rivotiamo.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:9a:9a:8c:86:57:70:48:75:1b:b2:18:81:b0:54:7c:9b:52 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=rivotiamo.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:9a:9a:8c:86:57:70:48:75:1b:b2:18:81:b0:54:7c:9b:52Serial Number (int): 313945773058786822178378179424898476972882
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4c:de:5e:b1:5f:57:ed:6d:6b:c5:ae:6f:43:2a:55:e8:03:59:7e:21
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ff:a4:e8:6b:73:20:08:ac:4f:17:4d:ad:4b:49:da:59:4b:7d:df:0d
Fingerprint (sha256): 71:ef:05:69:e6:89:79:68:ee:63:41:6a:02:8f:b5:97:80:32:61:5f:d7:87:f0:7c:55:fb:95:2e:dc:3d:18:0c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate rivotiamo.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rivotiamo.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rivotiamo.com
Other certificates including the domain name rivotiamo.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for rivotiamo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVDCCBTygAwIBAgISA5qajIZXcEh1G7IYgbBUfJtSMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMjMwOTA0NThaFw0x OTA2MjEwOTA0NThaMBgxFjAUBgNVBAMTDXJpdm90aWFtby5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDEMKV2EAmyxL6O3kg7v1+mhLE800tPFYHn SfGzqoZloT5mFhZtzBYYtRj1rPF50ZNzIPbYU52a30Tfpf/03COrcVjF3tZdtSM6 bUBDq+zHvawBwX4WiMkPrhV3VBoXVGrvtsVgwrWkzkeB2x7mWjT1w531K1OgVK7Y jueb9ntf+3iYFZib/YI/vj0KOhQ/QdOm21Lcgd/guUklljFDIfyD/NW5d9aCETqU MDwwEKGuhzYCyBRJN/onoUCy5ymeGr6n3wi+dbAyreA0lLkUd99qIuYz53XXRiFj JzMsdCDqZpRvsTjHxYxEZe+js4MFtffX6Y0Sq1F55VzjgVsCzsMXDC+yspFg4kiE np7R+ADTQ12zA3LGr2eAQqCg+lXSuIkSaPZiMkdPplhZe1Xz5lgtp4jYGYNgVfXW D25XWyc1+SaSQraDGn/0+cc9wW1+VyFpRoljIaihNvagNxOtAfrtfI7RU6ap19FB w0ZzsBFK24Wziib2sOKG6crl1cZfvPJEBGnF7+WuVpj5FrdtC3hy1IiEOxWJRdex bN5bui6Bwxb1645HbeyiwYcWKHwgFHeNHQQ2qI2kmLg2AXMshChboLQmUSF2E3BM W7whzho0yH/OUv+wQVcAEDGFZ7hlshs6pevn+nmmvPXS6IyvdA93suGJB0mhIHp8 R/0u1do2PQIDAQABo4ICZDCCAmAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRM3l6x X1ftbWvFrm9DKlXoA1l+ITAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXJpdm90aWFtby5jb20wTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEGBgorBgEEAdZ5AgQCBIH3BIH0 APIAdwB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWmqArh5AAAE AwBIMEYCIQDGMcQYFJvykCjN+II8vZQ/Of969VJ8ZcTVWGPZgYYuTgIhAOO2eaLp LHuk1aKHvZIfqSPsZl+6Uh73s7AyWtZ40qwEAHcAY/Lbzeg7zCzPC3KEJ1drM6SN YXePvXWmOLHHaFRL2I0AAAFpqgK4dQAABAMASDBGAiEA1Q6ecv4s0n+uMdbc6zkm KsHDpwmYs6nnVgKhEs2xrAcCIQDUaOLBuAdg3M4RtGve7XbM5wAQSPThgkKH21ru uhz0XjANBgkqhkiG9w0BAQsFAAOCAQEARVOcd41Z8fSktl/YMvEBDFmtgzGJ0/FU nHdYdTzW8BvrkMYgbyzKu8yHMU3oXqRJMssJdlfeZE+s5WuXddFDJJQRVKRMew4V tbhh/Hsve53SZwh33dKe5wzQEeBuYKy4f+oA2bEsTB2xKIdlGC+3KolZV0Yy01zC YVA+ruYSSnaHoneDsGZsJE0ylydKJ5P/BBs+0xK6vSitgctD6Xx+lRxiQgVDcCBQ e5FlF2vSDwzcCxDn/L3XPCeiNdiE620CDn0NPJcbkKjR+W0kyxUaKnz4GBo4KzoE xLdsyDxmpuFqKy1+mezuyOnqlREsaqI5Ppa+FkjVmMAphJ10qfRnQw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxDCldhAJssS+jt5IO79f poSxPNNLTxWB50nxs6qGZaE+ZhYWbcwWGLUY9azxedGTcyD22FOdmt9E36X/9Nwj q3FYxd7WXbUjOm1AQ6vsx72sAcF+FojJD64Vd1QaF1Rq77bFYMK1pM5Hgdse5lo0 9cOd9StToFSu2I7nm/Z7X/t4mBWYm/2CP749CjoUP0HTpttS3IHf4LlJJZYxQyH8 g/zVuXfWghE6lDA8MBChroc2AsgUSTf6J6FAsucpnhq+p98IvnWwMq3gNJS5FHff aiLmM+d110YhYyczLHQg6maUb7E4x8WMRGXvo7ODBbX31+mNEqtReeVc44FbAs7D FwwvsrKRYOJIhJ6e0fgA00NdswNyxq9ngEKgoPpV0riJEmj2YjJHT6ZYWXtV8+ZY LaeI2BmDYFX11g9uV1snNfkmkkK2gxp/9PnHPcFtflchaUaJYyGooTb2oDcTrQH6 7XyO0VOmqdfRQcNGc7ARStuFs4om9rDihunK5dXGX7zyRARpxe/lrlaY+Ra3bQt4 ctSIhDsViUXXsWzeW7ougcMW9euOR23sosGHFih8IBR3jR0ENqiNpJi4NgFzLIQo W6C0JlEhdhNwTFu8Ic4aNMh/zlL/sEFXABAxhWe4ZbIbOqXr5/p5prz10uiMr3QP d7LhiQdJoSB6fEf9LtXaNj0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 313945773058786822178378179424898476972882 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-23 09:04:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-21 09:04:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rivotiamo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 800385470624156151892203099707909240089767975655450160701875209862850262559293959782186740659724998585906675900133365338523169970271517264178931694291520072756945652124643412976374808477617657815054030668630299130210975562565212878423995189783685689306314744559976990435513497569614876390838667115196731758152847019872885385258313519995672840895013788739996155578050006993389507756102326371118209521816666401383297737306472777090456638266100478039304025707565244378281002966202923608172569446450597504713787612987732234022576712109979218432102275787369758398565446886359705054023862394751094107794253631124871209390035020515134785250651675144744660899710419854194457602008353761938499703650301416474223632720503196636380554596871196907537046109216157970699388761842647895051482230300093279456791740997529071564122661817050688946443763040702767696023822693612374671517602070908445514458367455087085706631670206607312340217830885479453028632133245533136892648490278631825713855148687479809484264788957062260121580178575309707619412387509863957327280552577754052799887553942617353293463908958162759446422596261619158176146677454059067423203404321594455526301305599589344548180129525710043004687735492280765374412697686830685904644486717 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4cde5eb15f57ed6d6bc5ae6f432a55e803597e21 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rivotiamo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000169aa02b8790000040300483046022100c631c418149bf29028cdf8823cbd943f39ff7af5527c65c4d55863d981862e4e022100e3b679a2e92c7ba4d5a287bd921fa923ec665fba521ef7b3b0325ad678d2ac0400770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000169aa02b8750000040300483046022100d50e9e72fe2cd27fae31d6dceb39262ac1c3a70998b3a9e75602a112cdb1ac07022100d468e2c1b80760dcce11b46bdeed76cce7001048f4e1824287db5aeeba1cf45e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0045539c778d59f1f4a4b65fd832f1010c59ad833189d3f1549c7758753cd6f01beb90c6206f2ccabbcc87314de85ea44932cb097657de644face56b9775d14324941154a44c7b0e15b5b861fc7b2f7b9dd2670877ddd29ee70cd011e06e60acb87fea00d9b12c4c1db1288765182fb72a8959574632d35cc261503eaee6124a7687a27783b0666c244d3297274a2793ff041b3ed312babd28ad81cb43e97c7e951c624205437020507b9165176bd20f0cdc0b10e7fcbdd73c27a235d884eb6d020e7d0d3c971b90a8d1f96d24cb151a2a7cf8181a382b3a04c4b76cc83c66a6e16a2b2d7e99eceec8e9ea95112c6aa2393e96be1648d598c029849d74a9f46743