primella.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:ed:ea:2b:40:9b:fb:8e:d3:df:dc:7a:66:41:29:18:1c:41 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=primella.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ed:ea:2b:40:9b:fb:8e:d3:df:dc:7a:66:41:29:18:1c:41Serial Number (int): 429407328617514422968061158921121515969601
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 20:bc:8b:96:62:6a:06:d6:6d:c2:68:e7:1c:25:a0:ee:0f:0c:dc:c5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 43:d6:fc:8b:7e:cd:51:60:a9:7d:b3:21:2f:1c:b6:c8:76:5c:ad:ae
Fingerprint (sha256): 52:9e:d6:07:74:16:29:3d:9e:2b:e6:76:7b:a2:cf:5a:0d:fc:10:e8:51:9e:73:4d:5a:4f:14:e8:23:85:4a:cf
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate primella.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for primella.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
primella.com
Other certificates including the domain name primella.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for primella.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISBO3qK0Cb+47T39x6ZkEpGBxBMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMTIwNzM0NThaFw0y MDAyMTAwNzM0NThaMBcxFTATBgNVBAMTDHByaW1lbGxhLmNvbTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAOMYJhawKBrdZcQgiBHQq/OG0qJQLN1u2Hlo xRckugIblxSqVe15AWzqkZjTIslStPIWGp2f+KD8D4YFfRSS9/9SrdYezvaPEg8h sA7YVejBxk4cp550XyMQwa0KrbIRKxp8OwNVHew+aFLO+cp1sZBY+JcU7Fc+HZEG 4xG4JtmJY53RBGHlhnyPOCPNf0+0Mb0gP6/cxFPeuaoHa4P26CzRQ6U8xHmxOGdZ pozAvCKvfnUGChOX2wZgZ/n06nlJ23rIfGJhT9xHdKsy6j5fPRJuhma+yHUIwENU T3/SBYTOaOlWA9onPfhhZ3e94x7/6Ma7AXbkYQB1A4UOp5ME6L+mHeiMDmlWPfst CmXhVlQbp7YWZAm81r7VEdHFWfihuFCHP2AZKC+k3Oex9bCy+k/VGGWDU7k2/krr g2KkiDN3JTVKJOisFXhTcjzq8bOfoqtn0i4mfy8AWSFdhIVYL9+FYT7CWlPu+mre UtFXJjKss/eVeQcIDFB+MytVvU7DGduiFBz8mB1+JB8asPig1qK3neEnWnU0aTqW DHQgFS9CKsM7CMXrgfNSuPhpZjMggrUYYzWUXNdqgaK6D8Xi0x1Ud+KVN5P4w95X WBUccE5Ho4Ly6z1CJkNo7YJ+Sd19Bate6k8bF1+4xZ+IFnkQT9s5LJcLqvy3E3x1 1p6qUgvNAgMBAAGjggJjMIICXzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCC8i5Zi agbWbcJo5xwloO4PDNzFMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMcHJpbWVsbGEuY29tMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADy AHcA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFuXsBoaQAABAMA SDBGAiEAnFXeX/47jOxd3EOVaYfxYy9BtYeehEmI8ID0E4NTB5QCIQD9a5S7lRSN oSTySAjlLiujhaWe5FOsUmJvofCSaDvS5wB3AAe3XBvlfWj/8bDGHSMVx7rmV3xX lLdq7rxhOhpp06IcAAABbl7AaJYAAAQDAEgwRgIhAO/oVuFUxeCrcZ9NgRepg5sH OdFygTpMfXC3BwASXkzoAiEAyulm3S8AQn8vlojIfEh1lqo8NCg9+XruARo2X0gK IRswDQYJKoZIhvcNAQELBQADggEBAGlxWYqgRUsG94FjM2c4xrrfXff+8Tn29iET Gjx1r0BesHLhKYWGZPe96MtRS5KjcGTw969mlMqr2Qn8r2K5Lch1z70/NZ8hbnE/ c4JYXyQEMUneev6KGr6nQVRz5QW2eht+ApXprtUFULrEQlM+SxV2ySyfNqAnH9MR CQjoELOKvohrspEl1IOmomRvItPC1aa6tgcLKCeo648jZ/TePvyFaPdpQ8CM9Biq CFLV+MbZyef/tnY4u9oYRxvy7BlToYcUKPHOC0jrmRMTJn2UojPicUrbt1/OGZAk bBJEOW81vD0JVwZVvxGPXnvpSA8dB8eOhq0O9f1S7sSDy7LKQTg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4xgmFrAoGt1lxCCIEdCr 84bSolAs3W7YeWjFFyS6AhuXFKpV7XkBbOqRmNMiyVK08hYanZ/4oPwPhgV9FJL3 /1Kt1h7O9o8SDyGwDthV6MHGThynnnRfIxDBrQqtshErGnw7A1Ud7D5oUs75ynWx kFj4lxTsVz4dkQbjEbgm2YljndEEYeWGfI84I81/T7QxvSA/r9zEU965qgdrg/bo LNFDpTzEebE4Z1mmjMC8Iq9+dQYKE5fbBmBn+fTqeUnbesh8YmFP3Ed0qzLqPl89 Em6GZr7IdQjAQ1RPf9IFhM5o6VYD2ic9+GFnd73jHv/oxrsBduRhAHUDhQ6nkwTo v6Yd6IwOaVY9+y0KZeFWVBunthZkCbzWvtUR0cVZ+KG4UIc/YBkoL6Tc57H1sLL6 T9UYZYNTuTb+SuuDYqSIM3clNUok6KwVeFNyPOrxs5+iq2fSLiZ/LwBZIV2EhVgv 34VhPsJaU+76at5S0VcmMqyz95V5BwgMUH4zK1W9TsMZ26IUHPyYHX4kHxqw+KDW ored4SdadTRpOpYMdCAVL0IqwzsIxeuB81K4+GlmMyCCtRhjNZRc12qBoroPxeLT HVR34pU3k/jD3ldYFRxwTkejgvLrPUImQ2jtgn5J3X0Fq17qTxsXX7jFn4gWeRBP 2zkslwuq/LcTfHXWnqpSC80CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 429407328617514422968061158921121515969601 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-12 07:34:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-10 07:34:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'primella.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 926464041105191932903081570236397885678505844766834563571448826510837584225012237226742427695856976644953500567444795994403610891659415785728654619100848699018786521451595198850204133522829038633586938929560384486954970462589579512663007346316955438489374205521229241304077836138652828380453264706909438503010041995915032832478240469078816514262395141464812836046470638929788897174533299032901709266858254498092624908182321233993422247933572680474513918508753853494161744028070383548103283329047632470928294556075675973138163631410172361076308226773443804809534289511974211789203863523067248317378468477448453146873859329003491578697709686265854415996168148559792181103922576876447908546953906554625330362012938744619052030947737149554114624631266403605726337044679845988840034293352612356389455011604731720727308030687521346565885426436951917052564884558556899771837092087727846113678593823098772397930632743951581799742190347481804576839747379135331298112937761633102892188204402456477904662988007984727935056940423225459268223182032025666699676182602393628147043106341353384851346440132680547046916552708257499225867078505007818649059836448593912985070638405676370230699705643953530463128602914634764894313105389983860880032533453 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 20bc8b96626a06d66dc268e71c25a0ee0f0cdcc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'primella.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016e5ec0686900000403004830460221009c55de5ffe3b8cec5ddc43956987f1632f41b5879e844988f080f41383530794022100fd6b94bb95148da124f24808e52e2ba385a59ee453ac52626fa1f092683bd2e700770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e5ec068960000040300483046022100efe856e154c5e0ab719f4d8117a9839b0739d172813a4c7d70b70700125e4ce8022100cae966dd2f00427f2f9688c87c487596aa3c34283df97aee011a365f480a211b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006971598aa0454b06f78163336738c6badf5df7fef139f6f621131a3c75af405eb072e129858664f7bde8cb514b92a37064f0f7af6694caabd909fcaf62b92dc875cfbd3f359f216e713f7382585f24043149de7afe8a1abea7415473e505b67a1b7e0295e9aed50550bac442533e4b1576c92c9f36a0271fd3110908e810b38abe886bb29125d483a6a2646f22d3c2d5a6bab6070b2827a8eb8f2367f4de3efc8568f76943c08cf418aa0852d5f8c6d9c9e7ffb67638bbda18471bf2ec1953a1871428f1ce0b48eb991313267d94a233e2714adbb75fce1990246c1244396f35bc3d09570655bf118f5e7be9480f1d07c78e86ad0ef5fd52eec483cbb2ca4138