www.lomazzo.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ef:14:d2:c1:6a:c8:13:ec:e6:38:28:04:9e:ce:60:08:f9 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.lomazzo.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ef:14:d2:c1:6a:c8:13:ec:e6:38:28:04:9e:ce:60:08:f9Serial Number (int): 342692022354606183160442838111194538051833
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7e:ea:31:99:56:8b:a8:09:8b:36:2e:74:9b:20:34:c3:d9:c9:7e:a1
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 77:15:f4:8d:4a:95:2b:c2:1e:31:a5:b6:20:e0:c8:26:0e:fa:19:8f
Fingerprint (sha256): 39:a9:d5:65:3f:f6:de:3d:6c:e5:cf:26:01:f8:b3:30:94:5b:d9:69:82:fc:1b:b7:e3:db:bf:6f:58:23:0b:9c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.lomazzo.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.lomazzo.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.lomazzo.org
Other certificates including the domain name lomazzo.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.lomazzo.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVjCCBT6gAwIBAgISA+8U0sFqyBPs5jgoBJ7OYAj5MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjkwNzMyMDhaFw0x OTEyMjgwNzMyMDhaMBoxGDAWBgNVBAMTD3d3dy5sb21henpvLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVIB8lS0KL5qnqkqLqnRcy362vzg1E4 zTIY0ZPwKNUwSizsFfyZ95/6Dl3WTFKJfR3tEP3ibWxckscTHy3X0K43GBuj2I0z XME0HziufwdkGqD5tsija3DlcjXwa224tt1OCoTH4U4VEoh8O+hhd79RufkJr6eS tel+NEAOJA2G4QiKOigyc/w4gwrwXfFF3bDMZZZEyQsD5C5VGFR6G56ALjvrtA6O 2XgtHQhoZH3j0m9EBVYlouqllrjxpH3pfPOClyVCEj7Ys7bxdLZoO6wlBag/9PuO 0xO4vnFR/Ty19n5tWNDqIu6AZb67gWG79QNcjNQYYaV64Rfw6P+eyQhP17Clu+7N V+W40wXZ0QRXcBxqdgYtvyXsA5tjGWc4YZmNVsZ/HmHQUWxqIjf1RDOepmhtnytv O6wephym30vwXNE3oATvhD/8tjOOnWJwsMAG8qEvaPmX9BBzmK0/TO0oN/FbMyqx RfhJOrwHkgSPTVpqSPMX4G/rgSJEEwsOyHF6shWgFoSROUUVxOT4VoygRgf3bPn7 NX4/81qW0SmjUzGjzSqNxrjjzBWIAx9JJRLCtZ6jGtOCDXfzNLMzksemYNlB8wmf Jram+bUmYfCcBnB8iUtponp3HOMe7d4ww6wfuB2xb0SpFcUP9BDhhqo9hRLSLRH8 pGJ0y9IOKo5bAgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFH7q MZlWi6gJizYudJsgNMPZyX6hMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3LmxvbWF6em8ub3Jn MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHYA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x2/4AAAFtfCYC gAAABAMARzBFAiEA1lrHQ0W406RhGVQ+mNAkbfv/pw5SfnDxuk3lqwxhJHACIHwX lIJppzROPIwZJCMbg59267CwcyITuCwI4Ik9bl5TAHYAKTxRllTIOWW6qlD8WAfU t2+/WHopctykwwz05UVH9HgAAAFtfCYAiQAABAMARzBFAiEAgjHeYQV0cUT/QFwA 5Ggci8rj5dypoRjJo+lkb8LqmYoCIEc2orKOpQ1Ay7NHb/bSeKAPcnu6pkqftuGj 7IdMrZk+MA0GCSqGSIb3DQEBCwUAA4IBAQABa5Pxtjw2WgBOx+vmH+Zs/zLcVFBv IOU0IWdPtKr2VBmDkqd5eSPMA+g7qp6o8uOYUphbBWkUmKS61Xzzf4PzKMnLPGY9 1qISwxGDkGliFsuG7fJNyIK4VUELlaIHiSUXlfuSB5wBJHRaQEawJET4LE9T8Nuz 5QE5DD993UdeEdiuQbrREDTiQyFhQsHIX+idgmWuFnro+gcx54QYcthN7i3Ova70 tHdS5MkAkpet+3xanCPtply/HeUgGc1TWCNpLoXUSX73Zdjo/GeGqyfmlWPnaPxd ZIEMQc+/JEKptD3ojk66RSrYMZV7zHZwl0EjyW0aho8uHnnaf7+YsNJW -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxUgHyVLQovmqeqSouqdF zLfra/ODUTjNMhjRk/Ao1TBKLOwV/Jn3n/oOXdZMUol9He0Q/eJtbFySxxMfLdfQ rjcYG6PYjTNcwTQfOK5/B2QaoPm2yKNrcOVyNfBrbbi23U4KhMfhThUSiHw76GF3 v1G5+Qmvp5K16X40QA4kDYbhCIo6KDJz/DiDCvBd8UXdsMxllkTJCwPkLlUYVHob noAuO+u0Do7ZeC0dCGhkfePSb0QFViWi6qWWuPGkfel884KXJUISPtiztvF0tmg7 rCUFqD/0+47TE7i+cVH9PLX2fm1Y0Ooi7oBlvruBYbv1A1yM1BhhpXrhF/Do/57J CE/XsKW77s1X5bjTBdnRBFdwHGp2Bi2/JewDm2MZZzhhmY1Wxn8eYdBRbGoiN/VE M56maG2fK287rB6mHKbfS/Bc0TegBO+EP/y2M46dYnCwwAbyoS9o+Zf0EHOYrT9M 7Sg38VszKrFF+Ek6vAeSBI9NWmpI8xfgb+uBIkQTCw7IcXqyFaAWhJE5RRXE5PhW jKBGB/ds+fs1fj/zWpbRKaNTMaPNKo3GuOPMFYgDH0klEsK1nqMa04INd/M0szOS x6Zg2UHzCZ8mtqb5tSZh8JwGcHyJS2miencc4x7t3jDDrB+4HbFvRKkVxQ/0EOGG qj2FEtItEfykYnTL0g4qjlsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342692022354606183160442838111194538051833 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 07:32:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-28 07:32:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.lomazzo.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 804837766002069649005534566699448521664050794898351526000772001588957094830967113506155204125410799081086204570127442141471800350440420535148261804552995850313812894649393595416497483542097105503566587373504069338462508596886294887221399774358999790354579877477591851436910914436867616065863012577642272949275020802088394983732447397386509832812616432258265764455029031493205990162383168503553581117816094034078461435453781070751263602215005194746067847793274985432009262275779907519378888972755656369193768482766832918900577779138744984700191653417594391092185228915598671772537483110441210752899517001093406584571174672397496091701191233542573495710574319163903461146583219206751086614785736087659387607903649996878528279567487083547841912911622082439125024639476232998633305693901347721338815533821668677633263008280145692104242375945256680921129359548014344351858483716819016451193346943016872509723302758022279177190367284150911742624894649205987830305939043420520919744193083099915237736601904414616524785611450209113755787770730802631787109463525035727361101852912556973839252001170251343013861691743052478631882006459388861043615362968496126225725033464584424462546261221383004352331370800602994904646057865718340576829148763 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7eea3199568ba8098b362e749b2034c3d9c97ea1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lomazzo.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016d7c2602800000040300473045022100d65ac74345b8d3a46119543e98d0246dfbffa70e527e70f1ba4de5ab0c61247002207c17948269a7344e3c8c1924231b839f76ebb0b0732213b82c08e0893d6e5e53007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d7c26008900000403004730450221008231de6105747144ff405c00e4681c8bcae3e5dca9a118c9a3e9646fc2ea998a02204736a2b28ea50d40cbb3476ff6d278a00f727bbaa64a9fb6e1a3ec874cad993e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00016b93f1b63c365a004ec7ebe61fe66cff32dc54506f20e53421674fb4aaf654198392a7797923cc03e83baa9ea8f2e39852985b05691498a4bad57cf37f83f328c9cb3c663dd6a212c3118390696216cb86edf24dc882b855410b95a20789251795fb92079c0124745a4046b02444f82c4f53f0dbb3e501390c3f7ddd475e11d8ae41bad11034e243216142c1c85fe89d8265ae167ae8fa0731e7841872d84dee2dcebdaef4b47752e4c9009297adfb7c5a9c23eda65cbf1de52019cd535823692e85d4497ef765d8e8fc6786ab27e69563e768fc5d64810c41cfbf2442a9b43de88e4eba452ad831957bcc7670974123c96d1a868f2e1e79da7fbf98b0d256