www.santachiara.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:db:32:ea:c1:e1:32:57:eb:bf:72:c2:0c:f0:2e:32:d9:79 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.santachiara.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:db:32:ea:c1:e1:32:57:eb:bf:72:c2:0c:f0:2e:32:d9:79Serial Number (int): 335926376480567376992467966309388266953081
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 89:3f:6d:3f:24:9e:aa:1b:8c:ab:87:37:d1:59:25:d2:b9:ca:c9:68
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 2f:24:ad:fe:37:4d:7d:24:04:4d:6c:07:09:1e:7c:5b:f1:e4:58:5b
Fingerprint (sha256): 71:32:df:8a:6b:05:5b:bd:de:4f:01:65:d0:f1:35:7f:6f:b1:49:2e:bc:c6:70:10:1a:cf:d3:cf:23:7d:41:e2
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.santachiara.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.santachiara.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.santachiara.com
Other certificates including the domain name santachiara.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.santachiara.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXzCCBUegAwIBAgISA9sy6sHhMlfrv3LCDPAuMtl5MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjgwOTQ1NDlaFw0x OTEwMjYwOTQ1NDlaMB4xHDAaBgNVBAMTE3d3dy5zYW50YWNoaWFyYS5jb20wggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDviL2LU3Q09SLSEM0ofb1iuvGw LbRC5GvQ5HI9W9BbDIU3mQCYimsZogjFjPeF8EH5xH+9zG5G7F5QSPwDOQEF0nCY jiBtCl3oTNyOeOPQPaeazi7gm6EijCO9L1favgKIsQF3FB2usD39N5DjwQgv+9Lm jxB2mxgM3wbSQyTrOh4YvL+fspg8hD319WS6GQUaEShaOUWDeUkjx7ysKHN/IhfF 8lSPRGAJAZsMmvjaVj27r0cHfxRKYVLYX1JNsHvPO/s5bhgq9Rdur7r4ZNK3Qohx hiT1zLxU4XLnhRBK8NHFBy8y7Ubi/XyBjW05MzvrJRzsdCgzVeXl2PfmBVajdEQ5 kI2u139PCi4PoYs/QvSwOAdDZwJdXQuZy3GDOXdBrx8Za+8IsmtuDkwvi5IQoqtQ 9DfahpjjTR2dLsg0A2tqC8xq0lv68+DOT+C/CumoaRbkMan2lSdzORt5tzW6kZP4 2PeIUTAtPJzr777E7HMxFmx5xS3yoE6obFadnwmCz9zcztvMdR22+uCp0iFZBaqO p1WIpRbz3twBeJDYu4hUidXwICL6MSxbAYhTDt41uukRdVj1kv7mFVZHhVufdIBE FvBcO/v34fzs9QSPJALjFPXztekaPToTZZf3gHeb//krAzEJAGiRA6/dhgE2bE3v PjWfXu23/519RWHA1QIDAQABo4ICaTCCAmUwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBSJP20/JJ6qG4yrhzfRWSXSucrJaDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB4GA1UdEQQXMBWCE3d3dy5zYW50YWNo aWFyYS5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEE AdZ5AgQCBIH2BIHzAPEAdwB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvM VgAAAWw4L8AAAAAEAwBIMEYCIQC8uhbIgOgAJhXwyv+xR31h8jfcPq7YQw/U7Krt HFoudAIhAIF3otHiX9W/7e8BEmko8uKSvMz30RdKlRUEgF5jQ0O1AHYAKTxRllTI OWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFsOC+/7QAABAMARzBFAiEAuxZ1 BkCaaVvMiBoCFVLGUx69xnQGYI5N7mVOlyv1VRACIB2Bf6I/ct/pikwV3JgDk0nj 5PpfG5+c4DOcVrDm4sECMA0GCSqGSIb3DQEBCwUAA4IBAQAuP/5z5pt/VZgWWfsn w01KOqVekmxQJOJybB5ryLopimSI7j49SRc3Wdh8JT8ayLAjBH7NrNpxvuIS7XtS vrqffwG3DW53lvcDLFvN33fZZeklmG312F+3tTtHqzmoP/l7qUk0IV5iznx3ddyq VZTsOaWQ4jr2fw3f1MZTCsJBC/Nf2t3UjUJka+kEoqN1xc9RUQ/Ow6lZS9Dazphb SpGFNvAendBZTAxno5zRWleOZv+zG4OZWo0P61qTFS2Gf+rg2mE+Bm4AiO0GlsmG u6FchUP8VLDMNjuHXCQNT9enVisu3KPb9JlwUsHSAeS6mvpimavsb1ZF34HzjXoJ UaAM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA74i9i1N0NPUi0hDNKH29 YrrxsC20QuRr0ORyPVvQWwyFN5kAmIprGaIIxYz3hfBB+cR/vcxuRuxeUEj8AzkB BdJwmI4gbQpd6Ezcjnjj0D2nms4u4JuhIowjvS9X2r4CiLEBdxQdrrA9/TeQ48EI L/vS5o8QdpsYDN8G0kMk6zoeGLy/n7KYPIQ99fVkuhkFGhEoWjlFg3lJI8e8rChz fyIXxfJUj0RgCQGbDJr42lY9u69HB38USmFS2F9STbB7zzv7OW4YKvUXbq+6+GTS t0KIcYYk9cy8VOFy54UQSvDRxQcvMu1G4v18gY1tOTM76yUc7HQoM1Xl5dj35gVW o3REOZCNrtd/TwouD6GLP0L0sDgHQ2cCXV0Lmctxgzl3Qa8fGWvvCLJrbg5ML4uS EKKrUPQ32oaY400dnS7INANragvMatJb+vPgzk/gvwrpqGkW5DGp9pUnczkbebc1 upGT+Nj3iFEwLTyc6+++xOxzMRZsecUt8qBOqGxWnZ8Jgs/c3M7bzHUdtvrgqdIh WQWqjqdViKUW897cAXiQ2LuIVInV8CAi+jEsWwGIUw7eNbrpEXVY9ZL+5hVWR4Vb n3SARBbwXDv79+H87PUEjyQC4xT187XpGj06E2WX94B3m//5KwMxCQBokQOv3YYB NmxN7z41n17tt/+dfUVhwNUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 335926376480567376992467966309388266953081 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-28 09:45:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-26 09:45:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.santachiara.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 977214042378199015008926967879632444900415847706912925711278605805295060855663128335342413429344154208108103011507748421158558681953254106984835923726910937735937105702230643993181193612477168138295523729940144175673811997658684939316374040017533998132993380994232562452976657942850405972819139780777239145375713144570101634362786910633487306131121735823855487709618263982446061945150035815698147088360003490255029250374633465229634672077732382032361132108407063851218044735702823445940477796016980854445786778744359991542521712760787900867665618554990992322564717443419918677400254764221090155452513204816844860656201534039024679558312443788385974205016119852556051173381601196993969625465020047087269802175805781017678832815307889280445670238924319688907234238633032449403934941057990328346220842736321715041972834046301133730199831013452277786913206413180067625997870403019205694173813892492697589134878004212065057459187405901561901405201794147037687994687627058144920188345806495986515865311044329475606450324946036258850148867139445598151306798352314168353019339226763705343608171083783276121292935186055627503654349366982939678791813237732532301974065429234176392431134381113473157645792062650746136348731621118037421872758997 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 893f6d3f249eaa1b8cab8737d15925d2b9cac968 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.santachiara.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c382fc0000000040300483046022100bcba16c880e8002615f0caffb1477d61f237dc3eaed8430fd4ecaaed1c5a2e740221008177a2d1e25fd5bfedef01126928f2e292bcccf7d1174a951504805e634343b5007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c382fbfed0000040300473045022100bb167506409a695bcc881a021552c6531ebdc67406608e4dee654e972bf5551002201d817fa23f72dfe98a4c15dc98039349e3e4fa5f1b9f9ce0339c56b0e6e2c102 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002e3ffe73e69b7f55981659fb27c34d4a3aa55e926c5024e2726c1e6bc8ba298a6488ee3e3d49173759d87c253f1ac8b023047ecdacda71bee212ed7b52beba9f7f01b70d6e7796f7032c5bcddf77d965e925986df5d85fb7b53b47ab39a83ff97ba94934215e62ce7c7775dcaa5594ec39a590e23af67f0ddfd4c6530ac2410bf35fdaddd48d42646be904a2a375c5cf51510fcec3a9594bd0dace985b4a918536f01e9dd0594c0c67a39cd15a578e66ffb31b83995a8d0feb5a93152d867feae0da613e066e0088ed0696c986bba15c8543fc54b0cc363b875c240d4fd7a7562b2edca3dbf4997052c1d201e4ba9afa6299abec6f5645df81f38d7a0951a00c