baff.app
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:a0:db:8f:18:b7:6b:ab:1e:12:42:af:4d:07:7c:6f:29:ad was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=baff.app
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:a0:db:8f:18:b7:6b:ab:1e:12:42:af:4d:07:7c:6f:29:adSerial Number (int): 403186166365228713789276691808123140123053
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 48:e7:ce:f7:0a:d2:c4:50:72:57:61:28:ce:21:29:b3:a5:56:17:d5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 65:cf:a6:f3:54:88:a6:df:b2:99:1e:da:da:b1:f3:23:7b:29:36:35
Fingerprint (sha256): 4c:9d:2f:ff:9f:7e:f7:88:80:cc:fe:30:7c:af:4d:c9:9a:43:c9:fe:7c:de:ad:e6:6a:ac:5a:48:5c:79:c4:a5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate baff.app
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for baff.app
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
baff.app
www.baff.app
www.baff.app
Other certificates including the domain name baff.app
(limited to 100 certificates)
doglog.ca
miradordelespino.porcelanosapartners.com
baff.app
baff.app
baff.app
baff.app
baff.app
baff.app
moonshot.ac
www.justrun.app
baff.app
www.broadline.myworkportal.ie
baff.app
www.baff.app
baff.app
app-staging.construyo.de
betternotes.app
www.jaspero.hr
baff.app
rcf.ecnet.tw
baff.app
www.baff.app
www.baff.app
miradordelespino.porcelanosapartners.com
baff.app
baff.app
baff.app
baff.app
baff.app
baff.app
moonshot.ac
www.justrun.app
baff.app
www.broadline.myworkportal.ie
baff.app
www.baff.app
baff.app
app-staging.construyo.de
betternotes.app
www.jaspero.hr
baff.app
rcf.ecnet.tw
baff.app
www.baff.app
www.baff.app
Certificate
The complete raw certificate details for baff.app in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCDCCBPCgAwIBAgISBKDbjxi3a6seEkKvTQd8bymtMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA1MTQxMjI3MzlaFw0x ODA4MTIxMjI3MzlaMBMxETAPBgNVBAMTCGJhZmYuYXBwMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEApX5bw/caWZRKVbXQRlDJs+bQFnMtxjaRKty8QxbK Zy+FOSiNchaSjKCQ7Y9xVArwNwZmB4ZRioLtGl4vNTCAnKc6J1zruBnwJzgeLbrK ACq2lw4EzQHABB1PftHc/imGgZEQn4+i4RRLs+F+xbbC6IA0TF5YnfYfaxW9tCXa kq4NkzgVxUNK5AgRTJ9wbsktT0X4lgPUjNEPfaMcSLey7yf0myZKvnl67eeZHjnB EF6geiE/5ZNH9LxzZxPXfacKSZ/UHN6lvJWAbwYxz/4O294g5aPBirvp3gE8egFC xmzeDVYJIvj0Hw5XUUDUwP5rkPj8xcHEHHGKKslfVzsbbQIDAQABo4IDHTCCAxkw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRI5873CtLEUHJXYSjOISmzpVYX1TAfBgNV HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG A1UdEQQaMBiCCGJhZmYuYXBwggx3d3cuYmFmZi5hcHAwgf4GA1UdIASB9jCB8zAI BgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8v Y3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRp ZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGll cyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBv bGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5 LzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ANt0r+7LKeyx/so+cW0s5bmquzb3 hHGDx12dTze2H79kAAABY17VzHAAAAQDAEYwRAIgImYCYWq9l0A6oX7jVTPsPIJX Kw7W3CwmfIeKEOqRu/wCIH2fPEeHXOMaYVZbZN4yS4tqNlQqBeAQE49CQLphAVYb AHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFjXtXMUgAABAMA RzBFAiEAv6jjil+5bEZH9KV+LsgQUARA6pPvN7r1p61OEscBaPICIDDm8D7nvLXN 1DnfMJqvuZM4Bs3omb0LHZN7ZC51yZ2PMA0GCSqGSIb3DQEBCwUAA4IBAQCKWzay tY0Y4MAr8IvFnjtVMYqseisq+1waXD6AgLJwxTGcv9dfmOHae1w1pu8aWHZLjGgp MOCCIOnWg5LdgEByE/EwpIE9eX/VJlUrgxpep2sldGUTPxh1dTGtEQt1xkdPah0Q oN1DxV1iCX2KXdffTB/0R/Ur98wpVJGhkI+d8MypmuiZ5kMiOstFDQpR0Lx6LoJs eIt94OiHRYOvXCnybB8kiTJy/CetYZioE4t1Cbm+ow/V0LE3PpSxwNZVtJjMzBAb Y0LjdNwZKVv7hGoIPNi4+H++dfvURqTCq4171nGBWPcbpesoApJZfBRDgatJE24b 8vNvGpEyLR/rIZBB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX5bw/caWZRKVbXQRlDJ s+bQFnMtxjaRKty8QxbKZy+FOSiNchaSjKCQ7Y9xVArwNwZmB4ZRioLtGl4vNTCA nKc6J1zruBnwJzgeLbrKACq2lw4EzQHABB1PftHc/imGgZEQn4+i4RRLs+F+xbbC 6IA0TF5YnfYfaxW9tCXakq4NkzgVxUNK5AgRTJ9wbsktT0X4lgPUjNEPfaMcSLey 7yf0myZKvnl67eeZHjnBEF6geiE/5ZNH9LxzZxPXfacKSZ/UHN6lvJWAbwYxz/4O 294g5aPBirvp3gE8egFCxmzeDVYJIvj0Hw5XUUDUwP5rkPj8xcHEHHGKKslfVzsb bQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 403186166365228713789276691808123140123053 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-14 12:27:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-12 12:27:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'baff.app' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20891629997817662968760236341410416103083502144847488227251515346210182681516957810919364688694448971946650454708656857764686058832126954037166252101982810101626486238126653766964795892024086660713656438406245865506810900664356258236533859945551113795651941812712848560723965879510113073157473558528379506858746716120263817713043956225742792191379314698002185652013394315420697085328658975875808748131050178669846801077115048863588950762059670365192182196465146354205204901315293595026272301968162206575198985440139883191559043567148334796481970323752010355258040838467302625660551727911793717749255587225902803262317 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 48e7cef70ad2c45072576128ce2129b3a55617d5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'baff.app' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.baff.app' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf64000001635ed5cc7000000403004630440220226602616abd97403aa17ee35533ec3c82572b0ed6dc2c267c878a10ea91bbfc02207d9f3c47875ce31a61565b64de324b8b6a36542a05e010138f4240ba6101561b007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001635ed5cc520000040300473045022100bfa8e38a5fb96c4647f4a57e2ec810500440ea93ef37baf5a7ad4e12c70168f2022030e6f03ee7bcb5cdd439df309aafb9933806cde899bd0b1d937b642e75c99d8f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008a5b36b2b58d18e0c02bf08bc59e3b55318aac7a2b2afb5c1a5c3e8080b270c5319cbfd75f98e1da7b5c35a6ef1a58764b8c682930e08220e9d68392dd80407213f130a4813d797fd526552b831a5ea76b257465133f18757531ad110b75c6474f6a1d10a0dd43c55d62097d8a5dd7df4c1ff447f52bf7cc295491a1908f9df0cca99ae899e643223acb450d0a51d0bc7a2e826c788b7de0e8874583af5c29f26c1f24893272fc27ad6198a8138b7509b9bea30fd5d0b1373e94b1c0d655b498cccc101b6342e374dc19295bfb846a083cd8b8f87fbe75fbd446a4c2ab8d7bd6718158f71ba5eb280292597c144381ab49136e1bf2f36f1a91322d1feb219041