acquarica.org

Issued by R3

About this certificate

This digital certificate with serial number 04:f7:18:68:12:c7:ce:8a:a8:8e:b2:f0:7d:02:e1:4c:d9:4b was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=acquarica.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:f7:18:68:12:c7:ce:8a:a8:8e:b2:f0:7d:02:e1:4c:d9:4b
Serial Number (int): 432531330208198611410817060025743184812363
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 84:17:ff:78:87:17:23:55:69:13:4d:f2:2e:19:13:39:6d:fe:85:2f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): dd:aa:23:5a:c6:54:85:4d:54:f5:35:d8:f0:62:e6:bb:b5:ab:83:9e
Fingerprint (sha256): 74:a8:a3:ca:47:42:37:4d:ca:a4:00:ae:6d:7d:1d:e3:0c:a9:89:18:c4:dd:b6:32:41:bf:da:13:df:2a:db:ae

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate acquarica.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for acquarica.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

acquarica.org

Other certificates including the domain name acquarica.org

(limited to 100 certificates)
www.compraroroyplata.com
acquarica.org
acquarica.org
acquarica.org
acquarica.org
www.acquarica.org
www.acquarica.org
acquarica.org
acquarica.org
www.acquarica.org
www.acquarica.org
www.acquarica.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
acquarica.org
llandovery.college
chicagobirthlaw.org
torricella.org
tiggiano.org

Certificate

The complete raw certificate details for acquarica.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISBPcYaBLHzoqojrLwfQLhTNlLMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MTkxODI2MDNaFw0yNDA4MTcxODI2MDJaMBgxFjAUBgNVBAMT
DWFjcXVhcmljYS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDD
5IJNLnHLTG07lPrv4HriqPLA2B8l2z5TYDVu/NUcpv10hG1Zu5FIZ5O59aqicIf4
oypUyyyVwPhNW4OR8jE9LTKwlVeflLmkFpB/NgjHE3HMJ071bHaxw/LiFp3d120/
IafnW0hF/SmeBK8qcBlZ5L93SrZTYVhq37IruuSfUftk0NENsF2pU0TVBpKoZA7I
phucjdES4ggSTkOpEmR+etTiyBQ9jIUO/y4TSbzLaDoQ104AmIVhfxPSdkfJmaBy
OjCdTyvaNUztOgnvHbolHfzWXbYcbv8LvVlXyafGQLev8mq/yXLMH8eLcKONua3n
6oujQiADGMFnTPcq14BLbezkHW47mpAdyRU6aylpgJfGWLcpWKu77n/71wxR3rpr
mrHfOlR6QJUXwUbZeHmQBBOsuxYhAu7sfzDmGT+wOFkLxpJ3od6oVMRDbvu6/M8a
nlF+Oi2Yem1xlTtm13TwztateeCgr+gEKH5ItvAUL83oi6zQX4wFiTfkRVcUugsc
gek68t473kUQ6Qvv1ZK5GvtlY+UZyeg0aeTrkbXmdVJVZMqabgMS5tvTSGu5+rEY
D0Vq3VjWnxydg0teto0UgeRzznvTOKzDk36wYzORSq6ug3cXZFntLkCBtcZ03PSy
1B+locLhV+y7XWlMvpkSj8DotYs4ZlR5D8aeRXsjYQIDAQABo4ICEDCCAgwwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBSEF/94hxcjVWkTTfIuGRM5bf6FLzAfBgNVHSME
GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB
BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov
L3IzLmkubGVuY3Iub3JnLzAYBgNVHREEETAPgg1hY3F1YXJpY2Eub3JnMBMGA1Ud
IAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAPxdLT9ci
R1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPklF4bwAABAMASDBGAiEA4g6Z
6Za7S/gjaj5BjmtQrxPerh4/U5CA0/2lpXnNkesCIQDJtX4zj2+4v2TnAj7sG227
QXI2W6kQpJFC3sr5gQhtEAB2ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/
FrTKAAABj5JReLQAAAQDAEcwRQIhAKFKP3yWgirpb1kVRdUCUCFCQFUZWALrpLni
m1RSEoLKAiAgE039q3U7P9EEU/sVO4N0Xn+9SMEz5u8IGkx7736WwjANBgkqhkiG
9w0BAQsFAAOCAQEAKtbAXJgMEJ6YU+28x6XHOWrKsDKk6DyzlAydx45WuQegbuo7
nN+4OuPfNr7+pZMZko5yOTvqvYE2pU+BMVzX1ZXVzG/QlJexpO2JRu1/1rZTvZYz
Tq2tInIEx9zyRgHoOixsk+JfIJ68lJaNjuSk4Ln8nduR2+XOK/hLoNHoj34NATG3
JZfr1LuyS2hFwFWj0/h5k0xu6rS+iGIXzGUUNLLG6M9qmQtk7HfYXDVP0LrBL3hP
iS8HTki/MDOPVweuXIDaqWVx5lRho2o/BC6dYEY+KHCbBfjNPO5Elkmgb1JUDeWL
bylf/C24AlwbwQPW4BHp0xhMhUFZ11PZMkPIUg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw+SCTS5xy0xtO5T67+B6
4qjywNgfJds+U2A1bvzVHKb9dIRtWbuRSGeTufWqonCH+KMqVMsslcD4TVuDkfIx
PS0ysJVXn5S5pBaQfzYIxxNxzCdO9Wx2scPy4had3ddtPyGn51tIRf0pngSvKnAZ
WeS/d0q2U2FYat+yK7rkn1H7ZNDRDbBdqVNE1QaSqGQOyKYbnI3REuIIEk5DqRJk
fnrU4sgUPYyFDv8uE0m8y2g6ENdOAJiFYX8T0nZHyZmgcjownU8r2jVM7ToJ7x26
JR381l22HG7/C71ZV8mnxkC3r/Jqv8lyzB/Hi3Cjjbmt5+qLo0IgAxjBZ0z3KteA
S23s5B1uO5qQHckVOmspaYCXxli3KViru+5/+9cMUd66a5qx3zpUekCVF8FG2Xh5
kAQTrLsWIQLu7H8w5hk/sDhZC8aSd6HeqFTEQ277uvzPGp5RfjotmHptcZU7Ztd0
8M7WrXngoK/oBCh+SLbwFC/N6Ius0F+MBYk35EVXFLoLHIHpOvLeO95FEOkL79WS
uRr7ZWPlGcnoNGnk65G15nVSVWTKmm4DEubb00hrufqxGA9Fat1Y1p8cnYNLXraN
FIHkc8570zisw5N+sGMzkUquroN3F2RZ7S5AgbXGdNz0stQfpaHC4Vfsu11pTL6Z
Eo/A6LWLOGZUeQ/GnkV7I2ECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 432531330208198611410817060025743184812363
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-19 18:26:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-17 18:26:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'acquarica.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 799172137585559805173367701239712136759621606571894438993840512736850648818889666947558070944391957182962076025657900940707378512184357058746470936554233912315634366610865237952169901399861975492719476610235077833222995683823167972841127697166790011370818807439486280790408322818958126200563293879555962170657164794303461942389383383972063240012772933355177984150818985414922504700415981041565600964960724374042647813800409204666718855080444282240243043570709914476303360510956488163792670371947370761999662310087133729505259567077443322695941956200920298346734600302577987293132503540296613805548951618998893493666505826163450488176146573909589104787901599661036811150258131909719161307043147628333087497774278397582235070630009514226231268271175321674424940265401420896671738925090265965192187927210564032791168287527067944097849691023629346331291194745812510773675351682625251043441267717719730720824519818596255999088012966866543300099569522329837286136803283046046207949587778074810136767417361473540378522310507244529540318270710076618394408110453751338101443327854592942077344743697481386691067383302522201112989538451632707730796293440666270918481511012334329363536372452165601854485446631875646778394843180121306000288064353
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8417ff788717235569134df22e1913396dfe852f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acquarica.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f9251786f0000040300483046022100e20e99e996bb4bf8236a3e418e6b50af13deae1e3f539080d3fda5a579cd91eb022100c9b57e338f6fb8bf64e7023eec1b6dbb4172365ba910a49142decaf981086d100076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f925178b40000040300473045022100a14a3f7c96822ae96f591545d5025021424055195802eba4b9e29b54521282ca022020134dfdab753b3fd10453fb153b83745e7fbd48c133e6ef081a4c7bef7e96c2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002ad6c05c980c109e9853edbcc7a5c7396acab032a4e83cb3940c9dc78e56b907a06eea3b9cdfb83ae3df36befea59319928e72393beabd8136a54f81315cd7d595d5cc6fd09497b1a4ed8946ed7fd6b653bd96334eadad227204c7dcf24601e83a2c6c93e25f209ebc94968d8ee4a4e0b9fc9ddb91dbe5ce2bf84ba0d1e88f7e0d0131b72597ebd4bbb24b6845c055a3d3f879934c6eeab4be886217cc651434b2c6e8cf6a990b64ec77d85c354fd0bac12f784f892f074e48bf30338f5707ae5c80daa96571e65461a36a3f042e9d60463e28709b05f8cd3cee449649a06f52540de58b6f295ffc2db8025c1bc103d6e011e9d3184c854159d753d93243c852