itaka.cn
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:c3:b4:ae:ca:34:d0:a0:90:30:6a:65:28:55:8e:f3:0e:65 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=itaka.cn
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:c3:b4:ae:ca:34:d0:a0:90:30:6a:65:28:55:8e:f3:0e:65Serial Number (int): 327932087944989581611826829668231859605093
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d0:a6:16:7f:6a:d6:64:8a:80:51:75:45:52:f1:0d:b9:43:b7:05:d8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 1a:ff:94:5d:ed:d0:08:76:cd:9b:f4:30:1d:ec:d0:03:49:f5:f7:8b
Fingerprint (sha256): af:b3:ca:c2:75:13:7b:e2:49:aa:95:51:ba:da:bd:96:35:08:fd:cc:85:8b:fb:fc:fa:84:cd:d4:6f:8f:8b:47
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate itaka.cn
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for itaka.cn
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
itaka.cn
Other certificates including the domain name itaka.cn
(limited to 100 certificates)
Certificate
The complete raw certificate details for itaka.cn in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSDCCBTCgAwIBAgISA8O0rso00KCQMGplKFWO8w5lMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMDIyMjA3MDFaFw0y MDA1MzEyMjA3MDFaMBMxETAPBgNVBAMTCGl0YWthLmNuMIICIjANBgkqhkiG9w0B AQEFAAOCAg8AMIICCgKCAgEA5DggS/cV4WDNxQPZRugwIB9CYi1lusK35ZuvJprR C57qLzf8CfFxhGmZxbafoly1tmoPTO7izXP80Vp4Es/VgjeKeQtMiLFUgqKQ2hrT AfNPR+BIV64j6+P3zknbYj9ibn8Ll7dv1U1IxpVgn4lgdXMQ+xJoU8gLPiRC2YSX pt+5hqHlxM1eIPpPdKM/eCexW6PossHDc+KYwZxMkHUBak9cYrwBHA806HgrEU/L Q+jBykW7bOWyGyQJ59JzgXWxxyVSorlXqc+wUZBBJ9831ZgcE3XhX4NFlUAFeU8r DC6el06JBBnGLNmQu80mkXsGA3YKHYL3ikFVBMXUAQoojvxtyqth1+X6eNwaOrmu H3G0YOYp/ZScFG/6yRJplW6Y6Fj34n+9QLCkVYJ2WbSjUhgR7WJX4sM09aXUwRnL vDl8GdaP89oOBdN3IHcSCqT1YNEF2GpzMGB4Zf1IcZiVAYDCw24C7mMFrlnTdeMF 8ppoFBgv8O3bLVB5AoiWtxz978naIbKVsYXC5+zEyZR2RkFlvxgA7GQGXaaM+vVN DVGVGYaS0izGKj4KYkrQ37lYWSq50FcSzT/uZNIDchAYIXxs+ffzyk3IKj5jNyYj sGDaRqWTBk0YwvvbrNnj00a51ANLjD0HKkt3EIF3OvYnVC+Q/LB+P3G7vI8BqTfe StkCAwEAAaOCAl0wggJZMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU0KYWf2rWZIqA UXVFUvENuUO3BdgwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYI KwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0 c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0 c2VuY3J5cHQub3JnLzATBgNVHREEDDAKgghpdGFrYS5jbjBMBgNVHSAERTBDMAgG BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz LmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2APCVpFny ANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABcJ2AsXoAAAQDAEcwRQIgA5YS 1pzZU1TYn/AEOJ+Bt5b5QdCU4gf+uwTa/BNTJEECIQCcYLP+XSK2oqxHQ+S0mm0+ xfcpOQXVnHhyDsYLQZ3TAAB2ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3v i5BeAAABcJ2AsW4AAAQDAEcwRQIgAK5qTIEgMaxrVMOX5qmLr/MAnpKA735xTT2b P+QwKaECIQCWQmVJzeJ8xqThq1RMwskj7K1/O7TgfIlHjqNaJ4aGGTANBgkqhkiG 9w0BAQsFAAOCAQEAeu/0l/Jtwq+aOLn9ijpK2uZGPk6mdw2SaeFV9HGhn1qhNBKj 6WBVzm57+C3U4eHmYUpMoTQR7VJ/STD/Uz2q4szJOiZ85ZyIiTT59oaqh15I5baY 9o6kBHxOwK55kLkZVEyqPbWqUelYP0PSJmKxAC7fNoPKkdJE+9SXc86Orvua+iM0 cHEeZ0eiUt3IWZL6r8xhhIFsh208LL2dJcJwdxr/G8hGCaf+mO0pBRKPoj4zQ+mT 1tDkzFz5nCTICDhozrWzjepLkYjBQKkhccmo/BSJGbp990kjcbd7j2ymrpoZzl2Z qMBtcklZ5mvD0wL075WsC7BlsXbM+l+Y6RjtKg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5DggS/cV4WDNxQPZRugw IB9CYi1lusK35ZuvJprRC57qLzf8CfFxhGmZxbafoly1tmoPTO7izXP80Vp4Es/V gjeKeQtMiLFUgqKQ2hrTAfNPR+BIV64j6+P3zknbYj9ibn8Ll7dv1U1IxpVgn4lg dXMQ+xJoU8gLPiRC2YSXpt+5hqHlxM1eIPpPdKM/eCexW6PossHDc+KYwZxMkHUB ak9cYrwBHA806HgrEU/LQ+jBykW7bOWyGyQJ59JzgXWxxyVSorlXqc+wUZBBJ983 1ZgcE3XhX4NFlUAFeU8rDC6el06JBBnGLNmQu80mkXsGA3YKHYL3ikFVBMXUAQoo jvxtyqth1+X6eNwaOrmuH3G0YOYp/ZScFG/6yRJplW6Y6Fj34n+9QLCkVYJ2WbSj UhgR7WJX4sM09aXUwRnLvDl8GdaP89oOBdN3IHcSCqT1YNEF2GpzMGB4Zf1IcZiV AYDCw24C7mMFrlnTdeMF8ppoFBgv8O3bLVB5AoiWtxz978naIbKVsYXC5+zEyZR2 RkFlvxgA7GQGXaaM+vVNDVGVGYaS0izGKj4KYkrQ37lYWSq50FcSzT/uZNIDchAY IXxs+ffzyk3IKj5jNyYjsGDaRqWTBk0YwvvbrNnj00a51ANLjD0HKkt3EIF3OvYn VC+Q/LB+P3G7vI8BqTfeStkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 327932087944989581611826829668231859605093 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-02 22:07:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-31 22:07:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'itaka.cn' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 931053280134301728720910256440679920071497478919887289567960553176451090272781259972104423296658670343611012331221129847689538002870967944006903382749547031993656504355468036296806235861133216488998420699248559148096659651537208178913196731917158613848635606076494138299805448790898191340973437476164061818090547884024934052076653960312926496278481028196209288210446681280797744140724983100018787646532274788465941469725273472815705945383402367146681430951415565132302938437737726694656204400461476665069100392594329029268098041468529456906285217681451390112583336812281087758528927400824871374795583151618334001307756667761396323859500783994956176762768198181101730028465466265365973062061164693748172243990746376939462650925152592065647824948638021767901571640223378769386211911885249917155376450577577149643223710386013756626845884740604351410709457638813588753489697964977610186154394399957155081087893224653154966838354685143716914809444550015500318444676376524805353060067797057410685962712181383143124685535201495404408885535586140653860128856125653045935764329586417981579773325510096801957482330050369851131405940257662675799906699517638178810445103685725907367659920338515092097641887760600697063760087440872690039234906841 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d0a6167f6ad6648a8051754552f10db943b705d8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itaka.cn' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb273000001709d80b17a00000403004730450220039612d69cd95354d89ff004389f81b796f941d094e207febb04dafc135324410221009c60b3fe5d22b6a2ac4743e4b49a6d3ec5f7293905d59c78720ec60b419dd300007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001709d80b16e0000040300473045022000ae6a4c812031ac6b54c397e6a98baff3009e9280ef7e714d3d9b3fe43029a102210096426549cde27cc6a4e1ab544cc2c923ecad7f3bb4e07c89478ea35a27868619 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007aeff497f26dc2af9a38b9fd8a3a4adae6463e4ea6770d9269e155f471a19f5aa13412a3e96055ce6e7bf82dd4e1e1e6614a4ca13411ed527f4930ff533daae2ccc93a267ce59c888934f9f686aa875e48e5b698f68ea4047c4ec0ae7990b919544caa3db5aa51e9583f43d22662b1002edf3683ca91d244fbd49773ce8eaefb9afa233470711e6747a252ddc85992faafcc6184816c876d3c2cbd9d25c270771aff1bc84609a7fe98ed2905128fa23e3343e993d6d0e4cc5cf99c24c8083868ceb5b38dea4b9188c140a92171c9a8fc148919ba7df7492371b77b8f6ca6ae9a19ce5d99a8c06d724959e66bc3d302f4ef95ac0bb065b176ccfa5f98e918ed2a