bara.bar
Issued by R3
About this certificate
This digital certificate with serial number 03:52:1a:c7:06:24:ab:1a:05:c6:e1:9b:69:e6:ff:f9:28:9f was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=bara.bar
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:52:1a:c7:06:24:ab:1a:05:c6:e1:9b:69:e6:ff:f9:28:9fSerial Number (int): 289275605202362575055716835998164852484255
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fa:d3:a5:c0:f8:0d:b3:75:b8:33:47:3e:b4:a1:84:9a:48:5e:f8:3e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 96:c1:72:50:c7:81:b4:aa:08:54:ef:11:97:43:9b:7e:ef:1c:5b:83
Fingerprint (sha256): 49:ff:22:2f:96:14:c9:b5:8b:df:b5:a9:d2:66:dc:ae:cb:78:91:cf:9c:00:bc:62:ac:9c:07:a9:f4:94:75:1a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate bara.bar
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bara.bar
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bara.bar
www.bara.bar
www.bara.bar
Other certificates including the domain name bara.bar
(limited to 100 certificates)
Certificate
The complete raw certificate details for bara.bar in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6zCCBNOgAwIBAgISA1IaxwYkqxoFxuGbaeb/+SifMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjExNzU0NDFaFw0yNDA2MTkxNzU0NDBaMBMxETAPBgNVBAMT CGJhcmEuYmFyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjNjT15O7 x5NgUCLw2tykn38Bs4FSdgEcmWZ9pHXQp8hloQKtS4FKvevtfyKdMe0vCBrwbvXw XsOoI+H8Dacz23NrJ33sRIhxrT9t9GS3zGTYz2BPNXCxEUJGx80zA0gmXa+gBobK kr6lVurIaboMldt48d86xgPsLkPJwHyMutXpDG19wi2rya0rmznVrPgvFCCLhhd5 s4qE3ZjAmOJs9rhLPb/HxpE191DUYrFOpHHgxHtm4Ywy2CgQgVX8vKdb4eh/9YL8 SRO82BurwdsfPgok4YqSyFMryWUP0o2czmkqC8LwYUcPUE1xedcYeqAp7GiKcGqi HCDayjmIHF5KDnSMAqjQ9AZCH5U082HAi6m5aKiBIcw9IZQJioYCRceJFXTD9hiW AwkflfInPnCjhFQmvk6u/GalRqaNpopsP08SXuLSFw9cHh0pLnf8dBOxC3ddHJok 2qPJauTGwA+hwWHUqC9qAdLMw+YXFJDKwkZHetMFFUJl3qPV7pZllQIVwpzdYabJ 1o4OqePuXe5YV8VUqy9GwyhF/KL6byJGH4rUSUoUM6rJhIUxoijKgswn9GFw7y25 cND0aRjo0Ot2nAo4VM8Gg2JmNgvMDAXIGduh16djPGjcHbkvQyVLER85E6KNMayb 9tEkL0L+C9coBFP/9ra+q8iAycSYcHOr9ssCAwEAAaOCAhgwggIUMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU+tOlwPgNs3W4M0c+tKGEmkhe+D4wHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wIQYDVR0RBBowGIIIYmFyYS5iYXKCDHd3dy5iYXJhLmJhcjAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtT d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjmJdjF0AAAQDAEcwRQIh APuN/BsiD24XTc6VvKiEIm3k0TcTOlxWl0fed039i0WZAiAhayAwUd2GJGfTF0ch L8tct9kfXO/rDyfbWQK9mLlGggB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf 5mdMWjp0AAABjmJdjKIAAAQDAEcwRQIgY64BJmXnwzecc3B2QDX+t9i6IDfyeIlH 6sPkZBjM2CQCIQDcwq5ebsRFSRppBONsNQSdMcjFUzfYpOp5czSShC0vpzANBgkq hkiG9w0BAQsFAAOCAQEANe13z1YKH7oEXdIu2vVZi9h+2crPqg6lsQqcLEXO3uwS WsvC4Wqh2P2IOEVGl49dF5n5O/VNiyf5fezE5gLjd3KKHfckkoZInmsAGFSBDzgs q3bifg7x5RhayhL/gCyK/T2lppNrBZIJBUmTBnuNAxcbXnTh5W/7EGTtlMln0zGn h/uXvw/d/YHNNfb1y0x+q7SlkCrY9TSfG6ojJb5p4CaAiKRGFJ+x3+xDtSpMoWO3 JXht9wLFFxIBxjnPJ3+OF/q6Yv8Fga96oVw657Nhd0/ZVtR/gYU2kXNj0ucfhWnY t9pDuARczBI3AvX4QcnwdhXG99yFHfsg0yTfXxWMsA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjNjT15O7x5NgUCLw2tyk n38Bs4FSdgEcmWZ9pHXQp8hloQKtS4FKvevtfyKdMe0vCBrwbvXwXsOoI+H8Dacz 23NrJ33sRIhxrT9t9GS3zGTYz2BPNXCxEUJGx80zA0gmXa+gBobKkr6lVurIaboM ldt48d86xgPsLkPJwHyMutXpDG19wi2rya0rmznVrPgvFCCLhhd5s4qE3ZjAmOJs 9rhLPb/HxpE191DUYrFOpHHgxHtm4Ywy2CgQgVX8vKdb4eh/9YL8SRO82Burwdsf Pgok4YqSyFMryWUP0o2czmkqC8LwYUcPUE1xedcYeqAp7GiKcGqiHCDayjmIHF5K DnSMAqjQ9AZCH5U082HAi6m5aKiBIcw9IZQJioYCRceJFXTD9hiWAwkflfInPnCj hFQmvk6u/GalRqaNpopsP08SXuLSFw9cHh0pLnf8dBOxC3ddHJok2qPJauTGwA+h wWHUqC9qAdLMw+YXFJDKwkZHetMFFUJl3qPV7pZllQIVwpzdYabJ1o4OqePuXe5Y V8VUqy9GwyhF/KL6byJGH4rUSUoUM6rJhIUxoijKgswn9GFw7y25cND0aRjo0Ot2 nAo4VM8Gg2JmNgvMDAXIGduh16djPGjcHbkvQyVLER85E6KNMayb9tEkL0L+C9co BFP/9ra+q8iAycSYcHOr9ssCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 289275605202362575055716835998164852484255 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-21 17:54:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-19 17:54:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bara.bar' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 574605556466537876889403212986679437899570087926287764837702327911047335234323386220692209725404644267969095601107764029498093230138858474402955009505287924692126599721415202741249294756315661002284866237818250575036472443614378670149823181309599079914896350520830715959276473295599561808151409188850714223837658445044668644433371468729627238378372503660688667380646729137547185246742037913826816058768856385137928798842829238875509235988835263997669039953372233082478011717071083886450967025344136950873961928609522039553007952282290124808650316232166785332351011497946389677167235930993829775616433459614928645911514519917179994072576405238051440337679506471100006027914460234427394138397690445697647038110656410087721389859465197680830663147400574409782973815728312073781289552970559662401635770258199532859532472088309378627205780519944765899242823388197786452093508805143137056104349635714689955732534940005661479913692827985497275514719555790149959603319300109307439646817275098235598274333434032052200266807481292413923730263558945539083551370923593337200363344404825610342334648653071102479727324953537448202894257999134929099801768744324403675761576859291666590980252365475626030721738399375624599154063356701712590870148811 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fad3a5c0f80db375b833473eb4a1849a485ef83e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bara.bar' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bara.bar' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e625d8c5d0000040300473045022100fb8dfc1b220f6e174dce95bca884226de4d137133a5c569747de774dfd8b45990220216b203051dd862467d31747212fcb5cb7d91f5cefeb0f27db5902bd98b9468200760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e625d8ca20000040300473045022063ae012665e7c3379c7370764035feb7d8ba2037f2788947eac3e46418ccd824022100dcc2ae5e6ec445491a6904e36c35049d31c8c55337d8a4ea79733492842d2fa7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0035ed77cf560a1fba045dd22edaf5598bd87ed9cacfaa0ea5b10a9c2c45cedeec125acbc2e16aa1d8fd88384546978f5d1799f93bf54d8b27f97decc4e602e377728a1df7249286489e6b001854810f382cab76e27e0ef1e5185aca12ff802c8afd3da5a6936b059209054993067b8d03171b5e74e1e56ffb1064ed94c967d331a787fb97bf0fddfd81cd35f6f5cb4c7eabb4a5902ad8f5349f1baa2325be69e0268088a446149fb1dfec43b52a4ca163b725786df702c5171201c639cf277f8e17faba62ff0581af7aa15c3ae7b361774fd956d47f818536917363d2e71f8569d8b7da43b8045ccc123702f5f841c9f07615c6f7dc851dfb20d324df5f158cb0