berna.org
Issued by R3
About this certificate
This digital certificate with serial number 03:f4:08:d0:e1:72:a6:ae:9b:eb:6b:d5:cd:cd:4a:d6:ab:e6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=berna.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f4:08:d0:e1:72:a6:ae:9b:eb:6b:d5:cd:cd:4a:d6:ab:e6Serial Number (int): 344377473718328336545349563666478870735846
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 96:3c:bf:19:7b:c9:d7:11:64:93:b5:73:18:62:e5:67:00:8e:f9:53
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 13:91:61:4a:23:f2:ba:7e:c9:7e:e1:18:91:e5:96:c9:09:34:b7:63
Fingerprint (sha256): 5c:1e:4c:c1:e1:5e:a4:b6:4a:73:a8:48:77:10:6b:b3:e1:ab:06:df:b2:fe:49:0e:82:ad:88:f5:d7:f3:81:27
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate berna.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for berna.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
berna.org
Other certificates including the domain name berna.org
(limited to 100 certificates)
www.startup.la
www.goodtimespizza.com
salottocd.com
www.kamozine.com
www.iqpd.com
www.dementiapreventionstudy.org
www.topsportsbooksites.com
www.newish.org
berna.org
berna.org
berna.org
osumdphd.org
www.patente.co.uk
berna.org
covfefeed.com
www.inmueble.click
www.weedintosh.com
tickremoval.org
www.webstudionyc.com
hemba.bible
lasirenita.com
www.gratuite.com
berna.org
www.goodtimespizza.com
salottocd.com
www.kamozine.com
www.iqpd.com
www.dementiapreventionstudy.org
www.topsportsbooksites.com
www.newish.org
berna.org
berna.org
berna.org
osumdphd.org
www.patente.co.uk
berna.org
covfefeed.com
www.inmueble.click
www.weedintosh.com
tickremoval.org
www.webstudionyc.com
hemba.bible
lasirenita.com
www.gratuite.com
berna.org
Certificate
The complete raw certificate details for berna.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3TCCBMWgAwIBAgISA/QI0OFypq6b62vVzc1K1qvmMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMDUyMjIxMDFaFw0yNDAzMDQyMjIxMDBaMBQxEjAQBgNVBAMT CWJlcm5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOAf/lD1 sP9J53k8i+Npc8g6IvJaPWcCVtE6hpB0PVoEGzTRdFs4Xlgp7IYVH4ova0cvoKTe Go0sFQA28X4MaxtseHD0DUI7kgFctHBkaB375SDV3vHrNy9wdSe71BxNDahR2JZa DAznHhF6VZWTgPpvQjXKY/qhr6NdxNdF69vymzcRDHNObguKFDJolPctGkoO7m5f KpAnsUod2ZABVECrmZVCn1boMjDs0zR5J7LYDx0uRC74UJ8yVwCVLeMhfulzLgrx P8NbE/6sEloSpRUi7SqRj2TI5mCIHfDg+JaJ+62qapu0s0LmwrSJBnWfyu+ytAwv 1dkNYHwsuELT0jMvxAWPGVzxPEjA9VTrEgRny+PCAKUhx0BCW8oYHqB1uHVgjTRc BWAMsAPIxe6ah0gqA2Up3YeCbzIuSOBD5x85XMWtpZ+LT6P6tySW1k3YXSfHzlnF 5uHvndjuIMtzgSYId6m8VOX7S0oOobLP5xcKlVmPUgvCVgRu7mX4rzXdpOZ1za6N YiDOlr7cqMA2MorUp1MqqbFWebFZWhzfyP2tuIwKwmJfM5rZ7TVCrCKsejDXUqwG Ih0z/hKYUdHSV1bYGlc3mSzFi6TWpB5F2FVtgvxR8k23Q6R2lQTa4FYfpPoF892x ktu1G+AQh2tgvz2HyhgIXzU6t+zrEJguvAzJAgMBAAGjggIJMIICBTAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFJY8vxl7ydcRZJO1cxhi5WcAjvlTMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCWJlcm5hLm9yZzATBgNVHSAEDDAKMAgG BmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABjDxI7zoAAAQDAEYwRAIgZi9Gqv6pfPz9xlGb T8amamnbKB+NQm/1HqPCd5EFNZkCIGf7MEhiRMMxxg3lNfA/fZpLD0up/mqT8VR+ vNwE7Q/rAHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGMPEjx OAAABAMARjBEAiAhVH0SPjWRXLUmsHVefyS5vHH/dSvYuHanrMgPBU6YMwIgMd1H 4srk0j9u92PAnBKtJR3Vzd7wzMjvkekzYR+qSe4wDQYJKoZIhvcNAQELBQADggEB AEWb4FsohkKi4MRvlQ6hos5ethfesMqkKNm7gVIVqygrE6lUFKXlazGypIOBRw9j 95I9Ok5Ayq4ndEX4tWD3GRWgeqcMKI3OYdaWSk4v0tabY7ExkdqqRMdXDVpNrAi+ elJgwwKqqtru3uQ3u/gEsn408gfDIPbsYVs27zfiuzbU7BEu0FmwJQUbJ+JIoYon mvF1tf4XYhlhZoWgvow10PsYMS8SDfYtBRZ0vidp8hrontI9FYWbeBOA4milU5pq f9QjJb21koGKlwRPhsGT1uNpeK7BZ71iXlZU4148+pfyoqaHpVd/VMppgZz7BdRB kB/95hSF+tzL0DxRs04vEQ8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4B/+UPWw/0nneTyL42lz yDoi8lo9ZwJW0TqGkHQ9WgQbNNF0WzheWCnshhUfii9rRy+gpN4ajSwVADbxfgxr G2x4cPQNQjuSAVy0cGRoHfvlINXe8es3L3B1J7vUHE0NqFHYlloMDOceEXpVlZOA +m9CNcpj+qGvo13E10Xr2/KbNxEMc05uC4oUMmiU9y0aSg7ubl8qkCexSh3ZkAFU QKuZlUKfVugyMOzTNHknstgPHS5ELvhQnzJXAJUt4yF+6XMuCvE/w1sT/qwSWhKl FSLtKpGPZMjmYIgd8OD4lon7rapqm7SzQubCtIkGdZ/K77K0DC/V2Q1gfCy4QtPS My/EBY8ZXPE8SMD1VOsSBGfL48IApSHHQEJbyhgeoHW4dWCNNFwFYAywA8jF7pqH SCoDZSndh4JvMi5I4EPnHzlcxa2ln4tPo/q3JJbWTdhdJ8fOWcXm4e+d2O4gy3OB Jgh3qbxU5ftLSg6hss/nFwqVWY9SC8JWBG7uZfivNd2k5nXNro1iIM6WvtyowDYy itSnUyqpsVZ5sVlaHN/I/a24jArCYl8zmtntNUKsIqx6MNdSrAYiHTP+EphR0dJX VtgaVzeZLMWLpNakHkXYVW2C/FHyTbdDpHaVBNrgVh+k+gXz3bGS27Ub4BCHa2C/ PYfKGAhfNTq37OsQmC68DMkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 344377473718328336545349563666478870735846 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 22:21:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-04 22:21:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'berna.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 914350121930787170854051917107040558409671672408929936007027090280687041544025051005796947255449027623416560894007773453634768427610969018605460640411851720816148040615325503230657826252561870847054150734151203576717963889174094970041861037585938456290379497567353178096425405159179815148002793683351923477861608126824052625647132740685351211855491651443310704336731069658393409413980487006606183903257639987890158653059826140967777389345207283232948768166889574969427387201998043251656285637210870258163446878008660795187437127699844271040341710340771990403920402423899929645779323473597734923827781386489912138220862594867194453111354553390228626592506277414606383670338047658144694413772058049645040433630456461355317989774569764140765765300226054228292795993872732279236571032024141659302007957083510588502507059753349707721067299581627889197285735960366965129834930475108433552399309351069663140954111000049860304910093223508860651959090822957175320087350458467174875784021603213955034949799658203385518034677664875739738508650148865921646431740317909875700342342269535645233551016602835545188209837126458658847713249385751804087686568536766223139352890813162603076522664233252896537539829346508068809750114496456397994791275721 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 963cbf197bc9d7116493b5731862e567008ef953 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'berna.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c3c48ef3a00000403004630440220662f46aafea97cfcfdc6519b4fc6a66a69db281f8d426ff51ea3c27791053599022067fb30486244c331c60de535f03f7d9a4b0f4ba9fe6a93f1547ebcdc04ed0feb0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c3c48f1380000040300463044022021547d123e35915cb526b0755e7f24b9bc71ff752bd8b876a7acc80f054e9833022031dd47e2cae4d23f6ef763c09c12ad251dd5cddef0ccc8ef91e933611faa49ee . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00459be05b288642a2e0c46f950ea1a2ce5eb617deb0caa428d9bb815215ab282b13a95414a5e56b31b2a48381470f63f7923d3a4e40caae277445f8b560f71915a07aa70c288dce61d6964a4e2fd2d69b63b13191daaa44c7570d5a4dac08be7a5260c302aaaadaeedee437bbf804b27e34f207c320f6ec615b36ef37e2bb36d4ec112ed059b025051b27e248a18a279af175b5fe176219616685a0be8c35d0fb18312f120df62d051674be2769f21ae89ed23d15859b781380e268a5539a6a7fd42325bdb592818a97044f86c193d6e36978aec167bd625e5654e35e3cfa97f2a2a687a5577f54ca69819cfb05d441901ffde61485fadccbd03c51b34e2f110f