zamia.cr
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:1d:82:db:f3:c9:5b:5e:e4:14:8d:72:28:df:e0:b0:b7:b5 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=zamia.cr
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:1d:82:db:f3:c9:5b:5e:e4:14:8d:72:28:df:e0:b0:b7:b5Serial Number (int): 271378988133030685775760221501134587606965
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6a:ab:bd:54:db:f5:64:c5:66:4b:10:2b:32:9c:11:82:71:b3:9e:6d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 81:2b:8e:fe:1b:84:50:f6:88:11:2d:eb:37:71:ca:c0:c7:8e:51:c0
Fingerprint (sha256): a3:12:40:c4:d8:3a:ce:66:31:8a:ef:47:82:95:c4:6b:2a:1d:5a:70:31:52:c9:3d:c3:3d:58:55:50:db:88:da
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate zamia.cr
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for zamia.cr
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.zamia.cr
zamia.cr
zamia.cr
Other certificates including the domain name zamia.cr
(limited to 100 certificates)
Certificate
The complete raw certificate details for zamia.cr in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISAx2C2/PJW17kFI1yKN/gsLe1MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMTIwODI5MTRaFw0y MDA2MTAwODI5MTRaMBMxETAPBgNVBAMTCHphbWlhLmNyMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAuExvBgpIf380LDXg/eBOjm+GwFyp+MhKCORow2Ye sl/AxfNnqWJS+vxrXnTt0wqg2mM5dc33r9fjpfQwhBuvAeExhPdwCZK1fH90Y2zQ nxUX45964sKCBt336xYGWKa2T+EA8NjbS/F5yUI5kjtPzlXplg8yTQ/hKNOJGoe4 7ZhKfYiX0BQ4rDH31sIEBB7oqvAWEmtGpqZEi3lPfe8vvitkgiOd2asCiULTwNPU QDaONXBkY9DDM/Iw0Sn83Wg3sGaky9WsIDmFI0D3baiHfeVo+BLyAfy37cU7fJmP VdAAHJc5hKkBV/LwreCiX4/U77E2nQgQ7uF9y3bqHOGTYwIDAQABo4ICazCCAmcw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRqq71U2/VkxWZLECsynBGCcbOebTAfBgNV HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG A1UdEQQaMBiCDHd3dy56YW1pYS5jcoIIemFtaWEuY3IwTAYDVR0gBEUwQzAIBgZn gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwDwlaRZ8gDR gkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAXDOE5T9AAAEAwBIMEYCIQCwC2aR +fV8r4/HFpVYI4LRy9ZmaaWfvbHbtBVPNKOksgIhAIsU61UC7bLlv15x7RVKkchX ono9NRCi16C3EnA1n91oAHUAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnT ohwAAAFwzhOVQAAABAMARjBEAiBa4xM7+nOAYhy7+HMLLppE89xVyP3YGik9m8Ea +wVEcAIgCBGtmaNk5h6eOn0RF7ZcT7j/UvFzpGlBjLsP4ewbDTgwDQYJKoZIhvcN AQELBQADggEBAETlO6/yQhuhaiXE1iJjkgCuYGMdLaHcmkKpFKW7z0NHLyxmMxV3 2QGvMzb5OwHSrFcyDdOJRnCV05nO8HI95enGSIi+D9q/88jjBR/BlloZYdJV8mkf HGZ+Z9GArihW8DGVtV3y5SyhgYBDGq257goXi3PnSR2BFfNiwTlf2aLr6Zxy14/X KbEKP6Ucyvks4TQDqf6ixbJLGqSUddWAZZqpZ8Ltzz7wjsTsOoQVwjkO7GxUrk4v sw8b1f4jFWMd+QLN6GX4Okt+VhQ+Q6w6HGLwyD0R2jKqf5vYQhnyGB3z/NgpASpS YdNjfyYI7od64RsmagTeAmr8951O2r/PRxM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuExvBgpIf380LDXg/eBO jm+GwFyp+MhKCORow2Yesl/AxfNnqWJS+vxrXnTt0wqg2mM5dc33r9fjpfQwhBuv AeExhPdwCZK1fH90Y2zQnxUX45964sKCBt336xYGWKa2T+EA8NjbS/F5yUI5kjtP zlXplg8yTQ/hKNOJGoe47ZhKfYiX0BQ4rDH31sIEBB7oqvAWEmtGpqZEi3lPfe8v vitkgiOd2asCiULTwNPUQDaONXBkY9DDM/Iw0Sn83Wg3sGaky9WsIDmFI0D3baiH feVo+BLyAfy37cU7fJmPVdAAHJc5hKkBV/LwreCiX4/U77E2nQgQ7uF9y3bqHOGT YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 271378988133030685775760221501134587606965 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-12 08:29:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-10 08:29:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zamia.cr' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23265538969037212672518733213994837758172421873701287200137997795553869959547946712047410394956617226536199723274581297675030267414605388105775311752577115502265950815364669314321406336927876459419652894587084262473315611748536012709266432127832678092687127402005931423042203059030458477526914098858310953549971444672803203499254542922317401218054029773281956830187189900294320425016010256250576775833549736855557134840322097205258049707436396465777341166565279859878102272883841873492183042957299103923710450248044006167995516696147984458960027971386650128979480628472756025506880234966014447523317742500080739521379 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6aabbd54dbf564c5664b102b329c118271b39e6d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zamia.cr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zamia.cr' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb27300000170ce1394fd0000040300483046022100b00b6691f9f57caf8fc71695582382d1cbd66669a59fbdb1dbb4154f34a3a4b20221008b14eb5502edb2e5bf5e71ed154a91c857a27a3d3510a2d7a0b71270359fdd6800750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000170ce139540000004030046304402205ae3133bfa7380621cbbf8730b2e9a44f3dc55c8fdd81a293d9bc11afb05447002200811ad99a364e61e9e3a7d1117b65c4fb8ff52f173a469418cbb0fe1ec1b0d38 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0044e53baff2421ba16a25c4d622639200ae60631d2da1dc9a42a914a5bbcf43472f2c66331577d901af3336f93b01d2ac57320dd389467095d399cef0723de5e9c64888be0fdabff3c8e3051fc1965a1961d255f2691f1c667e67d180ae2856f03195b55df2e52ca18180431aadb9ee0a178b73e7491d8115f362c1395fd9a2ebe99c72d78fd729b10a3fa51ccaf92ce13403a9fea2c5b24b1aa49475d580659aa967c2edcf3ef08ec4ec3a8415c2390eec6c54ae4e2fb30f1bd5fe2315631df902cde865f83a4b7e56143e43ac3a1c62f0c83d11da32aa7f9bd84219f2181df3fcd829012a5261d3637f2608ee877ae11b266a04de026afcf79d4edabfcf4713