www.bernalda.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ff:89:40:cb:22:21:a5:fb:d8:e0:d0:88:c4:98:04:d9:a5 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.bernalda.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ff:89:40:cb:22:21:a5:fb:d8:e0:d0:88:c4:98:04:d9:a5Serial Number (int): 348291302022574848560761378780716416162213
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e0:9e:6b:28:fa:ea:ea:23:d0:ab:07:d1:ec:04:1f:1a:b7:3e:e3:54
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b0:e9:e8:e9:bc:69:7e:9d:e2:95:1c:ec:01:4b:af:cf:a5:3e:6a:c9
Fingerprint (sha256): 3d:1f:11:df:1b:5d:2e:19:4e:25:94:2a:29:0c:ef:26:ff:67:ad:04:2d:b4:8f:39:b2:85:c8:6a:dc:ba:3a:dc
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.bernalda.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bernalda.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.bernalda.org
Other certificates including the domain name bernalda.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.bernalda.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWDCCBUCgAwIBAgISA/+JQMsiIaX72ODQiMSYBNmlMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjkwMDIxNDNaFw0x OTEwMjcwMDIxNDNaMBsxGTAXBgNVBAMTEHd3dy5iZXJuYWxkYS5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDdpTvlKaAx/MzGr4fEdNEKNxGOOnwf ArcgQ2AbMZfIu+uIhFqUNZ+vqVGobAAxJCIkVMkHXZpw7j8YkMLKV+g1dvHa5XWK YxVESgH51/hHs/iULx/3QJR9+6GWVHxic9QLXPBzDSQc9QS6LkODF+dMZAgBNoNg q6m1apiwT7y9w4ROQyaezBdm6ObBSfgHmLpATNkmUJdyKpuXrWgMa4sVx9UvxkK/ k2YH9hh2WOnaxIWNbGpAekJJTPWQkdMonyNE9q6o0Da396b+H17rJxqT9zO6GqX3 0e8YNapwzobUa2Mh94ex66PJizJZIyI7fTVg5pEgu+Eit9jDdzoPce29HdOJHB9I NGEfxDQ8aOEzJ8W0MM6kLKebI83m0A+H/nyyvcdsEiV4SzPFQm5nlzgzlIhR82+5 Sozq5MRbSKRrTCQHl76F/QipKCScKAzR9WVOIw58TbMxik2vdrhU3itM0maqgRek 9HAVy6Xz1HvoXr0AVT87/aBZG5kLfxnQrw2HrB7y4u3ZBwlnSrvqDAtOBHwJhKUl 6VjI5Rf6KRp1+tm4intgGT5UTevR88YMf3SMy16AmNRjWzSQm8bM8nZS0M59odzC VuKAlBOu/eGYCrt0EL7TokNL8O7kLYMFzsgv9cS3ZYB8aDkyzaTn0KNgOwA1Wu/v Rz4xfSAgWtlsJQIDAQABo4ICZTCCAmEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTg nmso+urqI9CrB9HsBB8atz7jVDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEHd3dy5iZXJuYWxkYS5v cmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQC BIH1BIHyAPAAdQDiaUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWw7 UaoNAAAEAwBGMEQCIDc3Fe7iqZ3c5otI/i1+Jm+0McIf+fka2C8MX0xtJpaLAiAl kZIovDGgoVLqkIdicm8WWhnp3pkgM2XToYKm3P6RZQB3ACk8UZZUyDlluqpQ/FgH 1Ldvv1h6KXLcpMMM9OVFR/R4AAABbDtRqiwAAAQDAEgwRgIhAPjQ5/kFkuH5uD7J FhmuX5CjzxqVgf0HiGVOlzJiG84SAiEA9SeqNYtrfm1BPaICDFwxDBeylgKq3od0 tsYZsf6cNoMwDQYJKoZIhvcNAQELBQADggEBAHQuPhG0KUYdCZXzzDoAUYCYZ5uj i6FiUY0m8l85dyYLfPitHgRnOKh7fozeoCmdOAiypDB5AsCWRlNqMYDGrIRpElDJ aJg1OTi1L/NPMWgacEqp6oDee6lo80W2hKOQQV3FiFMyYXMZN6sK+9NUC393yA0u 0t/ZYIXUvNjxI8f5Ah1cqoq8RWJYt5yR/Gio//ZHeCPFWp8eb4I2Z1jGlljgOBAu Jc9KgLsepaDg1QYVP2cdeJE3NnMlx/vGN8XNHw6mw2WPJy7V+iBIOnLy5LYIHst9 t1I7VN18UcDuXciSve3F1epV+qxPO++aO9fjTqLzsYzemqRuUCqalT4ALbs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3aU75SmgMfzMxq+HxHTR CjcRjjp8HwK3IENgGzGXyLvriIRalDWfr6lRqGwAMSQiJFTJB12acO4/GJDCylfo NXbx2uV1imMVREoB+df4R7P4lC8f90CUffuhllR8YnPUC1zwcw0kHPUEui5Dgxfn TGQIATaDYKuptWqYsE+8vcOETkMmnswXZujmwUn4B5i6QEzZJlCXciqbl61oDGuL FcfVL8ZCv5NmB/YYdljp2sSFjWxqQHpCSUz1kJHTKJ8jRPauqNA2t/em/h9e6yca k/czuhql99HvGDWqcM6G1GtjIfeHseujyYsyWSMiO301YOaRILvhIrfYw3c6D3Ht vR3TiRwfSDRhH8Q0PGjhMyfFtDDOpCynmyPN5tAPh/58sr3HbBIleEszxUJuZ5c4 M5SIUfNvuUqM6uTEW0ika0wkB5e+hf0IqSgknCgM0fVlTiMOfE2zMYpNr3a4VN4r TNJmqoEXpPRwFcul89R76F69AFU/O/2gWRuZC38Z0K8Nh6we8uLt2QcJZ0q76gwL TgR8CYSlJelYyOUX+ikadfrZuIp7YBk+VE3r0fPGDH90jMtegJjUY1s0kJvGzPJ2 UtDOfaHcwlbigJQTrv3hmAq7dBC+06JDS/Du5C2DBc7IL/XEt2WAfGg5Ms2k59Cj YDsANVrv70c+MX0gIFrZbCUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 348291302022574848560761378780716416162213 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-29 00:21:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-27 00:21:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bernalda.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 904234525622925244897052095987625122330001515206723055805963730959717646767375633505417238496627208574855760843005082535420621861458539029590395843764906027507097989313008048302770254562907160591714895575665231420176713789498181583660005598089870856382956000032457761308902613109391557679672431284423276062435002159637402652914664136483880693187099999229329300980752394605453041228639105639541141082982214456229223693950209926495109034041034492536513956942413781008762613816160770057852421687833354209573141070674600577906598878280283236095617379142594214141103987283153278244185423344882849134575369926057590691075483798432216540241773157776153563820616734911288574353993655105796530312801711169013636308482146220278317341438321005638393466665237125933627849283906036240535337815145451379535768120112521816130062568207994773271454305318310407986846325785039704436395416553065516027129367100716230089059610361909297971006656913961484019380355640848911988993234891650054347194806293664061170502596716524210761596536812753422849391363602834814384314672767941199880254944596231153116526465419992577615912101145013974984332949402620758644539839338341355515661823267762878442265837990280018651108189646173475496556416006743557927029271589 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e09e6b28faeaea23d0ab07d1ec041f1ab73ee354 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bernalda.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016c3b51aa0d00000403004630440220373715eee2a99ddce68b48fe2d7e266fb431c21ff9f91ad82f0c5f4c6d26968b022025919228bc31a0a152ea908762726f165a19e9de99203365d3a182a6dcfe9165007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c3b51aa2c0000040300483046022100f8d0e7f90592e1f9b83ec91619ae5f90a3cf1a9581fd0788654e9732621bce12022100f527aa358b6b7e6d413da2020c5c310c17b29602aade8774b6c619b1fe9c3683 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00742e3e11b429461d0995f3cc3a00518098679ba38ba162518d26f25f3977260b7cf8ad1e046738a87b7e8cdea0299d3808b2a4307902c09646536a3180c6ac84691250c96898353938b52ff34f31681a704aa9ea80de7ba968f345b684a390415dc588533261731937ab0afbd3540b7f77c80d2ed2dfd96085d4bcd8f123c7f9021d5caa8abc456258b79c91fc68a8fff6477823c55a9f1e6f82366758c69658e038102e25cf4a80bb1ea5a0e0d506153f671d789137367325c7fbc637c5cd1f0ea6c3658f272ed5fa20483a72f2e4b6081ecb7db7523b54dd7c51c0ee5dc892bdedc5d5ea55faac4f3bef9a3bd7e34ea2f3b18cde9aa46e502a9a953e002dbb