www.paivamies.fi

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:3f:df:55:04:78:04:42:af:64:ae:4b:b9:1c:85:ea:6a:19 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.paivamies.fi

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:3f:df:55:04:78:04:42:af:64:ae:4b:b9:1c:85:ea:6a:19
Serial Number (int): 283071506190231211311803423240321470458393
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 18:45:85:ee:53:8e:49:6f:75:2e:af:5b:3f:d1:29:e0:00:c4:40:29
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): c7:b7:1f:85:2c:69:58:52:dd:51:41:0b:4d:03:9e:22:99:d5:37:8c
Fingerprint (sha256): 88:0c:70:0c:75:2e:2f:57:c2:c0:83:65:87:cc:a5:5a:13:23:d7:c1:03:ac:0b:bf:11:c2:17:02:2f:0b:48:4b

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.paivamies.fi

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.paivamies.fi

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.paivamies.fi

Other certificates including the domain name paivamies.fi

(limited to 100 certificates)
digi.paivamies.fi
www.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
digi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
www.paivamies.fi
testi.paivamies.fi
www.paivamies.fi
testi.paivamies.fi
testi.paivamies.fi
aller.ap.richiefi.net
aller.ap.richiefi.net
testi.paivamies.fi
alasatakunta.ap.richiefi.net
testi.paivamies.fi
www.paivamies.fi
testi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
www.paivamies.fi
alasatakunta.ap.richiefi.net
aller.ap.richiefi.net
testi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
www.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
testi.paivamies.fi
aller.ap.richiefi.net
testi.paivamies.fi
almatalent.ap.richiefi.net
alasatakunta.ap.richiefi.net
www.paivamies.fi
aller.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
digi.paivamies.fi
digi.paivamies.fi
aller.ap.richiefi.net
www.paivamies.fi
testi.paivamies.fi
aller.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
alasatakunta.ap.richiefi.net
testi.paivamies.fi
alasatakunta.ap.richiefi.net
testi.paivamies.fi
testi.paivamies.fi
alasatakunta.ap.richiefi.net
www.paivamies.fi
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
www.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
www.paivamies.fi
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
aller.ap.richiefi.net

Certificate

The complete raw certificate details for www.paivamies.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAz/fVQR4BEKvZK5LuRyF6moZMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MTQwMTM1NDhaFw0x
OTEyMTMwMTM1NDhaMBsxGTAXBgNVBAMTEHd3dy5wYWl2YW1pZXMuZmkwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvmIj2x+FSOE/j4q3Y7kh7y4/cIHc5
tBWLpDuNpwI7opEEMEJJ9N9341v3FINSsStvp3LdPRC/mKL4CN/Z/9Qqt2WG0umT
jcDCE8WNAhyPGNy2fljeWffKRwUer5lA6jng6Wix/5H3BzQVSC+qkl0gNBT24hvi
FbR1VGAcycz3d5K2ntvZhJh63i5LZUA+77xosiE3zLbuk4Rpbzvn/YPjnT9929jF
ABboh6okG6qLJW2WI7eHsNg5Qg4sZ1mSLZGMWG+h/f3f+8I6GF9Ghzc1Cgr6007k
7++CHUp3ZCaRJXqJWdGNiaN4e7D61DdJh3PTwfAs5yEp2ugtUwDlMtHBAgMBAAGj
ggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBhFhe5TjklvdS6vWz/RKeAA
xEApMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB
BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZy8wGwYDVR0RBBQwEoIQd3d3LnBhaXZhbWllcy5maTBMBgNVHSAERTBDMAgG
BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz
LmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AHR+2oMx
rTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABbS2gYzgAAAQDAEgwRgIhALFe
jk+udmufhHBXzqBROxowwQ9XaqFlsPsiVXoLWQ6FAiEAkcnnuHaWBPOvwr016JmT
NkUrARC9Yobgp6c/uSOmlVEAdQBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdo
VEvYjQAAAW0toGUGAAAEAwBGMEQCIH3jGsjx44yXGnzTZVXz3twVCo0vdjppobhA
U10QeNOpAiBQ/ppiRjHLUJBPRS6SUE9VHc1Uyew7f6AAhVGoH5BN8jANBgkqhkiG
9w0BAQsFAAOCAQEAPSIoUD/EO/cz7YSpCjyjfOmCx1TOXh2okLj909b/Bd/dPBiy
Wj8DVQ3DlXbHazcyEh2Jp7y3occdrRPiqos74y3tDlJt6xHft0LBydeUHr544zuM
SvEsOZgYKtr1d31fSDmlKexEDqT3Hss48uAj7k1rNt70RjPGea/qZdjk0IFA9vnF
1hQkKCR4KT/no83gyds07Ty/SbMtFhrCoZ1Nbmp5SZ9ygePxIw38+ei/EdRolCDH
Uo7V76vRPCsCHJxj4JquSU8UM+64uXqgqUWwLZ7ig+hjgaPpRGEOW11VkV3ZFDk3
T3inOfaVYybZix0L/Ced42dSED3lKeIEn89EXA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5iI9sfhUjhP4+Kt2O5I
e8uP3CB3ObQVi6Q7jacCO6KRBDBCSfTfd+Nb9xSDUrErb6dy3T0Qv5ii+Ajf2f/U
KrdlhtLpk43AwhPFjQIcjxjctn5Y3ln3ykcFHq+ZQOo54Olosf+R9wc0FUgvqpJd
IDQU9uIb4hW0dVRgHMnM93eStp7b2YSYet4uS2VAPu+8aLIhN8y27pOEaW875/2D
450/fdvYxQAW6IeqJBuqiyVtliO3h7DYOUIOLGdZki2RjFhvof393/vCOhhfRoc3
NQoK+tNO5O/vgh1Kd2QmkSV6iVnRjYmjeHuw+tQ3SYdz08HwLOchKdroLVMA5TLR
wQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 283071506190231211311803423240321470458393
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-14 01:35:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-13 01:35:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.paivamies.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22166921188647260382774416183254065242570295567195092032199562803510832527658866041509711247261518191149051582534064172645379964019817131250528981841209598655707846425052123416207997232539019215814798500800659658683896437148530254393474348988973283081743013410301614403971941945694174941335507209804095140654177626802255898253040644388483895175347736153319431182628271159009940383999617508081453351688962192715820517831469141798282375438023794161942295546856932827889566787748242306385031437784406718098237532506095561950851932759944463475781854576537961191390494278394665274353178921257638762487241131807899758285249
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							184585ee538e496f752eaf5b3fd129e000c44029
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paivamies.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d2da063380000040300483046022100b15e8e4fae766b9f847057cea0513b1a30c10f576aa165b0fb22557a0b590e8502210091c9e7b8769604f3afc2bd35e8999336452b0110bd6286e0a7a73fb923a6955100750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d2da06506000004030046304402207de31ac8f1e38c971a7cd36555f3dedc150a8d2f763a69a1b840535d1078d3a9022050fe9a624631cb50904f452e92504f551dcd54c9ec3b7fa0008551a81f904df2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003d2228503fc43bf733ed84a90a3ca37ce982c754ce5e1da890b8fdd3d6ff05dfdd3c18b25a3f03550dc39576c76b3732121d89a7bcb7a1c71dad13e2aa8b3be32ded0e526deb11dfb742c1c9d7941ebe78e33b8c4af12c3998182adaf5777d5f4839a529ec440ea4f71ecb38f2e023ee4d6b36def44633c679afea65d8e4d08140f6f9c5d61424282478293fe7a3cde0c9db34ed3cbf49b32d161ac2a19d4d6e6a79499f7281e3f1230dfcf9e8bf11d4689420c7528ed5efabd13c2b021c9c63e09aae494f1433eeb8b97aa0a945b02d9ee283e86381a3e944610e5b5d55915dd91439374f78a739f6956326d98b1d0bfc279de36752103de529e2049fcf445c