aws.mani.co.il

Issued by R3

About this certificate

This digital certificate with serial number 04:a2:51:2f:99:87:61:7d:9a:01:9f:2a:ca:8f:58:80:ea:df was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=aws.mani.co.il

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:a2:51:2f:99:87:61:7d:9a:01:9f:2a:ca:8f:58:80:ea:df
Serial Number (int): 403682801787778590177251770766775440960223
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 24:55:33:fb:5b:1c:ec:31:bf:aa:4d:a3:b2:74:a7:db:7e:dd:1b:ac
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 2a:45:c1:f7:b3:67:2f:fd:b5:bc:96:b1:91:3c:12:fa:a3:d1:f8:e3
Fingerprint (sha256): 51:c5:11:ca:f8:74:8c:5d:3e:a8:90:34:43:c6:68:9a:0c:91:7a:9b:90:6f:e3:12:cd:60:dc:a4:98:e1:cf:ee

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate aws.mani.co.il

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aws.mani.co.il

Public Key Algorithm

RSA

Key Size

3072

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aws.mani.co.il

Other certificates including the domain name mani.co.il

(limited to 100 certificates)
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
server.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
aws.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
server.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
server.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il
www.mani.co.il

Certificate

The complete raw certificate details for aws.mani.co.il in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISBKJRL5mHYX2aAZ8qyo9YgOrfMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMjgxOTIwNDhaFw0yNDA2MjYxOTIwNDdaMBkxFzAVBgNVBAMT
DmF3cy5tYW5pLmNvLmlsMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA
iXyG2yh58/606BuSCdO/UxDwsHJ9pBmjf/JCskHksDdMKapAejdEbxhNMVRNeY9w
XaTYaTwcKetX/4mJjDyFFQPB+gzQMaqJxlq9Oe1vwXqpP7c0p01IhJYcEqqJejPF
p61M1lIr+qNZfd3eUxlz67SRmYf6A1P5JUy/0rPnFn46MQT2UAKKJAem9ZXjQ0Af
tFzU59IpTT2p8ufn12oGvHP+SjEvS5tY2Oc8q4BHbBjsovWYARVA/dE6cxQ2rcgs
muWA2Z1Olo4qQbTbAyMgHLfiELjnfL1sNoB3XcTVM75Bxe+IEM0deqB4bcO165nV
I73sqIS5gvq1yR6Ca0ZUv4M0+8KoXM5lbEakgjKhNhcp0iy2pmaXstLnh6Q6LKmO
1hSs/P8czJ5pD+KMKVC4S3iatwsMSsABj+Z477Uf+Z7TGgfkiD9FgeGkxyjLo9Gt
OZqC6dPkFPQCA+MWwwac9pm01M4ggNu+PNjQaHLVAyu7jg0Ngjbdc+MZ57OTjlZZ
AgMBAAGjggIPMIICCzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCRVM/tbHOwxv6pN
o7J0p9t+3RusMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsG
AQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIG
CCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBkGA1UdEQQSMBCCDmF3
cy5tYW5pLmNvLmlsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIE
AgSB9ASB8QDvAHYAouK/1h7eLy8HoNZObTen3GVDsMa1LqLat4r4mm31F9gAAAGO
hrjm3QAABAMARzBFAiEA73BgUoCfhkGKA7eESMLXyKJ61X2yBpoXiZK+2JCGN3gC
IE/JD1M2VT6eVr1StPqJ8n4t55qaMGiQBc/SPEFp3wbHAHUAdv+IPwq2+5VRwmHM
9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGOhrjm7wAABAMARjBEAiBfVl59LaK6TL1R
cHNgbS6aggqJWYIKtUZ6rRQTE4dT3wIgV6SBOvyAxPaN78HRKPqzCPAy03G/Som7
C1P3/rGgInwwDQYJKoZIhvcNAQELBQADggEBAF0Q5RdTwSL8AYrCSViNKIdfqnYn
qP4BZe/qwZS2eHmz8M27xRpmi6UYwR7EEzxoKMjHeqnbnbA4i75aK+R0gHGCRZ2X
vvrk5MOV/pLOAStOcmFI7Bf4LQn45pzC8w4GNUJ7rFVpfgpK/y4CyYdYQfTfjyIH
5Gb4evvE2Cs0Rad50DETkXDF6OOKy1GHtuOJwWknoT5Y/Cx+gWqAc7zK2vXAXB10
zMF9UaKXTgaQqMgOTMZNXmGOGU5ggsi4oJ5ESfck9QxDRQL43GteBVGVa6tS0MeC
munwQIBOqr+vIzi3YbOa9MFdjhWO6Ag2PFSe6Zer1BNkGIZgBy9a45G1Deo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAiXyG2yh58/606BuSCdO/
UxDwsHJ9pBmjf/JCskHksDdMKapAejdEbxhNMVRNeY9wXaTYaTwcKetX/4mJjDyF
FQPB+gzQMaqJxlq9Oe1vwXqpP7c0p01IhJYcEqqJejPFp61M1lIr+qNZfd3eUxlz
67SRmYf6A1P5JUy/0rPnFn46MQT2UAKKJAem9ZXjQ0AftFzU59IpTT2p8ufn12oG
vHP+SjEvS5tY2Oc8q4BHbBjsovWYARVA/dE6cxQ2rcgsmuWA2Z1Olo4qQbTbAyMg
HLfiELjnfL1sNoB3XcTVM75Bxe+IEM0deqB4bcO165nVI73sqIS5gvq1yR6Ca0ZU
v4M0+8KoXM5lbEakgjKhNhcp0iy2pmaXstLnh6Q6LKmO1hSs/P8czJ5pD+KMKVC4
S3iatwsMSsABj+Z477Uf+Z7TGgfkiD9FgeGkxyjLo9GtOZqC6dPkFPQCA+MWwwac
9pm01M4ggNu+PNjQaHLVAyu7jg0Ngjbdc+MZ57OTjlZZAgMBAAE=
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 403682801787778590177251770766775440960223
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-28 19:20:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-26 19:20:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aws.mani.co.il'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 3120085952858114102024163887201521271277854055620126552983522483365734528426250877706328132209283074186729056644841787943397811361636950347287652543317491329509017576412079749476783306363959619989268545655238720099636903123326373554197245733931763255484496837474873554111383014143556660310832744149922663383399173401824007556817078311478155065258604472374296930364258803330278384304700095234982194427640915821378874938292544247915913887070957442028114328421615846822096343750233099095769567113710548611734919159704229417925489290981603523361672448526644480135067063665535802518145314798645798430565029886144208412658075660603605917186871899406788937262623955841342646150399722302266387767238362065999593738722090725328147135323529722727093483073245312680913797056010597750214035729817576804953325561907271124904516657381067334357583441032273240412463853523377671605506641380895932182684595814257105295146343189020546045990489
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							245533fb5b1cec31bfaa4da3b274a7db7edd1bac
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws.mani.co.il'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e86b8e6dd0000040300473045022100ef706052809f86418a03b78448c2d7c8a27ad57db2069a178992bed89086377802204fc90f5336553e9e56bd52b4fa89f27e2de79a9a30689005cfd23c4169df06c700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e86b8e6ef000004030046304402205f565e7d2da2ba4cbd517073606d2e9a820a8959820ab5467aad1413138753df022057a4813afc80c4f68defc1d128fab308f032d371bf4a89bb0b53f7feb1a0227c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005d10e51753c122fc018ac249588d28875faa7627a8fe0165efeac194b67879b3f0cdbbc51a668ba518c11ec4133c6828c8c77aa9db9db0388bbe5a2be474807182459d97befae4e4c395fe92ce012b4e726148ec17f82d09f8e69cc2f30e0635427bac55697e0a4aff2e02c9875841f4df8f2207e466f87afbc4d82b3445a779d031139170c5e8e38acb5187b6e389c16927a13e58fc2c7e816a8073bccadaf5c05c1d74ccc17d51a2974e0690a8c80e4cc64d5e618e194e6082c8b8a09e4449f724f50c434502f8dc6b5e0551956bab52d0c7829ae9f040804eaabfaf2338b761b39af4c15d8e158ee808363c549ee997abd41364188660072f5ae391b50dea