okzo.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:72:04:e8:e9:a0:99:0c:16:44:69:ab:82:a8:2c:ce:af:6d was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=okzo.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:72:04:e8:e9:a0:99:0c:16:44:69:ab:82:a8:2c:ce:af:6dSerial Number (int): 300135573887647353990085897567348894642029
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 14:7c:28:c5:36:ce:1e:cc:0e:86:2e:da:76:5a:8f:82:0f:65:d5:24
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 6a:83:44:b3:01:2c:f5:24:49:06:e1:b8:88:58:fd:04:b3:07:7c:ab
Fingerprint (sha256): 57:c2:6c:d1:b9:37:64:36:8e:ca:5e:9e:8b:37:3f:fa:37:a4:fa:65:63:f3:66:c4:2a:56:91:58:05:5e:56:5d
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate okzo.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for okzo.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
okzo.com
Other certificates including the domain name okzo.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for okzo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSTCCBTGgAwIBAgISA3IE6OmgmQwWRGmrgqgszq9tMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTYxNTIwMzlaFw0y MDAzMTUxNTIwMzlaMBMxETAPBgNVBAMTCG9rem8uY29tMIICIjANBgkqhkiG9w0B AQEFAAOCAg8AMIICCgKCAgEAsN/pZBclm37USCh8JQUmkgKRmy9PIn74XrYHnvjE 2DhbVRU7UXNSRDo8qckhMs+1hIVX9Opz+3oyp7z7Xg00n2/WJNIHAoV8jYUdIrCB RgM3V2km8pBDLt0Vt2QV5/UTghtmxQXqwHO1feg0wNwtYuymir+WCjkXzEwGVzOW reZya7PxZAkKhx9HMzy9KQSojefTzOAzv3/+zgeOQBRJyyQJ2vwJgYH4gRAqMDt/ ydRcgTWnMVlUXucQm/qKh2moGJHohFidttBPflpSzXcOTn2qoiGyh1S3jsf+age0 weQoMKoZ+15Hrc7c2bI26q1i+ohD3NcSrlEDOAO4hrSAkYcSonm5maBgYbiTxbww gdNUEdESTtqJaq6qdqdvhyDCFZY4B+AffZbhgvF0LlFAAuU9PfwwDrGyi7NVvQXv JsPGvYuTqEWSCJo0ZnWVcNTl4tIRbvdqiHJ7OBOfJItGAjpYgpGg5wx1XNhVK70a mg1UOmcsDlbgwSPIFY4AIrmqHxHy02epX3HeGEX3jYt6sB3e/6Bgyyk07NNJ1VTG QYOFOcAvhNowMLpkEfADRuEWsvrnFzioPWg16aB78+eRZo76SjQSomFoGb+2NrXh 4KDUUSTpyttIIMQdXEtpd/8XACmVQXInD5EI7fFq8zmdJmOHtzrYo0kfDZrveWM4 nwcCAwEAAaOCAl4wggJaMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUFHwoxTbOHswO hi7adlqPgg9l1SQwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYI KwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0 c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0 c2VuY3J5cHQub3JnLzATBgNVHREEDDAKgghva3pvLmNvbTBMBgNVHSAERTBDMAgG BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz LmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AF6nc/nf VsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbw+C+lwAAAQDAEgwRgIhAL6c nk3weA5f1fr7ZeodzNQVqY02MSQ4iZVpisQlrUycAiEArS2E1xJ7Cxh+sPiN0IAC 2XKa8Lfn00PEjW88kuM2OKYAdgAHt1wb5X1o//Gwxh0jFce65ld8V5S3au68YToa adOiHAAAAW8Pgvp8AAAEAwBHMEUCIQCIrPWYSACayFWeLxFjRYKUJjgBKM4u/w21 k/X509+URwIgaNBHzLD2Sy/UkdKweOCmCuim9rd8XGEhY7+GQ7zUDW8wDQYJKoZI hvcNAQELBQADggEBAHqgUR3XYCNLErutOYK8qcxrx00S1FwiR5bXK6+pWU0e6rN5 RHjWerkbIlFK7vVT1LdMzjpMKPl/6GeDcL0H8p4tzmU+4DItRpWFGnJ6nD9qhNTO YjGsDzDO8jUVieGWto3PmU/pbsQL6IIFgGAfdfkPfP5XLtHisQGY6MI0nW830lxG F5piaGm+rwVXPZqJb/lXpqK3/cV9S/Ks1yCVhf76b1ze1JSi+/tSskDrpGFVVJ1c 6+MMolkmnu4LiX5qLnWcLq7pL5ZTUWSubNs8KqmyvCsl0gjOA7g10WSSdDb6vGn3 lqNNuBlwdCAEBlOSw91+DA5OreTmWji+t/2rhbY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsN/pZBclm37USCh8JQUm kgKRmy9PIn74XrYHnvjE2DhbVRU7UXNSRDo8qckhMs+1hIVX9Opz+3oyp7z7Xg00 n2/WJNIHAoV8jYUdIrCBRgM3V2km8pBDLt0Vt2QV5/UTghtmxQXqwHO1feg0wNwt Yuymir+WCjkXzEwGVzOWreZya7PxZAkKhx9HMzy9KQSojefTzOAzv3/+zgeOQBRJ yyQJ2vwJgYH4gRAqMDt/ydRcgTWnMVlUXucQm/qKh2moGJHohFidttBPflpSzXcO Tn2qoiGyh1S3jsf+age0weQoMKoZ+15Hrc7c2bI26q1i+ohD3NcSrlEDOAO4hrSA kYcSonm5maBgYbiTxbwwgdNUEdESTtqJaq6qdqdvhyDCFZY4B+AffZbhgvF0LlFA AuU9PfwwDrGyi7NVvQXvJsPGvYuTqEWSCJo0ZnWVcNTl4tIRbvdqiHJ7OBOfJItG AjpYgpGg5wx1XNhVK70amg1UOmcsDlbgwSPIFY4AIrmqHxHy02epX3HeGEX3jYt6 sB3e/6Bgyyk07NNJ1VTGQYOFOcAvhNowMLpkEfADRuEWsvrnFzioPWg16aB78+eR Zo76SjQSomFoGb+2NrXh4KDUUSTpyttIIMQdXEtpd/8XACmVQXInD5EI7fFq8zmd JmOHtzrYo0kfDZrveWM4nwcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300135573887647353990085897567348894642029 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-16 15:20:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-15 15:20:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'okzo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 721585637109769436539183889185588968206353217491059794257717863381261309580710342251229786203984381202243551156669656066922113395728436701736896321046442641583869817696955072019718942818798086524110338121919954087566619458103092376079871869127385228861308184384111428456235496914015968175129394258652092964764729336230554838371380855356065814096936375502891206299832849725201840574508125958548837912740676510475635063979829631688570462214075611354661244416546269325207138120370280145203123106395487840632180804636339616266332107140768994386648735052113548502746470378856726607971841747362883391648893752797837513470971627782495636375422730781772594649355538510108388594906939454619958987273256417224568460110594443684474415995236913044537644877794157036837056648250945645263826354226566164938867458186427616261219518594543453247209140722371344912775389230852072232771763131932325377755949906490280429298183748646421340378165629238597996515042576717635036631740654501842751480144386418691713360348768367802013376911431017212058533143619776161215378694314460834034795887371481082431014503902066214733187839761926723603555281533091235750982492863888802874668876520791815453904646693970565899269276043336282354098773224335964310903234311 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 147c28c536ce1ecc0e862eda765a8f820f65d524 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okzo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f0f82fa5c0000040300483046022100be9c9e4df0780e5fd5fafb65ea1dccd415a98d363124388995698ac425ad4c9c022100ad2d84d7127b0b187eb0f88dd08002d9729af0b7e7d343c48d6f3c92e33638a600760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f0f82fa7c000004030047304502210088acf59848009ac8559e2f116345829426380128ce2eff0db593f5f9d3df9447022068d047ccb0f64b2fd491d2b078e0a60ae8a6f6b77c5c612163bf8643bcd40d6f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007aa0511dd760234b12bbad3982bca9cc6bc74d12d45c224796d72bafa9594d1eeab3794478d67ab91b22514aeef553d4b74cce3a4c28f97fe8678370bd07f29e2dce653ee0322d4695851a727a9c3f6a84d4ce6231ac0f30cef2351589e196b68dcf994fe96ec40be8820580601f75f90f7cfe572ed1e2b10198e8c2349d6f37d25c46179a626869beaf05573d9a896ff957a6a2b7fdc57d4bf2acd7209585fefa6f5cded494a2fbfb52b240eba46155549d5cebe30ca259269eee0b897e6a2e759c2eaee92f96535164ae6cdb3c2aa9b2bc2b25d208ce03b835d164927436fabc69f796a34db81970742004065392c3dd7e0c0e4eade4e65a38beb7fdab85b6