enrica.org
Issued by R3
About this certificate
This digital certificate with serial number 04:8a:df:fb:74:ed:03:bd:cb:34:90:fe:35:7e:f2:8f:79:d3 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=enrica.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:8a:df:fb:74:ed:03:bd:cb:34:90:fe:35:7e:f2:8f:79:d3Serial Number (int): 395705833843239769466927466913782844848595
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0f:fa:12:da:42:90:5e:69:0b:28:0d:c0:c8:d8:fe:8a:69:a0:f7:fc
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 66:94:65:ed:f1:16:87:12:ad:1c:c0:2c:6f:f2:da:07:6b:8c:dd:df
Fingerprint (sha256): 75:9f:ff:dd:e8:d7:d6:f6:a8:f0:df:77:dd:1e:af:39:7f:71:c0:00:a9:8d:07:28:dd:a7:70:46:0d:d5:b2:be
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate enrica.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for enrica.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
enrica.org
Other certificates including the domain name enrica.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for enrica.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4DCCBMigAwIBAgISBIrf+3TtA73LNJD+NX7yj3nTMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTIwNDQ1MjlaFw0yNDAzMTEwNDQ1MjhaMBUxEzARBgNVBAMT CmVucmljYS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDT0Tn6 Rf3KJcnJrlkhvpo4u2U+U3pur7wfit8v+TniIVRotf33nzj/0ysnLcTgBqYxFYnp aGBxKfqM3PwCJ+22eWqR0PAwn04lwG95el82X7PM6ydXVNLLQYwMx2fPqgMP/bBQ YpHUP9k/OdvX1SvMhESwNFY7Qi/K7cwyKaP5Q29gho/ZQY9jofX+X6ddddeqygCa ReqkItuIRQs3PyziEV2HeHTUHJEFUTddwWlgLcVPtBnzi3QKl+AsLWiVsbiE5fXd rcQwRtYkmC6XYbCGWDNtXO1Y52dopx1yVvSi+gqOCrwplZJPmkaXYaWIEPYqCiYG y3ory80nMOGBla0r7BGO2K5zVYM62qiAvUROUj2WIA0CK+JOrlko6B3IBKyv1lZZ 22u2HcCBwelaPyr90S2UKOn2OM/4YygAe7TLhdfMPrNGDGeggQwrLMROGYRoeCp6 2BXofTcdIGAwqdS7tO2QaQDT1oYJ63JxqWqFmlf7t3Ph2p+EtYXeLy8uvhzYjuHg 1x1tuzXtIKn2TNjP6IJUQx14GWMb90zNzB77rgVFBvxapC+SbPRD/wUo7vSXKvmy AJXgelDrTRspWHLt7wN1G/4xh04X7Ss6RF+WkIG9TGoW18R6u+F2hOtcAgw9zEi0 89UvrGzRX8bsRB4v3wC2rtzYG1zE/NR29FFxDwIDAQABo4ICCzCCAgcwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBQP+hLaQpBeaQsoDcDI2P6KaaD3/DAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggplbnJpY2Eub3JnMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUASLDja9qmRzQP5WoC +p0w6xxSActW3SyB2bu/qznYhHMAAAGMXI8SqAAABAMARjBEAiBrTQt/XUI9p3Bx wrCBUNeNUBr6xDkS6ucT72LqwBQXZQIgKwYK7g1zdP71qzUJoshYBTlP9oq01kWK XZXyfllZy8gAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYxc jxRoAAAEAwBHMEUCIQDTRTRySLjgurOIhWAAYqH7mjwOvv1xf9rf7Mr+ZEFAmgIg UyaN8+DfNlxyVknr0djTQPWqbe3wlX7TeHRvWPhO8MswDQYJKoZIhvcNAQELBQAD ggEBABkvXLkm4MVuZ2o7nED+hepCNGs4HSAcZWoXDj4/w7CflKF86VxvDNLozlSZ rUzhm1DY6koZknZMkHAXugTqaX+e/6O4+ZcZqriX4G3VjV+3Z00D6U+BATkc5BwR CmAdPt3psiWMJGm9zjCsZtA1DlOcncz6Bm7KbsPZ1rGoV96NZVgl4+cMw1Tu8ojL 4oNedHNSdrpoiyztTKYFyrLl3UEMmw8rjepdrSIX+XQKsQKt09qSbwcgoROQZr/3 F/HfwBg7v4e+Opeu+Elm2a0NFWOrSLmUhXmWNuPEe4QBUPZipU6YopSFdCxFTHoO CHUbVZe0QoMv3KB6uoOtRyAfKSg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA09E5+kX9yiXJya5ZIb6a OLtlPlN6bq+8H4rfL/k54iFUaLX99584/9MrJy3E4AamMRWJ6WhgcSn6jNz8Aift tnlqkdDwMJ9OJcBveXpfNl+zzOsnV1TSy0GMDMdnz6oDD/2wUGKR1D/ZPznb19Ur zIREsDRWO0Ivyu3MMimj+UNvYIaP2UGPY6H1/l+nXXXXqsoAmkXqpCLbiEULNz8s 4hFdh3h01ByRBVE3XcFpYC3FT7QZ84t0CpfgLC1olbG4hOX13a3EMEbWJJgul2Gw hlgzbVztWOdnaKcdclb0ovoKjgq8KZWST5pGl2GliBD2KgomBst6K8vNJzDhgZWt K+wRjtiuc1WDOtqogL1ETlI9liANAiviTq5ZKOgdyASsr9ZWWdtrth3AgcHpWj8q /dEtlCjp9jjP+GMoAHu0y4XXzD6zRgxnoIEMKyzEThmEaHgqetgV6H03HSBgMKnU u7TtkGkA09aGCetycalqhZpX+7dz4dqfhLWF3i8vLr4c2I7h4Ncdbbs17SCp9kzY z+iCVEMdeBljG/dMzcwe+64FRQb8WqQvkmz0Q/8FKO70lyr5sgCV4HpQ600bKVhy 7e8DdRv+MYdOF+0rOkRflpCBvUxqFtfEervhdoTrXAIMPcxItPPVL6xs0V/G7EQe L98Atq7c2BtcxPzUdvRRcQ8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 395705833843239769466927466913782844848595 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-12 04:45:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-11 04:45:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'enrica.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 864139154399482337865447650771859918361460306212552182539306905756440215548572490008090541907240656422498645076497032528997835410260439469965969025022184079309339327799968586382235925660380263333696682950331916071530434379813388266697921346543138437646627957113912704814396084276149366036645624966526765200180546552892826187157459428605037842010658123254743459477589923263709697561960406881622372451403651007979579952012177254036415945139523146504527442493362706977934885818503364899829084213351760858521122613127988866070839356879938482129217196616311115432284369022339984269838435029106295225565338977302510350541683965471497252854625765992465348263572202134560258580076551475723537815504659384755237408002711407958360852795601589620650993389277274951702863307293814459707113342412134047315244445390236599712651025207963647651269901857798649750147742440647837574808751485197092961321635667975996807149250849898224574334649776836595201869776050921454940822069373881387209841195420886636313991748494037622814267635778585640169398732140824471482757037808794827750317232312124163629902871225024658568567018844889533181697050098576400422981668718106597655358446228876714691828708687073915081661477104114215190114727976508592743920005391 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0ffa12da42905e690b280dc0c8d8fe8a69a0f7fc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enrica.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c5c8f12a8000004030046304402206b4d0b7f5d423da77071c2b08150d78d501afac43912eae713ef62eac014176502202b060aee0d7374fef5ab3509a2c85805394ff68ab4d6458a5d95f27e5959cbc8007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c5c8f14680000040300473045022100d345347248b8e0bab38885600062a1fb9a3c0ebefd717fdadfeccafe6441409a022053268df3e0df365c725649ebd1d8d340f5aa6dedf0957ed378746f58f84ef0cb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00192f5cb926e0c56e676a3b9c40fe85ea42346b381d201c656a170e3e3fc3b09f94a17ce95c6f0cd2e8ce5499ad4ce19b50d8ea4a1992764c907017ba04ea697f9effa3b8f99719aab897e06dd58d5fb7674d03e94f8101391ce41c110a601d3edde9b2258c2469bdce30ac66d0350e539c9dccfa066eca6ec3d9d6b1a857de8d655825e3e70cc354eef288cbe2835e74735276ba688b2ced4ca605cab2e5dd410c9b0f2b8dea5dad2217f9740ab102add3da926f0720a1139066bff717f1dfc0183bbf87be3a97aef84966d9ad0d1563ab48b99485799636e3c47b840150f662a54e98a29485742c454c7a0e08751b5597b442832fdca07aba83ad47201f2928