www.lititz.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:94:6d:5e:7c:29:9b:1f:95:ef:a3:d9:11:bd:80:dd:eb:ef was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.lititz.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:94:6d:5e:7c:29:9b:1f:95:ef:a3:d9:11:bd:80:dd:eb:efSerial Number (int): 311844024545340044513562608462273860987887
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0b:2b:d4:74:ac:00:68:c4:64:e5:a8:26:56:96:cc:74:9c:5b:4e:78
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 89:47:ba:a3:d8:dc:70:c9:d4:10:d8:79:59:68:bb:c2:a3:6e:23:46
Fingerprint (sha256): a8:35:4f:d0:fa:4c:32:87:6e:d3:ae:29:3b:1d:65:61:c5:7b:99:96:3d:74:c6:47:47:53:7e:c7:70:ab:65:fa
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.lititz.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.lititz.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.lititz.org
Other certificates including the domain name lititz.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.lititz.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgISA5RtXnwpmx+V76PZEb2A3evvMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTgyMTU1MjRaFw0y MDA1MTgyMTU1MjRaMBkxFzAVBgNVBAMTDnd3dy5saXRpdHoub3JnMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAydhFm78Q3kQt0+8KoKR/vjom43xpsyqF yrrJM8ELPb8mwwZSu9zeWBDxU0lQ+WDLb3aKQls6KYexSQkwjqvY1/35z9mGl+Tr LmwtI+s6sK6wWA2QD7fJMH0h9Bz7FpzGvP3p2tVoF0QqSd06XdpcSGqdjn/Z3T2I tzGkyBu7ul0b7Lj3IbfxeBv0en0fjkTHfxTeyGiuE9BIqoJ+KwkjNRCpN/Y9ypag oiVAWbY297qIU74Ud1fYiBXhg8DKEQOfRuLd6qQSHZHJVUn/bpEabMmIxlr5EtrS UaiIGPr4zW62AGkQ3Bbc8S68b+9mOa4z/4t7K2BsUMY5irNechm65eWmd0yJ5Ps5 1XfMyvYTQausrEd4gE5vSR89OfXMRd0SBh+o63heD7xsgMRXoH7GMh9kkdvlmMNW nd+f85pPxIsjciA59qPQ9DDbeH/YD6xfgl1SIsb1ejsMycCEOpg+U48Hsr98mUPL ekKnxRKwvhsBTyeLg1+w2JC/7h291DT42nZP59QlFnIg8fNf5kCh/XpgNjqU0zzm qfIUNqPvODgUzJZCr1SbvY9YjWglezvVDD88ybk3E+AVIrc+suVEtzGf7CXpHS1K 5XI8MTkTehMB+T42+v+hCNZY2BIRuqkjEvDmUuVYOEwTZHZapTSy2XumlDhJCDry risO+5N0ZucCAwEAAaOCAmIwggJeMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUCyvU dKwAaMRk5agmVpbMdJxbTngwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAZBgNVHREEEjAQgg53d3cubGl0aXR6Lm9yZzBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQE gfEA7wB2AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vyQVRuAAABcFqDYKUA AAQDAEcwRQIhAKTRdG8JRf8ZOuvHVFF1zmtrd2qUTZLnhJl1Ev72a5pUAiAq86Vp YBZnUlAvZm0XJ3E8CV0hqumtqJdihloZ0owUpQB1ALIeBcyLos2KIE6HZvkruYol IGdr2vpw57JJUy3vi5BeAAABcFqDYKkAAAQDAEYwRAIgPt79jR+0Cqi7yAElyF7q kGEWE0wn+OUrQKLdE5jzY/ECIGiaut4XD/ogeKbYcyUL+i1HXUyuvtrGeQIV0EOG ruQ5MA0GCSqGSIb3DQEBCwUAA4IBAQBj3LQtbt5JSy2g8c2L1fyFQqAEFL9wri7Y gHgILhmlrwnDXIYIcFWfsSMR+//Sj7rE5vxhMd7/cj0tMU1R1QBMUi1L/ixyB7HB 9xemWFH9jhK5ze7U9F1rAF7WkQCPS5Iuj/9cTjUCJVy16fIy8G2J1RLiTL0nKOwM DkVh6PUVoYjZtPMqcCt4T97uw0Uuxx9BhNd0EQH8DBP4RoPOnmkC3MMQYkrOloSC z+K0xcR24ixNTzEnqD//TMxx3+IONeYx4m8mAZFeL2zmY7oU8PPHjmfawWwgeJvp xaaVt5IVo8ToMuDNayEZfs7x8qXD/+vWswdpVMbd6CMg8io0T22T -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAydhFm78Q3kQt0+8KoKR/ vjom43xpsyqFyrrJM8ELPb8mwwZSu9zeWBDxU0lQ+WDLb3aKQls6KYexSQkwjqvY 1/35z9mGl+TrLmwtI+s6sK6wWA2QD7fJMH0h9Bz7FpzGvP3p2tVoF0QqSd06Xdpc SGqdjn/Z3T2ItzGkyBu7ul0b7Lj3IbfxeBv0en0fjkTHfxTeyGiuE9BIqoJ+Kwkj NRCpN/Y9ypagoiVAWbY297qIU74Ud1fYiBXhg8DKEQOfRuLd6qQSHZHJVUn/bpEa bMmIxlr5EtrSUaiIGPr4zW62AGkQ3Bbc8S68b+9mOa4z/4t7K2BsUMY5irNechm6 5eWmd0yJ5Ps51XfMyvYTQausrEd4gE5vSR89OfXMRd0SBh+o63heD7xsgMRXoH7G Mh9kkdvlmMNWnd+f85pPxIsjciA59qPQ9DDbeH/YD6xfgl1SIsb1ejsMycCEOpg+ U48Hsr98mUPLekKnxRKwvhsBTyeLg1+w2JC/7h291DT42nZP59QlFnIg8fNf5kCh /XpgNjqU0zzmqfIUNqPvODgUzJZCr1SbvY9YjWglezvVDD88ybk3E+AVIrc+suVE tzGf7CXpHS1K5XI8MTkTehMB+T42+v+hCNZY2BIRuqkjEvDmUuVYOEwTZHZapTSy 2XumlDhJCDryrisO+5N0ZucCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 311844024545340044513562608462273860987887 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-18 21:55:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-18 21:55:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.lititz.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 823454990506165124524981648033614316442044524988086703526209986036106149425671593282208661642225516463063328920227754244321460522025040376226083203028190774875172751267942020882325272169336065247453350126125457794965031657981366490619286731920422811436693618521858045123646346581993098099703147943717724140924446865659630295355224159248193902951419728343179058125878226168162779094526183409810467446985272630079018735523901617136645273254149262031485105174882861223880174325356278771817729286863091829340081750191341115547838858412104744119682873022334797253575574988626633350604016033043789732575212020027435354342330883774455495281844876487184474209231473307604059120535320496739141322355113503692380457307225530950193895715862591242889796164186355972874436823691572221202088144364060623727706669478730543569150586175632836071179360198035597348913721134990400194171353277708042352641360956173948937988262992222691162157239204836982236539923536379855618032917342350556308669184498909901910587431649669448988108883474463105265544475917518383194738377564828520153632710747165489522095570224873718466764651283596357389164367569549562939749879067255731698316022804471853152131427840165789912963979057577664834536385215185004244306781927 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0b2bd474ac0068c464e5a8265696cc749c5b4e78 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lititz.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001705a8360a50000040300473045022100a4d1746f0945ff193aebc7545175ce6b6b776a944d92e784997512fef66b9a5402202af3a56960166752502f666d1727713c095d21aae9ada89762865a19d28c14a5007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001705a8360a9000004030046304402203edefd8d1fb40aa8bbc80125c85eea906116134c27f8e52b40a2dd1398f363f10220689abade170ffa2078a6d873250bfa2d475d4caebedac6790215d04386aee439 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0063dcb42d6ede494b2da0f1cd8bd5fc8542a00414bf70ae2ed88078082e19a5af09c35c860870559fb12311fbffd28fbac4e6fc6131deff723d2d314d51d5004c522d4bfe2c7207b1c1f717a65851fd8e12b9cdeed4f45d6b005ed691008f4b922e8fff5c4e3502255cb5e9f232f06d89d512e24cbd2728ec0c0e4561e8f515a188d9b4f32a702b784fdeeec3452ec71f4184d7741101fc0c13f84683ce9e6902dcc310624ace968482cfe2b4c5c476e22c4d4f3127a83fff4ccc71dfe20e35e631e26f2601915e2f6ce663ba14f0f3c78e67dac16c20789be9c5a695b79215a3c4e832e0cd6b21197ecef1f2a5c3ffebd6b3076954c6dde82320f22a344f6d93