zavion.org

Issued by R3

About this certificate

This digital certificate with serial number 03:25:97:40:b5:5a:6d:ca:f8:c7:21:40:9f:36:aa:c8:20:56 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=zavion.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:25:97:40:b5:5a:6d:ca:f8:c7:21:40:9f:36:aa:c8:20:56
Serial Number (int): 274128354783998583744935671598295659585622
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 6e:2f:be:5b:7d:f1:17:de:9b:b0:23:8b:cb:13:c8:bf:ca:13:ea:6d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): f2:44:5b:39:f6:d8:73:c2:4f:29:08:13:72:33:a9:fd:48:76:6a:4f
Fingerprint (sha256): 38:23:aa:bb:45:c0:2a:46:ee:d0:bf:70:5a:7f:17:ae:64:cc:1f:a7:ac:33:66:45:c3:c8:6e:59:f6:7e:9d:16

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate zavion.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for zavion.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

zavion.org

Other certificates including the domain name zavion.org

(limited to 100 certificates)
zavion.org
www.zavion.org
www.zavion.org
zavion.org
zavion.org
www.wiltoncakedecorating.com
zavion.org
zavion.org
zavion.org
www.zavion.org
www.zavion.org
zavion.org
www.zavion.org
www.zavion.org
zavion.org
zavion.org

Certificate

The complete raw certificate details for zavion.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAyWXQLVabcr4xyFAnzaqyCBWMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMjkwNDQxMTJaFw0yNDA2MjcwNDQxMTFaMBUxEzARBgNVBAMT
Cnphdmlvbi5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHrtVz
FMSPLvCdsQO2LYy4CfoDWN+cw/Umqa1TgjPobWEv8sTGeZ4khN1eOHp3QzdBeq5H
FhGDY11Pc5YTbYy/fvIxG+Y/d4jJbilKda0vCXJgXpPTDgQdrsuSXhDIHBguOQ0r
coGMweCn6/zBLaFYkN2LcDc3gGhTyVc5QWCPgWSHe1gKU4xtxKe1ol5Z/GE35hDs
7IVyPb66zZS2lpM98PZ5bsAcc7tZc91DilEOQMEERC8XrfeT689DdFKwZ/uA34Vf
t4dUv30e/HKvRX9FEPKEVd/e8djjhLbwElfnkajDLFYFcW9TOzrgwsRwGhLVE5DA
rvlIg00VsBH+SZpTMVtXSidA9wmYtoxfhcSA6lyUQ6omrt9360WQrWc6oQNj1sK1
3fg8Cg2WdZpR4BxTI4oQMPu+N8JYxbHNQuzbBi1J1hbPRRW9AWTip2zhTMxfEmkq
5zsTL8Oh0GB+g9bTUxwon7taVR03ZGNaNlxQ2g5f5lNLTl6W7vFr8LjqCQ+wgg3N
qD+WJzK8huVvD9SAOEK4JXt6B8pzt3iKXMqm9natFT1fIHgh3QDsUUS33OAEvh8W
vmbdG2MKn1Ug0W1MprEmktMaqtjLsXeX4RmtJSLDfen/I3dFDID7weeJrJx8OFyn
Gxh3LXY8GjpLIz2nFdqdQKR4MYq1nCEXpyCzMwIDAQABo4ICDDCCAggwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBRuL75bffEX3puwI4vLE8i/yhPqbTAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggp6YXZpb24ub3JnMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcASLDja9qmRzQP5WoC
+p0w6xxSActW3SyB2bu/qznYhHMAAAGOiLn4TgAABAMASDBGAiEA/0NXAff0ZQ8P
nQlNhkFOGznoSSFyD07HStxEyX48PT8CIQDEKMPur5nyymHaMWHYpYQEh4jCGpjY
MCqH/oq/CRcZ6QB1AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAAB
joi5+IEAAAQDAEYwRAIfW9kUzuY0fRWVYRoc3pGU+XgJ+7AijnLdAqD6TV0CiQIh
AMqSSmPeUOtkZaoarhkwf/LNR1n0K/kN1icMx+aDAZPFMA0GCSqGSIb3DQEBCwUA
A4IBAQCfFNX1XqgdHOIH5TUPTLXzPps9rLUd/2xeKrR/CcQNP541tpaI5eAkzOQC
CrmEcuHCviToQ7Nlx+fKB4h2aUvvpQ0rCncL8LAAbg9O4mDmJyFh75Gn2iDwSr7L
liI/7eqaw/mucQcdCa/UJuN6HuONyJCurchmlEI3aqIAjEW9dSy+P2VLqopj/1pA
JmnkSUUlmCcHJxeK54fj52dOEuubLIyJUN867pU+UJQSOmNcFNgCFI5j/h+9jde2
Nc3dMUOpR81y1l4cpIoBImIQFyubrj+zgznSsuMG6ANncFC2b/ux2cFnQctXocm4
9ZOeRf9adAjwIsMh+lpJVRhyj4sh
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx67VcxTEjy7wnbEDti2M
uAn6A1jfnMP1JqmtU4Iz6G1hL/LExnmeJITdXjh6d0M3QXquRxYRg2NdT3OWE22M
v37yMRvmP3eIyW4pSnWtLwlyYF6T0w4EHa7Lkl4QyBwYLjkNK3KBjMHgp+v8wS2h
WJDdi3A3N4BoU8lXOUFgj4Fkh3tYClOMbcSntaJeWfxhN+YQ7OyFcj2+us2UtpaT
PfD2eW7AHHO7WXPdQ4pRDkDBBEQvF633k+vPQ3RSsGf7gN+FX7eHVL99Hvxyr0V/
RRDyhFXf3vHY44S28BJX55GowyxWBXFvUzs64MLEcBoS1ROQwK75SINNFbAR/kma
UzFbV0onQPcJmLaMX4XEgOpclEOqJq7fd+tFkK1nOqEDY9bCtd34PAoNlnWaUeAc
UyOKEDD7vjfCWMWxzULs2wYtSdYWz0UVvQFk4qds4UzMXxJpKuc7Ey/DodBgfoPW
01McKJ+7WlUdN2RjWjZcUNoOX+ZTS05elu7xa/C46gkPsIINzag/licyvIblbw/U
gDhCuCV7egfKc7d4ilzKpvZ2rRU9XyB4Id0A7FFEt9zgBL4fFr5m3RtjCp9VINFt
TKaxJpLTGqrYy7F3l+EZrSUiw33p/yN3RQyA+8HniaycfDhcpxsYdy12PBo6SyM9
pxXanUCkeDGKtZwhF6cgszMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 274128354783998583744935671598295659585622
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-29 04:41:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-27 04:41:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zavion.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 814635339938498410948081873343763704806018862846788364772419471726407993693391521961002586355843206679034357052567508386039662917295238983244572609712954527565918577507649665052835379489854045410480190452934879198882279020258127677946410553685134123018783892094516218649615126338822509142664643474850380167139228584410506428489298558137608415646440882519836815639518831543208884636398721776669031870018713122807592162164256872338088134002072188434721322314356287590714241157864003829587424734243547687910695332247896215664987189189288094067702963496491486309708117577810794645435939829177701306282549058813536038137472088828590966442244868489530098566635948861747104356107440708553788161736645317817030210324749088752921491350190504736482551787610599393614095330904531670708760048783834499860505350587711796017579898576537184112785932790179118161678986690217419265825741139602013866235444112336577675034502905220520043505248571097364968792579629091071310485621104415597470152544159333804185293325988231649530601732372459520927091452968795062468195687414163198199474545893725973362060318217369382440429305154068225820182116338575015287712864310927541171595629171287295949369582759995957105029082273033155849937224972747162023534572339
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6e2fbe5b7df117de9bb0238bcb13c8bfca13ea6d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zavion.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e88b9f84e0000040300483046022100ff435701f7f4650f0f9d094d86414e1b39e84921720f4ec74adc44c97e3c3d3f022100c428c3eeaf99f2ca61da3161d8a584048788c21a98d8302a87fe8abf091719e9007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e88b9f8810000040300463044021f5bd914cee6347d1595611a1cde9194f97809fbb0228e72dd02a0fa4d5d0289022100ca924a63de50eb6465aa1aae19307ff2cd4759f42bf90dd6270cc7e6830193c5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009f14d5f55ea81d1ce207e5350f4cb5f33e9b3dacb51dff6c5e2ab47f09c40d3f9e35b69688e5e024cce4020ab98472e1c2be24e843b365c7e7ca078876694befa50d2b0a770bf0b0006e0f4ee260e6272161ef91a7da20f04abecb96223fedea9ac3f9ae71071d09afd426e37a1ee38dc890aeadc8669442376aa2008c45bd752cbe3f654baa8a63ff5a402669e449452598270727178ae787e3e7674e12eb9b2c8c8950df3aee953e5094123a635c14d802148e63fe1fbd8dd7b635cddd3143a947cd72d65e1ca48a01226210172b9bae3fb38339d2b2e306e803677050b66ffbb1d9c16741cb57a1c9b8f5939e45ff5a7408f022c321fa5a495518728f8b21