www.daavo.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:3b:2d:0a:20:13:df:20:b1:b6:7b:1e:35:f5:9c:ce:c9:5d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.daavo.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:3b:2d:0a:20:13:df:20:b1:b6:7b:1e:35:f5:9c:ce:c9:5d
Serial Number (int): 281473385277006512933433667044784133294429
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: a8:12:71:3f:54:3d:c4:78:7c:f7:dc:8d:c9:a7:ef:b4:de:f2:02:f4
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): c1:88:95:07:4d:f0:ae:86:6f:4c:70:b6:16:c0:18:59:c5:09:92:4f
Fingerprint (sha256): 34:8f:f5:b2:f3:29:82:20:88:d9:fa:4f:90:b0:53:13:c1:4b:5e:65:d0:9d:88:b3:f3:68:36:be:14:05:30:b1

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.daavo.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.daavo.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.daavo.com

Other certificates including the domain name daavo.com

(limited to 100 certificates)
daavo.com
www.daavo.com
daavo.com
www.daavo.com
daavo.com
daavo.com
daavo.com
www.daavo.com
www.daavo.com
daavo.com
israelneom.com
www.daavo.com

Certificate

The complete raw certificate details for www.daavo.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgISAzstCiAT3yCxtnseNfWczsldMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MTkwOTI3NDhaFw0x
OTEyMTgwOTI3NDhaMBgxFjAUBgNVBAMTDXd3dy5kYWF2by5jb20wggIiMA0GCSqG
SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwOjqNMK+IhEIkeWpw/OHaHLK5gvK485ep
UH4Z5JFY0iOfVkxmR8PBe1zX/p2nZRVA4XcXLAND1UMC+x3vj6zSeBSZWG0dMHMj
3Ci6NJdFwj1T8ywdCCNduQFzjsBJlaBvgxSctycvOwtYPeOS/308JgXO4lHQ+rh4
pDPMAN6XxEpZhHvmgjb9WoeAV/Qxo00IlLiOF3n/VPV0rf6Qo3S3MPmv6NF8cSCG
QRR4hqnvLjY5djTepEpV7cBLM6Gi16gYciB9nFRRK9yQeAUQG+KVEL/2pOxzty8F
waaanZ9rU8n8IBZ0oe56tffLLbNHqrFTHRXSggVswdVdOdlonmw/68NEAS72CCb3
DsvkgdeyMDfB4SDOEZ+zAIL7qlTWcA8/HhPIkwDqKCz9gSYBSLJGv3HdqRWNo4Lt
/X8A/oiigNEZDBCtGMXs1oQx8bNgUgIzn2wyzl7zsnun01sdSJVD02NgZ+YAal5H
8rUo0OFl6Gha5os4QcpfOYGG+SbbJYnNwv5q688dx0LNNGBE4EvjrIVvXF24CWcl
MmG/XyaxJbfrlQ1XberBqxPqu1+2XYtevNM9znuOFhRp5OgV22N5UGTA2klyLoMx
VuQWsMEnXfLiXV29AUzIt58Jouugvu4ZE1jsnaVNYbbBbKbrrLm9EPD6qZMDOst8
qJAN+x3KFQIDAQABo4ICYzCCAl8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSoEnE/
VD3EeHz33I3Jp++03vIC9DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js
oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14
My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14
My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5kYWF2by5jb20wTAYD
VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa
aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHz
APEAdgB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAW1JEE5LAAAE
AwBHMEUCIQCARui9/t6q1+Df+YLhOzqTy28dAFsbQj3WPuVWnKaQPAIgaTTrZy1z
UHpjTp2fkdRNcgGcQzHU1p9akQ4FBxBSFjQAdwBj8tvN6DvMLM8LcoQnV2szpI1h
d4+9daY4scdoVEvYjQAAAW1JEFBoAAAEAwBIMEYCIQCnNc3BMp5DVPohrbOdSYo0
ZUkuYlmsIQAt48wA2DGg5gIhAOXAzmuEUs+tY7E7kNcmZIv+7IAYsdiucoSwDSYb
lL0cMA0GCSqGSIb3DQEBCwUAA4IBAQAfdQaBAE5VbNtdB2cRsFBkkLdtSfnPKzyB
qg5XdEEhuz3Z3RSMWvca1bDuRz/dSBhgnxU7xaI3Aa5oDjcLgS4X6nTVD7KWdzkh
pnq+13QetV1THHAmO8e3fcNsMJLdG6UFf7j+wVzsbqaHvQE/qtQXSHy2bflRaXed
RL8mG6F7epO0diafciTG8yRpugRy0o9rYWCipsjV/uIEpxsGF5c51n634Ias7uFY
pVE8zyCw9+56pmLe9GfDI2tyLZDT3sKXSnR4uvkjkodigqFujLMSntJ0nqMoUE1G
5rKf1ZeSAR+u2uLjJuQEk6mFYWJV7TEA7+HTRSYt2tz67+Qzg4b+
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsDo6jTCviIRCJHlqcPzh
2hyyuYLyuPOXqVB+GeSRWNIjn1ZMZkfDwXtc1/6dp2UVQOF3FywDQ9VDAvsd74+s
0ngUmVhtHTBzI9woujSXRcI9U/MsHQgjXbkBc47ASZWgb4MUnLcnLzsLWD3jkv99
PCYFzuJR0Pq4eKQzzADel8RKWYR75oI2/VqHgFf0MaNNCJS4jhd5/1T1dK3+kKN0
tzD5r+jRfHEghkEUeIap7y42OXY03qRKVe3ASzOhoteoGHIgfZxUUSvckHgFEBvi
lRC/9qTsc7cvBcGmmp2fa1PJ/CAWdKHuerX3yy2zR6qxUx0V0oIFbMHVXTnZaJ5s
P+vDRAEu9ggm9w7L5IHXsjA3weEgzhGfswCC+6pU1nAPPx4TyJMA6igs/YEmAUiy
Rr9x3akVjaOC7f1/AP6IooDRGQwQrRjF7NaEMfGzYFICM59sMs5e87J7p9NbHUiV
Q9NjYGfmAGpeR/K1KNDhZehoWuaLOEHKXzmBhvkm2yWJzcL+auvPHcdCzTRgROBL
46yFb1xduAlnJTJhv18msSW365UNV23qwasT6rtftl2LXrzTPc57jhYUaeToFdtj
eVBkwNpJci6DMVbkFrDBJ13y4l1dvQFMyLefCaLroL7uGRNY7J2lTWG2wWym66y5
vRDw+qmTAzrLfKiQDfsdyhUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 281473385277006512933433667044784133294429
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-19 09:27:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-18 09:27:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.daavo.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 718945295188157210194994410186979953185998893425598287459281878578319132256200907427212850162402069210260848099335555637440364139901231237630601763332980957698547689088223537468683544461217905830421569985795224624347276474188208139649727375644016471847939559767106774553009727783734708332978730382196233695227095919754920137245112924139388740707761300850510591395320824908643166628733537223618666563772901124140293525571490447245735765579071771120422273392516682861188680765200142243476434738213580522348311357987821168964671072872250689696135521299358005971766554110561873303497630095876447398718350639235236614677755284460683051918611971109817779115463860763284509713272676950723040291378484784450899523533921672321303082631808521394940534995257131593374265946198196424033925708340972429767273073465688259081612332803552488175639856126900212688831203410741233221818992143809018423172042435578953756373042644798815469077191401887584652242783974083602603881979520811507039083776693332099286705023823127990013203237259674879117420397974014886142923054230973692046140006762795788522652394745150251789885827773067946493822915005301397272710192536273784200816475490932224944368422747660546382814126744709462104398137386325195026759272981
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a812713f543dc4787cf7dc8dc9a7efb4def202f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.daavo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d49104e4b00000403004730450221008046e8bdfedeaad7e0dff982e13b3a93cb6f1d005b1b423dd63ee5569ca6903c02206934eb672d73507a634e9d9f91d44d72019c4331d4d69f5a910e05071052163400770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d491050680000040300483046022100a735cdc1329e4354fa21adb39d498a3465492e6259ac21002de3cc00d831a0e6022100e5c0ce6b8452cfad63b13b90d726648bfeec8018b1d8ae7284b00d261b94bd1c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001f750681004e556cdb5d076711b0506490b76d49f9cf2b3c81aa0e57744121bb3dd9dd148c5af71ad5b0ee473fdd4818609f153bc5a23701ae680e370b812e17ea74d50fb296773921a67abed7741eb55d531c70263bc7b77dc36c3092dd1ba5057fb8fec15cec6ea687bd013faad417487cb66df95169779d44bf261ba17b7a93b476269f7224c6f32469ba0472d28f6b6160a2a6c8d5fee204a71b06179739d67eb7e086aceee158a5513ccf20b0f7ee7aa662def467c3236b722d90d3dec2974a7478baf92392876282a16e8cb3129ed2749ea328504d46e6b29fd59792011faedae2e326e40493a985616255ed3100efe1d345262ddadcfaefe4338386fe