castelbolognese.com
Issued by R3
About this certificate
This digital certificate with serial number 03:44:fe:5d:8d:7a:ab:36:b3:08:4e:49:87:28:a9:95:01:da was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=castelbolognese.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:44:fe:5d:8d:7a:ab:36:b3:08:4e:49:87:28:a9:95:01:daSerial Number (int): 284814168409980345831824495877003356209626
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d1:c7:11:0b:f9:7f:b7:f6:90:7f:cd:0a:e1:10:42:1b:04:b0:55:38
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 99:d2:52:ff:7b:ea:f6:5a:0b:98:24:a9:3c:8e:ce:ad:3a:26:f4:3e
Fingerprint (sha256): 9f:3f:31:d6:f8:44:8d:43:de:45:06:07:e1:8f:13:98:71:47:b2:6e:99:31:bb:12:73:23:ae:0c:a4:cb:2d:b3
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate castelbolognese.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for castelbolognese.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
castelbolognese.com
Other certificates including the domain name castelbolognese.com
(limited to 100 certificates)
advancedroofingservice.com
www.castelbolognese.com
pbfa.ca
castelbolognese.com
www.castelbolognese.com
www.castelbolognese.com
castelbolognese.com
castelbolognese.com
castelbolognese.com
castelbolognese.com
www.castelbolognese.com
castelbolognese.com
www.castelbolognese.com
castelbolognese.com
463.me
castelbolognese.com
sangiovanniinfiore.org
castelbolognese.com
yacht.wine
www.cobbinsurance.com
artificialtooth.com
www.castelbolognese.com
pbfa.ca
castelbolognese.com
www.castelbolognese.com
www.castelbolognese.com
castelbolognese.com
castelbolognese.com
castelbolognese.com
castelbolognese.com
www.castelbolognese.com
castelbolognese.com
www.castelbolognese.com
castelbolognese.com
463.me
castelbolognese.com
sangiovanniinfiore.org
castelbolognese.com
yacht.wine
www.cobbinsurance.com
artificialtooth.com
Certificate
The complete raw certificate details for castelbolognese.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgISA0T+XY16qzazCE5JhyiplQHaMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMzAxMjM2NDFaFw0yNDA2MjgxMjM2NDBaMB4xHDAaBgNVBAMT E2Nhc3RlbGJvbG9nbmVzZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQDeapfj8+832ag3gMFQqKhqioN5p8rHp+zvKW5Tal68qlIPA40D225UnGZb Ke0uFDlSZinHOfMO6RQhai8vQHt+4E0NAp0i1lMlw1hCr8lxXtv7syoqrZEj9xZV CUEetNpYKLqhhLKHP0wMzMay8sK04mP4lCTmL4ZO7tBjdzHZXB8n+vVNykfMtB7k uxYNxHoOIn/9JL/TkNMY94WkLtZiBhQBGTfl75sCNMp8i3ZtyQVtZzquUgSGpT9J PHWKEUUyUoBsJvZMKEVqcpS0FE4cWkcy4bubXDPiPOxvGI1NooM4eCN6S097Z1xX 4wAFTELdCYcAIxCVvyr06mzsIEk8kPDfDmPOMsBqZ238Yrb2gzTA82TXwsH3aitI SEqr38/GI1CMqQ1g+bY+zLid8uKkPd+4GzRGchd0Dm5gnWKz6DBF1dOxksB/aI4e PO5hSln6ZtQ/9RQzdA02V6NAbRZYENoxHNhQdTlSNcfOmhR+qiYW2g8u0JV2XzlW fcfDRJ+RbTG0Dyg6TqXA33sRv3DfvP5DIe1YsozYpaAWR5TuqH9FypNJBJgTHujp +YJ2EGi5iR2YkcxkC6AKbBqDK53D5TCk6WyMY9byVJfCLF6gEL97t//4cX2qcLC6 mjdrqTbGGinFsCi8ZKqkc592RKT9e2MWo1oMeIHPj3M4H1lF6wIDAQABo4ICFjCC AhIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTRxxEL+X+39pB/zQrhEEIbBLBVODAf BgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcw IQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYW aHR0cDovL3IzLmkubGVuY3Iub3JnLzAeBgNVHREEFzAVghNjYXN0ZWxib2xvZ25l c2UuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB 8wDxAHcAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGOj5Ol6AAA BAMASDBGAiEAyphAo/47iW7yn+e3qvZS2fwSMcnZcoO6CdqiMIvkJGcCIQCLnhLf SEqVQjI8wkOo5TLv0/KT/te+NpHVzPePuC9A5gB2AHb/iD8KtvuVUcJhzPWHujS0 pM27KdxoQgqf5mdMWjp0AAABjo+Tpi0AAAQDAEcwRQIgNb1S7Hj+ihh7h7oZlxIV ZSbMTYdzeQZJ5aB/vo1anxICIQC9Niii0O7qe8dH0K7T7pJ48FUul2+acrZFEczV tvj1QjANBgkqhkiG9w0BAQsFAAOCAQEAbZJxnzof+bU53qq4Sj+3STOfBMGcJyTr 0WIA7INZkjEg89Hce2Rg84MCE6bxjofmCeZYSw58z8RUvla8cqzIbPaFgWR6bc4P NLLI2VQr5Yp2iTtlxkZf4BLM7GxKG9aJELkSE9UQozFkvJlxIQ8Ij05WrIc6UEFy JkxhN6/ubNcb5N2uIT1vjr3SksNw0WbJzJPsyl+PpPbcTTsmeC/x4OGpnIzrfKGG uohNzZ4rzzv2eGtAikz06to7ix7x87+bCLhLE7SREPosrY4pjzEmv+74qYGd2F4f 7kSKh7Q3lB3/4hw0sOc0iVK2fk+4CN+GyF/ifGp+lFT8MB8f6CKj+w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3mqX4/PvN9moN4DBUKio aoqDeafKx6fs7yluU2pevKpSDwONA9tuVJxmWyntLhQ5UmYpxznzDukUIWovL0B7 fuBNDQKdItZTJcNYQq/JcV7b+7MqKq2RI/cWVQlBHrTaWCi6oYSyhz9MDMzGsvLC tOJj+JQk5i+GTu7QY3cx2VwfJ/r1TcpHzLQe5LsWDcR6DiJ//SS/05DTGPeFpC7W YgYUARk35e+bAjTKfIt2bckFbWc6rlIEhqU/STx1ihFFMlKAbCb2TChFanKUtBRO HFpHMuG7m1wz4jzsbxiNTaKDOHgjektPe2dcV+MABUxC3QmHACMQlb8q9Ops7CBJ PJDw3w5jzjLAamdt/GK29oM0wPNk18LB92orSEhKq9/PxiNQjKkNYPm2Psy4nfLi pD3fuBs0RnIXdA5uYJ1is+gwRdXTsZLAf2iOHjzuYUpZ+mbUP/UUM3QNNlejQG0W WBDaMRzYUHU5UjXHzpoUfqomFtoPLtCVdl85Vn3Hw0SfkW0xtA8oOk6lwN97Eb9w 37z+QyHtWLKM2KWgFkeU7qh/RcqTSQSYEx7o6fmCdhBouYkdmJHMZAugCmwagyud w+UwpOlsjGPW8lSXwixeoBC/e7f/+HF9qnCwupo3a6k2xhopxbAovGSqpHOfdkSk /XtjFqNaDHiBz49zOB9ZResCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 284814168409980345831824495877003356209626 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-30 12:36:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-28 12:36:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'castelbolognese.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 907379665967380686018979285837542060611880068613366691376231373734123674456767482018434892489072566157155908197366942956769953916400315868704382327237013861965289337189907326630894465187560192775787206727045511653992643009326196788707681232520911301512838525923988433111637562515727415480086629075471803848281784327296314970462185933368322124610734990663199983863130231740020439128030813251415760414091257700187777890337643998267320992397892206569823802535357928191945232271674565509928795701697141919487628328438976273796362458130509579882300169939297295269571307858330712740412352204464491807040892133725676250170610419944399826749023025381951218993483156371821276953863550909004359531366852327790411405624339829011329416686700095924719199234268590887100233291280188704449777119898105597135497973135128865807072126794373334704187438930160622372531528337609890109585912979572950076100431960150465492431147456921986393398386285277966610478585544591152032154618416809767125259997721665041384703660185731630308604329995251194919363007007972466479282161455368341967984551004885518233971048058967906483836398924254551840130099383993796520494203015239282359833326261940070399363180113412948893011694946956257480892335698890133420193170923 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d1c7110bf97fb7f6907fcd0ae110421b04b05538 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'castelbolognese.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018e8f93a5e80000040300483046022100ca9840a3fe3b896ef29fe7b7aaf652d9fc1231c9d97283ba09daa2308be424670221008b9e12df484a9542323cc243a8e532efd3f293fed7be3691d5ccf78fb82f40e600760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e8f93a62d0000040300473045022035bd52ec78fe8a187b87ba199712156526cc4d8773790649e5a07fbe8d5a9f12022100bd3628a2d0eeea7bc747d0aed3ee9278f0552e976f9a72b64511ccd5b6f8f542 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006d92719f3a1ff9b539deaab84a3fb749339f04c19c2724ebd16200ec8359923120f3d1dc7b6460f3830213a6f18e87e609e6584b0e7ccfc454be56bc72acc86cf68581647a6dce0f34b2c8d9542be58a76893b65c6465fe012ccec6c4a1bd68910b91213d510a33164bc9971210f088f4e56ac873a504172264c6137afee6cd71be4ddae213d6f8ebdd292c370d166c9cc93ecca5f8fa4f6dc4d3b26782ff1e0e1a99c8ceb7ca186ba884dcd9e2bcf3bf6786b408a4cf4eada3b8b1ef1f3bf9b08b84b13b49110fa2cad8e298f3126bfeef8a9819dd85e1fee448a87b437941dffe21c34b0e7348952b67e4fb808df86c85fe27c6a7e9454fc301f1fe822a3fb