massima.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:c8:d1:ca:51:13:50:78:c3:b0:47:3f:42:ac:27:f1:82:10 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=massima.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:c8:d1:ca:51:13:50:78:c3:b0:47:3f:42:ac:27:f1:82:10Serial Number (int): 329672190318958321864718091956773454971408
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e0:3d:06:f8:b5:ea:3b:e0:77:66:fe:c7:6e:f5:cb:bc:0e:bb:f8:c5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 71:ee:d6:e1:af:f1:52:15:ca:c3:c1:59:7c:6b:4c:d3:32:60:2b:8a
Fingerprint (sha256): ae:f9:56:d3:f3:f6:32:46:4f:35:1e:30:a8:83:68:34:27:86:0f:16:58:93:9c:5d:63:7b:76:59:55:ae:64:68
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate massima.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for massima.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
massima.org
Other certificates including the domain name massima.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for massima.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISA8jRylETUHjDsEc/Qqwn8YIQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMjQyMTM1MjZaFw0y MDAzMjMyMTM1MjZaMBYxFDASBgNVBAMTC21hc3NpbWEub3JnMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAuxxFBUGsOALiiJ40J43zjANjEFUxIfA7xQTS r/I3QkXeo0RIcHzpUcZgY1qvn30GSbkveK70NDCru3fqRwFCcp1/BEV1h39w00jk r82WZjiS6Oq9W6cpVI+S5MwrIdM45sDdNmn/7ED3svl1jmFnc0k2nsQR9tB4IgHH 64SpyWzF+Xvd6M7vGKHdiT0G207A2SzKbeqvxObX70wKOSWMlZlgkD/wXjwNv0Ez +X5DyG3MZHhpvy+PV3jsc8Jx1i6gTzJplm1Kkv+OxzkPCgvtjSXWdl26FSmfpvuz y9UfRYcjuQjqFqHl53BOoEyoHsL2ShbKtZakclE7/p1BaceNNgZ7pvLvmlIIm+Uq iE1qKYpbg7iW14IoUH220juk3pmhUTzcLzLSO9by9cyRsrhBLtateV1r0fHXTgVx 5aJUcLJ4Tmje5NjoSOnUNgtpA35Azjssrt915z5PiPKBwlT7KAMy1kpE3aIQ50Fk s0CU7eXzk2DG8l7t9nNj2MGXokvm9JqW2XpNYDLWLuAEwUc854ScHqWKtY4Diub3 WuTM3oBAZ+TSZmehRwqbMBoiuXWY/gYrxrEbikMN/VMAyrds3HwfctBw75g86z15 N1JYaW/ZoRVIwpHIvRZn7BPeBM71+v5yXMr2iFIIlq6X1kPuiKzlaL7s54TLKM+L psUrvvcCAwEAAaOCAmEwggJdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU4D0G+LXq O+B3Zv7HbvXLvA67+MUwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAWBgNVHREEDzANggttYXNzaW1hLm9yZzBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2 AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbzoM+38AAAQDAEcw RQIgPhh1CuuN+LcDR3Vtn76I9IXebyUM4forNktQbrf2g/YCIQCNnH7koD/p829m Y8Av8XZi/c25jy+N2jvaBUC+277EUAB3ALIeBcyLos2KIE6HZvkruYolIGdr2vpw 57JJUy3vi5BeAAABbzoM+2kAAAQDAEgwRgIhAL7M9x5tE3yC0CVGWS7H99aKlZuG y9TEid9g2WraDGh0AiEA1bFIa9Yozt8MK2puRL4yUE35iaB06DZGIUqkhBnZEk4w DQYJKoZIhvcNAQELBQADggEBAFAPYJDEX7lIZdaY5iAooTXOzUFVJfvL2aOygFeG Gmb0xs4Y4l8QAvKvmySmhZC3QLAVTPYPNKlO3wBR8kGi8NpfmhchsEaPi2tH7y9m WZi4Xd8Rdodop2+gFpSkc5khOrl3uK8D3YjhFwQkFEQU4B60CGzgbeuEEm2YJWFO 6H9gZy/MNYn93kOEE3XhACfDrU1IMECb32mydkNh/YPwjeZ7ZTPjEh20yNnyHq6+ IdgBW7Huq6X686ib0uto2VgcjVUfM1kaz2dpY7T5lEV/3mLo5xquDGsLt2IBUZUe HeFHbnoSveJhMzVdOcgwz3es+P0igXxzeplxrvnJr0p3N7s= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuxxFBUGsOALiiJ40J43z jANjEFUxIfA7xQTSr/I3QkXeo0RIcHzpUcZgY1qvn30GSbkveK70NDCru3fqRwFC cp1/BEV1h39w00jkr82WZjiS6Oq9W6cpVI+S5MwrIdM45sDdNmn/7ED3svl1jmFn c0k2nsQR9tB4IgHH64SpyWzF+Xvd6M7vGKHdiT0G207A2SzKbeqvxObX70wKOSWM lZlgkD/wXjwNv0Ez+X5DyG3MZHhpvy+PV3jsc8Jx1i6gTzJplm1Kkv+OxzkPCgvt jSXWdl26FSmfpvuzy9UfRYcjuQjqFqHl53BOoEyoHsL2ShbKtZakclE7/p1BaceN NgZ7pvLvmlIIm+UqiE1qKYpbg7iW14IoUH220juk3pmhUTzcLzLSO9by9cyRsrhB LtateV1r0fHXTgVx5aJUcLJ4Tmje5NjoSOnUNgtpA35Azjssrt915z5PiPKBwlT7 KAMy1kpE3aIQ50Fks0CU7eXzk2DG8l7t9nNj2MGXokvm9JqW2XpNYDLWLuAEwUc8 54ScHqWKtY4Diub3WuTM3oBAZ+TSZmehRwqbMBoiuXWY/gYrxrEbikMN/VMAyrds 3HwfctBw75g86z15N1JYaW/ZoRVIwpHIvRZn7BPeBM71+v5yXMr2iFIIlq6X1kPu iKzlaL7s54TLKM+LpsUrvvcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 329672190318958321864718091956773454971408 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-24 21:35:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-23 21:35:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'massima.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 763343948347464022994791355163137367897592022786029402505134800379426385737172870875907721080269482896721623961370302972506182018058067954921602923573203525668464038250683075655947775311689900725443911504450830860576187195590701990574364818426574615599868432178561491551657934666330764048576545779303182234444032605460623410319801860416030288170472284256582678829736363532150181265262718094252343228450203430814065064511648118239605582639376592070499830678907922662667163714714455230836351899328262287215739594363791331712420788874338830225545959426800212327807275791165468909954197765479205253788925580500969421671681120082900682000360157258471288048017754214476007827813303905244745996651562477183392149069197213276161889170234563610532962247894297926623794307193371827209475892343430795009375014426260744115314496697084889699637371622664627707647514013632945505439439527294333130394808455623344507786926446019509156126145989011413976032121325827378892877538142651660708858117176195283752132988110712653511673820224780678684598250946839999095076784031752367092927732150941554674035017059501100707970986371545029107792053131105668927574603049753878171341154763662638404439174312120553339702151619190672303540015685009464036122410743 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e03d06f8b5ea3be07766fec76ef5cbbc0ebbf8c5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'massima.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f3a0cfb7f000004030047304502203e18750aeb8df8b70347756d9fbe88f485de6f250ce1fa2b364b506eb7f683f60221008d9c7ee4a03fe9f36f6663c02ff17662fdcdb98f2f8dda3bda0540bedbbec450007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f3a0cfb690000040300483046022100beccf71e6d137c82d02546592ec7f7d68a959b86cbd4c489df60d96ada0c6874022100d5b1486bd628cedf0c2b6a6e44be32504df989a074e83646214aa48419d9124e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00500f6090c45fb94865d698e62028a135cecd415525fbcbd9a3b28057861a66f4c6ce18e25f1002f2af9b24a68590b740b0154cf60f34a94edf0051f241a2f0da5f9a1721b0468f8b6b47ef2f665998b85ddf11768768a76fa01694a47399213ab977b8af03dd88e1170424144414e01eb4086ce06deb84126d9825614ee87f60672fcc3589fdde43841375e10027c3ad4d4830409bdf69b2764361fd83f08de67b6533e3121db4c8d9f21eaebe21d8015bb1eeaba5faf3a89bd2eb68d9581c8d551f33591acf676963b4f994457fde62e8e71aae0c6b0bb7620151951e1de1476e7a12bde26133355d39c830cf77acf8fd22817c737a9971aef9c9af4a7737bb