www.agratebrianza.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:96:2e:70:4b:c8:75:d1:2a:01:32:de:86:f8:4b:3c:6d:eb was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.agratebrianza.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:96:2e:70:4b:c8:75:d1:2a:01:32:de:86:f8:4b:3c:6d:ebSerial Number (int): 399553226327298833523584810350695105195499
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 5d:c9:0b:e5:3d:3d:d3:43:04:a1:c1:79:f0:f3:63:75:5c:1f:25:fe
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): d6:b3:86:18:3c:22:2a:cc:4a:2e:53:ff:3f:29:e1:6a:92:de:3b:a6
Fingerprint (sha256): c4:86:c0:f0:f7:f0:63:d8:c5:e8:b0:26:11:a3:5e:ba:f9:45:ce:6c:f9:6c:ee:b9:f1:d9:e6:c9:b8:3b:4e:fd
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.agratebrianza.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.agratebrianza.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.agratebrianza.org
Other certificates including the domain name agratebrianza.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.agratebrianza.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYTCCBUmgAwIBAgISBJYucEvIddEqATLehvhLPG3rMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjkwODMwMDhaFw0x OTEyMjgwODMwMDhaMCAxHjAcBgNVBAMTFXd3dy5hZ3JhdGVicmlhbnphLm9yZzCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAO4ccby3b5Gqf8iMbpknjqtk NsiIPPddjfc5WkGzlrXXnRioep9n4Z7+2JtkL7FUvezlK+knHrFLgkRK+mof3HSX L5MU2qG2lAPS5eEHOWEdrYQmY7VSrrUmmaEseNsWdl/lYY6O211/JpTpLfV9RGbT +RZi/71MbBZgusT2UDBsI3+Lxt5881ivwbDwM+1idBzSnsIjhX/hdxBS2t8diCyY XM2TB413Qyxf2vd2+TCeb4etyyQ8ngFIC+BIcVGrtM0YARW4hdxN1lxwTAF+h1gJ GXoi8r084BmZuvcritVzkgkEXYoN5akmGaXlMvjMiuUqIkxRR3oKvp9aiyRXRp87 dtT5g5MW+tdZaDFj8JVcqBOHgtqb5Y7+aOuxKIC83qsTfiR316Hc3thPKJv+Rzx1 p1BtuCN/pMoigh+ieZZwBQFLoAyxtIiujczeOXqgtWxqRaKoK4GU/UQyisMUPDhv ruBacVoJLzR741y1CQrtzHcxaxvKXAZZwTFbsXsBEjxGKloDJMxEf0VzBEeuWodk RC99LmG8v+T7g0t8/edBTNwcT/BOR516KlPXAkCdaHm+ne16dLx6e13ESjWnsZKM ocx8RwGVugf0F2ZIWMRpxRkq+kuDrqAj/hlLYIzNRbJFUXZJ+pKqMezFV45hER// KMs68PmvyfoCHLQ4HS9HAgMBAAGjggJpMIICZTAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFF3JC+U9PdNDBKHBefDzY3VcHyX+MB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIAYDVR0RBBkwF4IVd3d3LmFncmF0 ZWJyaWFuemEub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYK KwYBBAHWeQIEAgSB9ASB8QDvAHUAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV5 5hB7zFYAAAFtfFscfwAABAMARjBEAiAwVSXM+kYBYbVaMo/SDTkljvxhtCyDiTum nWP8baPlkAIgOdoWkf53S8FCBsDbvhnoHUavXNIvuAkINx5bQV669PEAdgApPFGW VMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAW18Wxx1AAAEAwBHMEUCIQCv wax/UMXuvAy4PlFX3q90G+yKlwo3RDDO9gmWdMjcOAIgS3jha9yP6w+ghPdU7/kP 5k65SLeI5SOp9lBgJgRRbnYwDQYJKoZIhvcNAQELBQADggEBAFReUmuAY6WL5lBl pv0vRai+vkxqjY/XBwV76DDun+T/2GzmeSNeczRryQhHCkZYAaGG/DT02Segbwp/ 6uaj5k8FtX8c0BYL9Pj6OMeILWXkgUE9V9ZfOwqjIcXp1P4jxr5skTIlmXsTflib TcxsjSEXm7P7xxZ2SzuuFT2+FjJHJ75yw52jt2esnDltxbZtmNFKKhwTuziLJF7z lkp6WEaiBCoxMRW7OiEhpdir5C0ceO/VbumKCFmz2xwpT/ZbvQXeDUcxa6WSNo8z zKN1e2A7bNmC1oGQjPMwYAbf1rUg6cRHzn6SXBVe07ehR5b+9e0J9ChFdhMhtLB2 LvN72vU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7hxxvLdvkap/yIxumSeO q2Q2yIg8912N9zlaQbOWtdedGKh6n2fhnv7Ym2QvsVS97OUr6ScesUuCREr6ah/c dJcvkxTaobaUA9Ll4Qc5YR2thCZjtVKutSaZoSx42xZ2X+Vhjo7bXX8mlOkt9X1E ZtP5FmL/vUxsFmC6xPZQMGwjf4vG3nzzWK/BsPAz7WJ0HNKewiOFf+F3EFLa3x2I LJhczZMHjXdDLF/a93b5MJ5vh63LJDyeAUgL4EhxUau0zRgBFbiF3E3WXHBMAX6H WAkZeiLyvTzgGZm69yuK1XOSCQRdig3lqSYZpeUy+MyK5SoiTFFHegq+n1qLJFdG nzt21PmDkxb611loMWPwlVyoE4eC2pvljv5o67EogLzeqxN+JHfXodze2E8om/5H PHWnUG24I3+kyiKCH6J5lnAFAUugDLG0iK6NzN45eqC1bGpFoqgrgZT9RDKKwxQ8 OG+u4FpxWgkvNHvjXLUJCu3MdzFrG8pcBlnBMVuxewESPEYqWgMkzER/RXMER65a h2REL30uYby/5PuDS3z950FM3BxP8E5HnXoqU9cCQJ1oeb6d7Xp0vHp7XcRKNaex koyhzHxHAZW6B/QXZkhYxGnFGSr6S4OuoCP+GUtgjM1FskVRdkn6kqox7MVXjmER H/8oyzrw+a/J+gIctDgdL0cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 399553226327298833523584810350695105195499 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 08:30:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-28 08:30:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.agratebrianza.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 971408579446523758855549693532742434516247097390075192944518387726009441941721328778300483884529222458266599612960188150206044113168363509693043618143234890483427201238932315222624963328998555639429290135889109050754127571288189761773328427216803553904509866128964141100775356574162520792244575595522128851372654828311631395979630013736583466701914490611968141229805554463246827861292958212725406647710399305819499551698490565500649871597428209920220205581910601484523719580296180099555075654098212068599093308897962552466322347275475591968006301393573690088874066744810902573170214481357025893569381120160719630013865602261578664511769791220870948595507924844371744468213545906835897684983268724020636339214468665470429616282258928846277086198539922382262225379307499732643829352839984372288732292958503611150807806682799470626011772893305568217352557195881503291302775762885134041157937947186937463893723030092650988026522046555959798963397807467087088143197129919608398310562217657463771657638458745328029290461692836533383589669360281001045179396048872333892119000477968313244780388747536680445533403992517665660637767978113580026608697014970313745824817205112310366966214838700193924397849924725485765937669410086266318811377479 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5dc90be53d3dd34304a1c179f0f363755c1f25fe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agratebrianza.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d7c5b1c7f00000403004630440220305525ccfa460161b55a328fd20d39258efc61b42c83893ba69d63fc6da3e590022039da1691fe774bc14206c0dbbe19e81d46af5cd22fb80908371e5b415ebaf4f1007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d7c5b1c750000040300473045022100afc1ac7f50c5eebc0cb83e5157deaf741bec8a970a374430cef6099674c8dc3802204b78e16bdc8feb0fa084f754eff90fe64eb948b788e523a9f650602604516e76 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00545e526b8063a58be65065a6fd2f45a8bebe4c6a8d8fd707057be830ee9fe4ffd86ce679235e73346bc908470a465801a186fc34f4d927a06f0a7feae6a3e64f05b57f1cd0160bf4f8fa38c7882d65e481413d57d65f3b0aa321c5e9d4fe23c6be6c913225997b137e589b4dcc6c8d21179bb3fbc716764b3bae153dbe16324727be72c39da3b767ac9c396dc5b66d98d14a2a1c13bb388b245ef3964a7a5846a2042a313115bb3a2121a5d8abe42d1c78efd56ee98a0859b3db1c294ff65bbd05de0d47316ba592368f33cca3757b603b6cd982d681908cf3306006dfd6b520e9c447ce7e925c155ed3b7a14796fef5ed09f42845761321b4b0762ef37bdaf5