www.lititz.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:d9:10:37:89:0c:8d:de:3c:d7:01:e5:4f:70:b8:87:c5:67 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.lititz.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:d9:10:37:89:0c:8d:de:3c:d7:01:e5:4f:70:b8:87:c5:67Serial Number (int): 422311973352829170933208877698085397448039
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: da:e1:bc:e5:57:6c:25:eb:68:46:4e:73:ac:4d:d9:4e:df:70:17:7d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b2:4c:e3:71:ec:42:af:30:36:a8:22:ff:f7:f6:84:d7:6a:3f:0e:43
Fingerprint (sha256): a3:de:3f:57:b2:20:a3:fd:ca:50:7a:bc:b0:8d:0b:04:a0:a1:4c:5b:3e:0f:e0:4b:36:b3:9c:c0:16:55:be:54
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.lititz.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.lititz.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.lititz.org
Other certificates including the domain name lititz.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.lititz.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVTCCBT2gAwIBAgISBNkQN4kMjd481wHlT3C4h8VnMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTExNzE1NDhaFw0y MDAzMTAxNzE1NDhaMBkxFzAVBgNVBAMTDnd3dy5saXRpdHoub3JnMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjISnbIfiPJgPFy1/6P8cvTUQZbzZf3L SqN9Cxi/lvwEh/ZfgVT+TjnhP7Knho13HDFOYCkaDr5Y4af0XL5mKnqR3sshLVX6 hpkX8axHk9AY9kxEP0m7718bAFaU76UE5QyLaUw5E+D05bpTZ9nImlI2uekS6gjx v8GgA2qVjOrcnqVatgyrGvh384r4WeDHhYHIddVrcbS6LybBnZiNGf4oRRu10CJv YVRR/ldc5XZOLuBieF5aaF+BbrRjDIUaibCr3Ko1ZjXAiHHGc3FvjK6e9nmzHIw1 u8uAaxuFd8MQ709ND6pOtT3AHCQhVM0CQwKtGnMvZSAw1OsijcXZ/EDyR40y4CU0 xohHlJk8Ybj3SDyRqy7ZF9n9Pr8CTNQ4Z5jZIEv/vGOJRBtJvN2PMQ9TqW5sKuly np+z9ZK1mMmi+D4TwTNZYac1Yvvzr3tCyiO/UZkk1YSR9Zp6zrew5QyGq/7+pG/I G2FmKo9k4tGYFB7v8TRX9JtzCGT7rMx8klOSQFwI+0oOZpGng15MtC7PyAmF5G6k noC6LFE1Iijb6+brS4hqC90HDhv5BHghNn0RCkqNEusLqCSN7WlXAlR+naZSNadV 1mtBMitLQCAGtwJdC1PNu9gScX9g3pfPTdXPEQU8TxxlReNBAE9hFGdPve/K2WML k8a5J7dTBFECAwEAAaOCAmQwggJgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU2uG8 5VdsJetoRk5zrE3ZTt9wF30wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAZBgNVHREEEjAQgg53d3cubGl0aXR6Lm9yZzBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYE gfMA8QB3APCVpFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABbvYsmM4A AAQDAEgwRgIhAPKmF/y0j18kFx2OSI6KRX8TgsdYeN+P1EdZIphmnXIrAiEA94RN yMx6RHKfySJFvt5Bo7JbCHOVtVhvFeDsXTvyp84AdgCyHgXMi6LNiiBOh2b5K7mK JSBna9r6cOeySVMt74uQXgAAAW72LJi/AAAEAwBHMEUCIAKMAKtHqRCmTVg0gowt Zs6uSnRtxXSgg0BNqoRYXzwgAiEAuc4LC/UzzZ4sPpAAeUkFqqAu4NoqPxCyYL1t 3sf25gswDQYJKoZIhvcNAQELBQADggEBACmYPJAVl1Uoo75QHR87vqZLZZf8vV7z R3Y6xR6yoBIKMeOd5o/WMGJpn79GIKiCauvPbGRtVeCAPOIlGWHi3S4MUOxv8paH 6x2ifsBkm08FTVu6KY5T4fYMEsUGWJ9rX8H9r/UNpucix5Dh41gk0v5/JqdUlXaU PMiAehGGXRils/0vYopjcvn28IX6Z+RrHxECmkLbx0aGMdOObVO4fKkoz4TQ6D7W VaSAgmullMRJN9Iag3BwKLcX8AesqrAHaSvNRzgkDYbJNp0DeNMDXs9WpLikeZeC BQNDfi/BjHC+gXl5aHrCfz0SHkwkDi20v72ScMhZ3bY4PsLihi0pf6g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjISnbIfiPJgPFy1/6P8 cvTUQZbzZf3LSqN9Cxi/lvwEh/ZfgVT+TjnhP7Knho13HDFOYCkaDr5Y4af0XL5m KnqR3sshLVX6hpkX8axHk9AY9kxEP0m7718bAFaU76UE5QyLaUw5E+D05bpTZ9nI mlI2uekS6gjxv8GgA2qVjOrcnqVatgyrGvh384r4WeDHhYHIddVrcbS6LybBnZiN Gf4oRRu10CJvYVRR/ldc5XZOLuBieF5aaF+BbrRjDIUaibCr3Ko1ZjXAiHHGc3Fv jK6e9nmzHIw1u8uAaxuFd8MQ709ND6pOtT3AHCQhVM0CQwKtGnMvZSAw1OsijcXZ /EDyR40y4CU0xohHlJk8Ybj3SDyRqy7ZF9n9Pr8CTNQ4Z5jZIEv/vGOJRBtJvN2P MQ9TqW5sKulynp+z9ZK1mMmi+D4TwTNZYac1Yvvzr3tCyiO/UZkk1YSR9Zp6zrew 5QyGq/7+pG/IG2FmKo9k4tGYFB7v8TRX9JtzCGT7rMx8klOSQFwI+0oOZpGng15M tC7PyAmF5G6knoC6LFE1Iijb6+brS4hqC90HDhv5BHghNn0RCkqNEusLqCSN7WlX AlR+naZSNadV1mtBMitLQCAGtwJdC1PNu9gScX9g3pfPTdXPEQU8TxxlReNBAE9h FGdPve/K2WMLk8a5J7dTBFECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 422311973352829170933208877698085397448039 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-11 17:15:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-10 17:15:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.lititz.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 710656032171460041650849091572223317565050218736513581122684313506192158059394493146338416023392134120171947058860615164304643997621665097170749718772919142845751447410660113360220519680734806290603224085116236318117239941328788921964753154432296755472706225213823078943365718654964917171179983597896086401960094523637230456075540906152379964213778185527064093812025576336777518710954710240746632065886561067936103478244825656344614417882419437771306949222214717772140929874574665475803956310850747253693882482990022370425280332113725624915125659701975842819078726056988133909197794431630517440466512073230500516345607844061158489319372799279244981888256905178223172976912255184653015347908304788071056991951094339204715665895379528051841273395747144483706183008074487947967373226835815522179435070901820104056156141207110664024092244987964907512328734175838094742196610883474062013879582988159108360376935882450109822595540903574580643576964339218594308270779217461432083740034258404269522909198730289166010318080330084868082391838247699011901681434827345495713306056251878528937793996399706669908115297973361091084688000332631526899388612787802576854151409878446567400505069436401209226179348876916956271810083929464843168346473553 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dae1bce5576c25eb68464e73ac4dd94edf70177d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lititz.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016ef62c98ce0000040300483046022100f2a617fcb48f5f24171d8e488e8a457f1382c75878df8fd447592298669d722b022100f7844dc8cc7a44729fc92245bede41a3b25b087395b5586f15e0ec5d3bf2a7ce007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016ef62c98bf00000403004730450220028c00ab47a910a64d5834828c2d66ceae4a746dc574a083404daa84585f3c20022100b9ce0b0bf533cd9e2c3e9000794905aaa02ee0da2a3f10b260bd6ddec7f6e60b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0029983c9015975528a3be501d1f3bbea64b6597fcbd5ef347763ac51eb2a0120a31e39de68fd63062699fbf4620a8826aebcf6c646d55e0803ce2251961e2dd2e0c50ec6ff29687eb1da27ec0649b4f054d5bba298e53e1f60c12c506589f6b5fc1fdaff50da6e722c790e1e35824d2fe7f26a7549576943cc8807a11865d18a5b3fd2f628a6372f9f6f085fa67e46b1f11029a42dbc7468631d38e6d53b87ca928cf84d0e83ed655a480826ba594c44937d21a83707028b717f007acaab007692bcd4738240d86c9369d0378d3035ecf56a4b8a47997820503437e2fc18c70be817979687ac27f3d121e4c240e2db4bfbd9270c859ddb6383ec2e2862d297fa8