*.kavtivi.com

Issued by R3

About this certificate

This digital certificate with serial number 03:da:b8:c4:de:64:ec:00:48:17:38:ed:60:3a:65:d8:bc:5f was issued on by Let's Encrypt.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.kavtivi.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:da:b8:c4:de:64:ec:00:48:17:38:ed:60:3a:65:d8:bc:5f
Serial Number (int): 335764013936144809386570724636908108430431
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: bb:8f:0c:ee:92:d7:84:10:48:37:7e:77:a4:20:a7:e2:9c:95:b2:21
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 2f:3c:d3:e4:c1:00:96:f0:73:00:2b:fe:7c:89:23:88:5d:ae:5a:dd
Fingerprint (sha256): 23:d0:41:25:1e:93:aa:d9:c5:b6:a3:88:86:f8:1e:41:e3:18:e4:a9:bf:f2:f3:c3:a4:4c:7b:3c:51:c8:c3:1f

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate *.kavtivi.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.kavtivi.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.amirlevieldarnew.tempurl.co.il
*.kavtivi.com
*.lielwatertherapy.com
kavtivi.com
lielwatertherapy.com
www.kavtivi.amirlevieldarnew.tempurl.co.il
www.lielwatertherapy.amirlevieldarnew.tempurl.co.il

Other certificates including the domain name kavtivi.com

(limited to 100 certificates)
*.kavtivi.com
*.kavtivi.com
kavtivi.com
*.kavtivi.com
amirlevieldar.com
kavtivi.com
kavtivi.com

Certificate

The complete raw certificate details for *.kavtivi.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISA9q4xN5k7ABIFzjtYDpl2LxfMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMjkwMzI4MjdaFw0yNDA2MjcwMzI4MjZaMBgxFjAUBgNVBAMM
DSoua2F2dGl2aS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
JsmxOpUw08u+vPrcHqdFWjFZ0UwU0M9zgRY6bWVQONpFd8Um2iYVvnmOHIm4PsfC
MRXk3QFmZ6/2lA28qFsbfvRUsOVHQYN1JoL9XMOEj4FOL+KdrlcxBNnr9Q+C64U2
2DNW8P5YT2ocLZWRpTjGxMgzdtTvwuRjgt0tkAjP/XZ8nmvOd6+feiXjAqhCTlWF
grmMI5gu7AYgZhRwv6TtP6JBq9WMuZE7gTQpHbJ3HQ1sNgGkCwFOan7k9BGrjIxM
Yz2jMS7usLycc+CjDkvnLqViyNNlcY/cp5fb0wV/57laJiSZdUyDtaF8bw5BDgr0
drAWDS12RUF/5d4zRnzDAgMBAAGjggLRMIICzTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFLuPDO6S14QQSDd+d6Qgp+KclbIhMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MIHYBgNVHREEgdAwgc2CICouYW1pcmxldmllbGRhcm5ldy50ZW1wdXJsLmNvLmls
gg0qLmthdnRpdmkuY29tghYqLmxpZWx3YXRlcnRoZXJhcHkuY29tggtrYXZ0aXZp
LmNvbYIUbGllbHdhdGVydGhlcmFweS5jb22CKnd3dy5rYXZ0aXZpLmFtaXJsZXZp
ZWxkYXJuZXcudGVtcHVybC5jby5pbIIzd3d3LmxpZWx3YXRlcnRoZXJhcHkuYW1p
cmxldmllbGRhcm5ldy50ZW1wdXJsLmNvLmlsMBMGA1UdIAQMMAowCAYGZ4EMAQIB
MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAouK/1h7eLy8HoNZObTen3GVDsMa1
LqLat4r4mm31F9gAAAGOiHdbhgAABAMASDBGAiEAh9/9y6c498QD+zWLNozmVXqJ
09DnmaWYwCLb5xjXCX0CIQDI2NTaPxqeqQlORoA2RfB+OjdoxHUnTHjiFF4mNhqQ
aQB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjoh3W2AAAAQD
AEcwRQIgG4moGgRTeiM2iQ0pvqWQYHNExQtIQtvQpUjZijoHHJQCIQCQE4iAGAKH
e0ymrOqJ9t2vIDzSKnDT9TwrlyN1FxEJVDANBgkqhkiG9w0BAQsFAAOCAQEAQH8m
/F5DD4E7R0RIi74Lu0s+KZzh4FW8rVOfxngqcfE13UWISeVwIB7ccd1MtY7LBuL8
CtXGwNp62CtxiwrIavDt/Jqtel+c1JhrVdvVGt9ytbvy7kk83zzITonPbRX0oN9g
q++ThoM4H+E6XtBjpMmQUULtRVZuKEEKlL51v4XqBjYyn55SU1S+WzrlRgHewQWh
aX9SAdnEhKKLU6sc+Kb3oIpsklqNEl9gv5oq/yeURGN8VKMege7+ShIQ3FE1M0qg
a9NXcBnR/Cqs50enNOJ1SWUq+6ldGXR4AA3Ha2IHsgyDnW9EUQwXAorknXrFIb9o
QyErs2IkK3gZPuAfqA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtybJsTqVMNPLvrz63B6n
RVoxWdFMFNDPc4EWOm1lUDjaRXfFJtomFb55jhyJuD7HwjEV5N0BZmev9pQNvKhb
G370VLDlR0GDdSaC/VzDhI+BTi/ina5XMQTZ6/UPguuFNtgzVvD+WE9qHC2VkaU4
xsTIM3bU78LkY4LdLZAIz/12fJ5rznevn3ol4wKoQk5VhYK5jCOYLuwGIGYUcL+k
7T+iQavVjLmRO4E0KR2ydx0NbDYBpAsBTmp+5PQRq4yMTGM9ozEu7rC8nHPgow5L
5y6lYsjTZXGP3KeX29MFf+e5WiYkmXVMg7WhfG8OQQ4K9HawFg0tdkVBf+XeM0Z8
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 335764013936144809386570724636908108430431
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-29 03:28:27 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-27 03:28:26 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.kavtivi.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23120736815697995160882003588544210140090163057217244247966848929333626111765685523227617177622541384942954135426479797972965362933274228547270185414031629293278082472016926873445474745456149499373168969477719802642164423745954226882117342590911769304431207346758677698977625839473472551843947611872733973134107727054329553740972028114830235707203686136656624910035280875127542454951271292573791089957339214788139160256651584661084671100297502419276895159541365146873891628370469126953953134629665552827470760377368411083482557326315404480931752090550469205987209073613095933856832889876228958465941027813565743398083
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bb8f0cee92d7841048377e77a420a7e29c95b221
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (208 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.amirlevieldarnew.tempurl.co.il'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kavtivi.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lielwatertherapy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kavtivi.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lielwatertherapy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kavtivi.amirlevieldarnew.tempurl.co.il'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lielwatertherapy.amirlevieldarnew.tempurl.co.il'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e88775b86000004030048304602210087dffdcba738f7c403fb358b368ce6557a89d3d0e799a598c022dbe718d7097d022100c8d8d4da3f1a9ea9094e46803645f07e3a3768c475274c78e2145e26361a906900760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e88775b60000004030047304502201b89a81a04537a2336890d29bea590607344c50b4842dbd0a548d98a3a071c94022100901388801802877b4ca6acea89f6ddaf203cd22a70d3f53c2b97237517110954
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00407f26fc5e430f813b4744488bbe0bbb4b3e299ce1e055bcad539fc6782a71f135dd458849e570201edc71dd4cb58ecb06e2fc0ad5c6c0da7ad82b718b0ac86af0edfc9aad7a5f9cd4986b55dbd51adf72b5bbf2ee493cdf3cc84e89cf6d15f4a0df60abef938683381fe13a5ed063a4c9905142ed45566e28410a94be75bf85ea0636329f9e525354be5b3ae54601dec105a1697f5201d9c484a28b53ab1cf8a6f7a08a6c925a8d125f60bf9a2aff279444637c54a31e81eefe4a1210dc5135334aa06bd3577019d1fc2aace747a734e27549652afba95d197478000dc76b6207b20c839d6f44510c17028ae49d7ac521bf6843212bb362242b78193ee01fa8