cisterne.com

Issued by R3

About this certificate

This digital certificate with serial number 03:e8:72:ff:a6:8f:4c:4c:e8:f4:18:36:66:82:ca:eb:68:87 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=cisterne.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:e8:72:ff:a6:8f:4c:4c:e8:f4:18:36:66:82:ca:eb:68:87
Serial Number (int): 340435226326390105538848494575725390293127
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 40:91:aa:e7:43:9c:80:69:fa:68:6b:9a:36:4d:9e:27:1a:54:1d:dd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 29:e7:88:25:70:d0:04:7f:32:5a:55:9c:9f:7a:7d:40:b1:6a:53:19
Fingerprint (sha256): a4:b8:48:7b:0d:fa:e7:80:05:d9:4d:43:c6:27:54:3e:73:3a:ab:4d:74:4a:04:bc:2c:56:f8:85:06:cc:b0:fb

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate cisterne.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cisterne.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cisterne.com

Other certificates including the domain name cisterne.com

(limited to 100 certificates)
cisterne.com
cisterne.com
www.equilifemagazine.com
www.cisterne.com
cisterne.com
cisterne.com
cisterne.com
www.thelogpeople.com
cisterne.com
www.cisterne.com
www.europhiles.com
cisterne.com
www.cisterne.com
www.cisterne.com
www.cisterne.com

Certificate

The complete raw certificate details for cisterne.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISA+hy/6aPTEzo9Bg2ZoLK62iHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA3MTMxMTIyNDdaFw0yMzEwMTExMTIyNDZaMBcxFTATBgNVBAMT
DGNpc3Rlcm5lLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKFb
0ez+Nx4+x5Y9Pce2bg/2qKPp61LXBbydHbRO1GALeVPSkL+/bpdAdYwweL4jzDwn
mzPMF83/GPu09Hu7aCegPaCuPv7uLdbV30QJE3a/L3Ju7YG/7sPnQS7ADRk6qQBb
mMH/IFDIQ4vBybSqkEB9FcNIp2uLEyvL2u7xyshkY7WmCp5rG5ZaKu4gW368VVyy
Hybbv5LZKrmuW0qibuG8q/wdwREllE4V0fBh0T0Q1UyC/fMLBqIsyw6Gu45oRim4
f5zc6M0KNLQxC0AyRyCa4dkmaFdU1cx/+5Bs9+loX6xLdsed01uORt2vLKhHvaXM
zIGt7Kw4eg7RVbtXvqDgGhxpNDLHi7r/MVgFjg8lB+EhvkA8BsTaC7HHRzT+aXUz
O28QKocA+gUzmNpQ/IFDg1ZuZBG//r2E9WNkYeQJTJZ0ZXXEBP+FWi6emCuH5kq2
7leiU+d4VfoOd+C2WmxdvUEkujSP8MPP7vWZUrG+L6PNG9ih1sEH8o0knrZ1vilR
1JRW9WgKkX6N9aynwUvXWOKVcUnt+NVE47iWPETcfU2CZT99ygty4ilt/g9SLT1q
3d+wcjTkzxZOkqEvpeD0dqMawk7mlMwSQXrE52JWJ8u//Y3rhSFHX/UcEgJM7CHN
hxVoP88Cg9YWWPRyYme/zjpInM3zzMD85Khf/SMTAgMBAAGjggIOMIICCjAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHQYDVR0OBBYEFECRqudDnIBp+mhrmjZNnicaVB3dMB8GA1UdIwQY
MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF
BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v
cjMuaS5sZW5jci5vcmcvMBcGA1UdEQQQMA6CDGNpc3Rlcm5lLmNvbTATBgNVHSAE
DDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1ALc++yTfnE26
dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABiU80L5cAAAQDAEYwRAIgMXck2Jiy
1AxvnY+MvO8EbgWXM1ttSuqcwzgQj91fLm8CIDLJlJbHnjrTVSgA582WEnq0Dcqb
IA4qv/UZPH2eMszdAHcAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IA
AAGJTzQvrwAABAMASDBGAiEA7t878tPC749/5ywpDGCjTn1X0O5UGglD0UkZc2LJ
CIsCIQD9zyCSODJtcGKeyOwUJHwiJIdIraZRdPHwaSc2zwB2XzANBgkqhkiG9w0B
AQsFAAOCAQEAUYoxpUgERZk+fFI3aWhyymg9v7Q98RieE8yNo2P1J9adzROqkiDw
MtK+5SUA8v7FzVVm/ehGXa3iY4G83Ghmaafs9/kDZm0MSJnAjKvUKwsE7MpRKwNe
xMYPnrFtqvEhI8y8H8k6OfzQj9DNBWaMEiWOGHCiutmEgQ4ZwbHKE62dpkKFBiIX
3t2DEtLQYm+XE+cwTWC4ndEc++A0rF3MO5JVFadmpNlTePo9nPheOuMXWrVK9ijg
iv2vOtTDw9boZGW+f/2wKwdI/DUVRq10HJNF8Jrophqku4zl/EXNk3cXG5BlAAxi
VHjvNBWUlcTK4HmrK7vIO4xNJsKW0UjNzw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoVvR7P43Hj7Hlj09x7Zu
D/aoo+nrUtcFvJ0dtE7UYAt5U9KQv79ul0B1jDB4viPMPCebM8wXzf8Y+7T0e7to
J6A9oK4+/u4t1tXfRAkTdr8vcm7tgb/uw+dBLsANGTqpAFuYwf8gUMhDi8HJtKqQ
QH0Vw0ina4sTK8va7vHKyGRjtaYKnmsblloq7iBbfrxVXLIfJtu/ktkqua5bSqJu
4byr/B3BESWUThXR8GHRPRDVTIL98wsGoizLDoa7jmhGKbh/nNzozQo0tDELQDJH
IJrh2SZoV1TVzH/7kGz36WhfrEt2x53TW45G3a8sqEe9pczMga3srDh6DtFVu1e+
oOAaHGk0MseLuv8xWAWODyUH4SG+QDwGxNoLscdHNP5pdTM7bxAqhwD6BTOY2lD8
gUODVm5kEb/+vYT1Y2Rh5AlMlnRldcQE/4VaLp6YK4fmSrbuV6JT53hV+g534LZa
bF29QSS6NI/ww8/u9ZlSsb4vo80b2KHWwQfyjSSetnW+KVHUlFb1aAqRfo31rKfB
S9dY4pVxSe341UTjuJY8RNx9TYJlP33KC3LiKW3+D1ItPWrd37ByNOTPFk6SoS+l
4PR2oxrCTuaUzBJBesTnYlYny7/9jeuFIUdf9RwSAkzsIc2HFWg/zwKD1hZY9HJi
Z7/OOkiczfPMwPzkqF/9IxMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 340435226326390105538848494575725390293127
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-13 11:22:47 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-11 11:22:46 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cisterne.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 658285948896639917526547680479400863476103026056965406351750383023853376278742386787131927927356321732318346746249723815045778948258367092329788850129813072945710335688904067757217303420759991011434615887886674124181054960905549163869028316845033923422983966578798386069459218561018141106237284086573692893969771601207696950899930640033194605977047867263518897676672492077278521159662572071393075575054582355407650386250917261679797735733069054103665135042023313435468380870909944116144244956637083961038449753336491975091919841292971142360143904071699111605174673499586451647474980649232524450678846394216133155241885558072128223699841917124088606468878683918457126234318043647689931004554101601156820653105694677950430813476970222541210455448108872613012163299071962391033559190740199575570403605730776245401702041917408409200477254630661877333741467497589942246341861229184009097496881810832510691277745594012217581088815580303737365994205969958530163539811811129870715278156262878591181467498788050302369553295490799363500274640766801267196998084116044826643805900664291936014001912797585183318901613117260371460768804507842242646476559981179643063799439860661107292477123484892103957710226773985907072540836247820629347802096403
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4091aae7439c8069fa686b9a364d9e271a541ddd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cisterne.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001894f342f9700000403004630440220317724d898b2d40c6f9d8f8cbcef046e0597335b6d4aea9cc338108fdd5f2e6f022032c99496c79e3ad3552800e7cd96127ab40dca9b200e2abff5193c7d9e32ccdd0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001894f342faf0000040300483046022100eedf3bf2d3c2ef8f7fe72c290c60a34e7d57d0ee541a0943d149197362c9088b022100fdcf209238326d70629ec8ec14247c22248748ada65174f1f0692736cf00765f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00518a31a5480445993e7c5237696872ca683dbfb43df1189e13cc8da363f527d69dcd13aa9220f032d2bee52500f2fec5cd5566fde8465dade26381bcdc686669a7ecf7f903666d0c4899c08cabd42b0b04ecca512b035ec4c60f9eb16daaf12123ccbc1fc93a39fcd08fd0cd05668c12258e1870a2bad984810e19c1b1ca13ad9da64285062217dedd8312d2d0626f9713e7304d60b89dd11cfbe034ac5dcc3b925515a766a4d95378fa3d9cf85e3ae3175ab54af628e08afdaf3ad4c3c3d6e86465be7ffdb02b0748fc351546ad741c9345f09ae8a61aa4bb8ce5fc45cd9377171b9065000c625478ef34159495c4cae079ab2bbbc83b8c4d26c296d148cdcf