zavion.org

Issued by R3

About this certificate

This digital certificate with serial number 04:bf:c6:6b:1a:cc:d0:70:8c:3d:a5:b2:55:77:52:e4:99:0e was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=zavion.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:bf:c6:6b:1a:cc:d0:70:8c:3d:a5:b2:55:77:52:e4:99:0e
Serial Number (int): 413706819071439213469247845784894637906190
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 73:b2:c1:fc:0d:9f:5a:e4:56:bd:15:f3:2e:f0:bb:2b:10:1b:08:34
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 12:1d:85:ad:40:c1:85:ef:2f:18:77:19:72:a9:b2:f1:05:19:4d:23
Fingerprint (sha256): 43:c2:9e:5c:ef:b9:54:12:53:9d:ec:7a:df:33:db:53:1b:27:34:6d:7b:44:d8:95:b6:a4:7e:a0:6e:ee:9d:9d

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate zavion.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for zavion.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

zavion.org

Other certificates including the domain name zavion.org

(limited to 100 certificates)
zavion.org
www.zavion.org
www.zavion.org
zavion.org
zavion.org
www.wiltoncakedecorating.com
zavion.org
zavion.org
zavion.org
www.zavion.org
www.zavion.org
zavion.org
www.zavion.org
www.zavion.org
zavion.org
zavion.org

Certificate

The complete raw certificate details for zavion.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISBL/GaxrM0HCMPaWyVXdS5JkOMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMTExMjEzNTdaFw0yNDAxMDkxMjEzNTZaMBUxEzARBgNVBAMT
Cnphdmlvbi5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHvHES
DZOf8c+qA0q8eqqXOKf3GsOe6GPnHOG7j+U4wTWSBR+bEyBaRB6DIzi22pcgtDAn
tQLIRuwI/x9KqM1EJ7V5Nc0DtWeQX3UPRMGqpuQf1CTekniU/AiedcjzP7Ro4LqY
yp078U3Jg3wxm2+o8/879xRAuqGHuv0ep2KeHf/pgeDHnO08hWrFZrgiMdnYepUy
+F9inp97UCUynp4rV3CWfnqfNHIgsY10x0zdqUIaRU61TvH1+/NORShYDM9TTV4l
PxWAzDEguMq8e3OPwMQS/yoWguVOxUYt283ILsXb+q+2ErW5DetMV+bk51eluLtB
OxnHt9n+UrXJt9HDHjnEkwrge4Ez+76oyedhyWcioCi7neyTVFmjLKHbPW8P88GY
scWpIg9nVCFL4/6hW8FimKtaG51OZZP0oBQeYe0vNuur2p3DdxGEC10cNmTeLO+X
nBhCVFPjqhgoIY1gE/K4hdcNfg5DMFeG5IGMEtR8fD3mALEIQzw8d8ZWyonl0uJK
7vXFYxckdwSVhHPH+CpAdE5wNJbF9tU7Vbd45vdasSPojOiuVeg32hcC0qnESs8m
f3CgMw+aVMrpTYKrEIKJGIVu9+wx//5syq0ZpL5uJTdZIFwe6X5bo6TEudBFZPft
qxvzpSDREyLXlSTf4OCfEYLAmCOi1k1GlVEKaQIDAQABo4ICCzCCAgcwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBRzssH8DZ9a5Fa9FfMu8LsrEBsINDAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggp6YXZpb24ub3JnMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUA2ra/az+1tiKfm8K7
XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGLHt9hbgAABAMARjBEAiAGiiqy4GOL8OXh
69ilQzipXBCHESitltASiltWKoVQ8QIgC+Yv0HK9LLNb4zWbrbh2h2ilGG3uqVUA
0g4Lm6tbyQgAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYse
32IQAAAEAwBHMEUCIBQFDMhTaw1QZyNUTbxVrNSusxflQz+XgrulhY6WexMNAiEA
tCNarp5ttOahViD1Fq0QeFkBiNd5qBRIWONa4FMPufkwDQYJKoZIhvcNAQELBQAD
ggEBAFDWYj7pspAYJLbgXyOuXXIi3c50mmhE1AEVgDW15t5Ky0HwnoCWv8cHgPeZ
8IZV17KfrWDrttbKBUCC2WXlxWb774rJ7GdtzjaoENtkamVxQ3o1M2kC2dzZP15L
Sg28ifoig939ntDj4Jk5ow5Q7ATMFc8M8CaC5VgZ+4K6i7KlNhdKwDIqIPycKmCI
hZ/3QBf0L2kfU+y5dB4CNofZWFJ9XfSoTMSm7mDfuCFoqvXzBOvMfovP+nh/eTWv
U/xxMuImWowhyDaahVetzETYmaFlxMw5MBEScxeJq6G3JWaKpvAGjE7H4i6GM7Bm
aegfFGBQo4C7vWYfZo85IuOszoo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx7xxEg2Tn/HPqgNKvHqq
lzin9xrDnuhj5xzhu4/lOME1kgUfmxMgWkQegyM4ttqXILQwJ7UCyEbsCP8fSqjN
RCe1eTXNA7VnkF91D0TBqqbkH9Qk3pJ4lPwInnXI8z+0aOC6mMqdO/FNyYN8MZtv
qPP/O/cUQLqhh7r9Hqdinh3/6YHgx5ztPIVqxWa4IjHZ2HqVMvhfYp6fe1AlMp6e
K1dwln56nzRyILGNdMdM3alCGkVOtU7x9fvzTkUoWAzPU01eJT8VgMwxILjKvHtz
j8DEEv8qFoLlTsVGLdvNyC7F2/qvthK1uQ3rTFfm5OdXpbi7QTsZx7fZ/lK1ybfR
wx45xJMK4HuBM/u+qMnnYclnIqAou53sk1RZoyyh2z1vD/PBmLHFqSIPZ1QhS+P+
oVvBYpirWhudTmWT9KAUHmHtLzbrq9qdw3cRhAtdHDZk3izvl5wYQlRT46oYKCGN
YBPyuIXXDX4OQzBXhuSBjBLUfHw95gCxCEM8PHfGVsqJ5dLiSu71xWMXJHcElYRz
x/gqQHROcDSWxfbVO1W3eOb3WrEj6IzorlXoN9oXAtKpxErPJn9woDMPmlTK6U2C
qxCCiRiFbvfsMf/+bMqtGaS+biU3WSBcHul+W6OkxLnQRWT37asb86Ug0RMi15Uk
3+DgnxGCwJgjotZNRpVRCmkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 413706819071439213469247845784894637906190
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-11 12:13:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 12:13:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zavion.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 814852196836732889342087084286602709485713146858574053312546138147612479183174164436237669343637944591431982097731038795398024940876165056593121833296481535484957202712614889555356018159122059152178089874072034481875336736259973484262152174079301609783786194624189947339306065812610172335948878340072318058358685632495427912245536032204716977524330626558875221215931647169200095236759187074316343605047605046209937116429829287402935827805593742511376741573495802747282538335297768053379284428718186912590839694502790429337700589530657324763878339035788750861180834311729696834775256651960496158573711934163250682089112719752355740309234782723338313235386489958117275857419986181352160166730554985373411294095253616909580867982684122409826004235464037071189795646313055589479886013885538956844333608446265893007831465887193509998639207709476594845881625761713830243496095841240596512168648460885013989661094475113029791695522729413160788279396289214091793486439109555327454930678353188951955882791718986366822691424646936612226410509337842806549425412066676956753647212803491877043758752987002449844202107823277083422833309225547404850901587042732509861059177991512680805736117153652222031495651185369614589706157503006910601803926121
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							73b2c1fc0d9f5ae456bd15f32ef0bb2b101b0834
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zavion.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b1edf616e00000403004630440220068a2ab2e0638bf0e5e1ebd8a54338a95c10871128ad96d0128a5b562a8550f102200be62fd072bd2cb35be3359badb8768768a5186deea95500d20e0b9bab5bc90800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b1edf62100000040300473045022014050cc8536b0d506723544dbc55acd4aeb317e5433f9782bba5858e967b130d022100b4235aae9e6db4e6a15620f516ad1078590188d779a8144858e35ae0530fb9f9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0050d6623ee9b2901824b6e05f23ae5d7222ddce749a6844d401158035b5e6de4acb41f09e8096bfc70780f799f08655d7b29fad60ebb6d6ca054082d965e5c566fbef8ac9ec676dce36a810db646a6571437a35336902d9dcd93f5e4b4a0dbc89fa2283ddfd9ed0e3e09939a30e50ec04cc15cf0cf02682e55819fb82ba8bb2a536174ac0322a20fc9c2a6088859ff74017f42f691f53ecb9741e023687d958527d5df4a84cc4a6ee60dfb82168aaf5f304ebcc7e8bcffa787f7935af53fc7132e2265a8c21c8369a8557adcc44d899a165c4cc39301112731789aba1b725668aa6f0068c4ec7e22e8633b06669e81f146050a380bbbd661f668f3922e3acce8a