*.a2i2.ai
Issued by R3
About this certificate
This digital certificate with serial number 03:8d:e3:e0:0b:1e:5b:01:40:d8:79:b1:cd:08:86:8f:c1:8b was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.a2i2.ai
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:8d:e3:e0:0b:1e:5b:01:40:d8:79:b1:cd:08:86:8f:c1:8bSerial Number (int): 309619569586184066159386060635412425064843
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6b:39:2a:2c:01:6b:82:19:c3:2c:e1:d5:df:86:5a:6d:e4:ec:87:9b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a5:52:10:53:d6:2b:3a:7e:7f:fc:3a:4e:77:15:6d:40:15:31:06:00
Fingerprint (sha256): 8b:11:c8:f4:5b:6e:ec:3e:0b:d7:bc:76:45:88:5a:7b:b6:c9:be:23:50:06:62:bf:fc:fe:fb:3c:d5:22:51:01
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.a2i2.ai
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.a2i2.ai
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.a2i2.ai
a2i2.ai
a2i2.ai
Other certificates including the domain name a2i2.ai
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.a2i2.ai in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5zCCBM+gAwIBAgISA43j4AseWwFA2HmxzQiGj8GLMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA2MDIxMzM0MDlaFw0yNDA4MzExMzM0MDhaMBQxEjAQBgNVBAMM CSouYTJpMi5haTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK8ztY81 TO5Y5qlJo5lW5K/0mEwZRlw4e5nFqPA/kpUnBR99A518ggFXf6cHSQhNBqOgy8IC NAfinGUtvsqx5V9asP3n36YbqNcg/8ItXoc4gEZwvoTXygAr7jUR7HsU2iS2qS9B 8VoK1zjjoSxu4wKR4+LshXOwIO+Snofkyplfbbr7sFNchT6wj7WDh9TkpnA23qVf d6tI7q+8d45uqDk0qmdjnO/dVLAIgkCx8SKBNqWZ+snXtEV4Hs5EI4168bQZ1EVl XnuexeKAkRDNZVBUQnZZPlnSpaSHc7qekPrI01tIRgAJHnhmslzgw5EbtCnjMLOo +IT/8rdb+V6kKrS0CYccGE8h5XIt5Kc9XeXhs/eUBgSHRPebBddH2dDbke01UWDq gOfUwRwpg4gYlOLKz3SDcoim+58lJZNV9o/lHZnKEqcXNF5oZ0KEXps/WRR7Zuwg 5Gie43yVJPSgixfWNfbYVFDsn9udczorGrYtBnVHz+yrBXYPy2ecgFSRJ3z4vpya azVK3AMDxh/faL69VBUF0qrnTGw2kZIuX1D6nWAvPuxxy86fJmT6Zz/ZjNQ2pwVN ZUYIGT6e56+Dj+liBDtdZkYwnRPcKD/suehsp1Geir78o4ND93MfBFo2VmhDMyMu GdxsRb1toi2qTYHNVrfGeMCNg+C8wV8H+8p/AgMBAAGjggITMIICDzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFGs5KiwBa4IZwyzh1d+GWm3k7IebMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMB0GA1UdEQQWMBSCCSouYTJpMi5haYIHYTJpMi5haTATBgNV HSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2ABmYEHEJ 8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTKAAABj9lfQKIAAAQDAEcwRQIhAIp9 /WQdPPuZ0d+Jm9Z57YmZNYu1ErInH9TYY0fnei24AiBWALxrzY50zeO909P//XFW UDfv1FDL31ixxDvDiLNugQB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM Wjp0AAABj9lfQKQAAAQDAEYwRAIgTZI9rfUuAq4ZQdWuJeQ9Uo/VJdqZMGzI+G71 kDu70mECIF+2UPAdU9eknFpMImN9qzKpKUjF3RwugPDM6BaQgJhZMA0GCSqGSIb3 DQEBCwUAA4IBAQAsu1+WYkxPW2G1nTHp7Cqv5AKP+xFz2l43lm+DFoa5tosEiqbQ pC5uUvJ6baci40ZJ19cg+m6FHco+IrD1pHE2PLDHoRRcczPkW0W51uMWVt9bco/d CSt4DiSHZiS7zCr8MG5FuHD5MkR7T13YzvG7bJOkSXBNYUw/c7LlvYxBejy2hYxx 74534jJnFof4YbP4ECoergkBfbKB/+nUuI00xDpJdt0LvZZh9y5le6QDkk1ElC4E h8uY0lj8iySe1p6AXSYnLwXQcYYRQeabygNWpdjOE/YV6JDkUA1ODFYLCeoGy/9b 2ptvZ5XQuIkJl3XlMXueW6rnl7DZluOH7Pjv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArzO1jzVM7ljmqUmjmVbk r/SYTBlGXDh7mcWo8D+SlScFH30DnXyCAVd/pwdJCE0Go6DLwgI0B+KcZS2+yrHl X1qw/effphuo1yD/wi1ehziARnC+hNfKACvuNRHsexTaJLapL0HxWgrXOOOhLG7j ApHj4uyFc7Ag75Keh+TKmV9tuvuwU1yFPrCPtYOH1OSmcDbepV93q0jur7x3jm6o OTSqZ2Oc791UsAiCQLHxIoE2pZn6yde0RXgezkQjjXrxtBnURWVee57F4oCREM1l UFRCdlk+WdKlpIdzup6Q+sjTW0hGAAkeeGayXODDkRu0KeMws6j4hP/yt1v5XqQq tLQJhxwYTyHlci3kpz1d5eGz95QGBIdE95sF10fZ0NuR7TVRYOqA59TBHCmDiBiU 4srPdINyiKb7nyUlk1X2j+UdmcoSpxc0XmhnQoRemz9ZFHtm7CDkaJ7jfJUk9KCL F9Y19thUUOyf251zOisati0GdUfP7KsFdg/LZ5yAVJEnfPi+nJprNUrcAwPGH99o vr1UFQXSqudMbDaRki5fUPqdYC8+7HHLzp8mZPpnP9mM1DanBU1lRggZPp7nr4OP 6WIEO11mRjCdE9woP+y56GynUZ6Kvvyjg0P3cx8EWjZWaEMzIy4Z3GxFvW2iLapN gc1Wt8Z4wI2D4LzBXwf7yn8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 309619569586184066159386060635412425064843 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-02 13:34:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-31 13:34:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.a2i2.ai' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 714761755646046036288237685173322481629962422375036132713212744325491844478669004285059045869731135237308933655750592177988131451098015175106002230981026343447707874765323125121834531391442064999491697896538081054150078058182484000543907620704594348090850963194476066051444694713542372017883727071048139002835371072336803194438908607011566376247022298895568691266636858142198636944754968314743551299034596389958445235185892926880502890857407794074930305303397635316392040992726930423388523720014084983532527396949127206238727934074592007605097909826690651822792607167947376700774103567621929023063162040632600720735309847034957306522673328857206363002672118910987449389430396516652720076292207770847022087526623198802805684687149441597527051850014859646011648682579326998989747376940982393646906395421339583946041908889642998774989592338948365458054969537114869371606766202875705553908596993032562073789296853857200911248586129903470307504539055110176058198714657261118316558575089410309028051518799720303080791429177832077836114747198756798904886022391757265689111551035727134841623391230229440288422073011386169779764755937919196313758657720537360572699853008182723213251607970608505893035242815438544326259696001625205301617347199 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6b392a2c016b8219c32ce1d5df865a6de4ec879b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.a2i2.ai' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a2i2.ai' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018fd95f40a200000403004730450221008a7dfd641d3cfb99d1df899bd679ed8999358bb512b2271fd4d86347e77a2db802205600bc6bcd8e74cde3bdd3d3fffd71565037efd450cbdf58b1c43bc388b36e8100750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018fd95f40a4000004030046304402204d923dadf52e02ae1941d5ae25e43d528fd525da99306cc8f86ef5903bbbd26102205fb650f01d53d7a49c5a4c22637dab32a92948c5dd1c2e80f0cce81690809859 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002cbb5f96624c4f5b61b59d31e9ec2aafe4028ffb1173da5e37966f831686b9b68b048aa6d0a42e6e52f27a6da722e34649d7d720fa6e851dca3e22b0f5a471363cb0c7a1145c7333e45b45b9d6e31656df5b728fdd092b780e24876624bbcc2afc306e45b870f932447b4f5dd8cef1bb6c93a449704d614c3f73b2e5bd8c417a3cb6858c71ef8e77e232671687f861b3f8102a1eae09017db281ffe9d4b88d34c43a4976dd0bbd9661f72e657ba403924d44942e0487cb98d258fc8b249ed69e805d26272f05d071861141e69bca0356a5d8ce13f615e890e4500d4e0c560b09ea06cbff5bda9b6f6795d0b889099775e5317b9e5baae797b0d996e387ecf8ef