www.paivamies.fi

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:de:6e:ab:03:3b:38:1a:84:2f:43:82:23:07:81:0a:9f:60 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.paivamies.fi

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:de:6e:ab:03:3b:38:1a:84:2f:43:82:23:07:81:0a:9f:60
Serial Number (int): 337026646279567282646426908542341808299872
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 75:92:65:d6:a1:a9:3f:15:11:47:5b:84:22:80:62:41:f8:76:52:65
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 28:09:a4:92:6a:48:57:36:8f:c4:c4:84:fb:a2:50:8c:20:29:40:ba
Fingerprint (sha256): 89:2f:9d:04:7d:ee:ce:3c:42:25:86:62:ae:dc:3d:df:2b:52:80:df:3f:46:0f:ad:2b:1d:0b:e2:42:ac:c4:f4

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.paivamies.fi

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.paivamies.fi

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.paivamies.fi

Other certificates including the domain name paivamies.fi

(limited to 100 certificates)
digi.paivamies.fi
www.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
digi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
www.paivamies.fi
testi.paivamies.fi
www.paivamies.fi
testi.paivamies.fi
testi.paivamies.fi
aller.ap.richiefi.net
aller.ap.richiefi.net
testi.paivamies.fi
alasatakunta.ap.richiefi.net
testi.paivamies.fi
www.paivamies.fi
testi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
www.paivamies.fi
alasatakunta.ap.richiefi.net
aller.ap.richiefi.net
testi.paivamies.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
www.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
testi.paivamies.fi
aller.ap.richiefi.net
testi.paivamies.fi
almatalent.ap.richiefi.net
alasatakunta.ap.richiefi.net
www.paivamies.fi
aller.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
digi.paivamies.fi
digi.paivamies.fi
aller.ap.richiefi.net
www.paivamies.fi
testi.paivamies.fi
aller.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
alasatakunta.ap.richiefi.net
testi.paivamies.fi
alasatakunta.ap.richiefi.net
testi.paivamies.fi
testi.paivamies.fi
alasatakunta.ap.richiefi.net
www.paivamies.fi
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
www.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
www.paivamies.fi
digi.paivamies.fi
www.paivamies.fi
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
aller.ap.richiefi.net

Certificate

The complete raw certificate details for www.paivamies.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISA95uqwM7OBqEL0OCIweBCp9gMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMTgwMTMwMzNaFw0x
OTAyMTYwMTMwMzNaMBsxGTAXBgNVBAMTEHd3dy5wYWl2YW1pZXMuZmkwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5LKaOLDrdIDLSGcum/GELvcZexgLu
/Wc/lYHn49/OBbuZT2rGjidBFLPtTxc8eBK5LtLMW+LODqM5sPLNvLNRcD3nqyfq
gNk3xigIYPG7rlylIoMFb1bCA/dEEe0kyCP5gJ+64qt44A6K1GFGNBOTjiBPBnI9
B4StGjLXpoWWLunzg533bHUnPz2dNrjEgzsPeVKZGjq9gLR1Ws3OO0S8OYUC7Bvf
TiVSStWsO6hB1520C0zngjwUYl8DaqTtoR/GUhglg1CQZ4VJDUTgxFY9XkN0Gk30
QMLTKo01bi5gpaGN0xtXu8UUjqWguINwDZgmuPmhN0rBR9saVARJuYkdAgMBAAGj
ggJmMIICYjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHWSZdahqT8VEUdbhCKAYkH4
dlJlMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB
BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZy8wGwYDVR0RBBQwEoIQd3d3LnBhaXZhbWllcy5maTBMBgNVHSAERTBDMAgG
BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz
LmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AHR+2oMx
rTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABZySnwTsAAAQDAEcwRQIgLa4e
gcsVfavpY1trcheOm78F0RTALXuvXhwom3NBY3UCIQCjyKJYED8OZG2YNEcfrDPj
gC66jZCLthUPkKri3fJFpgB3ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVF
R/R4AAABZySnwY8AAAQDAEgwRgIhAKQ8USipoYyaOns12EbpusYdSQCAU8p5CqrS
94qu+ZCwAiEA1vNoxp1xiQTp+wjzC9dPfu4d2WsAHa5Ov87A/R1QVGYwDQYJKoZI
hvcNAQELBQADggEBAIav9CA/mm4nqQ6SbmNp3c3I8uXjvDcDyQUI/tP4/GAhkoaQ
rzXXokO0Be3vj0eSPKNFzx5IX4JaXBsa41n+7Q7fLHlsuMAjFjS8Xr7dknYeB+fb
EJcK9WaUzDpASVvtKyobJ6xB0+kUorTez2C0DDTtKHMeMPejdEn47HfBBdq2T43M
3uPhm3s0FYdxUc8jkPn4FnopRXyhUPKkVh9qWrWeiyOilws6qj7ynx03/sms0Gnt
ngITEP0HuuTmeGhArK4yS64huiJCbiEOzaIWJYzEg8OWaZU3nQ0+eyr2hc4d30Ao
3QJIUpnIyOiiU0v7oez6x6V8CU7ig2+UEcVN9E8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSymjiw63SAy0hnLpvxh
C73GXsYC7v1nP5WB5+PfzgW7mU9qxo4nQRSz7U8XPHgSuS7SzFvizg6jObDyzbyz
UXA956sn6oDZN8YoCGDxu65cpSKDBW9WwgP3RBHtJMgj+YCfuuKreOAOitRhRjQT
k44gTwZyPQeErRoy16aFli7p84Od92x1Jz89nTa4xIM7D3lSmRo6vYC0dVrNzjtE
vDmFAuwb304lUkrVrDuoQdedtAtM54I8FGJfA2qk7aEfxlIYJYNQkGeFSQ1E4MRW
PV5DdBpN9EDC0yqNNW4uYKWhjdMbV7vFFI6loLiDcA2YJrj5oTdKwUfbGlQESbmJ
HQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 337026646279567282646426908542341808299872
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-18 01:30:33 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-16 01:30:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.paivamies.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23376104453598919326303203062215498542337301415047149390382258829920103917321688121746042219464160308664548226568193430960043195746090584096558178114401300514758341354435458231035605017139518334658335665700349145222773676656795209927664126271769552537196699207453841433715956200536934833801407627115838910879090380446538926428940778867925965430642456338493976614217922400145419581029078619908498385768753618368498419827303894654717049272640259250798980364295228923583883210635801082685969674647499283282078515404051575718262767004790278905335772038259151446608759271468831288924022557057906137176395897802669793315101
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							759265d6a1a93f1511475b8422806241f8765265
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paivamies.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016724a7c13b000004030047304502202dae1e81cb157dabe9635b6b72178e9bbf05d114c02d7baf5e1c289b73416375022100a3c8a258103f0e646d9834471fac33e3802eba8d908bb6150f90aae2ddf245a6007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016724a7c18f0000040300483046022100a43c5128a9a18c9a3a7b35d846e9bac61d49008053ca790aaad2f78aaef990b0022100d6f368c69d718904e9fb08f30bd74f7eee1dd96b001dae4ebfcec0fd1d505466
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0086aff4203f9a6e27a90e926e6369ddcdc8f2e5e3bc3703c90508fed3f8fc6021928690af35d7a243b405edef8f47923ca345cf1e485f825a5c1b1ae359feed0edf2c796cb8c0231634bc5ebedd92761e07e7db10970af56694cc3a40495bed2b2a1b27ac41d3e914a2b4decf60b40c34ed28731e30f7a37449f8ec77c105dab64f8dccdee3e19b7b3415877151cf2390f9f8167a29457ca150f2a4561f6a5ab59e8b23a2970b3aaa3ef29f1d37fec9acd069ed9e021310fd07bae4e6786840acae324bae21ba22426e210ecda216258cc483c3966995379d0d3e7b2af685ce1ddf4028dd02485299c8c8e8a2534bfba1ecfac7a57c094ee2836f9411c54df44f