cannatico.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:49:13:9e:6d:d1:1b:22:46:88:44:d7:7a:09:50:de:31:85 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=cannatico.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:49:13:9e:6d:d1:1b:22:46:88:44:d7:7a:09:50:de:31:85Serial Number (int): 373315834454442786619008162049358322086277
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 3c:39:fb:cb:d6:70:1e:ea:9a:e1:a6:d3:44:c8:78:91:78:bb:d3:1a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e5:a9:20:bc:36:1f:b1:3a:94:6c:06:72:b1:5d:bd:2d:d7:2b:26:a2
Fingerprint (sha256): 49:7f:cf:98:14:93:13:88:12:70:d9:dc:6b:0f:59:e5:d0:76:5e:0f:dc:10:90:e5:76:7f:a8:74:f0:82:7a:35
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate cannatico.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cannatico.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cannatico.com
www.cannatico.com
www.cannatico.com
Other certificates including the domain name cannatico.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for cannatico.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZTCCBU2gAwIBAgISBEkTnm3RGyJGiETXeglQ3jGFMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MDMxNTU0MTBaFw0x OTEyMDIxNTU0MTBaMBgxFjAUBgNVBAMTDWNhbm5hdGljby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC2SB+NnBD5ZutpfYsZlfpXYIIXt00Rinzi AwheZrc7alJe5mBFnjw+MnXRN6onpkk2BDzvODOEpBUzPiy584/zaov6c5CllVfC O6qdPgC0jSICHvDPmxv6BYAcYpujxg0cG1DnytSxLuLCxClBpVZYjsxE8Charg5c JMV2bP+OhCBhImTUHgSn2IACjjMfsqyTdhk79+U/CKujrbwXkI79w7vvfqnAT2LW 2tAIuBMT2b3Pdmas5tYa8UCPyuOnBncW+1ZNqHObbNTY7g7nPq/3WHZE7FsKBXGt DUMw18g/ASOaEe+nrcp3bVi10VGYBn1IHHJy0Pu5TiM/LY6xs9oVs6iiccXAb1QC Uy4P/ojV1dWIoI3T88eSWDoxjAOZvc65HtuLMcJ+crbJ6fMAFepAuz8W9WjXzczK 6INXFrnZRAia4QxzjtEApYKFNG6nMEShGSQPwa4nftME76qqvqWpii2pABpG/8Vv Hv+E15kZklOSqg19wKOm85Bevj/LI5JyW5EyD9DtQT9IImZQSKJyGfjcVoOMWqn4 1nB/3VBw21V9S7wua1QhC810FmK/Y9I4l9YDnObEDD9xAbmkm59TToIUjKslgaz6 +pRWhO16xOG4DPWVTdL136Pk/9ZMahVz5yjCt52grMCyDRIQ1xJigXc+mNKMM8RM Xhf4fUxH4QIDAQABo4ICdTCCAnEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ8OfvL 1nAe6prhptNEyHiReLvTGjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCsGA1UdEQQkMCKCDWNhbm5hdGljby5jb22CEXd3 dy5jYW5uYXRpY28uY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjG NzV55hB7zFYAAAFs+AxLBQAABAMARjBEAiBq5IgbWWmAESiIpwVZSSxsPu5jTeOa IItojuSCajRX7gIgKikHsUDIQTzpdQqm+3kok1yHmXd3hmp8nEvWaezAfgYAdwBj 8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWz4DEr6AAAEAwBIMEYC IQCfujmeD5vgrWD+kq9/GpDQ4niEzc9AudnnF8QYQftqNQIhAJz/tm9uF5Qfb690 9J8xKvk+2YohA094Xk7qzyJe0B9bMA0GCSqGSIb3DQEBCwUAA4IBAQAQuTFt9SgJ pxrFlJjvGw4ejVekdTNbbA9jjPA6XBNEgaFxImANs3iJfgx/KGq4lxKYWX7Xck92 TDXSn8o03XpABBBRqKWfo8XdmqWfDsmi1TiogYARcx+XhkAxD9CDyewolbHMj66w 2Lj07T8JzEZyfcO20R0gh4p4HEblTidN15tap9Dadcmc//7TX4Fy7k2kB+G+c51f SXcr+npKfO4JOm7zjTEHagrA6/t4BCipigJJipl4Suuh3/dkWyB+6pXMA6Epo7R0 u09ODjntjyLfxQ0NuIZ0vH8mw02l+M6eL2nbzYANaI6eAzk83Z+sqNFmOvVA0poa bVL0A68usToS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtkgfjZwQ+WbraX2LGZX6 V2CCF7dNEYp84gMIXma3O2pSXuZgRZ48PjJ10TeqJ6ZJNgQ87zgzhKQVMz4sufOP 82qL+nOQpZVXwjuqnT4AtI0iAh7wz5sb+gWAHGKbo8YNHBtQ58rUsS7iwsQpQaVW WI7MRPAoWq4OXCTFdmz/joQgYSJk1B4Ep9iAAo4zH7Ksk3YZO/flPwiro628F5CO /cO7736pwE9i1trQCLgTE9m9z3ZmrObWGvFAj8rjpwZ3FvtWTahzm2zU2O4O5z6v 91h2ROxbCgVxrQ1DMNfIPwEjmhHvp63Kd21YtdFRmAZ9SBxyctD7uU4jPy2OsbPa FbOoonHFwG9UAlMuD/6I1dXViKCN0/PHklg6MYwDmb3OuR7bizHCfnK2yenzABXq QLs/FvVo183MyuiDVxa52UQImuEMc47RAKWChTRupzBEoRkkD8GuJ37TBO+qqr6l qYotqQAaRv/Fbx7/hNeZGZJTkqoNfcCjpvOQXr4/yyOScluRMg/Q7UE/SCJmUEii chn43FaDjFqp+NZwf91QcNtVfUu8LmtUIQvNdBZiv2PSOJfWA5zmxAw/cQG5pJuf U06CFIyrJYGs+vqUVoTtesThuAz1lU3S9d+j5P/WTGoVc+cowredoKzAsg0SENcS YoF3PpjSjDPETF4X+H1MR+ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 373315834454442786619008162049358322086277 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-03 15:54:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 15:54:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cannatico.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 743644584471681379669633563338100315328046003006629810049586966358237903092491516387967711183292947963753427743371335565439010974807471808493287660008946853750700160652580676961364151577795727056431020609041618015061443626623424220394174187224251950969529005389824121854037945172338994976598327787555083523522229545206026135690212696092480127969584505640967837533427032392907970470600442398251601369421127462645447171429440073452598531851817243396647813722095415429593457210888159480690142594672088026532961995377172759684306735876800535659687878061093615176552819920873723127557115839042148308785213791547782262215017380287327890890918900587299202310556768110951261814375932385536470761921804184184172300744481895076311332604099952219595794194620570994394849367668348822721991802609178849015604023283903750389262478294784516309144725549570902165051448506187151377819692520981787732206231916988343883477614771521193113035877238512247709512382435974765295995290639265545560647224431359356810288471892349135450769471092699479220973438199004920414558601812574259725595757160758852137924973900782255907263942093637299461681910768781081431455758422513518704400359057513540002253356151652150725404781611509982051743124279920811719047006177 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3c39fbcbd6701eea9ae1a6d344c8789178bbd31a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cannatico.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cannatico.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016cf80c4b05000004030046304402206ae4881b596980112888a70559492c6c3eee634de39a208b688ee4826a3457ee02202a2907b140c8413ce9750aa6fb7928935c87997777866a7c9c4bd669ecc07e0600770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016cf80c4afa00000403004830460221009fba399e0f9be0ad60fe92af7f1a90d0e27884cdcf40b9d9e717c41841fb6a350221009cffb66f6e17941f6faf74f49f312af93ed98a21034f785e4eeacf225ed01f5b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0010b9316df52809a71ac59498ef1b0e1e8d57a475335b6c0f638cf03a5c134481a17122600db378897e0c7f286ab8971298597ed7724f764c35d29fca34dd7a40041051a8a59fa3c5dd9aa59f0ec9a2d538a8818011731f978640310fd083c9ec2895b1cc8faeb0d8b8f4ed3f09cc46727dc3b6d11d20878a781c46e54e274dd79b5aa7d0da75c99cfffed35f8172ee4da407e1be739d5f49772bfa7a4a7cee093a6ef38d31076a0ac0ebfb780428a98a02498a99784aeba1dff7645b207eea95cc03a129a3b474bb4f4e0e39ed8f22dfc50d0db88674bc7f26c34da5f8ce9e2f69dbcd800d688e9e03393cdd9faca8d1663af540d29a1a6d52f403af2eb13a12