www.bernareggio.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:86:b4:47:3f:1a:2a:e9:c6:36:83:cf:a7:b0:aa:50:3d:65 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.bernareggio.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:86:b4:47:3f:1a:2a:e9:c6:36:83:cf:a7:b0:aa:50:3d:65Serial Number (int): 394286611866629999762060868312356975820133
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 37:27:ed:63:f3:d0:6d:f9:64:79:c6:0a:42:a3:67:0c:98:b0:cd:07
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 09:9c:97:ea:62:e9:b9:ed:7e:66:00:0b:91:41:2c:9b:7e:c5:66:ca
Fingerprint (sha256): 98:14:a5:3c:9e:9e:27:66:4a:bb:7f:30:cd:d1:74:83:78:d6:34:4d:d0:05:7b:fd:c9:8e:dc:18:e2:7e:9d:88
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.bernareggio.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bernareggio.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.bernareggio.org
Other certificates including the domain name bernareggio.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.bernareggio.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXzCCBUegAwIBAgISBIa0Rz8aKunGNoPPp7CqUD1lMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjkwNzMxNTVaFw0x OTEyMjgwNzMxNTVaMB4xHDAaBgNVBAMTE3d3dy5iZXJuYXJlZ2dpby5vcmcwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCuXm2E/JHjI7oiictXPVQnhmV4 gzwNY3HGcYHRQGJov9wGZfDCBB9b61CkQff3nhhej0iDZ52QyP0CGSydrtbh4Pfb Xbn6xu+ipanApQufSH5CliK9WOafoCQUba52axbUj0URKdh1DlKnctrTa2UJXOO5 rd/z6mcvRCj/1mop7auDaC89sLaz+WpViE6y58GPVRi24P79r27P6hi72nlqVkPZ QI2bnpDzez4ptHOIg5xaNwEjZ4KMa8+8qP6yXIPdv8vMmYi/uja3F+cWTBqgAy4r BF5Lx7UMMo12z2kfLfNmIuZ8zzFpJ+VT2YXMVqk6XRooO25bENWG9wMhHMCL3fOz 0vK/kR5dDQboMRLhK++xfQtUb6TcUHt/Tf0+rKVts/akM1miqd0LGCkeitSkk6jv +9SI8g7J9OPBWkKtnHpXb5f9z5Ao41qEvM/6ETRKq00QfFDynWOiO35jvc6YN9un ag23+M/xNKBgJjqwMFc2qhfOG5ynR3NpDGhIllIK2j30GDln+c+ouS/bP3cipfMm dN8GGGDKohB1Zd5Ny7Ic6RY6JYfN9nhN40M1ieF6RW6bFsO0E6mBVVwgy/e1iM/P NQG0Zul3HVHM5tdEp4UcijpmM99Te3yEDeRhelPhoIwYXVqNdsN5jz6N1RJ8xODB is3HPZrGpCYWcFvCBwIDAQABo4ICaTCCAmUwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQ3J+1j89Bt+WR5xgpCo2cMmLDNBzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB4GA1UdEQQXMBWCE3d3dy5iZXJuYXJl Z2dpby5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEE AdZ5AgQCBIH2BIHzAPEAdgDiaUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb /gAAAW18Jc8fAAAEAwBHMEUCIQCtp7fZe623/37K3my8gpUdJT932F6nNsNMDUjI mwtqZAIgfcWdSRpfJXrxj59rJxW5g+ueUya3f/Ichd9gQCm5q80AdwApPFGWVMg5 ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAW18Jc9UAAAEAwBIMEYCIQDm0tA4 ERsEdxwvfH2e3J0UqTA4QUdG+0i5gOQFCT0YvQIhAIzm/E9o7jSVjRghHb5CyHEK G6EdvzFFjdhe9ozgbV3iMA0GCSqGSIb3DQEBCwUAA4IBAQA+H/+RBwMSfDs6siq4 VKM+CuFfgxjntc5Og2UUIqsOY7zMxrLgZTKtnKudDsIfv9whGEyXwKuQ5WSC7iW9 VLDuj148vg80J1p0BDwcEWgnSA8PC1mZ14H4iKR9uAIATfSBn+RshfES2ZN+JdGs /oUkFGuZXTL1p1LKYysXxR3wvn0x+/mBMQpSoy9Ca7cjTszBoXyMncpmq02CENja ZsJEOIAsKmR3KT/423n++okUadeqVu8J8QYczt8/9e7nnHO69yVSLc6J7PS2s4T0 G4KGYClG0Hxtz1QQ/piQX+fK7sDFiGEtZPVCBvekcd5XGf5VcS73ktSl3Gy3y4a3 6fJa -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArl5thPyR4yO6IonLVz1U J4ZleIM8DWNxxnGB0UBiaL/cBmXwwgQfW+tQpEH3954YXo9Ig2edkMj9Ahksna7W 4eD32125+sbvoqWpwKULn0h+QpYivVjmn6AkFG2udmsW1I9FESnYdQ5Sp3La02tl CVzjua3f8+pnL0Qo/9ZqKe2rg2gvPbC2s/lqVYhOsufBj1UYtuD+/a9uz+oYu9p5 alZD2UCNm56Q83s+KbRziIOcWjcBI2eCjGvPvKj+slyD3b/LzJmIv7o2txfnFkwa oAMuKwReS8e1DDKNds9pHy3zZiLmfM8xaSflU9mFzFapOl0aKDtuWxDVhvcDIRzA i93zs9Lyv5EeXQ0G6DES4SvvsX0LVG+k3FB7f039PqylbbP2pDNZoqndCxgpHorU pJOo7/vUiPIOyfTjwVpCrZx6V2+X/c+QKONahLzP+hE0SqtNEHxQ8p1jojt+Y73O mDfbp2oNt/jP8TSgYCY6sDBXNqoXzhucp0dzaQxoSJZSCto99Bg5Z/nPqLkv2z93 IqXzJnTfBhhgyqIQdWXeTcuyHOkWOiWHzfZ4TeNDNYnhekVumxbDtBOpgVVcIMv3 tYjPzzUBtGbpdx1RzObXRKeFHIo6ZjPfU3t8hA3kYXpT4aCMGF1ajXbDeY8+jdUS fMTgwYrNxz2axqQmFnBbwgcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 394286611866629999762060868312356975820133 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 07:31:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-28 07:31:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bernareggio.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 711362879776195847653463133180372228269359655244131333329077976811176097517223161281584218259931989804733170649817639533683412803225055494684915794845217979800158443982240663533246856210979221140512259224133153944292925172625895633274286459622864619500882530698987633720119830104164201180448297263242660399411711117831171283625729451228546082588142261058866300723513157700298537182337091722214841531619940728355079883847042949863703418506189963714982925360953576837826736519783192510113099188463558215652628195361634248567286815049496290819760174352970431983476727838494944052202795313077510640064507841769181347266339605519940841998775424025157786371497019645615602572785930766133016206871366906931362287234238134177823974528668046767633594438511471000051818330630836889058428253375157105163904714911312991646816471432701524192463243699545407137911234778436078536948310141135322604371267847067599850355946668283984137311973206198517272709017062426694657373864536166611607005224540120278341056350044270101039918030513851208360505861032583703487056244584721496402852905928645930673532927947398102754499763294263371756018093312202767401721625742457834263434584773367684514479334102275238505784974255023135836837243659508351064069620231 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3727ed63f3d06df96479c60a42a3670c98b0cd07 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bernareggio.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016d7c25cf1f0000040300473045022100ada7b7d97badb7ff7ecade6cbc82951d253f77d85ea736c34c0d48c89b0b6a6402207dc59d491a5f257af18f9f6b2715b983eb9e5326b77ff21c85df604029b9abcd007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d7c25cf540000040300483046022100e6d2d038111b04771c2f7c7d9edc9d14a93038414746fb48b980e405093d18bd0221008ce6fc4f68ee34958d18211dbe42c8710a1ba11dbf31458dd85ef68ce06d5de2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003e1fff910703127c3b3ab22ab854a33e0ae15f8318e7b5ce4e83651422ab0e63bcccc6b2e06532ad9cab9d0ec21fbfdc21184c97c0ab90e56482ee25bd54b0ee8f5e3cbe0f34275a74043c1c116827480f0f0b5999d781f888a47db802004df4819fe46c85f112d9937e25d1acfe8524146b995d32f5a752ca632b17c51df0be7d31fbf981310a52a32f426bb7234eccc1a17c8c9dca66ab4d8210d8da66c24438802c2a6477293ff8db79fefa891469d7aa56ef09f1061ccedf3ff5eee79c73baf725522dce89ecf4b6b384f41b8286602946d07c6dcf5410fe98905fe7caeec0c588612d64f54206f7a471de5719fe55712ef792d4a5dc6cb7cb86b7e9f25a