www.borgotoscano.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:6a:cd:f7:60:0c:af:3e:fd:19:67:18:78:3b:dc:68:af:44 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.borgotoscano.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:6a:cd:f7:60:0c:af:3e:fd:19:67:18:78:3b:dc:68:af:44Serial Number (int): 384792850805236725496061235709590008016708
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d1:7f:ff:27:66:e9:a5:69:a4:0e:f8:17:a1:73:c8:ab:20:c3:df:3d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 3d:09:10:58:c2:5d:b8:bc:2a:6b:dc:76:31:2b:17:b8:ba:7c:54:c5
Fingerprint (sha256): ba:a9:8e:6f:1b:e4:66:dc:11:68:4e:65:37:18:05:f4:35:a8:33:4d:ca:fa:63:26:c2:09:4f:b6:04:39:4a:c6
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.borgotoscano.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.borgotoscano.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.borgotoscano.com
Other certificates including the domain name borgotoscano.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.borgotoscano.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYDCCBUigAwIBAgISBGrN92AMrz79GWcYeDvcaK9EMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDIyMjEwNTZaFw0y MDAzMDEyMjEwNTZaMB8xHTAbBgNVBAMTFHd3dy5ib3Jnb3Rvc2Nhbm8uY29tMIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzbUF61WZoLYPtDFFZ8dgyAZ7 Wlp0dNtcBkGJwL5gXqIQKjCbtsqWy1jPQvSmNPWhSMJUFcAPUOqVtWdAVJaKA4be Vr9uMhkrMiLLRSUaWjrBYpW07MtdjALNkEZ+0BwIlsfQyTGq2yjmTFXPwipl4sza 0zLrL1w+rkFb418yKj+cBlFRPVQfcVXn2rlltRJy8S1oQ6yRjQXN0yzPJqB1Gp6m tHHgZztm0OcpUDmS/4jb5UC0xmpr5eFbwwLItDgkNIvqqyGQQYKfxh3dcs2o9qWI zCpR4Z4uGbhHbH1Drckp8oWDqTKtEvEyEhs41HZJVYFXgivsIcDNAnrexNbKyxpm zm/OkM8Oec6x5zOL5q3kCtUPVg1+Pq5PivFd8rvjZq3NhF4Gwt8nB8sNq08HDGFR NF0yiRhSsRtQUAO3PppQJ3XOm2PJm9/R3z6gcREDDM2zj858ZZIyqf/nNTrvevZD 2BOtLDJF48LeVjmuBJc6US0T0r6yRmY3YQqioTPa3OBsLISWpm/Eb51Q386ibM2R pH1Zqlqqp+5+VXYK9CWpdTASQ47ZUA6tckTEv7fAXpPEPfQ0If60SaFJeOn3jumG FCIdeQ4hRHwzd5qlGeIYGaUiv8G+J9NSZ2A8kC5b4rd5qzUAo9DO2L0x/zU0+NjZ qejtaZyOPxZpJTk8XOcCAwEAAaOCAmkwggJlMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQU0X//J2bppWmkDvgXoXPIqyDD3z0wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3 pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2Nz cC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2Vy dC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAfBgNVHREEGDAWghR3d3cuYm9yZ290 b3NjYW5vLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG AQQB1nkCBAIEgfUEgfIA8AB2AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaB cUVYAAABbsjhkfgAAAQDAEcwRQIhALZf9CgPsJQ860YGL9xrZXohXl8gO0i58dTe 286oorZiAiAGwIAWtrv9RMwpSYIuC55XpH6kDMQCcVt/c0QVBoTd4gB2ALIeBcyL os2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABbsjhkeYAAAQDAEcwRQIhAL4C F96YMhI+aRXRqQ5mkPpQXHeR1TWqZgaQAIrgZO0CAiAuBZhE0iGo/vyxzQsHa4Ov wN6t8MlyeQvKLGszdiA/tDANBgkqhkiG9w0BAQsFAAOCAQEAHC4/Ay9f4xklBOy1 LHeQoGqw1BJHUiDQrMIhFno4DARvssPlGG/d/cRWEk9HoCFbVDt82MOUEkvoc7dg a/FaIgj7RiZrq+YDey3gtlYdy8Opx6z+H3tSL695igrBpJMHKCA2R9QwLKi/QF3I 6yoeFEkOVToWg4iEjncN9YveOmL2i/jiLJ7g2dSx+TzPb7QCjzikUbqmyFwNGlLz fo9WSr2ijKQp7v3DUaTmGly+6cf97Q1YWZzHdPiI2fZ4jzCjesrOlxiWB0CDYkRn CcOc32kdJcNwlx4DeKA3d1RShi3nKJQAc+Gx7wzg3XRvdEMeBIK2qV67IKMWu7QK 16qYRQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzbUF61WZoLYPtDFFZ8dg yAZ7Wlp0dNtcBkGJwL5gXqIQKjCbtsqWy1jPQvSmNPWhSMJUFcAPUOqVtWdAVJaK A4beVr9uMhkrMiLLRSUaWjrBYpW07MtdjALNkEZ+0BwIlsfQyTGq2yjmTFXPwipl 4sza0zLrL1w+rkFb418yKj+cBlFRPVQfcVXn2rlltRJy8S1oQ6yRjQXN0yzPJqB1 Gp6mtHHgZztm0OcpUDmS/4jb5UC0xmpr5eFbwwLItDgkNIvqqyGQQYKfxh3dcs2o 9qWIzCpR4Z4uGbhHbH1Drckp8oWDqTKtEvEyEhs41HZJVYFXgivsIcDNAnrexNbK yxpmzm/OkM8Oec6x5zOL5q3kCtUPVg1+Pq5PivFd8rvjZq3NhF4Gwt8nB8sNq08H DGFRNF0yiRhSsRtQUAO3PppQJ3XOm2PJm9/R3z6gcREDDM2zj858ZZIyqf/nNTrv evZD2BOtLDJF48LeVjmuBJc6US0T0r6yRmY3YQqioTPa3OBsLISWpm/Eb51Q386i bM2RpH1Zqlqqp+5+VXYK9CWpdTASQ47ZUA6tckTEv7fAXpPEPfQ0If60SaFJeOn3 jumGFCIdeQ4hRHwzd5qlGeIYGaUiv8G+J9NSZ2A8kC5b4rd5qzUAo9DO2L0x/zU0 +NjZqejtaZyOPxZpJTk8XOcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 384792850805236725496061235709590008016708 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 22:10:56 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-01 22:10:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.borgotoscano.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 839211838266491290842543978818001031556861529315818957426514479660800363717702540341330593979391376910488150260383246522277167738010489103520356573196124878539323554713680869106849909780000376272174560633286753695462556835642109447217555799316471543731803552936144163911259880591584268164095823243301290634632864114445366801270526307368127680949548477160672587286662007473070941960776411808186740422949047422360181119862161439118242529587982076177943555294171981578469760712014648805961526134159538995493679819253720696447462405050605655676745144450391178859271422298412009506811864013774787091240434439817182773605282970405782097362861974004171228655329766773813172318567941824162871153877917726318269409630973890448581804553646962952776475949484253116117916356010525780200193863656780140443429547164302145900214189059043917090562681911456787534595231833120063313815151481500106772259226813389660245982720400448415606149029671464026355278141001535079832143321277696706851123953602741187420331304833531088722153397373598249056920813815585556288642599018010217584440952229758688782062424686000565498615071164354249260851358471345927876679522217851838595937944233363319684769672792870466283116081320565899823404366724565989187668172007 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d17fff2766e9a569a40ef817a173c8ab20c3df3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.borgotoscano.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016ec8e191f80000040300473045022100b65ff4280fb0943ceb46062fdc6b657a215e5f203b48b9f1d4dedbcea8a2b662022006c08016b6bbfd44cc2949822e0b9e57a47ea40cc402715b7f7344150684dde2007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016ec8e191e60000040300473045022100be0217de9832123e6915d1a90e6690fa505c7791d535aa660690008ae064ed0202202e059844d221a8fefcb1cd0b076b83afc0deadf0c972790bca2c6b3376203fb4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001c2e3f032f5fe3192504ecb52c7790a06ab0d412475220d0acc221167a380c046fb2c3e5186fddfdc456124f47a0215b543b7cd8c394124be873b7606bf15a2208fb46266babe6037b2de0b6561dcbc3a9c7acfe1f7b522faf798a0ac1a4930728203647d4302ca8bf405dc8eb2a1e14490e553a168388848e770df58bde3a62f68bf8e22c9ee0d9d4b1f93ccf6fb4028f38a451baa6c85c0d1a52f37e8f564abda28ca429eefdc351a4e61a5cbee9c7fded0d58599cc774f888d9f6788f30a37acace97189607408362446709c39cdf691d25c370971e0378a037775452862de728940073e1b1ef0ce0dd746f74431e0482b6a95ebb20a316bbb40ad7aa9845