parabiago.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:9e:61:c8:e9:b2:1c:48:17:a6:e9:19:fe:14:6b:5c:64:c3 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=parabiago.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:9e:61:c8:e9:b2:1c:48:17:a6:e9:19:fe:14:6b:5c:64:c3Serial Number (int): 315231450083664664285287918010402181244099
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e0:bd:df:48:13:50:c6:d2:13:38:73:99:75:3f:4d:d5:c9:46:75:95
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 62:bf:83:f4:9b:b5:54:03:67:1b:42:bb:ed:54:e2:dd:b9:69:3e:1e
Fingerprint (sha256): 2f:0e:24:c4:07:96:17:37:02:13:91:3f:a5:80:d6:35:64:29:b7:43:27:e0:30:84:7e:16:8a:41:ad:5d:4b:db
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate parabiago.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for parabiago.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
parabiago.org
Other certificates including the domain name parabiago.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for parabiago.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA55hyOmyHEgXpukZ/hRrXGTDMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDIwNjQ0NDhaFw0y MDA1MDIwNjQ0NDhaMBgxFjAUBgNVBAMTDXBhcmFiaWFnby5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDnpENB4oYtUVtFUCZJJ6e6SRzdhc9ReHUK r+taxjSyLBGCAtuW8lWxxYUFiKl9+GYDJ+ta82/i7flKfkGr1tSk7OQOxQyaN+BO Zyh4lEU/U64qZ1Ec+AHjPVIU4vt22+4f5uZvhcFygsOyaYF459wev+vZ4QAey0Cq +dJTh+Bk1xoOzE6rIeAU/v3X1rfCVDnkRZenJJyJib6shnk8QfJqD7BU5FsJrh+C kvTS4HXvAnD1H66Ak2x57sJ+2uBj0dpT2SQQFCBi+/i+HA+MECfpKOWMCZN+uUBE j93r/qwWmKpT8QLBi1SfwLqQbvTrVyccR9y/WbhWyySEifcUYbDH017bYLXQK6yZ 6pH1HMwA3Z8rNmVCdlxLmNu6e7FQt0FBQn3E6TejdMq7Z+t8lyKfKFdHta8WDxdg 7fcDMonqeR6fEezGFb9sKXWLwRYsS6L4StIuDNMzdAlCDq1inqJHVsZQPQsulwu2 LRw2FSmLuNwurFiKXkFpS2pu1meep07LbHDDXyJ4odldgYjX05PuxqLzIZBxTk/L F6hNHhQqQwODCu97TQcNIG+D1piSBb0UtZ/S2MEiU+VxwgUTde//3gZefqY9SOft 1SCgcyZUiWkKfuWOPOuBavqfautrMFtRuPag5DAVlkJag/WO2b1eJdLxvBZjVvGr 4xY5bniArwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTgvd9I E1DG0hM4c5l1P03VyUZ1lTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXBhcmFiaWFnby5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgAHt1wb5X1o//Gwxh0jFce65ld8V5S3au68YToaadOiHAAAAXAE2/KbAAAE AwBHMEUCIQCVxaagbXiz1sWQ1OpER8sRBUA6vdSdSL5ityLF84cDPAIgFGOyMwqj n6AjH/KhMo39wFPtiJrBdB7+e94qkDEXUsUAdgBvU3asMfAxGdiZAKRRFf93FRwR 2QLBACkGjbIImjfZEwAAAXAE2/MpAAAEAwBHMEUCICAEH5RVi52Co9r6hwddGJrh qHF958q0tYUkDg4OxYJFAiEAqcPgDqxWAqfihSItZraVZp3u2cpXP1p0CDU/+ky/ 1FEwDQYJKoZIhvcNAQELBQADggEBADnYj3+XwltU/fCvXSAF0sHfJcYh+45IOC6W w4mbPdJukvKyoiF8+SmgqrAa5lbJDyIrQGJLSIAzL8RqBJgExLQ/EyJ8nf0TxcUz 1KJT5t8UcABJfyAQAT2vXMbv8twIziJazqcFdpBUuNyMclPxdZ0QZF+pyNedY/zo yLVHw4fHGivgxwC/mYrxXMGb/F+ught20HKj6sTcaqq8t7/qzkwO8sbdqIuKjXKQ UGwhixxZ5vtRMbOu6K/YCAOdXlGD4D8Ogcz1Z1A1tIaqeKreZhAae8n5tyrSsj0m 3xjK80cn4yvSQBv0lUpuB0/0HfR719sgginiZZZYDXcOZ6edRys= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA56RDQeKGLVFbRVAmSSen ukkc3YXPUXh1Cq/rWsY0siwRggLblvJVscWFBYipffhmAyfrWvNv4u35Sn5Bq9bU pOzkDsUMmjfgTmcoeJRFP1OuKmdRHPgB4z1SFOL7dtvuH+bmb4XBcoLDsmmBeOfc Hr/r2eEAHstAqvnSU4fgZNcaDsxOqyHgFP7919a3wlQ55EWXpySciYm+rIZ5PEHy ag+wVORbCa4fgpL00uB17wJw9R+ugJNsee7CftrgY9HaU9kkEBQgYvv4vhwPjBAn 6SjljAmTfrlARI/d6/6sFpiqU/ECwYtUn8C6kG7061cnHEfcv1m4VsskhIn3FGGw x9Ne22C10CusmeqR9RzMAN2fKzZlQnZcS5jbunuxULdBQUJ9xOk3o3TKu2frfJci nyhXR7WvFg8XYO33AzKJ6nkenxHsxhW/bCl1i8EWLEui+ErSLgzTM3QJQg6tYp6i R1bGUD0LLpcLti0cNhUpi7jcLqxYil5BaUtqbtZnnqdOy2xww18ieKHZXYGI19OT 7sai8yGQcU5PyxeoTR4UKkMDgwrve00HDSBvg9aYkgW9FLWf0tjBIlPlccIFE3Xv /94GXn6mPUjn7dUgoHMmVIlpCn7ljjzrgWr6n2rrazBbUbj2oOQwFZZCWoP1jtm9 XiXS8bwWY1bxq+MWOW54gK8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 315231450083664664285287918010402181244099 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-02 06:44:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-02 06:44:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'parabiago.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 945015488493360163690885504227963678945154344650202415719465991671207020150044839397523641598031196964202498597349638549818311616455017536376496270070003945334854759880741386958591747011778182665509523516907051803225681132713287805077610678397837404818874213789517790806085236443845262406198352065168420329922827366457113153094371726356644554282732626337135500726594078722081434468423572024744458689330536381300639717275628477720988066887027524201279024163291800891328781677216491217438998570992094261770912790994662347507731260422129205970639588524153185151797932101058592678753969085298236914874985037492702240199745272844134450852405640860170733365304446873458894681389360255536629111271950636354163060703850677960720239559887589884140414286700880984042496999245483714885909323884688151136941236788104924741692184617007869153341206007561425691830256993278346307297140916365649030466413181500935985351765612921887042293809182193007612558904312957873375921384301059165912838504965923448085357841053743976515290130249431291366786348703325174289666135077301011675867350606748416310393466116417241373100580997888851175367440549724836072088170078942564449579291434474833197474720205596447493693754955847703149649480639389852589079691439 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e0bddf481350c6d213387399753f4dd5c9467595 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parabiago.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017004dbf29b000004030047304502210095c5a6a06d78b3d6c590d4ea4447cb1105403abdd49d48be62b722c5f387033c02201463b2330aa39fa0231ff2a1328dfdc053ed889ac1741efe7bde2a90311752c50076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017004dbf3290000040300473045022020041f94558b9d82a3dafa87075d189ae1a8717de7cab4b585240e0e0ec58245022100a9c3e00eac5602a7e285222d66b695669deed9ca573f5a7408353ffa4cbfd451 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0039d88f7f97c25b54fdf0af5d2005d2c1df25c621fb8e48382e96c3899b3dd26e92f2b2a2217cf929a0aab01ae656c90f222b40624b4880332fc46a049804c4b43f13227c9dfd13c5c533d4a253e6df147000497f2010013daf5cc6eff2dc08ce225acea705769054b8dc8c7253f1759d10645fa9c8d79d63fce8c8b547c387c71a2be0c700bf998af15cc19bfc5fae821b76d072a3eac4dc6aaabcb7bfeace4c0ef2c6dda88b8a8d7290506c218b1c59e6fb5131b3aee8afd808039d5e5183e03f0e81ccf5675035b486aa78aade66101a7bc9f9b72ad2b23d26df18caf34727e32bd2401bf4954a6e074ff41df47bd7db208229e26596580d770e67a79d472b