www.kamya.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a1:1b:cf:23:18:cd:43:aa:ce:fb:af:8c:a3:10:84:ff:57 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.kamya.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a1:1b:cf:23:18:cd:43:aa:ce:fb:af:8c:a3:10:84:ff:57Serial Number (int): 316159283542737080255177085003002804502359
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: aa:1b:90:08:e4:f9:c8:e4:af:c5:8d:6e:f2:f9:61:61:7c:ed:66:d7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 90:20:ae:e1:44:d3:46:5d:2c:73:70:23:d1:e5:07:2a:4a:43:12:c5
Fingerprint (sha256): 9f:b9:74:79:df:7b:e5:8d:fe:6c:6c:ec:85:53:59:9d:de:f3:63:c9:2c:79:4e:38:18:b6:60:a1:5a:a4:92:0b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.kamya.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kamya.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kamya.org
Other certificates including the domain name kamya.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.kamya.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA6EbzyMYzUOqzvuvjKMQhP9XMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MTgxNDA1MjhaFw0x OTExMTYxNDA1MjhaMBgxFjAUBgNVBAMTDXd3dy5rYW15YS5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC+VLnZOdTCSgbw7S4ML8bU+bmLRGJVd7fo tr7JMC6vbU2catxAQH1tZG514t50AlOp/IMqs2vQcqKMEKleKcnXyg2rBr5fIF0h thwgGZ2OT1GaebciQz/vFFIIjahZ5BsY7duMAt7Su5atmOeznOoXdmniXoO/K5jD fOcyAT9L3URwLlR/bE0QxGzAocFHrBiVEkSo00s4We7VSprwzrDlHYyVxiwahcYC 6Uc82Eu8l7tixRgCCtjYqttUy92JomfGsH7ZlzuvXMLaQOrI8xH0AeugtJ51p501 TSxM0YPbbuFSSYYmzbkGbZT98YNBdbrhxniull3L3A8h9RnP+FyxctlFv+su2fS3 YvxW6uCzhNkdL8h2NuaFENNs1AUbe30Co42wwIK6aCQ2GnGXFgl0mF//KhWo8YxD 0tdulWB+sF5HnMnRh9eQKHocl83TMnk0GgtDPgY7XRkUv8Jk8Ng0lSQdCDVfWxZ0 erTy70pIEVwfVTpy2wUqFvox2YNuw30U7C3eaRyQUd+DnwLkp60Qzscx/NEsxDSR WOjvYjuBXsI2HZAUab5dEJ6J8RuLp8v1G7d0h0MAtx1kcVQwD8WkU3Hk1HkPTLYZ 0/DrDmrm30+NRpkjKRuaH5aeJprDrt1rhevLkKWb4UWvAKw+fgGPhHNKuProWZN/ XG3bLNhHJwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSqG5AI 5PnI5K/FjW7y+WFhfO1m1zAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5rYW15YS5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdwB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWylQwPVAAAE AwBIMEYCIQCIUN7PkhzLCoIy01rKjxPSOpc/P3LKOiinb4it1ZkltwIhALyDbcZe M7wOY5ckoh/mpk3o2IYw0cjVhDOoniBWnjMLAHUAKTxRllTIOWW6qlD8WAfUt2+/ WHopctykwwz05UVH9HgAAAFspUMD2AAABAMARjBEAiBborbT4YsNrF0GFwAzz3z3 4hglj/nkJe7H2Lsy8lWBbgIgVKXzGmeCY4egtMBJoJEgyluxwNCbb6tFJSrhcdNb y8kwDQYJKoZIhvcNAQELBQADggEBAE7x5w1rFq2idLjY/J6qDpj56E6A346DoDlK I4au7odDF/Lib/+98RarqllCOkTyHyltCsAMf93kkGGOb4jPRvpYzFzYguNvISCE 8AGBcJC+WqS3+MsWBtVvCZWiP/khNFDqz1T792bOtUimVFp2MoqdXBkIyMLL/qnZ g8zmH0dnv1KlaarXZupp5IUnjcW7t5P/tP1NBkWDYdMq06ZEmKd15yJDDP7uFTQ1 TPHGMYX7rQCunquuVhsuXwRXswtJlskD4V0pzO1nBRGjUjWCuIkMuQKk18d+njJG f1byWpIlTltJR81SXB7pRIuaSCXFNPYiNjxxeX4IBIY4wmMqKng= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvlS52TnUwkoG8O0uDC/G 1Pm5i0RiVXe36La+yTAur21NnGrcQEB9bWRudeLedAJTqfyDKrNr0HKijBCpXinJ 18oNqwa+XyBdIbYcIBmdjk9Rmnm3IkM/7xRSCI2oWeQbGO3bjALe0ruWrZjns5zq F3Zp4l6DvyuYw3znMgE/S91EcC5Uf2xNEMRswKHBR6wYlRJEqNNLOFnu1Uqa8M6w 5R2MlcYsGoXGAulHPNhLvJe7YsUYAgrY2KrbVMvdiaJnxrB+2Zc7r1zC2kDqyPMR 9AHroLSedaedNU0sTNGD227hUkmGJs25Bm2U/fGDQXW64cZ4rpZdy9wPIfUZz/hc sXLZRb/rLtn0t2L8Vurgs4TZHS/IdjbmhRDTbNQFG3t9AqONsMCCumgkNhpxlxYJ dJhf/yoVqPGMQ9LXbpVgfrBeR5zJ0YfXkCh6HJfN0zJ5NBoLQz4GO10ZFL/CZPDY NJUkHQg1X1sWdHq08u9KSBFcH1U6ctsFKhb6MdmDbsN9FOwt3mkckFHfg58C5Ket EM7HMfzRLMQ0kVjo72I7gV7CNh2QFGm+XRCeifEbi6fL9Ru3dIdDALcdZHFUMA/F pFNx5NR5D0y2GdPw6w5q5t9PjUaZIykbmh+Wniaaw67da4Xry5Clm+FFrwCsPn4B j4RzSrj66FmTf1xt2yzYRycCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316159283542737080255177085003002804502359 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-18 14:05:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-16 14:05:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kamya.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 776482575284772164749781721434429671756120619597539806622455238499183726203341868005858101060114432525024269402832244205772473664777836393473388825768838377578210885244006506838059160897506262248221686248876123514818428679045465165404774372633661629067577273528656748160008444366591544183069541541123125980323428607768464311132089944982937530267023302653206229387868945202981923797833396906735853607618613707783261615256781079498229989005571230960069409143785272107856248733817116590053637841691464204611770189285612873817969884335074234914232946019063167194096486325448081193337322821962294504923446089010755625569516652887252705387857997248715573917055777992936461215542732225407813472917295968463129623342234876287842226972598531768197231498359249824850675958326429081278056949663100087090797477763976391768143939150908693298747432402760216655954773207788724737584946657949005901383178451345099391293828620085783857696799600858892463925837767569060553723678146851118030586797792219792907667295097217109144382684295051048303406035183356593149767367859020501574676394709946130920671528736097318575195201329269940622872648250704446760719535545956851318021381139389943735041608037809180043710381854379861801345816544005442628616734503 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) aa1b9008e4f9c8e4afc58d6ef2f961617ced66d7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kamya.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016ca54303d500000403004830460221008850decf921ccb0a8232d35aca8f13d23a973f3f72ca3a28a76f88add59925b7022100bc836dc65e33bc0e639724a21fe6a64de8d88630d1c8d58433a89e20569e330b007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016ca54303d8000004030046304402205ba2b6d3e18b0dac5d06170033cf7cf7e218258ff9e425eec7d8bb32f255816e022054a5f31a67826387a0b4c049a09120ca5bb1c0d09b6fab45252ae171d35bcbc9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004ef1e70d6b16ada274b8d8fc9eaa0e98f9e84e80df8e83a0394a2386aeee874317f2e26fffbdf116abaa59423a44f21f296d0ac00c7fdde490618e6f88cf46fa58cc5cd882e36f212084f001817090be5aa4b7f8cb1606d56f0995a23ff9213450eacf54fbf766ceb548a6545a76328a9d5c1908c8c2cbfea9d983cce61f4767bf52a569aad766ea69e485278dc5bbb793ffb4fd4d06458361d32ad3a64498a775e722430cfeee1534354cf1c63185fbad00ae9eabae561b2e5f0457b30b4996c903e15d29cced670511a3523582b8890cb902a4d7c77e9e32467f56f25a92254e5b4947cd525c1ee9448b9a4825c534f622363c71797e08048638c2632a2a78