zuii.org
Issued by R3
About this certificate
This digital certificate with serial number 04:27:5f:91:f4:5c:c9:46:89:37:40:08:25:c3:b1:7a:8c:a4 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=zuii.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:27:5f:91:f4:5c:c9:46:89:37:40:08:25:c3:b1:7a:8c:a4Serial Number (int): 361847190535860867221583965233791333207204
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 28:df:7d:95:f0:11:28:88:43:df:2d:00:be:95:08:c2:db:15:07:be
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 75:82:49:40:04:8f:34:b4:79:0a:98:6f:e6:ae:6b:c7:f5:09:ed:1f
Fingerprint (sha256): 4b:62:4b:f3:ec:88:0c:b1:0f:6a:53:48:7d:95:23:aa:23:b4:2c:4a:29:9f:8c:09:be:7e:b2:69:70:f2:96:21
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate zuii.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for zuii.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.zuii.org
zuii.org
zuii.org
Other certificates including the domain name zuii.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for zuii.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6zCCBNOgAwIBAgISBCdfkfRcyUaJN0AIJcOxeoykMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMjUxOTA5MzlaFw0yNDAyMjMxOTA5MzhaMBMxETAPBgNVBAMT CHp1aWkub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx/EihJxO eGcms+ONW/w04OY+89g9LLBrwmtKZoVMh2ZHZynSRnmMcJBN/lgJPWmQkJ+86LOH 9vr0YnYQ666irQvhnETqVwy9Ta4TFmMv0+XbVB1ALqLBEG167ib/ruiXW2/zi3B7 tVIrGje5YSl9xkfXS+qhU53BNMithvUJfZ550EZDUPTA48rheMIVrRWp14/hxHwo EG9oEgRlAY7mhfLuAZynIfDxeCjoOjAZJjO6TUti14q1wNgqUliFya969nVaNoD/ xLDzRi49YQKaQyrbi1cjpeyhiQEX0WVfilmV5gawgtSV5wYJY0fdSNLUbrfHHZjT +OAF1gkh4LUGblJW5BKjtroY1MkvZwr2rKHtzFnqCbCips7K/PYwj2OnFmrid0cU ISgNUBL7FfAvfNOEZRctRG6HnrY3blp8mW+K1KgW7nvyjZ5hCqT4t2iS4XFDFgBb rL1wO2PenisB7tuwbhw5fkPamXIOy3Pp6HCiY8+KYRkvWaKgcxXbgGLsAzd3VItE OeCFXXOebLS3nVHCxhkxLCMnzD1NZQoStrbbAy67O1WSJSHoflFN6JMPYGhbJNrr +IOaznZJUW++9VK/6gkd6ovt71XjSJO4wA2TKklTKsNvOGwJteBgVTFO9TP71qJJ 263z73FxUi687nUfjtPOFp5AWKRwNt80gHMCAwEAAaOCAhgwggIUMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUKN99lfARKIhD3y0AvpUIwtsVB74wHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wIQYDVR0RBBowGIIMd3d3Lnp1aWkub3Jnggh6dWlpLm9yZzAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtT d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjAgaI9EAAAQDAEcwRQIh AMqPHEKYjHlZuw1bnHnV0Bfy9H7047YOfz1DZHPDQBb3AiBxSLOOWvyrb8lw8YQ2 SU6vdCpOu3eSsHfCb2jv2YjHYQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI WUZxH7WbAAABjAgaI98AAAQDAEcwRQIhAKFKqhjD59PQlGR/hlQrk3SdQSd4gpBD 8r7cLL1n5nlPAiARTWmtouI/8w7TP1y7ai2fO16Bie+3f/LXV6kJlJ5I+TANBgkq hkiG9w0BAQsFAAOCAQEAhdF137KGzQGtGfRHuM/uiihbRpVOUC0ttVuqR5LKnR1m 71sA4g4+D0o6W0uJYHrlC5pL4CMduWpJL0/gUnLwdgw2j7QmUNu5zlE+YxVLnLL0 xd1F9QnPqGgaBLxY21rsScyXSwIvwnBjOQ0cBd8bdsvfyvOcmVMJ9MbxzPOzNDYB uxHg7a11YHyDNohMOQd5SVCJ1bM65HaqO3IEjxiXuWBkES1A5gJDT9AJ8MRVFul5 dkJMxvUmJqMHj07BpHHyoycpFVRoBXbYbfuDiR69zSXjPO20DMvIUm1TC3qKRuyd xcjASd3dy9vGZtu/q2MkxGeZYLg97u6JzzwQsgiyjg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx/EihJxOeGcms+ONW/w0 4OY+89g9LLBrwmtKZoVMh2ZHZynSRnmMcJBN/lgJPWmQkJ+86LOH9vr0YnYQ666i rQvhnETqVwy9Ta4TFmMv0+XbVB1ALqLBEG167ib/ruiXW2/zi3B7tVIrGje5YSl9 xkfXS+qhU53BNMithvUJfZ550EZDUPTA48rheMIVrRWp14/hxHwoEG9oEgRlAY7m hfLuAZynIfDxeCjoOjAZJjO6TUti14q1wNgqUliFya969nVaNoD/xLDzRi49YQKa Qyrbi1cjpeyhiQEX0WVfilmV5gawgtSV5wYJY0fdSNLUbrfHHZjT+OAF1gkh4LUG blJW5BKjtroY1MkvZwr2rKHtzFnqCbCips7K/PYwj2OnFmrid0cUISgNUBL7FfAv fNOEZRctRG6HnrY3blp8mW+K1KgW7nvyjZ5hCqT4t2iS4XFDFgBbrL1wO2PenisB 7tuwbhw5fkPamXIOy3Pp6HCiY8+KYRkvWaKgcxXbgGLsAzd3VItEOeCFXXOebLS3 nVHCxhkxLCMnzD1NZQoStrbbAy67O1WSJSHoflFN6JMPYGhbJNrr+IOaznZJUW++ 9VK/6gkd6ovt71XjSJO4wA2TKklTKsNvOGwJteBgVTFO9TP71qJJ263z73FxUi68 7nUfjtPOFp5AWKRwNt80gHMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 361847190535860867221583965233791333207204 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-25 19:09:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-23 19:09:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zuii.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 815691920720323858925725542730195780122549892011035899405366174543650660719614275720906490474817646089134776912955721216210948698387439611171616356021316277305186431522671514177568921963409296811114631462947903868377640149815677531242060238875300608315903812711074178471170028966483319289535890789231346512537506064011886372885555555698619900263653241616276860174922357535142398251841283363013640238658597727105999315750451673937398404713391429175644216475469428696456734875930398099853041149755543658729091925097259888268171708541572538218064457918988774026876421645791400399004574847486148254216574020888683346032325020450618476245036058543762867704367527878534638568232754050949235041401912494771109482893309807180578226543963787115873291522036941350563756953982434825976705450461616857813965912763538306443924328137414721356594292841633672993327168445502776370268837173269457698877642696663983604478667973331608752718147570637569396884406441646321962797192614742387700303165478520554203895676156195265758412476034454916794492858049630949779432854299422656479301080265177532663516331390296700485163612250709143837993853615035351567515076551815203544935627257105903974349575276907929909690283305355736731759494224132700986068467827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 28df7d95f011288843df2d00be9508c2db1507be . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zuii.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zuii.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c081a23d10000040300473045022100ca8f1c42988c7959bb0d5b9c79d5d017f2f47ef4e3b60e7f3d436473c34016f702207148b38e5afcab6fc970f18436494eaf742a4ebb7792b077c26f68efd988c761007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c081a23df0000040300473045022100a14aaa18c3e7d3d094647f86542b93749d412778829043f2bedc2cbd67e6794f0220114d69ada2e23ff30ed33f5cbb6a2d9f3b5e8189efb77ff2d757a909949e48f9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0085d175dfb286cd01ad19f447b8cfee8a285b46954e502d2db55baa4792ca9d1d66ef5b00e20e3e0f4a3a5b4b89607ae50b9a4be0231db96a492f4fe05272f0760c368fb42650dbb9ce513e63154b9cb2f4c5dd45f509cfa8681a04bc58db5aec49cc974b022fc27063390d1c05df1b76cbdfcaf39c995309f4c6f1ccf3b3343601bb11e0edad75607c8336884c390779495089d5b33ae476aa3b72048f1897b96064112d40e602434fd009f0c45516e97976424cc6f52626a3078f4ec1a471f2a327291554680576d86dfb83891ebdcd25e33cedb40ccbc8526d530b7a8a46ec9dc5c8c049ddddcbdbc666dbbfab6324c4679960b83deeee89cf3c10b208b28e