bagnolomella.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:35:9d:41:16:8e:31:39:59:92:9c:d4:1c:40:5c:83:75:20 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=bagnolomella.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:35:9d:41:16:8e:31:39:59:92:9c:d4:1c:40:5c:83:75:20Serial Number (int): 279580849994203159513882696398148110349600
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4d:3a:db:4a:7d:2d:c5:28:6b:16:32:5d:c0:d4:f7:5f:e6:20:41:92
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0e:fc:0b:4c:86:d0:3b:8e:88:96:82:3b:d9:ee:a9:4a:18:11:96:59
Fingerprint (sha256): 4e:30:ea:ca:23:2b:5d:c6:05:70:4a:bb:8f:2a:27:5e:2d:16:41:b9:98:bb:57:be:eb:4c:c5:b0:56:e5:39:e4
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate bagnolomella.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bagnolomella.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bagnolomella.org
Other certificates including the domain name bagnolomella.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for bagnolomella.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWTCCBUGgAwIBAgISAzWdQRaOMTlZkpzUHEBcg3UgMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDUxOTU4MjNaFw0y MDA3MDQxOTU4MjNaMBsxGTAXBgNVBAMTEGJhZ25vbG9tZWxsYS5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWGKHDuexBzSnNrsx8h9+ijjr7rQOg tcjDScPDwlIroVYSZ2u4AfmnR0+iPemi5pKpVsakkmhSpTw34k+l67lHjwdg0bTT miigjvoFbfuSXfkWis114e6+XtCZkfuCjhrvuxp9Oo9ebVS4BFzqlQPEcH3Va+c3 NOWAtpEevbAnDeWckyUBU+oHWGgda7VCUCPkwiduGIaQvdkKRGDqNyMKtUTXSfCG NywUEtouqq4iBNN5230ATLAonkuVaP/4v+yuqNaRvQSpQxyppQZIbRa2HZTRTTxg /AkfUHUP+t2inNwYKbjGZShWb8K6BhCUGy/4vxrwm6IN2qvZGWw4vxtD8TaeNI2u KUe3PMGAEmkJz1WGxMu4eyrZEoFs1U/t3oJmJcyriwy8U7J+ASqwY+jvxdGeCHJE 1dV8qOb9D4qKitJioS+bm1aO7QEGVs7G7la978zwG4+UD41VLl/HhoQJSTIVHOIg H3//+S/BEu5e/mVT4fVF4olMoI8LuuhoPCAfRQzyq7yX3ap/ysdwCgHWDlR69/wq 7YWnSVzGtWB8blPJHW9xNGgLUfj5b8fpstMc5VAiyy4tVBeh1+IpjQcUOzXE+DNd iEcjKpzHYbQcv8TEL7bQNW7oQn2Zd3O5vakPUWMtm7ihTcxdQD6G4EnB1aeXE0B5 1SNL+H6wfh5gWwIDAQABo4ICZjCCAmIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRN OttKfS3FKGsWMl3A1Pdf5iBBkjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEGJhZ25vbG9tZWxsYS5v cmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQC BIH2BIHzAPEAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAXFM IyJsAAAEAwBIMEYCIQDir4H3ZXwCPiDxckmS2w8UaFz6Bc6yqZ0aTJPWAQppBAIh ALyBakB2/z8B0FoWKCWfsN3etqF2hBFyJaNnDERa9pgVAHYA5xLysDd+GmL7jskM YYTx6ns3y1YdESZb8+DzS/JBVG4AAAFxTCMiegAABAMARzBFAiEA6ZE6uyjhAVeo T0FHzXtWgUq1v0a+50sFS2kHaPy+6QQCIDWWNKGM6n84QdzVvjw4hrMVJrdLVJWQ D3F5EhNiCzSXMA0GCSqGSIb3DQEBCwUAA4IBAQA21nvX6MJ7uE0b/p8KQ54bQIYk EoK7aVqm9Rmw+s1uWklqsUe3iOwZQIz3PoWi6TQvXiicbloQ9stasSSS7OXN0WsH 7stT7Z+HVcguvsZsBloYXuPyw+JgEnTPiewB5zXBTQWeNPkttEoMOCVn0dFssp6p Aup6qmqsVQQJnsCesnP1yKHW0KoJlBbExuXIaRMA9DmB+hBUbg/UPwS+7jSemIUz Lxfc9mWFhmoNr2uSNhPzGHJek/v7GNFCzOz9d9mL676vDHoVJtPax5FlIBUZKskQ pwQnCVQ7AVjh3tsGh6x7Y+NNnZud2DNrh3UrRlbkgm9FrIf0NuMuLJBdgQ8p -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1hihw7nsQc0pza7MfIff oo46+60DoLXIw0nDw8JSK6FWEmdruAH5p0dPoj3pouaSqVbGpJJoUqU8N+JPpeu5 R48HYNG005oooI76BW37kl35ForNdeHuvl7QmZH7go4a77safTqPXm1UuARc6pUD xHB91WvnNzTlgLaRHr2wJw3lnJMlAVPqB1hoHWu1QlAj5MInbhiGkL3ZCkRg6jcj CrVE10nwhjcsFBLaLqquIgTTedt9AEywKJ5LlWj/+L/srqjWkb0EqUMcqaUGSG0W th2U0U08YPwJH1B1D/rdopzcGCm4xmUoVm/CugYQlBsv+L8a8JuiDdqr2RlsOL8b Q/E2njSNrilHtzzBgBJpCc9VhsTLuHsq2RKBbNVP7d6CZiXMq4sMvFOyfgEqsGPo 78XRnghyRNXVfKjm/Q+KiorSYqEvm5tWju0BBlbOxu5Wve/M8BuPlA+NVS5fx4aE CUkyFRziIB9///kvwRLuXv5lU+H1ReKJTKCPC7roaDwgH0UM8qu8l92qf8rHcAoB 1g5Uevf8Ku2Fp0lcxrVgfG5TyR1vcTRoC1H4+W/H6bLTHOVQIssuLVQXodfiKY0H FDs1xPgzXYhHIyqcx2G0HL/ExC+20DVu6EJ9mXdzub2pD1FjLZu4oU3MXUA+huBJ wdWnlxNAedUjS/h+sH4eYFsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 279580849994203159513882696398148110349600 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-05 19:58:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-04 19:58:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bagnolomella.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 873436367100558053788243128956025050683885749164043823580128830765824456420226265058053351000168809402216995500490316453416609724619364014579515018358818582340854309714313793038871670338619715854257814073950721869316566983311049369914164432057550437431293498169408413956775010685213768135249685336978089224337103003079188943785790841174763291424575690091370701099413651724675404200104914152440572204533130542920452467575405632593705432536992046134649841997644688495365436422546688495314041744571685119675738935120857978879907343414748232356791776178249410029877581044758952400315776800506267310392676064790238132746881564154883961908654816960749042630665695860400716295977912881965855851763817613990697703169638215202455158069314884079392088368360341973649828624506676225732511002170159958123483248693844948944748120465585914813331229238990065639762362372907258546849941049857958785125490725695521252595675845869295917576546171458371348474186862078350432254866532563603910256120618233558735953628253705975594900699576480812812458382888479803217757754796365933757633501801538558859401646703236132185285399053293808229713981229020388606254549158858311903174604212566754545891370743471581437460108238329892854769606162135946555434098779 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4d3adb4a7d2dc5286b16325dc0d4f75fe6204192 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bagnolomella.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001714c23226c0000040300483046022100e2af81f7657c023e20f1724992db0f14685cfa05ceb2a99d1a4c93d6010a6904022100bc816a4076ff3f01d05a1628259fb0dddeb6a17684117225a3670c445af69815007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001714c23227a0000040300473045022100e9913abb28e10157a84f4147cd7b56814ab5bf46bee74b054b690768fcbee9040220359634a18cea7f3841dcd5be3c3886b31526b74b5495900f71791213620b3497 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0036d67bd7e8c27bb84d1bfe9f0a439e1b4086241282bb695aa6f519b0facd6e5a496ab147b788ec19408cf73e85a2e9342f5e289c6e5a10f6cb5ab12492ece5cdd16b07eecb53ed9f8755c82ebec66c065a185ee3f2c3e2601274cf89ec01e735c14d059e34f92db44a0c382567d1d16cb29ea902ea7aaa6aac5504099ec09eb273f5c8a1d6d0aa099416c4c6e5c8691300f43981fa10546e0fd43f04beee349e9885332f17dcf66585866a0daf6b923613f318725e93fbfb18d142ccecfd77d98bebbeaf0c7a1526d3dac791652015192ac910a7042709543b0158e1dedb0687ac7b63e34d9d9b9dd8336b87752b4656e4826f45ac87f436e32e2c905d810f29