downstair.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0d:7b:ac:5d:f6:1d:7c:af:9d:83:fd:03:25:ee:e8:9e:3b was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=downstair.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0d:7b:ac:5d:f6:1d:7c:af:9d:83:fd:03:25:ee:e8:9e:3bSerial Number (int): 265924918589557499527135455697320790236731
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 25:4b:14:68:7a:19:c5:92:74:9d:b4:61:0d:fa:78:6b:76:28:2d:7f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ac:fe:c8:95:84:8a:c1:3c:22:e4:b8:4c:d5:b1:c2:51:65:d7:17:d5
Fingerprint (sha256): be:e0:9e:af:20:2b:73:a5:db:92:6d:5a:33:e7:9c:10:51:b5:f4:ad:16:62:99:b7:22:51:c7:d6:66:98:b5:53
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate downstair.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for downstair.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
downstair.org
Other certificates including the domain name downstair.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for downstair.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISAw17rF32HXyvnYP9AyXu6J47MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMjYwMDIwNTRaFw0y MDAzMjUwMDIwNTRaMBgxFjAUBgNVBAMTDWRvd25zdGFpci5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQCqSFqPkJUlG3FYYd7dyu/MkExD3Vi83lua 2qV/3X8vt8MFnwfoUhzDkJVvg8yGPnQbNMeQfKPpHM+fduQOusYzUrqsFfeHKUYE 36UK2zs1GfBFt2EF/DIdVQ2uaYotOstnMvKF6lCYzIQjW0Pl/X5Tc1hgCCCkCZwM om/rnhCPaIQ+6qmQ5ZAU0Q8WS/c9Ak4B1rL454h+J1MK/bwovCQnIBPCVlF0G5Pk hyDmTC2sD2ZvrI14FMrCzx2zr8erayzKXvqcN96lyNKUlemsSWgC59tubuAmh1NO zfxjMXWj+skf3cxo7rgQ+2/+tAhQ36MsaTgFO/TL6p9sWiGfOFaIR4EqnnojGfZl yySpxVGcy90TFQdN9VcWoVbE/imRJmF/1lYmwzb7Kyg6BnY3EnzImJG1BYRz+FtT D/5yCxD1cJ7QE+X0Nu8Rk8eVUyLd9lURLSDEsxsb0jhJ71zWoFjVb8m6LJwj+ZYG aOQJQ59gxg2oIeqqoQuP1GG6mCnMBOI9jXGWezX6g+DE1icRTgEmgs37q+5lyhns b7Kbvx0eoql50D6Tpj99ouxHEWlaFVKvaEGFsUD+mB6RnZi6sqtY3LNxh4IP42iy 1gLIBF+CUGbieQsF1ZDz9pS7iT6bdVcpTnz684KvNblqYYdOYi5HXNJKkqFIc0q1 7T08EqV+ZwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQlSxRo ehnFknSdtGEN+nhrdigtfzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDWRvd25zdGFpci5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHx AO8AdgDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAW8/ytMKAAAE AwBHMEUCIQCqz8TZNmrysJY9Gx6FTLVN1vgH6VCfHVTphlu18aUgaAIgDSCBlBZl CDtk94sEt8MTVvli1V/B/MsZYBBIUQZkfvUAdQCyHgXMi6LNiiBOh2b5K7mKJSBn a9r6cOeySVMt74uQXgAAAW8/ytL6AAAEAwBGMEQCIDS6+mrcgXCjNc+6zkrivI1F DBau6/8zreABXti6zubYAiB7e6Q6CdYTLus4RcbW0rEzQV8lqoWQm+mAU4bqY+IP VjANBgkqhkiG9w0BAQsFAAOCAQEAh8AJrQwVLLf7SEZBTtzmzFv+onGvn4QY+rEP dhplko3CfVBkxJRTce57GpRiNb4s35ijwJhWESbTIZnUDuB0fWtTRbjN8tITznbk kZ0M9cMaVM3UyQ564hRBCKbN1brFt/xnx6TiYdRXQVTfRVyeO72qq8nQUH7W7xJw 1H9hWJk9mlNM7KBQToiLykoYmtnGyQWSwYL+fXhz0XJB8lozSsX/MoeJR2hbYnBq WhzJirnWw/r4RpT/bZ6yPXQP/EUVTnkrwcrz3LnnlZqc5xH2PQ8l5ZyHzRNSkCdU vVD7+ovECqyGLB9h3srViYXpmovxfSm/SJyzN1oPhacECO00mA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqkhaj5CVJRtxWGHe3crv zJBMQ91YvN5bmtqlf91/L7fDBZ8H6FIcw5CVb4PMhj50GzTHkHyj6RzPn3bkDrrG M1K6rBX3hylGBN+lCts7NRnwRbdhBfwyHVUNrmmKLTrLZzLyhepQmMyEI1tD5f1+ U3NYYAggpAmcDKJv654Qj2iEPuqpkOWQFNEPFkv3PQJOAday+OeIfidTCv28KLwk JyATwlZRdBuT5Icg5kwtrA9mb6yNeBTKws8ds6/Hq2ssyl76nDfepcjSlJXprElo Aufbbm7gJodTTs38YzF1o/rJH93MaO64EPtv/rQIUN+jLGk4BTv0y+qfbFohnzhW iEeBKp56Ixn2ZcskqcVRnMvdExUHTfVXFqFWxP4pkSZhf9ZWJsM2+ysoOgZ2NxJ8 yJiRtQWEc/hbUw/+cgsQ9XCe0BPl9DbvEZPHlVMi3fZVES0gxLMbG9I4Se9c1qBY 1W/JuiycI/mWBmjkCUOfYMYNqCHqqqELj9RhupgpzATiPY1xlns1+oPgxNYnEU4B JoLN+6vuZcoZ7G+ym78dHqKpedA+k6Y/faLsRxFpWhVSr2hBhbFA/pgekZ2YurKr WNyzcYeCD+NostYCyARfglBm4nkLBdWQ8/aUu4k+m3VXKU58+vOCrzW5amGHTmIu R1zSSpKhSHNKte09PBKlfmcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 265924918589557499527135455697320790236731 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-26 00:20:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-25 00:20:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'downstair.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 694692528906132097139091299982217550342500942496112982693563495896264219027141896039037659733981585928873516511336730878568971614422632994326125423946457676416214055232333633433004943768523903907257767190807748861874908959460062735926263397985408042702351130074464125333155669873146913133175361092648650625520839314611087966883328547707954452318048611310627652910824014832886186167295182055154026636567425132186241289039363062056832510509368276550685170876930984056768946660649607458015095659529321761021519927697878488641494816444633103147228949207591405924815037535904764414982480471597774920187412681364079391451206626562880127577706911841856191386095895512189689659624066264054067670081197006646434508466120232643293511389902961145644280874131955131896280495225632018929523573067052664146067857638529784337819014350476262209550810015236747450486218637133170163632103734237980678141474525412663906119446941555881291859014052414088251759202696646967758098084335528994899431276593104121944106759548930355268803828584917672758597780072056776475582562345775278273032469381864706257374145350590538834672632804132719217997785945372683462483892903012706729318138181695276688746705636171070919132133723175802571489799888346769857404304999 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 254b14687a19c592749db4610dfa786b76282d7f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'downstair.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016f3fcad30a0000040300473045022100aacfc4d9366af2b0963d1b1e854cb54dd6f807e9509f1d54e9865bb5f1a5206802200d2081941665083b64f78b04b7c31356f962d55fc1fccb196010485106647ef5007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f3fcad2fa0000040300463044022034bafa6adc8170a335cfbace4ae2bc8d450c16aeebff33ade0015ed8bacee6d802207b7ba43a09d6132eeb3845c6d6d2b133415f25aa85909be9805386ea63e20f56 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0087c009ad0c152cb7fb4846414edce6cc5bfea271af9f8418fab10f761a65928dc27d5064c4945371ee7b1a946235be2cdf98a3c098561126d32199d40ee0747d6b5345b8cdf2d213ce76e4919d0cf5c31a54cdd4c90e7ae2144108a6cdd5bac5b7fc67c7a4e261d4574154df455c9e3bbdaaabc9d0507ed6ef1270d47f6158993d9a534ceca0504e888bca4a189ad9c6c90592c182fe7d7873d17241f25a334ac5ff32878947685b62706a5a1cc98ab9d6c3faf84694ff6d9eb23d740ffc45154e792bc1caf3dcb9e7959a9ce711f63d0f25e59c87cd1352902754bd50fbfa8bc40aac862c1f61decad58985e99a8bf17d29bf489cb3375a0f85a70408ed3498