kzw.net
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:98:40:53:fc:56:aa:cd:ad:4c:7c:e2:6d:38:cf:df:23:02 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kzw.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:98:40:53:fc:56:aa:cd:ad:4c:7c:e2:6d:38:cf:df:23:02Serial Number (int): 313145284237666582589154333009842913878786
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f8:05:7a:e5:6e:e1:34:11:c0:3b:56:26:be:32:3a:82:c8:86:34:aa
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 3e:cc:df:77:de:30:10:c4:6a:1b:dc:21:3e:75:0a:e0:a2:9c:0d:ee
Fingerprint (sha256): 19:ef:42:f4:4e:ef:b8:f1:b4:9f:28:fa:bc:f4:83:b4:ae:b7:94:c7:80:0b:47:1e:5b:47:f3:28:36:9d:75:8c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate kzw.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kzw.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kzw.net
Other certificates including the domain name kzw.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for kzw.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRzCCBS+gAwIBAgISA5hAU/xWqs2tTHzibTjP3yMCMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDUxMjUxNTZaFw0y MDA1MDUxMjUxNTZaMBIxEDAOBgNVBAMTB2t6dy5uZXQwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQCmZ9fSw2PNPvVWSkUnxUQ0/lF8TNdN5MnRMdu2NGLU DVViXZUQWhpZBNNTS/k8V2ikhAEfvnzjBP1XtpZoQKXr1sWzL0APhRzgm9c5+dir aS6JPohuQq+udofSYm3dLPRS0WNzzB1qEFsOP7oKp0f4CHYphT4dph7R2eL7rZIa z3AFvlZ0cwy9nCaOX3YLP77hE94zCrNsErdDmEPCoJmF9OAWPp/j62M2OJd9A+wk c5ZIUOfQd9RJF2szvKjRnBdZQuuwB6s7ZJ2LFDpF6IhqOnZyCkUaJhTb96L2UOlm rEhbOntWFD8YWZBQvMxS/xPdY7yYH3RgRPTxYrffLZ6E+FmvaOe7YFSeglE+thBW 5iMptcY5bB1Huain9gWG8kSeK4sQolZWqhYqJ/awUm79rN4ztKOzrTg4gS6/Ow7S p2QRJswitHmnztKP+XAjS4nxnyRcnOajQutmf6ZKxRSJnubUioOP/dOWjrua5leK WTfaglbbRtBPCbpX5I2WWjtowGDcj4MgCFyl7wP+0sXGnI2jcJyYvmheYlOl6vtt uMcKcjZUr1p4OoRI6JKfIVzEVx04LyA0hocqPFOpit1oR7/U9zQUI57SrWcVFgGb ajpdUCenXbYKY0h5QD3klkR/EcRpm2Te78QE0iWADGQ3Wb2V8sYFiPgeICHjNUdN QQIDAQABo4ICXTCCAlkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT4BXrlbuE0EcA7 Via+MjqCyIY0qjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggr BgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRz ZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz ZW5jcnlwdC5vcmcvMBIGA1UdEQQLMAmCB2t6dy5uZXQwTAYDVR0gBEUwQzAIBgZn gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s ZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgBvU3asMfAx GdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXAVnyU3AAAEAwBHMEUCIQCilPiN SPlWR9HKEsUFLUm3dF35xfCqu/U7OoF7YsaSCwIgPYU6SWGletr8ux0AZ53ujBUc hURip56lUyXnD/7xf+AAdwAHt1wb5X1o//Gwxh0jFce65ld8V5S3au68YToaadOi HAAAAXAVnyVTAAAEAwBIMEYCIQChusa4l3x/diuHu7aHMW1EvpF4qjlLpZlGD1WC +dri2wIhAP7pTMWIlZhBsfdCV4AcmUnuPlHNxrfI7G2jOK/Nih5/MA0GCSqGSIb3 DQEBCwUAA4IBAQCRwQGounQrImgKXebOctP6h3MJu4FiyCtcenorh9voQnHF0TE7 oMb2zi7XXkNnuHzSU+b5QXiOewFPK72Ca1zTqiflAb1gHh3o3XJRHi7/jCRmPe9H DkVkMIJ1YT2TqwQ5UUiPS+jKtGqdzrhZiPchCGcv83yIfpJvQEkLvPwsKEYSz8w6 4+8GhGxr+w4KEm9/WmhrJzFeJIUJAicUaWP1WTXkbfgL1zaDcxScMLKD6hHBR9XS rAbl20bDQEzruUjkeGobBcRcWDljF0Q2OuhAO5lhIOu8hjjezvm9zcWdPBcejM2E PrNGgh+rrwTlOBfZUkLMZjhQTJ4QuPX0kZkz -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApmfX0sNjzT71VkpFJ8VE NP5RfEzXTeTJ0THbtjRi1A1VYl2VEFoaWQTTU0v5PFdopIQBH7584wT9V7aWaECl 69bFsy9AD4Uc4JvXOfnYq2kuiT6IbkKvrnaH0mJt3Sz0UtFjc8wdahBbDj+6CqdH +Ah2KYU+HaYe0dni+62SGs9wBb5WdHMMvZwmjl92Cz++4RPeMwqzbBK3Q5hDwqCZ hfTgFj6f4+tjNjiXfQPsJHOWSFDn0HfUSRdrM7yo0ZwXWULrsAerO2SdixQ6ReiI ajp2cgpFGiYU2/ei9lDpZqxIWzp7VhQ/GFmQULzMUv8T3WO8mB90YET08WK33y2e hPhZr2jnu2BUnoJRPrYQVuYjKbXGOWwdR7mop/YFhvJEniuLEKJWVqoWKif2sFJu /azeM7Sjs604OIEuvzsO0qdkESbMIrR5p87Sj/lwI0uJ8Z8kXJzmo0LrZn+mSsUU iZ7m1IqDj/3Tlo67muZXilk32oJW20bQTwm6V+SNllo7aMBg3I+DIAhcpe8D/tLF xpyNo3CcmL5oXmJTper7bbjHCnI2VK9aeDqESOiSnyFcxFcdOC8gNIaHKjxTqYrd aEe/1Pc0FCOe0q1nFRYBm2o6XVAnp122CmNIeUA95JZEfxHEaZtk3u/EBNIlgAxk N1m9lfLGBYj4HiAh4zVHTUECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 313145284237666582589154333009842913878786 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-05 12:51:56 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-05 12:51:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kzw.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 678875769676813268844280822289101473259741444707304946176095129048524761234045879348362261192801725968154665112165312530680793206860828309972110946928416893749378465699321281742895753478735269815368663385179031207801446090714578222788232074926670873974449977794181449130342090271626952238538018705674889189573888522582637199543746529855459121350781948185515515177345286424849104798035280082314229937979884973917247585085543513333015493679847431103339346648803798022597900473462886575210121234417807794616828405158837097569653632208522091198107891756071541512599886863193035242610024402436147152636491190631921732906638824215346953615745268652460438514198290805898248392873528239517969700945300148245230888700367036055386181517173298500674100478940309526315783634344966343589015464444039973111011496781809923273524111188281139873777052349611819240562546313244356640520702220671007408735704264923606158392078331705046079386829775471340261328342208012776904397599720052401507624144699934281138255944834615050265800397193759862165042924850274199392310126522556224566143635238342111618776892856154313048705121271427899945501669068083967135410583746730317064331258903875931381926936318014630716525945654591138630651869796813544811766697281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f8057ae56ee13411c03b5626be323a82c88634aa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (11 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kzw.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000170159f25370000040300473045022100a294f88d48f95647d1ca12c5052d49b7745df9c5f0aabbf53b3a817b62c6920b02203d853a4961a57adafcbb1d00679dee8c151c854462a79ea55325e70ffef17fe000770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000170159f25530000040300483046022100a1bac6b8977c7f762b87bbb687316d44be9178aa394ba599460f5582f9dae2db022100fee94cc588959841b1f74257801c9949ee3e51cdc6b7c8ec6da338afcd8a1e7f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0091c101a8ba742b22680a5de6ce72d3fa877309bb8162c82b5c7a7a2b87dbe84271c5d1313ba0c6f6ce2ed75e4367b87cd253e6f941788e7b014f2bbd826b5cd3aa27e501bd601e1de8dd72511e2eff8c24663def470e4564308275613d93ab043951488f4be8cab46a9dceb85988f72108672ff37c887e926f40490bbcfc2c284612cfcc3ae3ef06846c6bfb0e0a126f7f5a686b27315e2485090227146963f55935e46df80bd7368373149c30b283ea11c147d5d2ac06e5db46c3404cebb948e4786a1b05c45c5839631744363ae8403b996120ebbc8638decef9bdcdc59d3c171e8ccd843eb346821fabaf04e53817d95242cc6638504c9e10b8f5f4919933