www.okzo.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:60:e0:d9:be:65:5c:77:06:82:a9:a1:37:50:6f:76:12:9c was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.okzo.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:60:e0:d9:be:65:5c:77:06:82:a9:a1:37:50:6f:76:12:9cSerial Number (int): 294302842680853441267060179992856506012316
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 63:a2:23:34:9f:60:fa:33:12:27:d1:f2:c4:f9:0b:6d:6d:f0:e7:75
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 41:06:39:7c:c8:57:23:ca:87:d1:5b:e8:2e:cb:ad:37:b2:ad:26:40
Fingerprint (sha256): 6c:ac:c0:9d:8f:02:80:e4:68:e0:90:a9:22:12:0b:b6:14:0a:98:44:55:51:7b:24:2b:a7:ec:28:b1:d8:44:01
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.okzo.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.okzo.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.okzo.com
Other certificates including the domain name okzo.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.okzo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUDCCBTigAwIBAgISA2Dg2b5lXHcGgqmhN1BvdhKcMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjMxODQyMjVaFw0y MDA1MjMxODQyMjVaMBcxFTATBgNVBAMTDHd3dy5va3pvLmNvbTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAOQWNeUeLoGUT2itPsAtI79t0EnNDkKaGFfZ z1NVMsFK4pSXi1lHD0CtaQ0OsLFMQsPYPVSfVd+SyIJFULtb4+BJJPBMZTwHubu3 J4gU1IfvdDnQp0t+ap564ylhUZYO/McUt4ppn5/JVyb1tnB9zjFcNSb4Wi4zwkFb a8wBL4uZ1LiBtsXS/nvvPbKg7C2DMeW6ZQe7ji8N7eiG3Wut5GP2Kk53vDLNbq9X EACLlLyM0hecel70xu8wgeeiTea4l+D03aiwIWxPNsHKVbVCRkjrGsGag/QJ0I18 5StySyL13fxpguVH+hbvpw7uMzUwrbfP6Ym6H31i3iC2u3F4m2CdMBItyc0ALdsY bIF+8R/Z6cOimKc/kLDwlaF9zJaaKcdgi/NCeAAaOln9JCMZuIwW64oSsA+Bsnth fnO+HWYwKXd1YWhI3XH09RddDRGqtanw61cFqf1264z+V5VMrgh1AFVB7pPgJUHr +nz+trVpgdTZZgxuQ2YibGjw/OLP+eMldD23HkeUzLmYArobwaVC/mQIutBIwngd Ef7u+cqxWLjtjuPLdw04LHd2pg644ZH4DR9IwXB7Bm4WwpTCtQzMHZUZUPl04hUh IMEO3GwQ+m81/jVWzbjJv/2P7O3/pNTRKY2hgFWiD7MedMn1dtmuoYJP3GR6tI29 RF8v0Z0PAgMBAAGjggJhMIICXTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGOiIzSf YPozEifR8sT5C21t8Od1MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMd3d3Lm9rem8uY29tMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFwc5J/SwAABAMA RzBFAiBteN3rGr8Y2wsm6q6DVO83jDJTida8Rutc0S+bhvJabQIhAJ2P3H+2SSnP ifohp8I/UbHfuqyL6RrzzYwLlTutlTMJAHYAsh4FzIuizYogTodm+Su5iiUgZ2va +nDnsklTLe+LkF4AAAFwc5J/OAAABAMARzBFAiEA8UDKi/EfiRbepRdDJ8zIuoKI E7FmKHnSGdMys/4S/mICIB9nB9Mm9G7IMXAn3jZ8lwqbSIHC/MO4qr4+VUEMZCRr MA0GCSqGSIb3DQEBCwUAA4IBAQBTE0gG0560yL5cbNZ3oQqJEj6P3L/IYkvoCtYY 3+ETm5OIZTFCDIk9IkON09zZt560iETiK4O/xGndIbqimSRYbg1g4lqcAOqdObnt Ngd/KC5lvTtj2u/P9rU8cLtU78QLS9DW22pNZWETwpiR4upCNWjU9Uxu8TPnkGPA ZtpHFP0/tp4hKoap7vB5M16lHecl+Cv8BCv/li3g5hvDmWwShFT1Tc+Jx4veCc/u 3crAHTZDbhlU+KYTWdAyruk9U5JOSgotUb80p4RZkg2GT72b/IU7BAuz+YRS+7lw SfV6Pj8B0yItKm67+k4JDAIgfeDtsNghOq6Oqi6rwhxw3yhR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5BY15R4ugZRPaK0+wC0j v23QSc0OQpoYV9nPU1UywUrilJeLWUcPQK1pDQ6wsUxCw9g9VJ9V35LIgkVQu1vj 4Ekk8ExlPAe5u7cniBTUh+90OdCnS35qnnrjKWFRlg78xxS3immfn8lXJvW2cH3O MVw1JvhaLjPCQVtrzAEvi5nUuIG2xdL+e+89sqDsLYMx5bplB7uOLw3t6Ibda63k Y/YqTne8Ms1ur1cQAIuUvIzSF5x6XvTG7zCB56JN5riX4PTdqLAhbE82wcpVtUJG SOsawZqD9AnQjXzlK3JLIvXd/GmC5Uf6Fu+nDu4zNTCtt8/piboffWLeILa7cXib YJ0wEi3JzQAt2xhsgX7xH9npw6KYpz+QsPCVoX3Mlpopx2CL80J4ABo6Wf0kIxm4 jBbrihKwD4Gye2F+c74dZjApd3VhaEjdcfT1F10NEaq1qfDrVwWp/XbrjP5XlUyu CHUAVUHuk+AlQev6fP62tWmB1NlmDG5DZiJsaPD84s/54yV0PbceR5TMuZgCuhvB pUL+ZAi60EjCeB0R/u75yrFYuO2O48t3DTgsd3amDrjhkfgNH0jBcHsGbhbClMK1 DMwdlRlQ+XTiFSEgwQ7cbBD6bzX+NVbNuMm//Y/s7f+k1NEpjaGAVaIPsx50yfV2 2a6hgk/cZHq0jb1EXy/RnQ8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294302842680853441267060179992856506012316 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-23 18:42:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-23 18:42:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.okzo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 930512796907005450576309117656029217831278836413484317039500927470894600396398328213124435820091808632406223332573404792511454597595452886084761354234536680916906026693651081694653240401649186546718613460595145451366912678715589010785422763718815548885346904525469187074898872606011245227208498400479317947658210837267254569958946576773105019876698138428574280165549888670791301393737097496441094174952374852418521913550923208178738209372749846035972157328055850431375600610887422313652227687542300489095667793698761368376508719338472367261817978088163965018281585121844466494554832823191760240624658685295869753867384090462172992838225689564838265370021223295968793263367827641076830033417972221517361353316029115886543381559736955848770350891383419767672797711148325746880057094775963497267975719478227272350040532313809158540079136222993506085019488828889755713969846762561336883313111176820234006257527600009737678325748832622929375902811412947636405481120728890143444220839226466020270801073054405937667404442474049561741955045278247080691785732989880390530390118407818716944973197533396058504696680166879083337756089006812561765303782766643034556079169980019259789645579997102361213695987220155033160554714371231403582348696847 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 63a223349f60fa331227d1f2c4f90b6d6df0e775 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.okzo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000017073927f4b000004030047304502206d78ddeb1abf18db0b26eaae8354ef378c325389d6bc46eb5cd12f9b86f25a6d0221009d8fdc7fb64929cf89fa21a7c23f51b1dfbaac8be91af3cd8c0b953bad953309007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000017073927f380000040300473045022100f140ca8bf11f8916dea5174327ccc8ba828813b1662879d219d332b3fe12fe6202201f6707d326f46ec8317027de367c970a9b4881c2fcc3b8aabe3e55410c64246b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0053134806d39eb4c8be5c6cd677a10a89123e8fdcbfc8624be80ad618dfe1139b93886531420c893d22438dd3dcd9b79eb48844e22b83bfc469dd21baa29924586e0d60e25a9c00ea9d39b9ed36077f282e65bd3b63daefcff6b53c70bb54efc40b4bd0d6db6a4d656113c29891e2ea423568d4f54c6ef133e79063c066da4714fd3fb69e212a86a9eef079335ea51de725f82bfc042bff962de0e61bc3996c128454f54dcf89c78bde09cfeeddcac01d36436e1954f8a61359d032aee93d53924e4a0a2d51bf34a78459920d864fbd9bfc853b040bb3f98452fbb97049f57a3e3f01d3222d2a6ebbfa4e090c02207de0edb0d8213aae8eaa2eabc21c70df2851