benati.com
Issued by R3
About this certificate
This digital certificate with serial number 03:e7:91:e0:9f:e3:30:99:d8:21:e5:fd:6e:0c:c7:9f:ae:2f was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=benati.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e7:91:e0:9f:e3:30:99:d8:21:e5:fd:6e:0c:c7:9f:ae:2fSerial Number (int): 340135988930805610741002978699645531696687
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 26:a0:61:5a:00:89:38:2d:66:22:42:80:7a:b8:f5:de:4d:11:68:cc
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 66:64:76:01:60:d2:43:ea:a4:7b:f2:fb:12:5b:52:11:60:04:9f:42
Fingerprint (sha256): 2c:b3:08:aa:49:3c:f9:33:83:89:1a:c7:6a:36:82:ad:53:74:47:a4:c6:38:8a:ff:a0:68:27:a8:5a:b0:3b:e4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate benati.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for benati.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
benati.com
Other certificates including the domain name benati.com
(limited to 100 certificates)
www.siouxcityphysician.com
www.amaretti.info
cellulareonline.com
benati.com
carrolibre.com
carrolibre.com
seoxidmeti.com
hydrogendetection.com
www.arildo.com
www.servermanagedhosting.com
2s.org
arxaia.com
www.mkyco.com
www.4dmanufacturing.com
forexdistributedledger.com
www.benati.com
amm.asia
www.growgoodgarden.com
www.thatone.pl
www.tennesseestemcell.com
benati.com
forexdistributedledger.com
www.diabeticlifecoach.com
www.thatone.pl
www.amaretti.info
cellulareonline.com
benati.com
carrolibre.com
carrolibre.com
seoxidmeti.com
hydrogendetection.com
www.arildo.com
www.servermanagedhosting.com
2s.org
arxaia.com
www.mkyco.com
www.4dmanufacturing.com
forexdistributedledger.com
www.benati.com
amm.asia
www.growgoodgarden.com
www.thatone.pl
www.tennesseestemcell.com
benati.com
forexdistributedledger.com
www.diabeticlifecoach.com
www.thatone.pl
Certificate
The complete raw certificate details for benati.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3zCCBMegAwIBAgISA+eR4J/jMJnYIeX9bgzHn64vMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjgxNzE1NTJaFw0yNDAxMjYxNzE1NTFaMBUxEzARBgNVBAMT CmJlbmF0aS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCiINd8 PQVd/LRa9Sy2tt27sp3Vmp1Nm7OYe4jN9Jca04+U8jc0Wdwd1pB8Dj8ouKbg+6xN a7WOZLvnGdXhSFBbdliwcXEscxamC56bUueWloL6dUufaG/buYpG4G7ikLEe95Rb gFk4FlfjTV2RzkccWS02AtEcCXP3E+f7CcO2XQahan+cfKnigTLjZfHRPQA/72O0 SEA8MKi240hDd4vplWtfIK0vj0WiRAnXjCV47qV9dn8184TbbuEdBM4f31K0iYNC O99fK3RbDVZ1VMSq4ONcVjJlxwMEBU8cMM3BU27JVMel/x66eP6WcRq8bgphXzJr ZeJDExQsSuWvNi42Q55AEi3QpLjI9CfNEWmZ1BgxfQ9ldlY7QIyCrXfTXFqO9ybU ktUlgXSJ8pqmJ7SEAnGOAtVZR8aZiPPovVLkYsA42CgmkV+VF5wJDro0W+t3IkDI Er+FY6wf7oy5Kz12qpDIyVjFaYomruFbZ+rUyCgkIaAs75GzgSezs6VBGp47okEc Mr/pf85rLgGCld1gmu6yrzLNf+z9vfCwF4tFX2S5i4p2BHk9l4o4sw2mj5ukzCU0 Ml67Uxir11o6KHO3DSN/ZslMS+ivGt7lzSVHauEJ8ytUnNjVmLpRWtFX1pBXB0n1 zzGU2vMPlUrQgb/EgW+kJfAbgEcEkJzzDA2f6QIDAQABo4ICCjCCAgYwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBQmoGFaAIk4LWYiQoB6uPXeTRFozDAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggpiZW5hdGkuY29tMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUAO1N3dT4tuYBOizBb Bv5AO2fYT8P0x70ADS1yb+H61BcAAAGLd3/nQQAABAMARjBEAiBV5HCmbk/FG5ey uiAfThQN/rtPxS0zwXA2AmpH7PLKwgIgaL6T4O92SxsuLAwq30HiT2lAJs0MHdF8 pHXDs0zqCQwAdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYt3 f+eGAAAEAwBGMEQCIEN9MbcvkWuE/nuqA+4XXzIWjJPoWGWhVyA2sqg4k8tdAiBs HCUZ9mVRmTVHT2H5MLCxJF8fp4qt5H2xzIb90t4d9jANBgkqhkiG9w0BAQsFAAOC AQEAFUaVaoAEN8GbDXstzirM0Xhj5rIbBxEDtbYwb9Suw6muTNvS2r+bfMZBHNxE kW6rmCdpXqSY4YSFjkpNw3BMTXH+Mg0NMsPWp+Mgoj7RLbkFU9IooRbQYhnZ7Y1E zTTzdn9tjfQKhlYiQyWxp1EDvyPf1AZxmGOLaYCuKXejW4Qgv3roQmvTaiuOOx20 FdtD2AVmCj5vvC+YPaGEAhQMEaK/+cyaeS8sRm4O8ibVy1lX20JOIYkzazZlePbB GM4e8HVpkZPPZbPfpH/PrbdSy5fahC7KBtiODaP1anYlPCXIdSG9m3rHlX/OgrmE +qAdjsqy6ROMPI3geHRXzyUxOA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoiDXfD0FXfy0WvUstrbd u7Kd1ZqdTZuzmHuIzfSXGtOPlPI3NFncHdaQfA4/KLim4PusTWu1jmS75xnV4UhQ W3ZYsHFxLHMWpguem1LnlpaC+nVLn2hv27mKRuBu4pCxHveUW4BZOBZX401dkc5H HFktNgLRHAlz9xPn+wnDtl0GoWp/nHyp4oEy42Xx0T0AP+9jtEhAPDCotuNIQ3eL 6ZVrXyCtL49FokQJ14wleO6lfXZ/NfOE227hHQTOH99StImDQjvfXyt0Ww1WdVTE quDjXFYyZccDBAVPHDDNwVNuyVTHpf8eunj+lnEavG4KYV8ya2XiQxMULErlrzYu NkOeQBIt0KS4yPQnzRFpmdQYMX0PZXZWO0CMgq1301xajvcm1JLVJYF0ifKapie0 hAJxjgLVWUfGmYjz6L1S5GLAONgoJpFflRecCQ66NFvrdyJAyBK/hWOsH+6MuSs9 dqqQyMlYxWmKJq7hW2fq1MgoJCGgLO+Rs4Ens7OlQRqeO6JBHDK/6X/Oay4BgpXd YJrusq8yzX/s/b3wsBeLRV9kuYuKdgR5PZeKOLMNpo+bpMwlNDJeu1MYq9daOihz tw0jf2bJTEvorxre5c0lR2rhCfMrVJzY1Zi6UVrRV9aQVwdJ9c8xlNrzD5VK0IG/ xIFvpCXwG4BHBJCc8wwNn+kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 340135988930805610741002978699645531696687 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-28 17:15:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-26 17:15:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'benati.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 661425708580357095969791535168092461506600750783989516767583928476764144907356801010636557075607661163185183039860458955903423925608993694704575232390244975433083484693431734904145451420813185319751863769949258357046353283773833991170063185687181696148311320814003043366784741186123733427477603611107567872237880199566783238632615144664069293648780815180918542856974061944056132856244010183458497375820259047003168023835843493660903894734710354315316558927776153175641864555521293800139973262340542745971326226674531507417700634188121358653814956448402941489722111701267119099028603125734471180662065114501725704237514464513969013052544328523222976988267903702082271046546285678691406511921699337945730573479041861387848643793937936130427538989052520991122893576446964439759146816626771166333040414632924048950961993421128023447025549580627168796716132280108928384335427900421620062818572923718942065593808484116546539646992539183225948263036655217258785819013791414312643034761557989343277032725077933227076242600128366795728830431067827027302393528336704353176783110049906192743870780974281320142936228443877238569446170518563471716780298664066848359026154015759393963775197875259315315845259835883344919723616747831404390479929321 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 26a0615a0089382d662242807ab8f5de4d1168cc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benati.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b777fe7410000040300463044022055e470a66e4fc51b97b2ba201f4e140dfebb4fc52d33c17036026a47ecf2cac2022068be93e0ef764b1b2e2c0c2adf41e24f694026cd0c1dd17ca475c3b34cea090c00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b777fe78600000403004630440220437d31b72f916b84fe7baa03ee175f32168c93e85865a1572036b2a83893cb5d02206c1c2519f665519935474f61f930b0b1245f1fa78aade47db1cc86fdd2de1df6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001546956a800437c19b0d7b2dce2accd17863e6b21b071103b5b6306fd4aec3a9ae4cdbd2dabf9b7cc6411cdc44916eab9827695ea498e184858e4a4dc3704c4d71fe320d0d32c3d6a7e320a23ed12db90553d228a116d06219d9ed8d44cd34f3767f6d8df40a8656224325b1a75103bf23dfd4067198638b6980ae2977a35b8420bf7ae8426bd36a2b8e3b1db415db43d805660a3e6fbc2f983da18402140c11a2bff9cc9a792f2c466e0ef226d5cb5957db424e2189336b366578f6c118ce1ef075699193cf65b3dfa47fcfadb752cb97da842eca06d88e0da3f56a76253c25c87521bd9b7ac7957fce82b984faa01d8ecab2e9138c3c8de0787457cf253138