diana-petfood.com
Issued by R3
About this certificate
This digital certificate with serial number 03:60:1f:90:95:a8:d8:1d:18:7b:10:bb:1d:30:ea:5d:bf:ff was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=diana-petfood.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:60:1f:90:95:a8:d8:1d:18:7b:10:bb:1d:30:ea:5d:bf:ffSerial Number (int): 294045921813764040022666619173693216899071
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 47:80:ec:e8:1a:15:b1:66:4b:f2:c0:50:71:13:6d:00:8d:f0:6b:74
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 6b:93:be:73:7f:57:14:a4:ab:36:0f:88:1b:76:b8:fb:30:1c:43:b0
Fingerprint (sha256): 6d:66:b9:fb:87:13:b6:9d:c0:f7:92:5f:b3:05:9d:46:89:9e:97:53:b6:ff:e1:36:a7:34:77:70:50:2c:44:96
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate diana-petfood.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for diana-petfood.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
diana-petfood.com
www.diana-petfood.com
www.petfood.symrise.com
www.diana-petfood.com
www.petfood.symrise.com
Other certificates including the domain name diana-petfood.com
(limited to 100 certificates)
content.diana-petfood.com
content.diana-petfood.com
diana-petfood.com
diana-petfood.com
content.diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
webmail.diana-group.com
content.diana-petfood.com
webmail.diana-group.com
content.diana-petfood.com
diana-petfood.com
diana-petfood.com
content.diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
diana-petfood.com
webmail.diana-group.com
content.diana-petfood.com
webmail.diana-group.com
Certificate
The complete raw certificate details for diana-petfood.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHzCCBQegAwIBAgISA2AfkJWo2B0YexC7HTDqXb//MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjQxMTM1MThaFw0yNDA3MjMxMTM1MTdaMBwxGjAYBgNVBAMT EWRpYW5hLXBldGZvb2QuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAwD5praHRpHFkidfzGz66IN7VcAyd64NChRqaULHxF6R5mzh1DSio5qfr6GY6 mwYzSJN4cd0FuBTo3uNGkXd92P4I1lbqxujsAw4QWA7dId8GMg37mXQUizJempBQ GyEWSAXLuyHesuk1HRmwFkoeddyLK1AuSOAaA24317AMFGPkedYhJ48B0dJCrD+1 b5tasS+3ybf15JGJOUrIeyT3jfTwHoy7HqPF/4RvbDmlCSX0W41Fs5p8tmlAP7Vg WwjYT+hV+rnE5sYxNTO+21htQR1N6Sqs7QU1u7MXZWqU68W9tFZCgxUX9RZUiIgC EdZuM/ovb3cfPskXcs3rITmZmbxv0eb31iY2bTnIEI1fs6UIEBz3pUOqC0rkcx7k UNNHxDzpw9NzDvXqlBuNzfL8JWNH1+/QCEvymIVyJ7CWwl5Ro/Nf11wvmIHYorTE cfAh6EqciK+5lQa3WO4RHjZ8WVRkZ+T2xbXN95MDn/rMweoCHCWgwK+/yEFllsyB 4TS5Tv5OoqEBCyInIGr2VEjv/wkTodGpab8F4D6SHwvf1RMw3a3uADusEe2CcrLw qnokzZTeyl+xTCItG+8WZ12BJrWLiRh4Akx+D2SgVcCkiMjmjcL0qrSpLO66KLw0 R63yGaH/GIs8SFGH6J8EpFwK5J/ffCgyg7F4EBxXbOC5l6kCAwEAAaOCAkMwggI/ MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUR4Ds6BoVsWZL8sBQcRNtAI3wa3QwHwYD VR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEG CCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0 dHA6Ly9yMy5pLmxlbmNyLm9yZy8wTAYDVR0RBEUwQ4IRZGlhbmEtcGV0Zm9vZC5j b22CFXd3dy5kaWFuYS1wZXRmb29kLmNvbYIXd3d3LnBldGZvb2Quc3ltcmlzZS5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA dgAZmBBxCfDWUi4wgNKeP2S7g24ozPkPUo7u385KPxa0ygAAAY8QGm4WAAAEAwBH MEUCIQDfx51EU5PZSmUfx9VQEJPripJo3uFwTWatUAlpQX0J9AIgeSCUPH2K6lHF EFLoBms7hH0PDHzZ083liK86ZUJ235QAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bd LIHZu7+rOdiEcwAAAY8QGm4AAAAEAwBHMEUCIQCYrQk0LhZ+okHSPXcaHIMnmFBd Q+SzD0qr4Jb9COuvlwIgASHTTraHfWXFR5HRMCtXNnHdZAH+snD7lHH8dr+cl5Aw DQYJKoZIhvcNAQELBQADggEBAGSfkrkH1QyUxmCM9NwEy6KvID3zr/MU5c9ktTR8 scGh213I50gs+HjIbdt/AyzUtpcMe35roeYH4NXRdn+0iCC84sEPTUY3AJkCBPKO IO2SpPeBSiZr994hyPqI6p7ZSbdYVatP9QpuxRYGjvmZTELeJeX1OuraQKzoIXVe GeuXB+aXmtLYMnLCHMY1eWa5kmR35JrHFRtGnnLBGrmHDK2+qjcjhQC5lvGPEYqW t+ercSsgVi8TvTrc1hpKtAUVzbCTopwXC4w/7DOmN5+xNFIfi4vKnTlweu28orlt 8N7+w5hFl/vzHMMovwtitZpVH9iNkGZGCLcyyyS5ngkmNn0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwD5praHRpHFkidfzGz66 IN7VcAyd64NChRqaULHxF6R5mzh1DSio5qfr6GY6mwYzSJN4cd0FuBTo3uNGkXd9 2P4I1lbqxujsAw4QWA7dId8GMg37mXQUizJempBQGyEWSAXLuyHesuk1HRmwFkoe ddyLK1AuSOAaA24317AMFGPkedYhJ48B0dJCrD+1b5tasS+3ybf15JGJOUrIeyT3 jfTwHoy7HqPF/4RvbDmlCSX0W41Fs5p8tmlAP7VgWwjYT+hV+rnE5sYxNTO+21ht QR1N6Sqs7QU1u7MXZWqU68W9tFZCgxUX9RZUiIgCEdZuM/ovb3cfPskXcs3rITmZ mbxv0eb31iY2bTnIEI1fs6UIEBz3pUOqC0rkcx7kUNNHxDzpw9NzDvXqlBuNzfL8 JWNH1+/QCEvymIVyJ7CWwl5Ro/Nf11wvmIHYorTEcfAh6EqciK+5lQa3WO4RHjZ8 WVRkZ+T2xbXN95MDn/rMweoCHCWgwK+/yEFllsyB4TS5Tv5OoqEBCyInIGr2VEjv /wkTodGpab8F4D6SHwvf1RMw3a3uADusEe2CcrLwqnokzZTeyl+xTCItG+8WZ12B JrWLiRh4Akx+D2SgVcCkiMjmjcL0qrSpLO66KLw0R63yGaH/GIs8SFGH6J8EpFwK 5J/ffCgyg7F4EBxXbOC5l6kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294045921813764040022666619173693216899071 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-24 11:35:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-23 11:35:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'diana-petfood.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 784286278373936374063270682918622501396702826206786543658546050231032047764389389446691856612880696796108785639026614134453042911386878066303568823278659095709362191988486551932223257539697218345830222303134501877683106475825399753047789860799062261005684624044878603995462895844137392433944835214963899226539621075148746943576535321185250409878705605475801764317607823189244693036086540069627991525559433127356877137992349702991673043178407168838150872422889423965375532250612435733936808043652673354231889919703639394803735076573550214578623465251378190478311721463285068292730467078306747394247200052481355232779220484697214082951673925306547279539387093483029466404076337746515753079123084748045928174214540510500458457045056562342377236330815129519560221721747807189334213551316522827758447271496052131721259806347187494651220183703839304045007403835804726909597747926434589162166532852935994350237842051139034057366039769204192694998827071553538363199390977078534454217431248040182354517918762822175472971072354099153761585048670642206510694213233098424040909431919396277700722254154645838770250989175229161112265889829926516737461237951680123644892886498474780644633951582321254582884846913499641849874871988352601821646788521 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4780ece81a15b1664bf2c05071136d008df06b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diana-petfood.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.diana-petfood.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.petfood.symrise.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f101a6e160000040300473045022100dfc79d445393d94a651fc7d5501093eb8a9268dee1704d66ad500969417d09f402207920943c7d8aea51c51052e8066b3b847d0f0c7cd9d3cde588af3a654276df9400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f101a6e00000004030047304502210098ad09342e167ea241d23d771a1c832798505d43e4b30f4aabe096fd08ebaf9702200121d34eb6877d65c54791d1302b573671dd6401feb270fb9471fc76bf9c9790 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00649f92b907d50c94c6608cf4dc04cba2af203df3aff314e5cf64b5347cb1c1a1db5dc8e7482cf878c86ddb7f032cd4b6970c7b7e6ba1e607e0d5d1767fb48820bce2c10f4d463700990204f28e20ed92a4f7814a266bf7de21c8fa88ea9ed949b75855ab4ff50a6ec516068ef9994c42de25e5f53aeada40ace821755e19eb9707e6979ad2d83272c21cc6357966b9926477e49ac7151b469e72c11ab9870cadbeaa37238500b996f18f118a96b7e7ab712b20562f13bd3adcd61a4ab40515cdb093a29c170b8c3fec33a6379fb134521f8b8bca9d39707aedbca2b96df0defec3984597fbf31cc328bf0b62b59a551fd88d90664608b732cb24b99e0926367d