lomazzo.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:66:ab:5a:80:19:c5:47:b3:56:56:e8:a3:76:a0:b6:bf:12 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=lomazzo.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:66:ab:5a:80:19:c5:47:b3:56:56:e8:a3:76:a0:b6:bf:12Serial Number (int): 383385713045163387166347629901462795370258
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: c2:8e:4d:3c:36:04:53:0f:86:be:df:61:11:7d:55:aa:5f:c4:ee:16
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 90:b2:34:a7:12:c6:bc:98:32:8f:b7:05:de:11:c0:70:e6:ff:16:82
Fingerprint (sha256): 27:ce:74:dc:eb:f4:eb:d5:3a:ca:e9:dd:6f:30:5b:28:67:7f:54:ac:17:16:74:90:3b:56:ab:a7:c2:18:6e:1b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate lomazzo.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lomazzo.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lomazzo.org
Other certificates including the domain name lomazzo.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for lomazzo.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISBGarWoAZxUezVlboo3agtr8SMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDIyMjU0NTBaFw0y MDAzMDEyMjU0NTBaMBYxFDASBgNVBAMTC2xvbWF6em8ub3JnMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAyxlKoBps/gZW1Yqe2xGf0ovAb/5DQbi08n1V 714Evwln84pS2pPPtuNl8NgKOtPr6/fPmWh90jbE3WZeNtU9WPxxs3PnbcalDRz/ 5Uz3s088uSTMYa4APTZpdSnjf6TRq4snOCyVnKsQ37GbtkFDMHkFNu2z7spRzFOd FKG1dTmPsoFZI8KppwWo0S9RCDY+KzOmc44Q79fg6Ph4+vgzADYqLJ0hb13q1X37 CfD3+o8+Gs4ihV1jH38sFWZhTFpDt9yfEFMe7QF2WqNod7SaiCIEjJC1PkZTNRxL l1uHcGPQ2QHMW7tiKjf2t8DVApHLmX265rtmWclBrRLJwP3cYfdtQOW1pHdfTuxv d7FtsZiJyQSwQOwalh8bfXASnHmTLp1RjSt9bS2mDSF5yX6cVqmhJ4l7RRreo8Qb boQDTuF8pNdqVhRwL7o5Yq/RZHvS+Rgt5pxrJcejZh50oOrgWrUN2sfVL9wjurX2 4RntW8T57otNWA3QPHp9YaqKEjk6pT7fRbPq/sK8Z4UNPmCmUUosaeVwtXNycvz4 keUQfoFuB6IlWYXpOWvicsHZD5lvvMc6EZ6RqzqC6nLABdMZFy14VPihRDjnRDS7 MWeSvi7bbCMn5IyGGv9SYbOhz4i4zGecrQvo3NUNOKrXIksx/4uqjK0nglNcHUDm XNsbty0CAwEAAaOCAmEwggJdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUwo5NPDYE Uw+Gvt9hEX1Vql/E7hYwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAWBgNVHREEDzANggtsb21henpvLm9yZzBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3 AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbskJwccAAAQDAEgw RgIhAPWG7ph+uBnhF7iDkPZ/qG6hTixWv0cSBtllbOZvoFeAAiEA7ificaFz6HUf x7oRDPX6xvUClWOV0tMf9vGBKpxzDeAAdgAHt1wb5X1o//Gwxh0jFce65ld8V5S3 au68YToaadOiHAAAAW7JCcHrAAAEAwBHMEUCIHuuUA9mKT7NvgBDrp2bAVpkGvOY 1xBLSpMhsaLo8iDMAiEA8QLw20THfJ9/vwOivV2ZV36K8GkIpmWhf6pOoq3AGYww DQYJKoZIhvcNAQELBQADggEBAEpsLxdEVoqRIXgUyeRyItYZHwlSqQf7AnliMH8J zvD1LlEuYkyQdiavSRQqWgMU5JhfBFcho+NotcZPgvmE/bVx8IkRyILpJHIEz/Yd Pb0bPNS3XJ8uHuY0jTaGojPlrIt/N6rhTM6xwi8aijts6enlH45L3iVO/bNmrQMu vQK8O+b7o8rftQISzk/8WTJcOyyqzjfuMvtExKC/3j7r3DM6lhc2KW3Q4PjyS/du CKQSkEhhncyTYH/+MjfFOJZAA8JjMuOBScmLW5s8WuYfPLeb4lbog+M477Xxkms+ qIPXRyDMYnOOqTU27ciPMmJ3TU1G5xvh0CRasqEEW2mF5jY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyxlKoBps/gZW1Yqe2xGf 0ovAb/5DQbi08n1V714Evwln84pS2pPPtuNl8NgKOtPr6/fPmWh90jbE3WZeNtU9 WPxxs3PnbcalDRz/5Uz3s088uSTMYa4APTZpdSnjf6TRq4snOCyVnKsQ37GbtkFD MHkFNu2z7spRzFOdFKG1dTmPsoFZI8KppwWo0S9RCDY+KzOmc44Q79fg6Ph4+vgz ADYqLJ0hb13q1X37CfD3+o8+Gs4ihV1jH38sFWZhTFpDt9yfEFMe7QF2WqNod7Sa iCIEjJC1PkZTNRxLl1uHcGPQ2QHMW7tiKjf2t8DVApHLmX265rtmWclBrRLJwP3c YfdtQOW1pHdfTuxvd7FtsZiJyQSwQOwalh8bfXASnHmTLp1RjSt9bS2mDSF5yX6c VqmhJ4l7RRreo8QbboQDTuF8pNdqVhRwL7o5Yq/RZHvS+Rgt5pxrJcejZh50oOrg WrUN2sfVL9wjurX24RntW8T57otNWA3QPHp9YaqKEjk6pT7fRbPq/sK8Z4UNPmCm UUosaeVwtXNycvz4keUQfoFuB6IlWYXpOWvicsHZD5lvvMc6EZ6RqzqC6nLABdMZ Fy14VPihRDjnRDS7MWeSvi7bbCMn5IyGGv9SYbOhz4i4zGecrQvo3NUNOKrXIksx /4uqjK0nglNcHUDmXNsbty0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 383385713045163387166347629901462795370258 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 22:54:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-01 22:54:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lomazzo.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 828570794012414987285470901026190951868772941736119350725666558428960370413302707460408192684984128920448693057332575265344024351215158866287997516160533222450534497859868834603916051292547828202250288346141094444021726207638377081724163968158489465239814616491178258442923245848081157123321885471598052036310240298436937058533388891419946283490095769984093733137838889460282268559038999076888332754649829539910457655095390767716490875238502837614477795604254133203704462348605454509335848869313809841275945131417581031824123672833158021697346410105986057631539906960895288478690428384546307621713727113963994606855750590804844487746723741784866159615427536006243910378941761566288068822337005564582422137861530363586705779269546695085486763641862001779195682629356005883065526271021056240409444977025386417642148323326895730995131657913841989198740907875209652489076065185421858909594160281784807514027646363999376584733201723147601898455302226668910159202327270340658515021907725984138047134943386498064181546408437813603244589790485232860018322445499595674769484400230033640106417607820839802034758936247521482475550471488251989010185880215287679663802858274225199995172289888798509951450432728604068184280604307541288552230532909 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c28e4d3c3604530f86bedf61117d55aa5fc4ee16 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lomazzo.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016ec909c1c70000040300483046022100f586ee987eb819e117b88390f67fa86ea14e2c56bf471206d9656ce66fa05780022100ee27e271a173e8751fc7ba110cf5fac6f502956395d2d31ff6f1812a9c730de000760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ec909c1eb000004030047304502207bae500f66293ecdbe0043ae9d9b015a641af398d7104b4a9321b1a2e8f220cc022100f102f0db44c77c9f7fbf03a2bd5d99577e8af06908a665a17faa4ea2adc0198c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004a6c2f1744568a91217814c9e47222d6191f0952a907fb027962307f09cef0f52e512e624c907626af49142a5a0314e4985f045721a3e368b5c64f82f984fdb571f08911c882e9247204cff61d3dbd1b3cd4b75c9f2e1ee6348d3686a233e5ac8b7f37aae14cceb1c22f1a8a3b6ce9e9e51f8e4bde254efdb366ad032ebd02bc3be6fba3cadfb50212ce4ffc59325c3b2caace37ee32fb44c4a0bfde3eebdc333a961736296dd0e0f8f24bf76e08a4129048619dcc93607ffe3237c538964003c26332e38149c98b5b9b3c5ae61f3cb79be256e883e338efb5f1926b3ea883d74720cc62738ea93536edc88f3262774d4d46e71be1d0245ab2a1045b6985e636