www.gigliola.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:fa:a0:57:00:91:c5:81:da:de:f4:a3:a5:f9:c4:a6:e4:78 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.gigliola.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:fa:a0:57:00:91:c5:81:da:de:f4:a3:a5:f9:c4:a6:e4:78Serial Number (int): 346620577746216843971906204430936528315512
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: bf:8a:c7:b9:bf:63:27:ff:51:a8:99:8c:01:d1:15:83:7c:ba:2c:93
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): bd:fa:22:a9:24:1b:4c:c8:97:d1:1d:7d:9f:fc:c1:f0:94:46:32:b0
Fingerprint (sha256): 58:b2:ba:fe:ee:f7:a1:c1:1c:0e:5d:01:6f:a6:4a:25:4f:05:86:bb:a4:bf:d8:e0:38:1c:39:26:06:13:68:15
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.gigliola.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.gigliola.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.gigliola.org
Other certificates including the domain name gigliola.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.gigliola.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVzCCBT+gAwIBAgISA/qgVwCRxYHa3vSjpfnEpuR4MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMjMxODA4MzFaFw0x OTA2MjExODA4MzFaMBsxGTAXBgNVBAMTEHd3dy5naWdsaW9sYS5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDgUB5+PHjOUC2GAzMu2c5cL37pZlb2 hQypJ/i0cVa2EEo/VzDMfZJDde7/JMXZJdPqnGTSlsrjCK1KzxMZWnerdZ/FoG+i wSv8CyrVS9L34z8ibAQlx2ZBv4yuEq8y4OIphSH9w9FNGVA9dO8YP/r3NPMUBbXV 5rq8U+DVKibbrE/B/TBl7EMZUDqU1dmiez6nf6e2ZNYKqRDcHSk86zgbIpSZ2+Zp PbJSkBRFmWUnpQmgRjnkfAeWEnWwLsz45ySa2U/Kr16z+eJBzBY+6907aOJTGqj9 cRwVRHW6JVCLpFzcU3YCgeqTg/QT0toU8J1ZVNcv5YNET23XHtTrs+m+E0oa4+Ej TXxJtUtlamIESWpctJULakC1IBWBvJmn6AR2TRQ+vY73QOMptx75AZD6ZzF+hc26 OLHuvx/hqql6nyHQ2mUcnrDmuALtPxNBRN8Z26sTPXPpY6Btu0/XF11I/RZXSL57 /n03MGLzVm0WqPiYGGG+qCeQrZhFfDvFX5NIP4ak+c45W5U0Bvuzn9tUtrDMhVkw 0TZfykzZtjO8hxBoud02fcB9gYDNU/IT+erHd79vwz9CLleeD9HZozwHyxGHUHkh OQ92oq4F7cZEaBuDJwXeueOckj40vQUwV+7vS3wAzyeRcgoiTohZNZn1uCkre3+W qPkkSGgYqt7wfwIDAQABo4ICZDCCAmAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS/ ise5v2Mn/1GomYwB0RWDfLoskzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEHd3dy5naWdsaW9sYS5v cmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQC BIH0BIHxAO8AdQB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWmr 9FtVAAAEAwBGMEQCICR6xBqoOvj99lpvg595iB1rt9+lTJsu8V7uKW0SDTCVAiAW 91h1d+sqqKMv7sxLaWN4W6B6+btbV15FrLBx2JVUmgB2ACk8UZZUyDlluqpQ/FgH 1Ldvv1h6KXLcpMMM9OVFR/R4AAABaav0WdIAAAQDAEcwRQIgay0AAGf/HA4brxdB 0gWU3kcWBhYvxwgz9Hj5pCoc2P0CIQDPtIvFucDRdtbmD+pPticayP0U8Rw4isxo wQ3FfmQK6DANBgkqhkiG9w0BAQsFAAOCAQEABeupj0RCxzq3xKACVslR7BlgispI 7bkII/en0uEOh0ebL1ISLQMbGL7+32jEj78YZw/O8MtCGJVDjiBwsUHl0rNIyxRo cwzbNEEp4sofYk4QPHmtuIRQ94ln5uHiwHFgJ63zYpNLHop/tKRjnWzqefpQmeRq BaI0TTbiLuCvO7vY6qH9rt+p1XTyljyiSiVDR/suJ47VETamyePTDPI4ipfeb+mR 4ANryWxAVSPYu67nXZvweBFTrXyy/r5a2LT3+i1e27PfIaelLjmauc03cDH3/jq3 +g0OecCTwSaDBkfR5oSedl6Wi75ax6jsGtXHN0jRRoXtAuZoHRtLWeSclA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4FAefjx4zlAthgMzLtnO XC9+6WZW9oUMqSf4tHFWthBKP1cwzH2SQ3Xu/yTF2SXT6pxk0pbK4witSs8TGVp3 q3WfxaBvosEr/Asq1UvS9+M/ImwEJcdmQb+MrhKvMuDiKYUh/cPRTRlQPXTvGD/6 9zTzFAW11ea6vFPg1Som26xPwf0wZexDGVA6lNXZons+p3+ntmTWCqkQ3B0pPOs4 GyKUmdvmaT2yUpAURZllJ6UJoEY55HwHlhJ1sC7M+OckmtlPyq9es/niQcwWPuvd O2jiUxqo/XEcFUR1uiVQi6Rc3FN2AoHqk4P0E9LaFPCdWVTXL+WDRE9t1x7U67Pp vhNKGuPhI018SbVLZWpiBElqXLSVC2pAtSAVgbyZp+gEdk0UPr2O90DjKbce+QGQ +mcxfoXNujix7r8f4aqpep8h0NplHJ6w5rgC7T8TQUTfGdurEz1z6WOgbbtP1xdd SP0WV0i+e/59NzBi81ZtFqj4mBhhvqgnkK2YRXw7xV+TSD+GpPnOOVuVNAb7s5/b VLawzIVZMNE2X8pM2bYzvIcQaLndNn3AfYGAzVPyE/nqx3e/b8M/Qi5Xng/R2aM8 B8sRh1B5ITkPdqKuBe3GRGgbgycF3rnjnJI+NL0FMFfu70t8AM8nkXIKIk6IWTWZ 9bgpK3t/lqj5JEhoGKre8H8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 346620577746216843971906204430936528315512 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-23 18:08:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-21 18:08:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gigliola.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 915117058216936133300043077125886438808244794383473764590193488984513588252718053659752053640270697388944191390982960516889388512209815741834261361183346244057352425601283006808568225742360338957782736728650903696550327897883634417954488925936617401162810732571133647952886228520443299537024215565141763381855175578054303660369867063131509181075256703510676836386227275302309393073744035051965156905813889808578520279759025381270207377554284738595311418139623319084072501413273114422082505611849392658895235819506909645716995701147453345257326431670375921115640145014023213417068236678097191837166414836780589233119850119444682309723094670939598440853352307618450345209887217399188434913768348637789266663748373403886100560490944554350671247098988674207826822712999265374183657528388395795787026328404691192035773273158241829289251160426125097847474297408640227881978675895512771959525468276998782595051181837819140460090427804460577433807303097927293472889761093276083816561717305328268643937298947745239962426004438293968597610661728149987562143482369481788859563985582266002998820935121316435189907826190803675405580586310702432699160876329744937641500759412785675253743683540054609094504347136156958950230167651617068958061883519 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bf8ac7b9bf6327ff51a8998c01d115837cba2c93 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gigliola.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000169abf45b5500000403004630440220247ac41aa83af8fdf65a6f839f79881d6bb7dfa54c9b2ef15eee296d120d3095022016f7587577eb2aa8a32feecc4b6963785ba07af9bb5b575e45acb071d895549a007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000169abf459d2000004030047304502206b2d000067ff1c0e1baf1741d20594de471606162fc70833f478f9a42a1cd8fd022100cfb48bc5b9c0d176d6e60fea4fb6271ac8fd14f11c388acc68c10dc57e640ae8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0005eba98f4442c73ab7c4a00256c951ec19608aca48edb90823f7a7d2e10e87479b2f52122d031b18befedf68c48fbf18670fcef0cb421895438e2070b141e5d2b348cb1468730cdb344129e2ca1f624e103c79adb88450f78967e6e1e2c0716027adf362934b1e8a7fb4a4639d6cea79fa5099e46a05a2344d36e22ee0af3bbbd8eaa1fdaedfa9d574f2963ca24a254347fb2e278ed51136a6c9e3d30cf2388a97de6fe991e0036bc96c405523d8bbaee75d9bf0781153ad7cb2febe5ad8b4f7fa2d5edbb3df21a7a52e399ab9cd377031f7fe3ab7fa0d0e79c093c126830647d1e6849e765e968bbe5ac7a8ec1ad5c73748d14685ed02e6681d1b4b59e49c94