kzw.net
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:ed:e3:a6:94:a7:18:95:f4:80:85:70:72:af:c4:0e:66:7c was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kzw.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ed:e3:a6:94:a7:18:95:f4:80:85:70:72:af:c4:0e:66:7cSerial Number (int): 429398664378660428516991302593177384281724
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: fd:e0:7b:08:34:85:e7:91:8e:04:f7:34:2a:f7:4d:c4:e9:64:4f:d8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 21:ac:d2:2e:ea:1c:21:02:fa:f8:7d:ae:32:35:aa:32:d2:af:58:7b
Fingerprint (sha256): 79:8e:b5:81:42:82:32:5a:2a:a1:90:91:89:bb:a7:5d:27:fd:d7:3d:c8:ee:78:0c:5b:8a:e8:b9:61:53:3e:a4
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate kzw.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kzw.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kzw.net
Other certificates including the domain name kzw.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for kzw.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRTCCBS2gAwIBAgISBO3jppSnGJX0gIVwcq/EDmZ8MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDcwMzU0MjdaFw0y MDA3MDYwMzU0MjdaMBIxEDAOBgNVBAMTB2t6dy5uZXQwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQDdMiB7KmrLI4NDIZxzKYLddSY9GjLZywI9p28sT80Z Oeh21U8GOG/he7hKidAk3hBiU8eAmHKUM/n7WNGW8CIq9S9uqc3G+eD96To7xnR4 P3qFqmoo3S5XjO7mkpTkyjmRqHK2uZ+vfNOiDWJI5jUh+Wv8pctTuCrqOpCBWory PyJiXy5AaESPQFvmQ8MArpSe37tvHoB1tmhBE0vxThzuzDTu4b+hG7ekNI4r5oWs Vbjb/cv5+vOIjMoOn0LqSSKkeYUyPhrS6QoNEix3G85oh3U8EQf5yystgQNqFdq5 Z9CmRqqGsyLNobzLDgM4RUo1bFTFDyj/oDP8mLAH1zQabU0fPt+TAtCZWtHq8cRL qWJy9P5CmQTgeiSGTbGGhbZ/IzxM69g9dB+frZGjSHIiVpAG/WFXkoPdduZCOISG YUYkb5KLXbmWENUCFvF0WsGtIUO8eWtR4V8gD83DQMfOZqNj3fQvyRrRGe4yJouA bxhUfoOCShV7sgjXNdf9+109Rn2x7afHTds/7UqzUNPEZSl5C2VLSXMD4dJrDb0C SmQP/cx2JH4J3NcBYnsaNBwxdMjv1cw+KA+hxYNvwW43OR+BvcfF6AYsPz7mYAsA 2ov7BMY/lTS1k1VotvttEKxfTT6KvejNzTnOiOVWofBddFfXEOu789U37BRpllum SwIDAQABo4ICWzCCAlcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT94HsINIXnkY4E 9zQq903E6WRP2DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggr BgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRz ZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz ZW5jcnlwdC5vcmcvMBIGA1UdEQQLMAmCB2t6dy5uZXQwTAYDVR0gBEUwQzAIBgZn gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s ZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQDwlaRZ8gDR gkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAXFS/VgrAAAEAwBGMEQCIBC7FAHn 0/jYRytnHz+UJCKrPzYb9Wj43gAXc1/Gm1DpAiB4BjlKYgMwoqSaKNvjxzPYQ6pv C5tXo1BaBxXeoS1ZSAB2AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06Ic AAABcVL9WFcAAAQDAEcwRQIhANxSvi2MYsKDZEhbJ+Qag8HbezuVoLhXknQb5dtk GMNJAiB+yfRKpAmMBd2dpllnV+nrQmdhV4UXRj5hPhFl7PExaTANBgkqhkiG9w0B AQsFAAOCAQEAP3z+yZ/3OxYbPvtnazKIzkxKwAT3Q3rrIijtOwDEIgFAphuYDkpF e+IJYaqDISDKfFnucynOP9VBZ8WwnOs0uh3c4GRdu6q9N2UNWMjWJgrso44msAV0 0lhDtLWri1rKp5xAfP9oxOsDy8Vq4Q+jkr0PwPpnuWfb0dLbgLSmGM6SnbDSkgdC CFdS/UmP19SjhouO3iZcSeNCNReHErLgi+eqDuDNnEJ5mpfEXeEAwIshRWx1L8Zr DVhD3eqFdfEiYtCAweBR82Zk2soVNo3+DBcALlJdrpwzAyEutaczitoYXm9m97hr f476O06ap9+ojRJAS60iIAT7+uL5TSVbKg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3TIgeypqyyODQyGccymC 3XUmPRoy2csCPadvLE/NGTnodtVPBjhv4Xu4SonQJN4QYlPHgJhylDP5+1jRlvAi KvUvbqnNxvng/ek6O8Z0eD96hapqKN0uV4zu5pKU5Mo5kahytrmfr3zTog1iSOY1 Iflr/KXLU7gq6jqQgVqK8j8iYl8uQGhEj0Bb5kPDAK6Unt+7bx6AdbZoQRNL8U4c 7sw07uG/oRu3pDSOK+aFrFW42/3L+frziIzKDp9C6kkipHmFMj4a0ukKDRIsdxvO aId1PBEH+csrLYEDahXauWfQpkaqhrMizaG8yw4DOEVKNWxUxQ8o/6Az/JiwB9c0 Gm1NHz7fkwLQmVrR6vHES6licvT+QpkE4Hokhk2xhoW2fyM8TOvYPXQfn62Ro0hy IlaQBv1hV5KD3XbmQjiEhmFGJG+Si125lhDVAhbxdFrBrSFDvHlrUeFfIA/Nw0DH zmajY930L8ka0RnuMiaLgG8YVH6DgkoVe7II1zXX/ftdPUZ9se2nx03bP+1Ks1DT xGUpeQtlS0lzA+HSaw29AkpkD/3MdiR+CdzXAWJ7GjQcMXTI79XMPigPocWDb8Fu Nzkfgb3HxegGLD8+5mALANqL+wTGP5U0tZNVaLb7bRCsX00+ir3ozc05zojlVqHw XXRX1xDru/PVN+wUaZZbpksCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 429398664378660428516991302593177384281724 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-07 03:54:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-06 03:54:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kzw.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 902400166477864422684043939640596331746083209722795077871316061643712047901372646633154299178070002306066697508419534798209355723948412775969888559748793538993695345080872849075633919846495997877757282271047914917782358521430685953204081619932387598977254822711121669746885420069323775520764504109057961791365373809789977393894617723837618026266808270888234691974628949382194179664738306725633364593423924131184243307621138014275992093442972638329340282751428160403122919506766804559712839314215251095954951915455862230991276319773148973411586905759258872608296619158599346232121048039917396556914898754623508154173140149882094319042092819722354707969831152718840010306775145757011081574497126283592547086733440210582658431840212759197106214476940474801876927831695685597805697715591025700015379442337329364529152350622485122729027778292272311501570572243776523282980245083253195829739235351381988330932048364171153621351085189271243487747598807562841214600223910560572481756651955900298151860272061833677193228928259429791753038272525845242209790831590430460791698419029054550008198280864299684457816091989473098137414087617929910063149327251584082694705101242683589489345532603531077938120268075914118867197281246744722406532425291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fde07b083485e7918e04f7342af74dc4e9644fd8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (11 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kzw.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000017152fd582b0000040300463044022010bb1401e7d3f8d8472b671f3f942422ab3f361bf568f8de0017735fc69b50e902207806394a620330a2a49a28dbe3c733d843aa6f0b9b57a3505a0715dea12d594800760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017152fd58570000040300473045022100dc52be2d8c62c28364485b27e41a83c1db7b3b95a0b85792741be5db6418c34902207ec9f44aa4098c05dd9da6596757e9eb426761578517463e613e1165ecf13169 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003f7cfec99ff73b161b3efb676b3288ce4c4ac004f7437aeb2228ed3b00c4220140a61b980e4a457be20961aa832120ca7c59ee7329ce3fd54167c5b09ceb34ba1ddce0645dbbaabd37650d58c8d6260aeca38e26b00574d25843b4b5ab8b5acaa79c407cff68c4eb03cbc56ae10fa392bd0fc0fa67b967dbd1d2db80b4a618ce929db0d2920742085752fd498fd7d4a3868b8ede265c49e34235178712b2e08be7aa0ee0cd9c42799a97c45de100c08b21456c752fc66b0d5843ddea8575f12262d080c1e051f36664daca15368dfe0c17002e525dae9c3303212eb5a7338ada185e6f66f7b86b7f8efa3b4e9aa7dfa88d12404bad222004fbfae2f94d255b2a