www.kamya.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:9f:60:42:69:f3:07:fe:e7:1c:12:b0:9e:be:c7:24:21:50 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.kamya.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:9f:60:42:69:f3:07:fe:e7:1c:12:b0:9e:be:c7:24:21:50Serial Number (int): 315569704863805897280973582788560505020752
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f3:e5:0e:e0:54:1e:b1:d1:d5:a5:8a:63:73:b4:c8:f7:4c:32:a3:c3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 8f:c3:43:75:2d:8b:2a:03:ad:12:fe:49:0a:7b:09:6e:e6:d6:6e:4a
Fingerprint (sha256): 83:ec:13:ab:dd:c1:f1:e6:c7:3c:47:fd:ff:7f:ff:69:3e:4a:c8:61:c9:c2:0a:38:14:2c:48:7d:00:59:60:ff
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.kamya.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kamya.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kamya.org
Other certificates including the domain name kamya.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.kamya.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA59gQmnzB/7nHBKwnr7HJCFQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MTcxNTI2MzJaFw0x OTA5MTUxNTI2MzJaMBgxFjAUBgNVBAMTDXd3dy5rYW15YS5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDlO18H6mvrBXXZlgDLjYOb897aUW0eo9P/ i+rHpu29W2sXwyNWtPNiNaABaGgmzP1EDxvNsdxmv892tJk/6WT7sObt8UlzF9KW F1pfiODjaVWGgJPYaE4YMRyCCh1Ufi4GlB44HrH3xIrkUzX5GQcdFCBY+xCxlfnQ Va+ZsAeOrtaHXg5XOv1phF7BJG3ces607krcrwbA53gDHJA6oz8O9qS4iWQjtaZ1 FG2vLc/mQOmDrl+aiwBVTNy66BzniNAzSz13UasGbr7v4aGcBE6B2P1T0DALiO/q bkh06e+eQ9PVyvRU164RZt3yLGYl5qkZrHsbqKHoG5tz1ZpYIYC6D1N2zgCUwZhR vEofgolSOJ3UTlaiXEIzMYKNrpsqiuyyQdBA2QKDK9zwElViQx+gGIv/0kxYv44+ 2xpTJrlKPbEO41WjZ59jCnhYgB+b0Trnja7+Q2xHjS3fJJOITGXoRLX8koBb/UdQ oVXWvBlyoiowW8KLnYVZ46ehuPTeBtGDwL3lX/nxQ6OO1Y/ZvIRncffsSExl9TM1 E+9e5zUUhpzXAjOJPSMUZKh53+Os6G6aw/GM17b+MJuYSkXDTISTNdTaWRA7Bqfo gjRyrxTLlSKzzG6SRDVwb95Rj5Xias1jyUMD1xQE48wcC5OiHFEj1rJ5I6PeV55t wNcseOj3TwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTz5Q7g VB6x0dWlimNztMj3TDKjwzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5rYW15YS5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdQBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWtmQvO9AAAE AwBGMEQCICEEiYa2g2sMr5SPpoGjBJEVQjXtBRQbx2YEvZ1JmBhHAiBNPTNWMt5i VybHku6Sjk9cPK4BmhLVdgb3bk1OH5KTfwB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZ AsEAKQaNsgiaN9kTAAABa2ZC9RoAAAQDAEgwRgIhAMxIaXrM8JlgjdFYyozv+uq0 6mPM2S0kxUITtbQMNBt1AiEAvKZAopJQBoZ3y5fOHAH1tf/TRMBCwb1e3Vz+lhbf q5swDQYJKoZIhvcNAQELBQADggEBAGD7o9Jo4GTLxH5Vg5ny79keNuQtEF6RsRWZ yQPmFi9PwkqLHQpJgG0VRfh0b4fCxvk/JDGxdtWBHFoZGVJtklV8PllPJdkmpj6O OEwGG/QjJfSxiwY2PBDRolaTQb6L63o5wFA7AtyXfYgCjDn2diT2IYFiq+p5Hg6w zu5EvXbg7wSV6/V7eoPzoT6yVWCpoWOCQYMFocmbtCRyGJ/aeOdz5MtFZJCF96/C H0YfinDMrRdmzriGQDk+zAX2EZ7WwchwSHY1KIo3nfvyNr2oHEYhI3/16yg5PN6/ jWqb/ngUp0+KtnPtxXcsSiAN5/vQG7vyq7Jd9LbJtiJwiwn91wI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5TtfB+pr6wV12ZYAy42D m/Pe2lFtHqPT/4vqx6btvVtrF8MjVrTzYjWgAWhoJsz9RA8bzbHcZr/PdrSZP+lk +7Dm7fFJcxfSlhdaX4jg42lVhoCT2GhOGDEcggodVH4uBpQeOB6x98SK5FM1+RkH HRQgWPsQsZX50FWvmbAHjq7Wh14OVzr9aYRewSRt3HrOtO5K3K8GwOd4AxyQOqM/ DvakuIlkI7WmdRRtry3P5kDpg65fmosAVUzcuugc54jQM0s9d1GrBm6+7+GhnARO gdj9U9AwC4jv6m5IdOnvnkPT1cr0VNeuEWbd8ixmJeapGax7G6ih6Bubc9WaWCGA ug9Tds4AlMGYUbxKH4KJUjid1E5WolxCMzGCja6bKorsskHQQNkCgyvc8BJVYkMf oBiL/9JMWL+OPtsaUya5Sj2xDuNVo2efYwp4WIAfm9E6542u/kNsR40t3ySTiExl 6ES1/JKAW/1HUKFV1rwZcqIqMFvCi52FWeOnobj03gbRg8C95V/58UOjjtWP2byE Z3H37EhMZfUzNRPvXuc1FIac1wIziT0jFGSoed/jrOhumsPxjNe2/jCbmEpFw0yE kzXU2lkQOwan6II0cq8Uy5Uis8xukkQ1cG/eUY+V4mrNY8lDA9cUBOPMHAuTohxR I9ayeSOj3leebcDXLHjo908CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 315569704863805897280973582788560505020752 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-17 15:26:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-15 15:26:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kamya.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 935184637760926820955496151399215645904370387682357745345606564287346088045415399876402990635298182423508507450414526357923526151392924535689017811419508911235134479827024647904316650802004914262696439961743081018736478341381398025221059326468416237254119278596733816723945526724203852530698359387146323386634764644808889200365098245094563471722018471177202175713762043486184922167508238111773166168291660108091326372700923319832472651576318040156768590375540091188034022712233506964514683079583442707505554089778758396463914696879348716984539466115101968852913797780716125815194158339371377519125517734540226385035273024099113973629563610319027758239428771029240454741322942492732107445614556428843897664767224315369143282771511277130259508691632428631438367070462243266613568534999003493367345346428630948291163088295499101582673440371822983429472644698903909876620682192877997980036018116288462877066023677317497629321621091283896512235926509540035054369884394444349399823602544380445490249460413943589403324940329761631777562097856821957456611647765375220526309938767313078185307909244688917474976409966913700145939107005352445346503119511168581549918134610602360285885019263743112998631109430232466936853357164023487576580618063 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f3e50ee0541eb1d1d5a58a6373b4c8f74c32a3c3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kamya.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016b6642f3bd0000040300463044022021048986b6836b0caf948fa681a30491154235ed05141bc76604bd9d4998184702204d3d335632de625726c792ee928e4f5c3cae019a12d57606f76e4d4e1f92937f0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016b6642f51a0000040300483046022100cc48697accf099608dd158ca8ceffaeab4ea63ccd92d24c54213b5b40c341b75022100bca640a29250068677cb97ce1c01f5b5ffd344c042c1bd5edd5cfe9616dfab9b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0060fba3d268e064cbc47e558399f2efd91e36e42d105e91b11599c903e6162f4fc24a8b1d0a49806d1545f8746f87c2c6f93f2431b176d5811c5a1919526d92557c3e594f25d926a63e8e384c061bf42325f4b18b06363c10d1a2569341be8beb7a39c0503b02dc977d88028c39f67624f6218162abea791e0eb0ceee44bd76e0ef0495ebf57b7a83f3a13eb25560a9a16382418305a1c99bb42472189fda78e773e4cb45649085f7afc21f461f8a70ccad1766ceb88640393ecc05f6119ed6c1c870487635288a379dfbf236bda81c4621237ff5eb28393cdebf8d6a9bfe7814a74f8ab673edc5772c4a200de7fbd01bbbf2abb25df4b6c9b622708b09fdd702