DV SSL/TLS Certificate for xn--80aaehagf0biy.xn--p1ai

Certificate has expired

Issued by Let's Encrypt (R3)

About the xn--80aaehagf0biy.xn--p1ai DV SSL/TLS Certificate

This certificate with serial number 04:83:20:64:e6:1b:a0:fa:b7:f0:21:65:ec:b4:96:8f:57:c7 for xn--80aaehagf0biy.xn--p1ai was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for xn--80aaehagf0biy.xn--p1ai provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 04:83:20:64:e6:1b:a0:fa:b7:f0:21:65:ec:b4:96:8f:57:c7
Serial Number (int): 393069192986378086020311791483108931360711
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 26:76:5a:66:f1:9c:08:9f:5a:ec:c8:5c:11:1c:c3:2c:be:88:28:6d
Authority Key Identifier: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (SHA-1): f9:8b:6b:96:bc:69:63:29:48:0c:2a:23:ea:b2:64:e3:3b:35:54:82
Fingerprint (SHA-256): 7a:59:8d:bd:a8:42:ac:06:2d:6f:ad:7f:b3:04:3d:30:04:19:c6:12:ef:96:9c:50:7b:f9:17:73:a1:63:7f:9b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation Information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate xn--80aaehagf0biy.xn--p1ai
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for xn--80aaehagf0biy.xn--p1ai

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for xn--80aaehagf0biy.xn--p1ai in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgISBIMgZOYboPq38CFl7LSWj1fHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MDgxMjMyMDdaFw0yNDA4MDYxMjMyMDZaMCUxIzAhBgNVBAMT
GnhuLS04MGFhZWhhZ2YwYml5LnhuLS1wMWFpMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAzbhaK7i0/i0RhOJnhMNW57/JaHqQLACXKP1ljkFcIxQBXLF6
GBz3+0wjnhY2LINOrYdXV719aQWYXM3Qgri0InNigQXLBsnpWd04KJFhmv9haasb
rZXn8ynvQF/RkOzEMDrJZ8cia2FRxcqoP3wRB0FpkFH4oqp6qptFnMQBWMgtxb0q
QSmjJxSOu9obvMgSNnEd/NACydseV7D94VoNGPj6H21qmGjT2hT91LZozv/Ljd0A
g/Abx2mcGTZlEd8fMOyt+IOkOoPIzBT3PcjJr15eRuCv3EaRpQs9RO+Vb+IX0DJp
zLiCt2Gj+Odiml9DvuEt9m3xjlkx+3yRf+kSJEV0QwqbSfVj8luVttxRNxQnbgrN
mxtziOeT93UdDeAB77kIWk17JrwGATOfw5xND9PfPfEw/JWjlgxzsvqtrDvQkC38
nQ3ihNvm83eMmMcT2OmXOHLSZJW2lr1gc91SRSJD2TnB21uWVv1O1aDhJIRWOq6x
p6AqJ4Q82RapOk8zIFnn2aM8weDzvHaSDBA/kmMTHrIhPW6sJhUiK1o5p75zYnRx
q78VQFkNzWPHvUf9LXCCXqjuqbm1Z9oCZU996ULchY/3bNHZWTAbiwUs+2Hu47at
fcgXCuSSLk6v0fK4D6BRYps+yKea+XqJplY67rLmMRk711dvNqCqJJHDYuMCAwEA
AaOCAj4wggI6MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUJnZaZvGcCJ9a7MhcERzD
LL6IKG0wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUH
AQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYB
BQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wRQYDVR0RBD4wPIIed3d3Lnhu
LS04MGFhZWhhZ2YwYml5LnhuLS1wMWFpghp4bi0tODBhYWVoYWdmMGJpeS54bi0t
cDFhaTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA
8gB3AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABj1hnetMAAAQD
AEgwRgIhAIBA9cuw9iNDRvhaiv/BDe/aIjDjQH8iZG6xwszgRJPcAiEA7xHqQsFc
quho3m7W68hCdPCaXrUM1f9/Um7XrKZT9NUAdwAZmBBxCfDWUi4wgNKeP2S7g24o
zPkPUo7u385KPxa0ygAAAY9YZ3sCAAAEAwBIMEYCIQDbK1edgU8bBF+L4fVN6TSA
W8z8afuAXY2JjuNBYP3AAQIhAPcsbEpB1F1XM4fkeo2fEyzxozX2ERvukJ+6EI65
N7V7MA0GCSqGSIb3DQEBCwUAA4IBAQBdqUStD8RwTUGZ3K6b728c25OP0MlIJLdJ
b/oJqqi777eGVZl9NqnYqRrxVrJE8xz/6k0w3y7kqkz2QBUi9S5Qva//nsMKz+Up
zKaikbCQ6+SM6qoP2XfkiS3ZyeUW3tFmp/14tEMSP7gGmaYtcKm75cGB2PWmn3By
lSS9V8V1oqi+nbnMJh8BX45I2goNjbnZOVrzZ+1t21VKVB5A7JQ/X0BSKna+XPku
rzEsG5PZyrN03wPxLdLV3bN1BCO2J9/eGZMogjptEImUw3fGqcm4ScoOQxisCVw8
v+uOodd0ZCFoQXAfmLF2YBJRO2I3JzkiScQ3rLFjOrA4oKiyKoEg
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzbhaK7i0/i0RhOJnhMNW
57/JaHqQLACXKP1ljkFcIxQBXLF6GBz3+0wjnhY2LINOrYdXV719aQWYXM3Qgri0
InNigQXLBsnpWd04KJFhmv9haasbrZXn8ynvQF/RkOzEMDrJZ8cia2FRxcqoP3wR
B0FpkFH4oqp6qptFnMQBWMgtxb0qQSmjJxSOu9obvMgSNnEd/NACydseV7D94VoN
GPj6H21qmGjT2hT91LZozv/Ljd0Ag/Abx2mcGTZlEd8fMOyt+IOkOoPIzBT3PcjJ
r15eRuCv3EaRpQs9RO+Vb+IX0DJpzLiCt2Gj+Odiml9DvuEt9m3xjlkx+3yRf+kS
JEV0QwqbSfVj8luVttxRNxQnbgrNmxtziOeT93UdDeAB77kIWk17JrwGATOfw5xN
D9PfPfEw/JWjlgxzsvqtrDvQkC38nQ3ihNvm83eMmMcT2OmXOHLSZJW2lr1gc91S
RSJD2TnB21uWVv1O1aDhJIRWOq6xp6AqJ4Q82RapOk8zIFnn2aM8weDzvHaSDBA/
kmMTHrIhPW6sJhUiK1o5p75zYnRxq78VQFkNzWPHvUf9LXCCXqjuqbm1Z9oCZU99
6ULchY/3bNHZWTAbiwUs+2Hu47atfcgXCuSSLk6v0fK4D6BRYps+yKea+XqJplY6
7rLmMRk711dvNqCqJJHDYuMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 393069192986378086020311791483108931360711
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-08 12:32:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-06 12:32:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'xn--80aaehagf0biy.xn--p1ai'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 839264891288134613707992098587811614215800648797238830971023563359431075702733714676770083220916267649009011284583561947997525403763573626479136783257336996862740311380750051151480353041304272350014472167109974129686433820009339889402378695729394828451172306160535110679273467844234234223667540904861125359376698092449435351248373045015701025137155585123796671301887026670825041718258984963604020551648126122934503449029563008925107306911791987875319103187765249348772520694533454264596457845318241182247640521047034562838783277710719422293258682982192887277748776245229451268794992298583874587542371433660537143375878901755774679637638639632216663608995314028049930638172848058468186310313832080523459273103509996607258820347310094801856425501192077889947257621607279941498804817689132812994859718040305887555499038867142186592960386205223802489164214859052715809715135585055556684509221721983410477357063357258842585033825509856666800069279498767613543077946001906668796262235839043229605158659189641102557725076283358230328774126959230632909893871173981414971311655556980422283102092187875538053081098846862259309284421367466880617640700473912351230756628530362752257942306451083350527998069889175189062410717515002638136475083491
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							26765a66f19c089f5aecc85c111cc32cbe88286d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.xn--80aaehagf0biy.xn--p1ai'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xn--80aaehagf0biy.xn--p1ai'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f20077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f58677ad300000403004830460221008040f5cbb0f6234346f85a8affc10defda2230e3407f22646eb1c2cce04493dc022100ef11ea42c15caae868de6ed6ebc84274f09a5eb50cd5ff7f526ed7aca653f4d50077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f58677b020000040300483046022100db2b579d814f1b045f8be1f54de934805bccfc69fb805d8d898ee34160fdc001022100f72c6c4a41d45d573387e47a8d9f132cf1a335f6111bee909fba108eb937b57b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005da944ad0fc4704d4199dcae9bef6f1cdb938fd0c94824b7496ffa09aaa8bbefb78655997d36a9d8a91af156b244f31cffea4d30df2ee4aa4cf6401522f52e50bdafff9ec30acfe529cca6a291b090ebe48ceaaa0fd977e4892dd9c9e516ded166a7fd78b443123fb80699a62d70a9bbe5c181d8f5a69f70729524bd57c575a2a8be9db9cc261f015f8e48da0a0d8db9d9395af367ed6ddb554a541e40ec943f5f40522a76be5cf92eaf312c1b93d9cab374df03f12dd2d5ddb3750423b627dfde199328823a6d108994c377c6a9c9b849ca0e4318ac095c3cbfeb8ea1d77464216841701f98b1766012513b623727392249c437acb1633ab038a0a8b22a8120