festipalvelu.fi
Issued by R3
About this certificate
This digital certificate with serial number 04:26:9d:10:4e:48:b4:34:5d:21:c4:a9:05:53:9d:3a:32:58 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=festipalvelu.fi
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:26:9d:10:4e:48:b4:34:5d:21:c4:a9:05:53:9d:3a:32:58Serial Number (int): 361588647129912763938962571061520028545624
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 7d:b4:8b:eb:34:61:4a:a5:84:bf:2d:22:11:ce:d4:2b:d0:05:f5:56
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5a:4d:04:42:93:b7:e5:f7:48:8f:f7:e2:c2:fd:54:d1:c3:7c:f3:07
Fingerprint (sha256): 27:6c:38:c2:84:10:7b:e9:50:af:a0:1a:c5:17:4f:71:10:e9:52:75:ed:4a:eb:d8:2f:21:e0:c9:f2:c0:26:b4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate festipalvelu.fi
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for festipalvelu.fi
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
festipalvelu.fi
Other certificates including the domain name festipalvelu.fi
(limited to 100 certificates)
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
karemajat.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
karemajat.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
karemajat.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
karemajat.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
karemajat.fi
karemajat.fi
festipalvelu.fi
festipalvelu.fi
karemajat.fi
festipalvelu.fi
Certificate
The complete raw certificate details for festipalvelu.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7DCCBNSgAwIBAgISBCadEE5ItDRdIcSpBVOdOjJYMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjExNTE2NDdaFw0yNDAxMTkxNTE2NDZaMBoxGDAWBgNVBAMT D2Zlc3RpcGFsdmVsdS5maTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB AL3wRQfB1e0lXxtJgcyzk3jjnV2/m62ZhT9nZIN4kVUH4DetunqTddDz/MJAvxLo OIEm3b3jJNu8SnUg5gGfUcWrNj7S6lHTMapkAKJLCL6imzie2h3UFCSgNrb4cMjA 7nJeVFUjqnOFnGXic7E9gddn6Ec5H51MPCEn0l4iHOgx7oWfAr+4+Uh88nmIND3d WaKxs8X9fkRRxHgwN4IdQDuVwqoW8fRjs8ToHnuDHaLIBWRj93miZgFoENcjAV2V ur2rCiTKSRQrXp9caJ0NoU+0x7a+KFxVjWlf1i4Yd4EeDAv5Qk3r7kCaj+YU8WZ1 8dqrQ3D/qg0TJiy3q5Yh9c2TBfvWqI5Ln1UlG1XFtYtAqtQctaGFwDUkCIuws9pA Qs0qc7LAGFNvP5Ug0eRVyYpRKai7hWKb6pgptRMRK6Be/vKx6TNGGJy+gde2SXct QqiiQjk68dED+24v7V4bjWKNLWGNa5WSsRA3Ne6ZR3kVC1le3+0lzUSF0Zq3ze35 6abI0oFSOwB+iNG6vTT24iVZdFl2HutG3n1k/Gh8NAN9XLKj2gwztZT6x3BzYG9o +9LkgCkga/s4uz41C7zRpNWj0LXBjg2S65rRFv4MZeADoTRcPQxrDT/lW+3saOGS UwxE7hjxb18Ga4tc9a7PtHqqx2M9SZv3UjmcGAeR+7gDAgMBAAGjggISMIICDjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFH20i+s0YUqlhL8tIhHO1CvQBfVWMB8GA1Ud IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw Oi8vcjMuaS5sZW5jci5vcmcvMBoGA1UdEQQTMBGCD2Zlc3RpcGFsdmVsdS5maTAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ADtT d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABi1MGXWsAAAQDAEgwRgIh AJUTJw5/1Wy6u7gqX6fdrDAPhuTi7UzkFJxXzqX3PNoXAiEApb0epp5lUUsqSynz jUOsIVCA7wpQjcd6h3KFO0yplZIAdgDuzdBk1dsazsVct520zROiModGfLzs3sNR SFlGcR+1mwAAAYtTBl2eAAAEAwBHMEUCIHMlsdLHEg/WKQYnP4bWKThAVO3fl0jC w1HB19KZFrfyAiEAnHFyjNa7sshaOT4ss2Aa3bxZrTWHSHFTG7RgNI1HyHYwDQYJ KoZIhvcNAQELBQADggEBAFTKn9KhBOmiN3QmnjNxeOywUqjP/+uFuxCnr5yJxWQC nzYf9C9qMWiCB7auxlHUAn4/aBXquvLEYK+7bx+tKMs3NDFu6W1bRCTg1alMIyHS XQNx6D5LJeQg8koNZ/b4j6vaMmyKacJVQsZQ1ZgykX2oPmjLiaQAI8q+BO2Dd3iH 8Fi1/G+NtejeFiRlSwwjAH1dPNSU1mL2Tuig7qJeSN7nR9NorXNO3Mx96NjZbruh Lyc7k+L+jDhi3AwqUA+EAmvBYm4/i8DSy/ueGay3xo0pd7Wr4pLd1K1tD2zzmwFj NBBHELsTNYPURRLfPVt7Rq7yGJIWOTESvywErvrk+a0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvfBFB8HV7SVfG0mBzLOT eOOdXb+brZmFP2dkg3iRVQfgN626epN10PP8wkC/Eug4gSbdveMk27xKdSDmAZ9R xas2PtLqUdMxqmQAoksIvqKbOJ7aHdQUJKA2tvhwyMDucl5UVSOqc4WcZeJzsT2B 12foRzkfnUw8ISfSXiIc6DHuhZ8Cv7j5SHzyeYg0Pd1ZorGzxf1+RFHEeDA3gh1A O5XCqhbx9GOzxOgee4MdosgFZGP3eaJmAWgQ1yMBXZW6vasKJMpJFCten1xonQ2h T7THtr4oXFWNaV/WLhh3gR4MC/lCTevuQJqP5hTxZnXx2qtDcP+qDRMmLLerliH1 zZMF+9aojkufVSUbVcW1i0Cq1By1oYXANSQIi7Cz2kBCzSpzssAYU28/lSDR5FXJ ilEpqLuFYpvqmCm1ExEroF7+8rHpM0YYnL6B17ZJdy1CqKJCOTrx0QP7bi/tXhuN Yo0tYY1rlZKxEDc17plHeRULWV7f7SXNRIXRmrfN7fnppsjSgVI7AH6I0bq9NPbi JVl0WXYe60befWT8aHw0A31csqPaDDO1lPrHcHNgb2j70uSAKSBr+zi7PjULvNGk 1aPQtcGODZLrmtEW/gxl4AOhNFw9DGsNP+Vb7exo4ZJTDETuGPFvXwZri1z1rs+0 eqrHYz1Jm/dSOZwYB5H7uAMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 361588647129912763938962571061520028545624 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-21 15:16:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-19 15:16:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'festipalvelu.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 774881692335402535651839266427400882601408924581758571567393542379193385961104861013968058268397824044302083688071017061370039838352586894182981535057703476668662666998745554079842551905707499192902739183845388324308143793133954092694336667529909602745768540771210825069922483684018248290697804145889835970159339246217556169466276532815379873530887952507824991596014834450889813819255211449916890342969643786276653965616823002592643946102850163260887844294969714240186769088119289710801597980762355460364330389526828430601331925888795709656924312893384608100113896943981435304816832759252839808466150354269556028595272835819066337939363954647932682915443627411434178069376677321883126494112765860725108797414273138964694923659931366357571094385067039085010440720861584811747420676940378845873954962446956201505434101475102164159337569184808580295666385621267054148561722516652088021814343663280354377041126256310747200244285654761840187912434578098079472918124247917148661993492863234031522034555589060104501831839470781284674230083839675265714428825783068349480111256659710136528851069898308311222895760364326573509671963342633492717781765561223461721176821133841517587511530705217188489620838061218657690853198582053447371088181251 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7db48beb34614aa584bf2d2211ced42bd005f556 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'festipalvelu.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b53065d6b00000403004830460221009513270e7fd56cbabbb82a5fa7ddac300f86e4e2ed4ce4149c57cea5f73cda17022100a5bd1ea69e65514b2a4b29f38d43ac215080ef0a508dc77a8772853b4ca99592007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b53065d9e000004030047304502207325b1d2c7120fd62906273f86d629384054eddf9748c2c351c1d7d29916b7f20221009c71728cd6bbb2c85a393e2cb3601addbc59ad35874871531bb460348d47c876 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0054ca9fd2a104e9a23774269e337178ecb052a8cfffeb85bb10a7af9c89c564029f361ff42f6a31688207b6aec651d4027e3f6815eabaf2c460afbb6f1fad28cb3734316ee96d5b4424e0d5a94c2321d25d0371e83e4b25e420f24a0d67f6f88fabda326c8a69c25542c650d59832917da83e68cb89a40023cabe04ed83777887f058b5fc6f8db5e8de1624654b0c23007d5d3cd494d662f64ee8a0eea25e48dee747d368ad734edccc7de8d8d96ebba12f273b93e2fe8c3862dc0c2a500f84026bc1626e3f8bc0d2cbfb9e19acb7c68d2977b5abe292ddd4ad6d0f6cf39b016334104710bb133583d44512df3d5b7b46aef2189216393112bf2c04aefae4f9ad