www.galatone.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:d0:e4:ec:0a:d9:00:33:6d:f7:88:0a:bc:6b:5c:1f:f6:05 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.galatone.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d0:e4:ec:0a:d9:00:33:6d:f7:88:0a:bc:6b:5c:1f:f6:05Serial Number (int): 332419879699950184855228979177348654953989
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4f:b6:47:85:07:8b:e4:52:ac:3c:23:c7:3f:9e:d9:85:3b:5d:b8:bf
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 95:6a:76:54:9c:c8:49:39:0e:26:0c:16:00:ea:1f:7b:bb:61:87:7c
Fingerprint (sha256): a9:ae:d8:61:db:38:a3:a6:fb:c6:64:ae:5b:f3:10:c4:30:89:e9:c4:1e:86:ef:ec:af:4e:a3:30:25:ef:ba:a9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.galatone.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.galatone.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.galatone.org
Other certificates including the domain name galatone.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.galatone.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWDCCBUCgAwIBAgISA9Dk7ArZADNt94gKvGtcH/YFMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjgxOTUyMTVaFw0x OTEwMjYxOTUyMTVaMBsxGTAXBgNVBAMTEHd3dy5nYWxhdG9uZS5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDNEumsoaGlIOMpWDrPED2zhupR3y7b jHGhNrO9WUncoCXQ/1opHIoMhFHTZZtO6SYlmjQJ28vb9KAUgz5cuwtjMqnHpbmb FnMrvAJy9bREXBRgsyKAfcKaE0YNVpe/mvE6++DnuLV0u7P6ei4l0GGCF6t80kKG sekUs1DpYpH+1LTDsY/Dx3uEyAHNWBi8oD++19fC8u7x/sM9+Q3PHAUoX0B6rAPu wkglbArQclpToWGKONUgGq5K9AzbovUzzaP4bwmszlNeuzVyoFo9VKO3ozUvZLVa 9H7mDDY5IYzQGeN9pf6l7Efp2pCJf9oY3I94WZR0OTjsMlUJ1jm34D+MRe6aK5q+ 8D6/t4cHNhiZv+bcmliz/R7QN3Ofd2p9M2QqHtJZvb50PpiNwhS1Gy+52iVKX0dh et3GyXkPJsok3oGpx8PmFDbtZhdlk0b8MmfX4JvDobT9RapfMNmIlx02DxYCR899 B9tWb2V+EyHOifMKGRk3oHd4aaX4dzmmt+bQLQFT++YH8Hcir3qCsptTBZ9l3uGm f/atCDgxkurK8Ij6z1RJNcCl7bIzTsgsO7vWU+o8P6J7B14jxGPwdDtirwb49qBR LoE4ZVTUcPXxQfhza2tvqhfwamJm6DCZEJXTL6lSLFLszWYVd+VxdEE8lstFiwhc lCiKmBRd0CK/ywIDAQABo4ICZTCCAmEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRP tkeFB4vkUqw8I8c/ntmFO124vzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEHd3dy5nYWxhdG9uZS5v cmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQC BIH1BIHyAPAAdgB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWw6 WvdkAAAEAwBHMEUCIQCE1P+Bl/Rnm39uIey3gQ7N7+e6ZZDhWaNKCGGh2v5i6wIg IEuq/K6e4IrALgBe5nW2FUZdAbVEYp195q8ITAeA5XsAdgBj8tvN6DvMLM8LcoQn V2szpI1hd4+9daY4scdoVEvYjQAAAWw6WvdUAAAEAwBHMEUCIQDdAr9PUGckReAP SjQujAjSnQXMBtbubafMH5yOXFuSeQIgOh3mK8yoapYuIC9IlnLZbrD2PlORq8oB lVfCODj8qi0wDQYJKoZIhvcNAQELBQADggEBAJBoA+gqeZ7AIcDJ5FrELn1Q0Jrv 72xJhEZl8tKeSQ9zK9A/GR/EasDbp0ySMiVn59fOfGCoSAfKdSMWAqbPpsa4nKez iVQgv50BSmpIH/l6HBXlRU3Y+ySiIe9jxTUQBATpPDtQmVbOJ0IcPwfINDyx8xBF ep0htbmB3EQmwSn0enV0EZ8StHsB1IepLi/iLQph/SJ9wnW5M8AfVnUSyUAlSvV1 k1JqyNjruW5Fo4jP6PogzQ4/fqRjNDchyadDW/t4vZ5YZBmoefnnU/n8hUnMYSwl 9JmWJW5SyhpXXTZ5wFRyDVRxNmrDn+tK+0IQGmMUMqwv1/SRQSTsuwVWXc4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzRLprKGhpSDjKVg6zxA9 s4bqUd8u24xxoTazvVlJ3KAl0P9aKRyKDIRR02WbTukmJZo0CdvL2/SgFIM+XLsL YzKpx6W5mxZzK7wCcvW0RFwUYLMigH3CmhNGDVaXv5rxOvvg57i1dLuz+nouJdBh gherfNJChrHpFLNQ6WKR/tS0w7GPw8d7hMgBzVgYvKA/vtfXwvLu8f7DPfkNzxwF KF9AeqwD7sJIJWwK0HJaU6FhijjVIBquSvQM26L1M82j+G8JrM5TXrs1cqBaPVSj t6M1L2S1WvR+5gw2OSGM0BnjfaX+pexH6dqQiX/aGNyPeFmUdDk47DJVCdY5t+A/ jEXumiuavvA+v7eHBzYYmb/m3JpYs/0e0Ddzn3dqfTNkKh7SWb2+dD6YjcIUtRsv udolSl9HYXrdxsl5DybKJN6BqcfD5hQ27WYXZZNG/DJn1+Cbw6G0/UWqXzDZiJcd Ng8WAkfPfQfbVm9lfhMhzonzChkZN6B3eGml+Hc5prfm0C0BU/vmB/B3Iq96grKb UwWfZd7hpn/2rQg4MZLqyvCI+s9USTXApe2yM07ILDu71lPqPD+iewdeI8Rj8HQ7 Yq8G+PagUS6BOGVU1HD18UH4c2trb6oX8GpiZugwmRCV0y+pUixS7M1mFXflcXRB PJbLRYsIXJQoipgUXdAiv8sCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 332419879699950184855228979177348654953989 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-28 19:52:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-26 19:52:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.galatone.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 836628430245483591827247848392812185830565486513660430391085315250295919210870769961405586581965460239466535427856458340043163397743449045962410030795808056991072335345767668572879610662785700903058950563418790470633223791356953310325791217667126538447940921994600638858470229616091045190104408576929180389418719571456480767575741899031042827919616680991844264045381196475893047568536813091324986662611297159089880837603930179178857433619477837603999862164722451753834071698428322577493410488435950275263434970635592508654114263897851832746796041048080769781797321366126074201370482642536441083169125712113161700505924685101437863849650789314432536732829791753868911809347139740702039158839395949977388601348020860738489904291078438726583548785095896890632196024090117133552571491453963832397836826449746177026539056497954819951698598486210690812266340797089061864131427009184081097518972970520192487626304672854963932067103411401061126777582652603392330456773244700283358600548866250505415639499931288238182315685384108822894968147818767228557081110056208182879353710507480667567886417642342545725741949835765145824903303996176662453981261598343432101272133492483058748250058226156927769209924027892380636993621751202932513937997771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4fb64785078be452ac3c23c73f9ed9853b5db8bf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.galatone.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c3a5af764000004030047304502210084d4ff8197f4679b7f6e21ecb7810ecdefe7ba6590e159a34a0861a1dafe62eb0220204baafcae9ee08ac02e005ee675b615465d01b544629d7de6af084c0780e57b00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016c3a5af7540000040300473045022100dd02bf4f50672445e00f4a342e8c08d29d05cc06d6ee6da7cc1f9c8e5c5b927902203a1de62bcca86a962e202f489672d96eb0f63e5391abca019557c23838fcaa2d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00906803e82a799ec021c0c9e45ac42e7d50d09aefef6c49844665f2d29e490f732bd03f191fc46ac0dba74c92322567e7d7ce7c60a84807ca75231602a6cfa6c6b89ca7b3895420bf9d014a6a481ff97a1c15e5454dd8fb24a221ef63c535100404e93c3b509956ce27421c3f07c8343cb1f310457a9d21b5b981dc4426c129f47a7574119f12b47b01d487a92e2fe22d0a61fd227dc275b933c01f567512c940254af57593526ac8d8ebb96e45a388cfe8fa20cd0e3f7ea463343721c9a7435bfb78bd9e586419a879f9e753f9fc8549cc612c25f49996256e52ca1a575d3679c054720d5471366ac39feb4afb42101a631432ac2fd7f4914124ecbb05565dce