natur.it
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:86:0b:44:92:1e:dc:07:a9:37:a2:15:e0:c0:b4:03:43:4c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=natur.it
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:86:0b:44:92:1e:dc:07:a9:37:a2:15:e0:c0:b4:03:43:4cSerial Number (int): 306949672510503251459164009113848058692428
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b4:3a:50:00:24:ad:88:99:48:f3:85:52:5d:1f:e7:f6:a4:04:bf:00
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): a5:1f:3a:71:44:0c:4e:e6:51:75:3f:1d:46:6b:8c:71:a7:b9:64:cb
Fingerprint (sha256): 65:3a:29:ed:60:0b:80:e6:c3:f4:db:da:54:5c:23:bf:9a:fc:d7:5b:e1:45:b2:82:37:2c:51:6f:3a:ae:48:9b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate natur.it
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for natur.it
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
natur.it
www.natur.it
www.natur.it
Other certificates including the domain name natur.it
(limited to 100 certificates)
shop.natur.it
shop.natur.it
natur.it
promo.natur.it
natur.expolab.it
natur.expolab.it
natur.expolab.it
promo.natur.it
privacy.natur.it
natur.expolab.it
natur.expolab.it
natur.expolab.it
natur.it
natur.expolab.it
natur.it
natur.it
natur.it
natur.expolab.it
natur.it
academy.natur.it
shop.natur.it
privacy.natur.it
natur.expolab.it
shop.natur.it
shop.natur.it
natur.it
natur.expolab.it
natur.it
natur.expolab.it
shop.natur.it
natur.expolab.it
natur.expolab.it
natur.it
promo.natur.it
natur.expolab.it
promo.natur.it
privacy.expolab.it
promo.natur.it
shop.natur.it
privacy.natur.it
academy.natur.it
promo.natur.it
natur.it
natur.it
natur.it
shop.natur.it
natur.it
shop.natur.it
natur.it
academy.natur.it
shop.natur.it
natur.it
natur.expolab.it
natur.expolab.it
promo.natur.it
shop.natur.it
natur.it
natur.expolab.it
shop.natur.it
promo.natur.it
shop.natur.it
privacy.expolab.it
shop.natur.it
natur.it
promo.natur.it
natur.expolab.it
natur.expolab.it
natur.expolab.it
promo.natur.it
privacy.natur.it
natur.expolab.it
natur.expolab.it
natur.expolab.it
natur.it
natur.expolab.it
natur.it
natur.it
natur.it
natur.expolab.it
natur.it
academy.natur.it
shop.natur.it
privacy.natur.it
natur.expolab.it
shop.natur.it
shop.natur.it
natur.it
natur.expolab.it
natur.it
natur.expolab.it
shop.natur.it
natur.expolab.it
natur.expolab.it
natur.it
promo.natur.it
natur.expolab.it
promo.natur.it
privacy.expolab.it
promo.natur.it
shop.natur.it
privacy.natur.it
academy.natur.it
promo.natur.it
natur.it
natur.it
natur.it
shop.natur.it
natur.it
shop.natur.it
natur.it
academy.natur.it
shop.natur.it
natur.it
natur.expolab.it
natur.expolab.it
promo.natur.it
shop.natur.it
natur.it
natur.expolab.it
shop.natur.it
promo.natur.it
shop.natur.it
privacy.expolab.it
Certificate
The complete raw certificate details for natur.it in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgISA4YLRJIe3AepN6IV4MC0A0NMMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTcyMTUwNTRaFw0x OTEwMTUyMTUwNTRaMBMxETAPBgNVBAMTCG5hdHVyLml0MIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAzH4/oxiHd+9iMUSTJ3WgILa9460C/UC4lhR9uWfQ sAS80+Rp2Ds4j/YhHMDe+0GnDeLB2zROd/NKXVEs72H599NJPcF15DoUgyKA+aG7 Kv9xwSQ6jND2H+V5NEhm6hSHn2fh6Tu/Bdy635COOmgpGycQ2Cgf9Q2QxkIHO8xC GopALceVNHeCM0yjCJDYgZwABZA57OjCjCs58hJqa1kEPLmoBEtcn4/8PwY/ayCq 2VcpjxFMpl0uN9SxM9sJ7KQB3eUWMchHW1sRCG9Qp5E6l3CCAMcB2ElL3xgXvRba gXQHaTxhauk2hz43wg2anrDHTCp2mwvLa42ScdQ6P538xwIDAQABo4ICajCCAmYw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS0OlAAJK2ImUjzhVJdH+f2pAS/ADAfBgNV HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG A1UdEQQaMBiCCG5hdHVyLml0ggx3d3cubmF0dXIuaXQwTAYDVR0gBEUwQzAIBgZn gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s ZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgBj8tvN6DvM LM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWwCIaGsAAAEAwBHMEUCIQDrphVI gpF8pzhv+Y25NkmKvMPnnfotX68Ncad5/VIcpwIgPSawXde/RNzleUHLnc2aaylx GbHRQ2fg4GqnGVTrrIcAdQB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvM VgAAAWwCIaOIAAAEAwBGMEQCIDgoWP6bq5L/cvGmd+57NqTE+40tlmX+vRTQdRA6 UCY3AiB2mt76mDBg3OzGoxljgFRiQjwEepwgM8zkqMuqQYZj7DANBgkqhkiG9w0B AQsFAAOCAQEANqC1EATHeMT6A3j2CbAtQ6SCOe5J27ZUmBm/ahCakrZKoZ0EQO1p g5PR2Q2ljIi9pEpBmTJOp9Ld2Yf/m6xypr0sllwZyo/BP00+Wdi+rZ2MKGr86kOR OALvkEa9Hozb1xc3jXNuM2orto08FDB3ShG2zjp1VqdT8FFZijoD3aCz8Hb76cih ZPLjbSxQ1a0C/47ksXNJ53yekbzoP+YjCrnD/9jKdKF4LKKxPhgDWijiQsuMCS1v 8at+AART+ork7R4Zj7SIVJsbDEhAQhPSSSC7zCHOvAv+xSf5LtLq6bZ9CuYmSDYV hHs0peNRlzIzzqNTt2uaMfbJnOXICZorAQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH4/oxiHd+9iMUSTJ3Wg ILa9460C/UC4lhR9uWfQsAS80+Rp2Ds4j/YhHMDe+0GnDeLB2zROd/NKXVEs72H5 99NJPcF15DoUgyKA+aG7Kv9xwSQ6jND2H+V5NEhm6hSHn2fh6Tu/Bdy635COOmgp GycQ2Cgf9Q2QxkIHO8xCGopALceVNHeCM0yjCJDYgZwABZA57OjCjCs58hJqa1kE PLmoBEtcn4/8PwY/ayCq2VcpjxFMpl0uN9SxM9sJ7KQB3eUWMchHW1sRCG9Qp5E6 l3CCAMcB2ElL3xgXvRbagXQHaTxhauk2hz43wg2anrDHTCp2mwvLa42ScdQ6P538 xwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 306949672510503251459164009113848058692428 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-17 21:50:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-15 21:50:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'natur.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25814869709348892207516821144603387551500884828150429477829828672317747246645525896878397012044778281571105272163762719445686956675344990512592776446418630812344769056861226515281618355425730413551383931898615997758604216589616678517853483769943012418860470328552650717733915484044192030029475599302642468804743274447495151156230068355178218416396179086283388705700898465239143989085028580921455056919522836533150905071962977499971480152885924442342268362252184847547505389827639393864888883188572354041104105543209017302498429724019746093792428306675306035305985722866385909674529828022844768922025550293276341173447 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b43a500024ad889948f385525d1fe7f6a404bf00 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'natur.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.natur.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016c0221a1ac0000040300473045022100eba6154882917ca7386ff98db936498abcc3e79dfa2d5faf0d71a779fd521ca702203d26b05dd7bf44dce57941cb9dcd9a6b297119b1d14367e0e06aa71954ebac87007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c0221a38800000403004630440220382858fe9bab92ff72f1a677ee7b36a4c4fb8d2d9665febd14d075103a5026370220769adefa983060dcecc6a31963805462423c047a9c2033cce4a8cbaa418663ec . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0036a0b51004c778c4fa0378f609b02d43a48239ee49dbb6549819bf6a109a92b64aa19d0440ed698393d1d90da58c88bda44a4199324ea7d2ddd987ff9bac72a6bd2c965c19ca8fc13f4d3e59d8bead9d8c286afcea43913802ef9046bd1e8cdbd717378d736e336a2bb68d3c1430774a11b6ce3a7556a753f051598a3a03dda0b3f076fbe9c8a164f2e36d2c50d5ad02ff8ee4b17349e77c9e91bce83fe6230ab9c3ffd8ca74a1782ca2b13e18035a28e242cb8c092d6ff1ab7e000453fa8ae4ed1e198fb488549b1b0c48404213d24920bbcc21cebc0bfec527f92ed2eae9b67d0ae626483615847b34a5e351973233cea353b76b9a31f6c99ce5c8099a2b01