okinari.jp
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:8c:08:b3:77:36:b1:97:b0:d5:21:a3:86:6b:b6:ff:48:c6 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=okinari.jp
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8c:08:b3:77:36:b1:97:b0:d5:21:a3:86:6b:b6:ff:48:c6Serial Number (int): 308987954827256107725797156930893989759174
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: af:f0:51:e5:88:45:e5:1c:88:2c:9c:f6:be:ac:e2:f4:ee:2c:16:ad
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b9:e1:9b:2b:a6:88:b4:bf:03:e5:be:0f:c5:bc:d1:89:82:02:d8:9e
Fingerprint (sha256): 86:52:6a:39:76:ae:fc:37:4b:d3:15:f2:bf:5b:85:2a:5e:45:8c:f3:c5:5a:fd:40:6c:54:f9:1d:3a:da:7f:6e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate okinari.jp
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for okinari.jp
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
okinari.jp
www.okinari.jp
www.okinari.jp
Other certificates including the domain name okinari.jp
(limited to 100 certificates)
okinari.jp
thedeval.com
okinari.jp
www.makkan.trade
union-bauzentrum-roehlinger.com
okinari.jp
okinari.jp
www.okinari.jp
okinari.jp
test.freemarket.studio
okinari.jp
lichtansuu.huyenkhongtamnguyen.com
capitolhilldentistryandbraces.com
okinari.jp
okinari.jp
stage.player.lumiere.is
admin-sta.jointriage.net
okinari.jp
summerknights-actor.com
agente.duga.org.br
okinari.jp
okinari.jp
okinari.jp
datadog-ui.nerd.vision
okinari.jp
blackcastle.se
okinari.jp
okinari.jp
pulpcoin.vip
staging.cms.blockframes.io
okinari.jp
okinari.jp
okinari.jp
www.thomasdupre.fr
comvi.info
consultora.podeperguntar.com
thedeval.com
okinari.jp
www.makkan.trade
union-bauzentrum-roehlinger.com
okinari.jp
okinari.jp
www.okinari.jp
okinari.jp
test.freemarket.studio
okinari.jp
lichtansuu.huyenkhongtamnguyen.com
capitolhilldentistryandbraces.com
okinari.jp
okinari.jp
stage.player.lumiere.is
admin-sta.jointriage.net
okinari.jp
summerknights-actor.com
agente.duga.org.br
okinari.jp
okinari.jp
okinari.jp
datadog-ui.nerd.vision
okinari.jp
blackcastle.se
okinari.jp
okinari.jp
pulpcoin.vip
staging.cms.blockframes.io
okinari.jp
okinari.jp
okinari.jp
www.thomasdupre.fr
comvi.info
consultora.podeperguntar.com
Certificate
The complete raw certificate details for okinari.jp in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgISA4wIs3c2sZew1SGjhmu2/0jGMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjkwMjAxNTlaFw0x OTEwMjcwMjAxNTlaMBUxEzARBgNVBAMTCm9raW5hcmkuanAwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCj+ZhlFUsMZnZPBduVbvBmiFkFhm2pfpREeDBF 1YYmy9qhIgEe6UAgxuKHqqQ7BxREb8hLZ/7KYQQvyMISLPzaQmwFCzU55bO+4Vsb PfYohd4bnFOLjbEYaxiUrU/nuwhXvImm3SLtuaC1rg72RQr+dun2fy0aEPd62kxi HkGQxqXpeVX5fDIZf5pug0G53GID9a9AmKPCtY+6jMhc06KU7uA+lyLA7njSuUIb N1g+8iD6pXDzQkVKW5QJ240UI1IAbJrBsSEt7RE7t7FU5h6cgJzCUKAURT3wd7B5 zRoxjEmHl+UPyiHKExQiB5B6XQgRmRBIJxiVCrX20efknSUzAgMBAAGjggJvMIIC azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFK/wUeWIReUciCyc9r6s4vTuLBatMB8G A1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAu BggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAv BggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w JQYDVR0RBB4wHIIKb2tpbmFyaS5qcIIOd3d3Lm9raW5hcmkuanAwTAYDVR0gBEUw QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB0 ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWw7rXgiAAAEAwBHMEUC ID2UyNMvxTGlbtVM3zW0pG4tceDVhVB84ZFOU8FJQihXAiEA8oZNtLEv4GQlaGv9 dWXD5f1pCilphLchVCS51wQPaEgAdgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTD DPTlRUf0eAAAAWw7rXgAAAAEAwBHMEUCIFHlIV6D36s6xhsQrsoj3lBtnNPz15bg z2yOxFzO6mZvAiEAls686EghK811wH7/jLkmj4w9hfdFN0o2CDzGj/1clwIwDQYJ KoZIhvcNAQELBQADggEBAJBhjcmD637evE07Ov/OR5dTBZnbZTueE6iypGZiYuyy sr9lMdtpRd5ZKmfCWw1RAwY0mIHdH7KHM/K+Xdst6waS54IqPMmiK+QMQsWkREkG QA5Uh5N7ICt6ARQT3HB+APvebsd1soQgmlnQBX6PyAfuB8RE9lYaKkey8nXLqSy3 1hcU8HqFQvq3ieEHXtG0Yo7KgoTP/zFakgM6Z2NzRmzUr88/5P4oPRa97lI7CKlW dTlK1EcviU/Hu+anIvdau5RuPFtUbTKzp7MeE57/WOPQ1L0uWXgckjl+APeU/JqI DngzYchHcalAOnIv3BuqJznVVv6yDnfXgRmeLxnEiEU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/mYZRVLDGZ2TwXblW7w ZohZBYZtqX6URHgwRdWGJsvaoSIBHulAIMbih6qkOwcURG/IS2f+ymEEL8jCEiz8 2kJsBQs1OeWzvuFbGz32KIXeG5xTi42xGGsYlK1P57sIV7yJpt0i7bmgta4O9kUK /nbp9n8tGhD3etpMYh5BkMal6XlV+XwyGX+aboNBudxiA/WvQJijwrWPuozIXNOi lO7gPpciwO540rlCGzdYPvIg+qVw80JFSluUCduNFCNSAGyawbEhLe0RO7exVOYe nICcwlCgFEU98Hewec0aMYxJh5flD8ohyhMUIgeQel0IEZkQSCcYlQq19tHn5J0l MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308987954827256107725797156930893989759174 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-29 02:01:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-27 02:01:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'okinari.jp' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20699923735408768633893894901990458842239676938349531040739364882374067528640211202274234326112304190495570367556085762197319468487883898651072066936516321468291380804363475798898818223402488344413075996025182267966922917366852042546482846138379261857344425188429807757738418894384887640758238651487529486072589600144339791729687150133096973007777336962987542784917400581068562896893316728502788305041930740946758376912354165626281137339282163571111773010098943846754497732527565439184422540870317572369336187908398509492461400898740183120774812783379271707654771011013025958123856415342574024403881019161363479340339 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) aff051e58845e51c882c9cf6beace2f4ee2c16ad . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okinari.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.okinari.jp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c3bad7822000004030047304502203d94c8d32fc531a56ed54cdf35b4a46e2d71e0d585507ce1914e53c149422857022100f2864db4b12fe06425686bfd7565c3e5fd690a296984b7215424b9d7040f6848007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c3bad78000000040300473045022051e5215e83dfab3ac61b10aeca23de506d9cd3f3d796e0cf6c8ec45cceea666f02210096cebce848212bcd75c07eff8cb9268f8c3d85f745374a36083cc68ffd5c9702 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0090618dc983eb7edebc4d3b3affce4797530599db653b9e13a8b2a4666262ecb2b2bf6531db6945de592a67c25b0d510306349881dd1fb28733f2be5ddb2deb0692e7822a3cc9a22be40c42c5a4444906400e5487937b202b7a011413dc707e00fbde6ec775b284209a59d0057e8fc807ee07c444f6561a2a47b2f275cba92cb7d61714f07a8542fab789e1075ed1b4628eca8284cfff315a92033a676373466cd4afcf3fe4fe283d16bdee523b08a95675394ad4472f894fc7bbe6a722f75abb946e3c5b546d32b3a7b31e139eff58e3d0d4bd2e59781c92397e00f794fc9a880e783361c84771a9403a722fdc1baa2739d556feb20e77d781199e2f19c48845