demetria.ag
Issued by R3
About this certificate
This digital certificate with serial number 04:ea:28:85:ee:98:d8:75:ed:8f:4c:79:bf:cd:a1:d8:cb:c8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=demetria.ag
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:ea:28:85:ee:98:d8:75:ed:8f:4c:79:bf:cd:a1:d8:cb:c8Serial Number (int): 428129082121177326503468300136865240501192
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 7b:dc:18:e9:52:18:11:6f:01:e1:68:64:97:6b:1b:50:00:ff:0b:a6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 3c:ec:b2:50:fa:71:59:91:04:9c:c8:80:be:83:f0:5c:4f:83:8d:47
Fingerprint (sha256): b7:b8:a2:7c:97:13:49:61:4b:8e:b9:8e:d8:e4:ae:d5:1a:c8:94:ed:4e:5c:45:3f:c2:2f:38:3b:d5:10:88:48
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate demetria.ag
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for demetria.ag
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
demetria.ag
www.demetria.ag
www.demetria.ag
Other certificates including the domain name demetria.ag
(limited to 100 certificates)
dlab-api.demetria.ag
wot.barneyb.com
panel.bitalium.com
demetria.ag
lab.demetria.ag
panel.bitalium.com
demetria.ag
demetria.ag
demetria.ag
demetria.ag
demetria.ag
pitacoin.app
demetria.ag
www.famapp.co
usercentred.services
onepotwonderwoman.com
dev-match-api.demetria.ag
docs.booking.sandbox.redeam.com
dlab.demetria.ag
demetria.ag
tls.automattic.com
redirect.herbitussin.pl
demetria.ag
app.testpecode.online
dlab-api.demetria.ag
pitacoin.app
demetria.ag
www.jamieson.app
docs.booking.sandbox.redeam.com
api.demetria.ag
www.egyconstructors.com
www.demetria.ag
uzatek.com
www.jamieson.app
wot.barneyb.com
panel.bitalium.com
demetria.ag
lab.demetria.ag
panel.bitalium.com
demetria.ag
demetria.ag
demetria.ag
demetria.ag
demetria.ag
pitacoin.app
demetria.ag
www.famapp.co
usercentred.services
onepotwonderwoman.com
dev-match-api.demetria.ag
docs.booking.sandbox.redeam.com
dlab.demetria.ag
demetria.ag
tls.automattic.com
redirect.herbitussin.pl
demetria.ag
app.testpecode.online
dlab-api.demetria.ag
pitacoin.app
demetria.ag
www.jamieson.app
docs.booking.sandbox.redeam.com
api.demetria.ag
www.egyconstructors.com
www.demetria.ag
uzatek.com
www.jamieson.app
Certificate
The complete raw certificate details for demetria.ag in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgISBOoohe6Y2HXtj0x5v82h2MvIMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMzEyMDIyMzJaFw0yNDA2MjkyMDIyMzFaMBYxFDASBgNVBAMT C2RlbWV0cmlhLmFnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx+yH TOmOd/o+CjCpw7zvjDYxcMU5MrpeNzdmvmyWM7aSklzQgDuIyE/4KflXndtasT8H QZOsjNRR30Y5IFBmesBUaLFjQ9uk6aBgGIVg3h+wEhQlQny5MxsyiOQCE/tYYoWt lpys/lWwtz1XCewBw1ETyS41aOs2Qu52cxNgoI5b3ey60YAIdBtTNC1I3tfrlUJJ E6OmRh3JD4kptn5fvgL49pEa1G2RZKjSY4258yLr1GFTTjbaEzzg8Pfqthgxfblh onHXuoLd3vlDaxFJlIBV/V06337ieShso6iWEtg9lPCu13t+MCgRcLjVUaikp+45 BnhWRBe1nrTKcf4bWs3Am2iQOnEhDEPhJwEyxJ1d7AB7VeJ8HyAsqiu9/EkbTxK0 5m9WtEZsMeHIdhVdxiPNBlG6FOETiCqJ/HDgm/VSr3b6HZtKkVXOVl89WGCSZmGN FO+qwrN44kwIUOPSkkFF0NEmr9IwiJwC7VcJMutbTHb+dpFPBALedzDq2qRervOI 1u0zBKV14pUu4CuTiF4qBJYTY5laoSx6RoDmDmACYq8SW3Nbe9oLHZ4jH0ifrfzG N7kjV1F7kMZv/39j9hjGaYYC9bPoSgXjx6njmkXA/8qvJYgIawvK0YZ33VZZd2xu tTovSyk4GowTorF0REqOoiTfqL3nliS1voTXcb8CAwEAAaOCAh4wggIaMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUe9wY6VIYEW8B4Whkl2sbUAD/C6YwHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wJwYDVR0RBCAwHoILZGVtZXRyaWEuYWeCD3d3dy5kZW1l dHJpYS5hZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUE gfIA8AB2AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABjpZkgC0A AAQDAEcwRQIhANYg3lBpDHGTpd+hKa/T7acZAI2IthSMb5sjt4Q9kTtmAiAcdJJl dNK7/WJZNJnXn86OjiMu2YQ92VlGvke971lwigB2AKLiv9Ye3i8vB6DWTm03p9xl Q7DGtS6i2reK+Jpt9RfYAAABjpZkgCsAAAQDAEcwRQIhAOZraXM/C6r6ZSuGmjT1 g3irzlynzLoXNayg+E03Zvi6AiBitcXyy05Hem3U7VzZS9KOTBB9Sfp92eagzK5l rh0YoDANBgkqhkiG9w0BAQsFAAOCAQEAMen7i64quOC9Hv0vd6in1HzmRoPQcVzM e6cxoyBMB4Ylac9fsbXNSy1J73CGWq/YRb8b93grIse5G+Fnrplb1ALM3rPpsRmj rQRT2PTmi29Epwi1S2X785B0QaCRIz6OnlToB/0ps9f5LtJ9hmGWw+YpGdzSLMdL l7UTFE3oFwpUqarK0WDYQbY3t/4uAaDKg3l7JkEELuGycEy62YLH8cW/txFKJ+XH FMLF9qCjS/BCb788QncfbHOOJUoc/iuHN1GwH0TFxUm7fro0261Zi3/HbegWejwC e8QuLPXepGtMasFtzr0qR1IBuSxWNIPyQGmo/kqMA6OUAsN42M7Mkw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx+yHTOmOd/o+CjCpw7zv jDYxcMU5MrpeNzdmvmyWM7aSklzQgDuIyE/4KflXndtasT8HQZOsjNRR30Y5IFBm esBUaLFjQ9uk6aBgGIVg3h+wEhQlQny5MxsyiOQCE/tYYoWtlpys/lWwtz1XCewB w1ETyS41aOs2Qu52cxNgoI5b3ey60YAIdBtTNC1I3tfrlUJJE6OmRh3JD4kptn5f vgL49pEa1G2RZKjSY4258yLr1GFTTjbaEzzg8PfqthgxfblhonHXuoLd3vlDaxFJ lIBV/V06337ieShso6iWEtg9lPCu13t+MCgRcLjVUaikp+45BnhWRBe1nrTKcf4b Ws3Am2iQOnEhDEPhJwEyxJ1d7AB7VeJ8HyAsqiu9/EkbTxK05m9WtEZsMeHIdhVd xiPNBlG6FOETiCqJ/HDgm/VSr3b6HZtKkVXOVl89WGCSZmGNFO+qwrN44kwIUOPS kkFF0NEmr9IwiJwC7VcJMutbTHb+dpFPBALedzDq2qRervOI1u0zBKV14pUu4CuT iF4qBJYTY5laoSx6RoDmDmACYq8SW3Nbe9oLHZ4jH0ifrfzGN7kjV1F7kMZv/39j 9hjGaYYC9bPoSgXjx6njmkXA/8qvJYgIawvK0YZ33VZZd2xutTovSyk4GowTorF0 REqOoiTfqL3nliS1voTXcb8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 428129082121177326503468300136865240501192 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-31 20:22:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-29 20:22:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'demetria.ag' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 815618513921472991795149997105277101466530941682094241791245847384268706266699907993065309358339760098313020539726028034328237955261856716107890992197931545491969801435750096432977381245940317834665020085427168076490870436741392209987829809936691967730684878886629476528748512770202883286488699660666737359574982384729137368050576172435235248264334750974468316294482560580334438838145570157841752156528524502810031648617806497568982637721497420284249603363044890674477819718718407656154693330880569325991969204517389918356176484777485799297061555414409220695050233223375482513928649385623472764422677772023591202516547508215090233090213889681432420805012833212334750160802594304632416322324503790357088980114350885962857944685213534517233107053382774272641276660715837766577133178044895494934357106556156246138868664694944510277911397744093608787699746095171726818383424416253132936248094499155287634730626839765107244272897160280051899231847514691480071117968206183868764660214173297812935431251786303412057371937115975284738079830008526034477583793980062097853710021929627425638052787997183356864862305712609500142404104519284611091337440397201491638101672640629652370874575482393855314123663983879164685706585066402120667504275903 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7bdc18e95218116f01e16864976b1b5000ff0ba6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demetria.ag' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.demetria.ag' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018e9664802d0000040300473045022100d620de50690c7193a5dfa129afd3eda719008d88b6148c6f9b23b7843d913b6602201c74926574d2bbfd62593499d79fce8e8e232ed9843dd95946be47bdef59708a007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e9664802b0000040300473045022100e66b69733f0baafa652b869a34f58378abce5ca7ccba1735aca0f84d3766f8ba022062b5c5f2cb4e477a6dd4ed5cd94bd28e4c107d49fa7dd9e6a0ccae65ae1d18a0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0031e9fb8bae2ab8e0bd1efd2f77a8a7d47ce64683d0715ccc7ba731a3204c07862569cf5fb1b5cd4b2d49ef70865aafd845bf1bf7782b22c7b91be167ae995bd402ccdeb3e9b119a3ad0453d8f4e68b6f44a708b54b65fbf3907441a091233e8e9e54e807fd29b3d7f92ed27d866196c3e62919dcd22cc74b97b513144de8170a54a9aacad160d841b637b7fe2e01a0ca83797b2641042ee1b2704cbad982c7f1c5bfb7114a27e5c714c2c5f6a0a34bf0426fbf3c42771f6c738e254a1cfe2b873751b01f44c5c549bb7eba34dbad598b7fc76de8167a3c027bc42e2cf5dea46b4c6ac16dcebd2a475201b92c563483f24069a8fe4a8c03a39402c378d8cecc93