zavion.org
Issued by R3
About this certificate
This digital certificate with serial number 03:25:97:40:b5:5a:6d:ca:f8:c7:21:40:9f:36:aa:c8:20:56 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=zavion.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:25:97:40:b5:5a:6d:ca:f8:c7:21:40:9f:36:aa:c8:20:56Serial Number (int): 274128354783998583744935671598295659585622
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6e:2f:be:5b:7d:f1:17:de:9b:b0:23:8b:cb:13:c8:bf:ca:13:ea:6d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f2:44:5b:39:f6:d8:73:c2:4f:29:08:13:72:33:a9:fd:48:76:6a:4f
Fingerprint (sha256): 38:23:aa:bb:45:c0:2a:46:ee:d0:bf:70:5a:7f:17:ae:64:cc:1f:a7:ac:33:66:45:c3:c8:6e:59:f6:7e:9d:16
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate zavion.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for zavion.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
zavion.org
Other certificates including the domain name zavion.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for zavion.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4TCCBMmgAwIBAgISAyWXQLVabcr4xyFAnzaqyCBWMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjkwNDQxMTJaFw0yNDA2MjcwNDQxMTFaMBUxEzARBgNVBAMT Cnphdmlvbi5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHrtVz FMSPLvCdsQO2LYy4CfoDWN+cw/Umqa1TgjPobWEv8sTGeZ4khN1eOHp3QzdBeq5H FhGDY11Pc5YTbYy/fvIxG+Y/d4jJbilKda0vCXJgXpPTDgQdrsuSXhDIHBguOQ0r coGMweCn6/zBLaFYkN2LcDc3gGhTyVc5QWCPgWSHe1gKU4xtxKe1ol5Z/GE35hDs 7IVyPb66zZS2lpM98PZ5bsAcc7tZc91DilEOQMEERC8XrfeT689DdFKwZ/uA34Vf t4dUv30e/HKvRX9FEPKEVd/e8djjhLbwElfnkajDLFYFcW9TOzrgwsRwGhLVE5DA rvlIg00VsBH+SZpTMVtXSidA9wmYtoxfhcSA6lyUQ6omrt9360WQrWc6oQNj1sK1 3fg8Cg2WdZpR4BxTI4oQMPu+N8JYxbHNQuzbBi1J1hbPRRW9AWTip2zhTMxfEmkq 5zsTL8Oh0GB+g9bTUxwon7taVR03ZGNaNlxQ2g5f5lNLTl6W7vFr8LjqCQ+wgg3N qD+WJzK8huVvD9SAOEK4JXt6B8pzt3iKXMqm9natFT1fIHgh3QDsUUS33OAEvh8W vmbdG2MKn1Ug0W1MprEmktMaqtjLsXeX4RmtJSLDfen/I3dFDID7weeJrJx8OFyn Gxh3LXY8GjpLIz2nFdqdQKR4MYq1nCEXpyCzMwIDAQABo4ICDDCCAggwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBRuL75bffEX3puwI4vLE8i/yhPqbTAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggp6YXZpb24ub3JnMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcASLDja9qmRzQP5WoC +p0w6xxSActW3SyB2bu/qznYhHMAAAGOiLn4TgAABAMASDBGAiEA/0NXAff0ZQ8P nQlNhkFOGznoSSFyD07HStxEyX48PT8CIQDEKMPur5nyymHaMWHYpYQEh4jCGpjY MCqH/oq/CRcZ6QB1AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAAB joi5+IEAAAQDAEYwRAIfW9kUzuY0fRWVYRoc3pGU+XgJ+7AijnLdAqD6TV0CiQIh AMqSSmPeUOtkZaoarhkwf/LNR1n0K/kN1icMx+aDAZPFMA0GCSqGSIb3DQEBCwUA A4IBAQCfFNX1XqgdHOIH5TUPTLXzPps9rLUd/2xeKrR/CcQNP541tpaI5eAkzOQC CrmEcuHCviToQ7Nlx+fKB4h2aUvvpQ0rCncL8LAAbg9O4mDmJyFh75Gn2iDwSr7L liI/7eqaw/mucQcdCa/UJuN6HuONyJCurchmlEI3aqIAjEW9dSy+P2VLqopj/1pA JmnkSUUlmCcHJxeK54fj52dOEuubLIyJUN867pU+UJQSOmNcFNgCFI5j/h+9jde2 Nc3dMUOpR81y1l4cpIoBImIQFyubrj+zgznSsuMG6ANncFC2b/ux2cFnQctXocm4 9ZOeRf9adAjwIsMh+lpJVRhyj4sh -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx67VcxTEjy7wnbEDti2M uAn6A1jfnMP1JqmtU4Iz6G1hL/LExnmeJITdXjh6d0M3QXquRxYRg2NdT3OWE22M v37yMRvmP3eIyW4pSnWtLwlyYF6T0w4EHa7Lkl4QyBwYLjkNK3KBjMHgp+v8wS2h WJDdi3A3N4BoU8lXOUFgj4Fkh3tYClOMbcSntaJeWfxhN+YQ7OyFcj2+us2UtpaT PfD2eW7AHHO7WXPdQ4pRDkDBBEQvF633k+vPQ3RSsGf7gN+FX7eHVL99Hvxyr0V/ RRDyhFXf3vHY44S28BJX55GowyxWBXFvUzs64MLEcBoS1ROQwK75SINNFbAR/kma UzFbV0onQPcJmLaMX4XEgOpclEOqJq7fd+tFkK1nOqEDY9bCtd34PAoNlnWaUeAc UyOKEDD7vjfCWMWxzULs2wYtSdYWz0UVvQFk4qds4UzMXxJpKuc7Ey/DodBgfoPW 01McKJ+7WlUdN2RjWjZcUNoOX+ZTS05elu7xa/C46gkPsIINzag/licyvIblbw/U gDhCuCV7egfKc7d4ilzKpvZ2rRU9XyB4Id0A7FFEt9zgBL4fFr5m3RtjCp9VINFt TKaxJpLTGqrYy7F3l+EZrSUiw33p/yN3RQyA+8HniaycfDhcpxsYdy12PBo6SyM9 pxXanUCkeDGKtZwhF6cgszMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 274128354783998583744935671598295659585622 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-29 04:41:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-27 04:41:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zavion.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 814635339938498410948081873343763704806018862846788364772419471726407993693391521961002586355843206679034357052567508386039662917295238983244572609712954527565918577507649665052835379489854045410480190452934879198882279020258127677946410553685134123018783892094516218649615126338822509142664643474850380167139228584410506428489298558137608415646440882519836815639518831543208884636398721776669031870018713122807592162164256872338088134002072188434721322314356287590714241157864003829587424734243547687910695332247896215664987189189288094067702963496491486309708117577810794645435939829177701306282549058813536038137472088828590966442244868489530098566635948861747104356107440708553788161736645317817030210324749088752921491350190504736482551787610599393614095330904531670708760048783834499860505350587711796017579898576537184112785932790179118161678986690217419265825741139602013866235444112336577675034502905220520043505248571097364968792579629091071310485621104415597470152544159333804185293325988231649530601732372459520927091452968795062468195687414163198199474545893725973362060318217369382440429305154068225820182116338575015287712864310927541171595629171287295949369582759995957105029082273033155849937224972747162023534572339 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6e2fbe5b7df117de9bb0238bcb13c8bfca13ea6d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zavion.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e88b9f84e0000040300483046022100ff435701f7f4650f0f9d094d86414e1b39e84921720f4ec74adc44c97e3c3d3f022100c428c3eeaf99f2ca61da3161d8a584048788c21a98d8302a87fe8abf091719e9007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e88b9f8810000040300463044021f5bd914cee6347d1595611a1cde9194f97809fbb0228e72dd02a0fa4d5d0289022100ca924a63de50eb6465aa1aae19307ff2cd4759f42bf90dd6270cc7e6830193c5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009f14d5f55ea81d1ce207e5350f4cb5f33e9b3dacb51dff6c5e2ab47f09c40d3f9e35b69688e5e024cce4020ab98472e1c2be24e843b365c7e7ca078876694befa50d2b0a770bf0b0006e0f4ee260e6272161ef91a7da20f04abecb96223fedea9ac3f9ae71071d09afd426e37a1ee38dc890aeadc8669442376aa2008c45bd752cbe3f654baa8a63ff5a402669e449452598270727178ae787e3e7674e12eb9b2c8c8950df3aee953e5094123a635c14d802148e63fe1fbd8dd7b635cddd3143a947cd72d65e1ca48a01226210172b9bae3fb38339d2b2e306e803677050b66ffbb1d9c16741cb57a1c9b8f5939e45ff5a7408f022c321fa5a495518728f8b21