www.cassanomagnago.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:9c:47:76:77:81:01:80:6c:77:38:ea:1d:4c:cd:0c:f7:5a was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.cassanomagnago.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:9c:47:76:77:81:01:80:6c:77:38:ea:1d:4c:cd:0c:f7:5aSerial Number (int): 314515897337504816915412930001013228500826
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: eb:8e:73:af:1c:2d:70:1b:7f:6b:f4:5d:e4:12:e3:e0:26:3c:0d:d8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0e:34:84:46:39:42:db:07:91:c4:56:00:9f:51:26:5d:2a:52:64:b7
Fingerprint (sha256): 7f:f5:99:56:1f:1a:36:b5:b0:49:07:13:ad:2b:6b:8a:fa:00:47:f9:80:97:18:af:52:87:ed:37:01:8d:e9:14
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.cassanomagnago.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cassanomagnago.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cassanomagnago.org
Other certificates including the domain name cassanomagnago.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.cassanomagnago.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYzCCBUugAwIBAgISA5xHdneBAYBsdzjqHUzNDPdaMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTAxNDU2NDhaFw0y MDA1MTAxNDU2NDhaMCExHzAdBgNVBAMTFnd3dy5jYXNzYW5vbWFnbmFnby5vcmcw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqq8Y4Wod3odpmYH7N7Nkr ICxi35Zcb+M8J9WjLSQED/Hu2LLz1iQPyyzKD8x/pjngffdxbTQ25tvO3jKgHBBJ HqqHXDzsnOpBjkIZYUdnvYK84na1c3KR7cK9ym3UDRWLwGi2ImW5/+YLpaX8eELG hfNKh7ItNSC7LqxD8DVN8oRRP0R7yszexS+A1puk7X9C4VNtKTfGIvtmBpZMu/b8 NRw9JM1210OjDipXsJmM0JtBKluam1vOAnjfROZQhjTSpN1Uwq9TmPk3R61okq2v Fzxn0uJgbLfUd1ufZkWgRoackWSvETtyOnNk9DRsrZlrW23t5MeNc6zRrHNUKass jcf99blLzFQ9aUZqmasEWIzWPdFgxnrpq/Myg/4bUDzW//+8+DIah+yUzO4uXwqW lt5QfvNQ87hQj2z2ZfXIhNv425qUKEgbblzSNKHMaVvKe6JaLWKuWwHRSWeKhPZt 4Go/6LzLs5dlUYBawM1KNIcgQLd6GJkeoXT0pRG/K+gqtudtc5ESW0pYQYh5k3pK AV6pb9Crn86LdYtf8NWbcW14lC9wvJYUq+Go5XECuLy9XH51IoLF2Ii6QBItxTPj eTbB6sMHlEuJcuxeXLOq9DR7FCmHrQk4CKthWafmOcbT4A/LbTdqb5oAMlFhXmIF AE9C0MtrkHsQSbsEfAZsawIDAQABo4ICajCCAmYwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBTrjnOvHC1wG39r9F3kEuPgJjwN2DAfBgNVHSMEGDAWgBSoSmpjBH3duubR ObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9v Y3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9j ZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEGA1UdEQQaMBiCFnd3dy5jYXNz YW5vbWFnbmFnby5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMB AQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggED BgorBgEEAdZ5AgQCBIH0BIHxAO8AdQBep3P531bA57U2SH3QSeAyepGaDIShEhKE GHWWgXFFWAAAAXAv0UUtAAAEAwBGMEQCIGuqBDcduyY4ZejWNAj/w9WF/TpVlLzh yIebyf552BkJAiARK2MPVHiqz2aIbwlnCbxZvjTVXx588nVV3pg3KWk+GgB2AAe3 XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABcC/RRUoAAAQDAEcwRQIg PikX4yQanLqPeGZ0PlyL3vNHHSAJpnRl/cmTnQINkYYCIQC0RcavLgKM8enafacu w7OS1dQpdQLVJqiMZ8T1kNH8izANBgkqhkiG9w0BAQsFAAOCAQEAWhDcNGk9vMj0 dinFclm0wEoRIdv/eHm0xm7N7iImkhOBk80YEORbBpqXmlFFpJuD52fWiUN3pnt5 CvnEkWal34eks8rsBHo9uDBy80VSYe2g/pyk942+XKSQUoYtkZtW8VtFxwwBG5Tl wpQF8UiQnve35rNRJVvddILpLbtkxO/lyJ5intXO1bY7nOspEHKOU+NN5MWoD5yW ds+cDiNsvskb4vuzILHAX3wK8NvyADM8ly+YU3/eUBfzilQZjmmMfaThwCVttoVD LGDQ/YorW7qouFNxpx3orrnKSbG2rqaHc0MTwtRgJ3P8EzC6nn1tsE5CkNCoKRFg +fkklpMDwQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqqvGOFqHd6HaZmB+zezZ KyAsYt+WXG/jPCfVoy0kBA/x7tiy89YkD8ssyg/Mf6Y54H33cW00Nubbzt4yoBwQ SR6qh1w87JzqQY5CGWFHZ72CvOJ2tXNyke3Cvcpt1A0Vi8BotiJluf/mC6Wl/HhC xoXzSoeyLTUguy6sQ/A1TfKEUT9Ee8rM3sUvgNabpO1/QuFTbSk3xiL7ZgaWTLv2 /DUcPSTNdtdDow4qV7CZjNCbQSpbmptbzgJ430TmUIY00qTdVMKvU5j5N0etaJKt rxc8Z9LiYGy31Hdbn2ZFoEaGnJFkrxE7cjpzZPQ0bK2Za1tt7eTHjXOs0axzVCmr LI3H/fW5S8xUPWlGapmrBFiM1j3RYMZ66avzMoP+G1A81v//vPgyGofslMzuLl8K lpbeUH7zUPO4UI9s9mX1yITb+NualChIG25c0jShzGlbynuiWi1irlsB0UlnioT2 beBqP+i8y7OXZVGAWsDNSjSHIEC3ehiZHqF09KURvyvoKrbnbXOREltKWEGIeZN6 SgFeqW/Qq5/Oi3WLX/DVm3FteJQvcLyWFKvhqOVxAri8vVx+dSKCxdiIukASLcUz 43k2werDB5RLiXLsXlyzqvQ0exQph60JOAirYVmn5jnG0+APy203am+aADJRYV5i BQBPQtDLa5B7EEm7BHwGbGsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 314515897337504816915412930001013228500826 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-10 14:56:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-10 14:56:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cassanomagnago.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 696276905600053918287336070815729842998189958179300260139072961701218574040471144632240400781533381448349967471881709964229006129954514236496446096531106544163709636970421451828181217914246278795176801102599927502580787765500341423561803964624463516680589564767976860141207437497172461306094943123274654067228266125662932392445197946723351265870394580464736047421445593682190330154664608082165079461953029070406102227591865765587099089371453585038217048290660065796149859732487231000242890603200622287157661775942869629579038681083235390777863423802305104866495212348934531312752526259654381492554472971195058860369014885315546381061596376732943015782454922381840807723278746372956170780554287942142646163158192819912142356652886239099582132518780993728768707009913931088661482020048232738270393316073632166296503159353646740052255164936466836379723659555156664296157998681040001490763860412400664184040865668988047245836987333809760043187019547294302168985054220488561186620866804288709407785286543683819612238556922028280159335892098489217736065600780400469536635874250804820583706997580160430836635490611030293946551331325087712871120644779906502939165101181844536422005887866965286680946696848468345639293751024042369388892286059 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eb8e73af1c2d701b7f6bf45de412e3e0263c0dd8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cassanomagnago.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001702fd1452d000004030046304402206baa04371dbb263865e8d63408ffc3d585fd3a5594bce1c8879bc9fe79d819090220112b630f5478aacf66886f096709bc59be34d55f1e7cf27555de983729693e1a00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c000001702fd1454a000004030047304502203e2917e3241a9cba8f7866743e5c8bdef3471d2009a67465fdc9939d020d9186022100b445c6af2e028cf1e9da7da72ec3b392d5d4297502d526a88c67c4f590d1fc8b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005a10dc34693dbcc8f47629c57259b4c04a1121dbff7879b4c66ecdee222692138193cd1810e45b069a979a5145a49b83e767d6894377a67b790af9c49166a5df87a4b3caec047a3db83072f3455261eda0fe9ca4f78dbe5ca49052862d919b56f15b45c70c011b94e5c29405f148909ef7b7e6b351255bdd7482e92dbb64c4efe5c89e629ed5ced5b63b9ceb2910728e53e34de4c5a80f9c9676cf9c0e236cbec91be2fbb320b1c05f7c0af0dbf200333c972f98537fde5017f38a54198e698c7da4e1c0256db685432c60d0fd8a2b5bbaa8b85371a71de8aeb9ca49b1b6aea687734313c2d4602773fc1330ba9e7d6db04e4290d0a8291160f9f924969303c1