004030046304402200db1e226be3e75e3420969cfd073a43eaabdd015505d269f29650925394d8b7002207d8d781ae643dd208a8d0b1ea2cd24a3bb198c084cbe6fcc7574f2041705bfc8007500e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001701cf592e6000004030046304402202e1f6aa805ac14f9c9b388d1457320fc6062d6a1f51c417963c59068866ac97a02204d9c9754eb9b1b278c04da1531a3a1c4444545dd37c23aff8c87655ab272181e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00733c16ede3eeb86b22bd20a55bf34c434525ff063ea4537a5b117bc4b3470f1e4854f467a5b85295a1289f3a39b82f227341e21d83e4be52c583fd763ddb786070504a9504d1f456e42c46eb6bb7f4021748cbea3b06f5666c76815b8efba078eee7a8576d7fbc7b691c7152a3dee6af13c4cde2747a87c4f266421b41ba57f62e24add71be368235644a6f409aa426a0435da970759c7b5bcfc2960a42f6981bcfb6bf134320c2b6513fa79fb03e450a82ba19c66e625edb49355980d82f71410aed2493bdaa0e8d2d0f6ed74124a71dd3ad15316158c61b0eba33607f5daf7c080db7423c4b263d7082e2edc4142110634e830b7fcd27134617ab19da1365a