acquarica.org
Issued by R3
About this certificate
This digital certificate with serial number 04:5a:a6:c0:d0:1a:39:06:41:a9:05:a3:7c:0b:93:24:e0:c6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=acquarica.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5a:a6:c0:d0:1a:39:06:41:a9:05:a3:7c:0b:93:24:e0:c6Serial Number (int): 379296209739041361014110805261208707719366
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: c6:d1:c4:db:b0:88:8a:ab:ff:a5:0e:9f:3c:c2:34:47:7c:e9:be:2b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8d:97:1d:bf:19:d1:bf:91:fd:81:29:1c:ed:56:d1:23:e8:1f:d7:b4
Fingerprint (sha256): 38:c9:2b:29:bd:75:56:c9:09:39:80:6a:e6:8f:f0:a9:2f:fa:a5:bf:2c:35:14:f3:a8:66:77:a8:0e:5f:e8:14
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate acquarica.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for acquarica.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
acquarica.org
Other certificates including the domain name acquarica.org
(limited to 100 certificates)
www.compraroroyplata.com
acquarica.org
acquarica.org
acquarica.org
acquarica.org
www.acquarica.org
www.acquarica.org
acquarica.org
acquarica.org
www.acquarica.org
www.acquarica.org
www.acquarica.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
llandovery.college
chicagobirthlaw.org
torricella.org
tiggiano.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
www.acquarica.org
www.acquarica.org
acquarica.org
acquarica.org
www.acquarica.org
www.acquarica.org
www.acquarica.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
llandovery.college
chicagobirthlaw.org
torricella.org
tiggiano.org
Certificate
The complete raw certificate details for acquarica.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5zCCBM+gAwIBAgISBFqmwNAaOQZBqQWjfAuTJODGMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMDQwMjM2MjJaFw0yNDAzMDMwMjM2MjFaMBgxFjAUBgNVBAMT DWFjcXVhcmljYS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDO QS28x9EuOwsdWDXRtTadzgsngl71MSgQ+PrtktlV+/qeSn3FodduarE9mZ/1A1zt D81hjY28V0tYv5OyXRrlT24bne0ZgYWcfPAhChg2waW6zfsp+U6FvY8eOy5ASf87 nGAserI/CdErEaLUNm+d54twMiYWjZu+fQev7arlCkGs2Gu+HgfA+k3zr2JsK0cN mpSotar0jgHjiIRBUlVKTmgmw7NPbIqz7zv0q/ZWC1ZaulV8fJqh9Ee8iVhFDhLD qoFCoaKwjK2E+hs+ow5jzi90V8uG3PA0CZKmIY8MyqW/vB9RwjG/lzz3DLx0KkMG 2jWpYLJ9R5C5R8ctoPgJiSxWs49HZoKouZmPH0+T6vCRVoypdFptzqmI0COm4fcq 0ggpioNTpXBtzFH72cvwbmw5Ieir3HEllk2siXnyQ8s7TX+JjvyHWK59Vup90i6a jaRbJxoJoXww/wu4pyYVwAPHE2lgK1yI5nVNiSxUYHyi5X1kfO065jZFVrsy5iKA 7y7kMsKH30LZibqf+/eQquTuiuYwyMCC/Y5GkBXhh+iYB4shAVrtFAZ5qv6tDTeu BgQhMp3sYzkuQskBxCuZd0/UuVOzPLNSLTBVug0ojo+uLjKnP0QlsocwDOdsA4nS 0PY3LSBQHCzCrtABb/enYgEI0aLRgtRmeZktvjI8cwIDAQABo4ICDzCCAgswDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBTG0cTbsIiKq/+lDp88wjRHfOm+KzAfBgNVHSME GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov L3IzLmkubGVuY3Iub3JnLzAYBgNVHREEETAPgg1hY3F1YXJpY2Eub3JnMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAO1N3dT4t uYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGMMuX9QgAABAMARzBFAiBUhycj EBhfi2AJnctzBmGTVW/T8TLUofz5UjlIW704OAIhAM8NzVd2mTWTt1+S8GslK7as czFCr6NmOD5imdchWAniAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xa OnQAAAGMMuX96gAABAMARzBFAiApU28zXkWSv2sDQSTK9eh9UcsMi6WFXXmHLqt/ P8nvAQIhAPwLgddqlmMdexRjE5bsMNr8tdDUECENf6cM/LJHdI3TMA0GCSqGSIb3 DQEBCwUAA4IBAQBw63xZv9YyrSlZ7/jURdc3BK+KscwE0rzO6f7qVYBsocoarm0v EHtjuhEoy1ML2t/ICZdkfckPaDTQZKuzLWL/XL62KrNNqGKbgUr1/cRrRRB1IpZE gw95nahIvRiEXxrRu0OrR3x5XRfLubwlWNG104KF/QQBhh/N8y6Al9IcNpy14lCJ 4ixj6YbdffWMdyq5KybocKxfBaf9uZTIPfMcmXxVq3hABomrv/2JvtcIYPMlH5Je 2EUr2/ZBvG1IT/jJGt6c9Pjs+ek7LQu7HKww6mGUzcnkgJ107KJqvGa3QX3I2g5j +vBiG7LotYyA0sK777FKhSy7KxPhnChBc+Br -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzkEtvMfRLjsLHVg10bU2 nc4LJ4Je9TEoEPj67ZLZVfv6nkp9xaHXbmqxPZmf9QNc7Q/NYY2NvFdLWL+Tsl0a 5U9uG53tGYGFnHzwIQoYNsGlus37KflOhb2PHjsuQEn/O5xgLHqyPwnRKxGi1DZv neeLcDImFo2bvn0Hr+2q5QpBrNhrvh4HwPpN869ibCtHDZqUqLWq9I4B44iEQVJV Sk5oJsOzT2yKs+879Kv2VgtWWrpVfHyaofRHvIlYRQ4Sw6qBQqGisIythPobPqMO Y84vdFfLhtzwNAmSpiGPDMqlv7wfUcIxv5c89wy8dCpDBto1qWCyfUeQuUfHLaD4 CYksVrOPR2aCqLmZjx9Pk+rwkVaMqXRabc6piNAjpuH3KtIIKYqDU6VwbcxR+9nL 8G5sOSHoq9xxJZZNrIl58kPLO01/iY78h1iufVbqfdIumo2kWycaCaF8MP8LuKcm FcADxxNpYCtciOZ1TYksVGB8ouV9ZHztOuY2RVa7MuYigO8u5DLCh99C2Ym6n/v3 kKrk7ormMMjAgv2ORpAV4YfomAeLIQFa7RQGear+rQ03rgYEITKd7GM5LkLJAcQr mXdP1LlTszyzUi0wVboNKI6Pri4ypz9EJbKHMAznbAOJ0tD2Ny0gUBwswq7QAW/3 p2IBCNGi0YLUZnmZLb4yPHMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 379296209739041361014110805261208707719366 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 02:36:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-03 02:36:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'acquarica.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 841445372313022455505014710929309180201794240188338008846692267898173989932514997504248900190385362528981959680588384677700819566510144707750972909533764691925313622430324776766486312574519083691220953109468711237496559109942525555260991496571150112642484530830972143985332828997950927954662794803185950177429123392200191213811206983488185708186449726557342499640774309837656769740317276324892360028471647987675538424155199660510650241980338099184104386302224168006889117661135269119081794566054701220468626820806089659047386173550916360834673690986882194783556567069053874536292233705180916345035639695929048778182935200676406016526718038041944720705601074765282721139619396947608200582056142726545875213848834261250097817672896409515656083277601419240590170362215886240857121574770645231983422453000941795868584257526459224500296252976860103167310500796511401297593322401613197725298386976407583247182393641292525910858314487921579689314348549463494634982039647919331464221576577140632171864410314124692245685347794647927766156105164990953422932154715083217482351132167887727408637856660391889470126909729054071871604583556177771333024217778984412784025674814979676871254299705250444519005955568696648650546793884131891129875577971 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c6d1c4dbb0888aabffa50e9f3cc234477ce9be2b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acquarica.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c32e5fd42000004030047304502205487272310185f8b60099dcb73066193556fd3f132d4a1fcf95239485bbd3838022100cf0dcd5776993593b75f92f06b252bb6ac733142afa366383e6299d7215809e200760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c32e5fdea0000040300473045022029536f335e4592bf6b034124caf5e87d51cb0c8ba5855d79872eab7f3fc9ef01022100fc0b81d76a96631d7b14631396ec30dafcb5d0d410210d7fa70cfcb247748dd3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0070eb7c59bfd632ad2959eff8d445d73704af8ab1cc04d2bccee9feea55806ca1ca1aae6d2f107b63ba1128cb530bdadfc80997647dc90f6834d064abb32d62ff5cbeb62ab34da8629b814af5fdc46b451075229644830f799da848bd18845f1ad1bb43ab477c795d17cbb9bc2558d1b5d38285fd0401861fcdf32e8097d21c369cb5e25089e22c63e986dd7df58c772ab92b26e870ac5f05a7fdb994c83df31c997c55ab78400689abbffd89bed70860f3251f925ed8452bdbf641bc6d484ff8c91ade9cf4f8ecf9e93b2d0bbb1cac30ea6194cdc9e4809d74eca26abc66b7417dc8da0e63faf0621bb2e8b58c80d2c2bbefb14a852cbb2b13e19c284173e06b