travel.avocadovip.com

Issued by R3

About this certificate

This digital certificate with serial number 03:a7:0c:bd:e8:2f:ea:60:8e:93:bc:db:90:3a:99:6f:0a:7d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=travel.avocadovip.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:a7:0c:bd:e8:2f:ea:60:8e:93:bc:db:90:3a:99:6f:0a:7d
Serial Number (int): 318180949860448433318988056445979410238077
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: c8:b6:fd:39:6a:27:d6:80:65:52:c5:93:c8:9b:3b:7d:f0:fd:4a:d2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 81:93:f3:d6:e3:d6:d9:1f:02:99:cf:79:a1:5e:0d:13:53:df:67:4f
Fingerprint (sha256): bc:0e:57:18:48:e0:01:27:20:29:e4:76:be:50:e8:c2:09:05:a8:d2:ae:bc:e7:70:24:c0:68:a2:f9:21:38:97

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate travel.avocadovip.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for travel.avocadovip.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

travel.avocadovip.com

Other certificates including the domain name avocadovip.com

(limited to 100 certificates)

Certificate

The complete raw certificate details for travel.avocadovip.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISA6cMvegv6mCOk7zbkDqZbwp9MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MTkwMzI0NTZaFw0yMzEyMTgwMzI0NTVaMCAxHjAcBgNVBAMT
FXRyYXZlbC5hdm9jYWRvdmlwLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
AgoCggIBANMShcr8ZgkSXBZDaG9WDDWoQcUWag87mPt6qW1ZNH9k6w9oa4Zl3gwn
Zu4UU4WgMqcqVN2dQGN1zMZvVeyaOj032ofuZNLljy2MnZzWf9wSza2l4f4lMVwk
Df5MLfm9o98sdTaFf2bNESMAQnboUKhMOo92RVxDRJi8DZX4bYGJcaxZXS/X1g72
Bd4Nb1hRD5MB04h78yc79fr71L3VE1qRnKiPqagKLAaR17rznQX9afMem4MXEmkk
F01Lg21wrBh2UXlgUZ5X4VzIhMhPGCaevM6oO45a2qb34a7heMIiiC7CsR2/eGsK
FucossFnHIcRTYlbX+tEUS3nnGPl4GKkcXasOJgw3/W/bnIK1ofLWV2GNzVfrTXD
xAq4K+qx28g/7Z1cPwQUc91HX/8uek7Ogb2iUv11vvt88jI/Zm+Y+Fq5sH/7DbOn
AASkfYYmzfkq2X/szIXGjw99UAujdCmeqAAukwhQbceHriUBHBjTt3PLb1X/Bzhe
bWl1cku6KLMoQdf8AuA/hXDSnQZSQn8w7YsM2oin94jtb6hDNkWbDPyBpOVpUQlF
NCl30OVA/G5za0WgpqG0EtZyCOQTp14xokgp7WJBixOSSaA1bNp/YopR1JuUzRG+
BRv7UJzvHjEzW1GQiZsuRtZhNer7OdoSoYPeztve8AHn19oyPoh/AgMBAAGjggIX
MIICEzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFMi2/TlqJ9aAZVLFk8ibO33w/UrS
MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkw
RzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAC
hhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMCAGA1UdEQQZMBeCFXRyYXZlbC5hdm9j
YWRvdmlwLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIE
gfUEgfIA8AB2ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABiquv
JaIAAAQDAEcwRQIgROJQQptKreATJzRhHuUtkt5wy4vfQ3EajAd0U7gpmFYCIQDW
hUHF3QEq29QSrTs3Q7YQeOduagYRxLoUmoZ3moko4QB2AK33vvp8/xDIi509nB4+
GGq0Zyldz7EMJMqFhjTr3IKKAAABiquvJd4AAAQDAEcwRQIgb7A23Lvd2UAELpa0
AYd+WIeLxXpyJpxi0ITp0smWTuUCIQC6jlwf3jcRdEIWFx71b8/3NRaGbR/CQSHO
wvOd5M/6+jANBgkqhkiG9w0BAQsFAAOCAQEAQ/TXOoWYLOQ+DiWtIn5YwMqd3zMA
O1nPEEweE3EZr4CvQMDVRJ9nhZumea6gAs2uetGUBOsnCE6cZrxDvjehBqiGtqJt
PMldpOon1vPy50t3pR7VA7cfXfcoJ/4fx6Y4p2HxAmT0BW+TjRo+gBat87MvuvTg
eZxXp+kz0FfsbyqjsT2fh/uIhWhQha6IE8dUIcJeARx1VOv7CJxQkfCy7jcffsLm
HbkZUfzUkQQ7udAnM6MJa5TSmmFJs1sjXPPUIEZui4JE07a2BShoi87Wmf8ckH3x
puBj3AOoRXYY7aCEw/X/CaMqFN0JbstXsn3vFhCcn/LzOAgORc7XHLoWnQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0xKFyvxmCRJcFkNob1YM
NahBxRZqDzuY+3qpbVk0f2TrD2hrhmXeDCdm7hRThaAypypU3Z1AY3XMxm9V7Jo6
PTfah+5k0uWPLYydnNZ/3BLNraXh/iUxXCQN/kwt+b2j3yx1NoV/Zs0RIwBCduhQ
qEw6j3ZFXENEmLwNlfhtgYlxrFldL9fWDvYF3g1vWFEPkwHTiHvzJzv1+vvUvdUT
WpGcqI+pqAosBpHXuvOdBf1p8x6bgxcSaSQXTUuDbXCsGHZReWBRnlfhXMiEyE8Y
Jp68zqg7jlrapvfhruF4wiKILsKxHb94awoW5yiywWcchxFNiVtf60RRLeecY+Xg
YqRxdqw4mDDf9b9ucgrWh8tZXYY3NV+tNcPECrgr6rHbyD/tnVw/BBRz3Udf/y56
Ts6BvaJS/XW++3zyMj9mb5j4Wrmwf/sNs6cABKR9hibN+SrZf+zMhcaPD31QC6N0
KZ6oAC6TCFBtx4euJQEcGNO3c8tvVf8HOF5taXVyS7oosyhB1/wC4D+FcNKdBlJC
fzDtiwzaiKf3iO1vqEM2RZsM/IGk5WlRCUU0KXfQ5UD8bnNrRaCmobQS1nII5BOn
XjGiSCntYkGLE5JJoDVs2n9iilHUm5TNEb4FG/tQnO8eMTNbUZCJmy5G1mE16vs5
2hKhg97O297wAefX2jI+iH8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 318180949860448433318988056445979410238077
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-19 03:24:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 03:24:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'travel.avocadovip.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 861100076991964662095740175976003852028199482904156010332860999869322148125975748451188029020376474068775964354241001283949848000860611592778869511553316142496232808058471568332136861630924286516857036655563877398511144441256230999776396084256279860032310010054082271963272638608522612673626965983665803260008974333372060324985447423046934121747850236170369518799593974267436819369904417226810273877126051119939332354495468905235722833472924610640520704430568428252337439991971972346037917862759050211952561855374315469148108774845398634571706771376698299538349004771182391373092147934444530619700691018519890587605126584948751191394500675309312228475566289350101552212081204086027701310793555946194714395042090552373636622291111928813124026921420983674046601164376969593620088269452048704988927707931274990945104251930452545736895720744508248915861199986693146994036067642675049155855697860155908456874535418741964234409687418435940424157762949898843174565812822268057664656755429634898946263408217494331016293845680193978734962950805380551688874504214123381149897545372955128499342543167660517734263807997632545730011546569062357148330204347158718582200354626880755920360701140313019493473302495224389895579494869280161240302127231
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c8b6fd396a27d6806552c593c89b3b7df0fd4ad2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travel.avocadovip.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018aabaf25a20000040300473045022044e250429b4aade0132734611ee52d92de70cb8bdf43711a8c077453b8299856022100d68541c5dd012adbd412ad3b3743b61078e76e6a0611c4ba149a86779a8928e1007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018aabaf25de000004030047304502206fb036dcbbddd940042e96b401877e58878bc57a72269c62d084e9d2c9964ee5022100ba8e5c1fde3711744216171ef56fcff73516866d1fc24121cec2f39de4cffafa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0043f4d73a85982ce43e0e25ad227e58c0ca9ddf33003b59cf104c1e137119af80af40c0d5449f67859ba679aea002cdae7ad19404eb27084e9c66bc43be37a106a886b6a26d3cc95da4ea27d6f3f2e74b77a51ed503b71f5df72827fe1fc7a638a761f10264f4056f938d1a3e8016adf3b32fbaf4e0799c57a7e933d057ec6f2aa3b13d9f87fb8885685085ae8813c75421c25e011c7554ebfb089c5091f0b2ee371f7ec2e61db91951fcd491043bb9d02733a3096b94d29a6149b35b235cf3d420466e8b8244d3b6b60528688bced699ff1c907df1a6e063dc03a8457618eda084c3f5ff09a32a14dd096ecb57b27def16109c9ff2f338080e45ced71cba169d