santachiara.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:8c:a7:34:3c:8a:33:37:1d:41:e1:44:45:27:65:b6:ff:2a was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=santachiara.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8c:a7:34:3c:8a:33:37:1d:41:e1:44:45:27:65:b6:ff:2aSerial Number (int): 309198641466838762597209332883778482667306
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 34:49:e6:cc:18:72:cd:6a:00:cc:7f:e9:d6:dc:a4:55:94:c6:73:76
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 63:a7:67:e7:59:b6:74:78:15:9b:86:5a:c0:70:c1:43:bd:8c:37:e4
Fingerprint (sha256): c4:cc:1f:e8:d1:aa:20:a5:7e:1e:47:f3:46:8e:23:71:f3:b9:a4:a7:5d:c1:de:1f:1a:ce:cf:c6:7b:37:0f:fb
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate santachiara.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for santachiara.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
santachiara.com
Other certificates including the domain name santachiara.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for santachiara.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVzCCBT+gAwIBAgISA4ynNDyKMzcdQeFERSdltv8qMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMjcxMTUxNTJaFw0y MDA0MjYxMTUxNTJaMBoxGDAWBgNVBAMTD3NhbnRhY2hpYXJhLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAM4zseONWijnaA0HX65aD54Th1dYmPID Ps5DSKZjkVPIWnRZqsHQO5Yos07mG8GinMWhBIZZDRUc9dE0k2lu2eQ4ntToO3bW 4Jj43cOs8qMBD6iO8PsskG1Ud2SlTuZKzYj5FYEtROzBJBfVoVRKL1zQeoBXtqiS fIPSDr4899SzhYtrPaQJhzxFzA+SpveD7iqNBRyOC2AECs+v/ldBFT90k9Hvq3hx MZIyI3FiB+ENItrK4ljmBRf+BZ7Ffqz+7C6GX0VLTrdoFwFRrxmwzV7L2AmRM/Ul 4bKCTvjaHMP/N+q22LmkO1lHfIPfwxiT1BJQLSSaEal/tqf2MbuMN/7rpTlIv4kz X1GHDdEeXNd45SmR2uVo2+E4lB+FFI0yNfNtYdW+T6ZrU8/t1t/KL+7g0ApnhN2D rgigB4yOvCIniei48fMJkjuiVF7ny+tE63Wtplnzmpjw+hN2Z82ace985xL6gDA/ TaTK1CNJRq7xRZo6nbRnOGzUQM7++HlhHvH46yO/6YeJAb+nRd/JhzT62GBQGVsV cRtl7YWSqpiQoVAp/UeOewhbz1qlGgtI00vbML+oKG+sN9i1JE1KaN2HLUcVfSCP fipQaDfUdR/DmqrX4IrkB9XBNHMl1xHUVthaSHpqSw8nLvbAo6uyNKXzweYLPCNT Bk8+YTyPemblAgMBAAGjggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDRJ 5swYcs1qAMx/6dbcpFWUxnN2MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPc2FudGFjaGlhcmEuY29t MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB 9gSB8wDxAHYA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFv5w7q qQAABAMARzBFAiEA1cQoDa4poK08f5kDlRzvuBnrYfiA+O3gtkb5xmRTY5YCIAe/ mhfqttO5FbzvUMyJZ/o3M+1g9jjlBC+pQjUaum44AHcAsh4FzIuizYogTodm+Su5 iiUgZ2va+nDnsklTLe+LkF4AAAFv5w7qogAABAMASDBGAiEAmqvjo17gXeGANn+g 8ZoPGeIci8wPsftTHtXRV3Zyjs8CIQCytjPYVYPrHEFQM24Owfm4jeuAu1e9aYCc 9HRAeJFrGzANBgkqhkiG9w0BAQsFAAOCAQEAZAiTb4UOYzAqTkQfU+IHleU1BV0p uxgeE2Nj4I1zNSsarMaiElilDstF5DZa123WhM2lBblzWdcs+tQ2uIYyFfHpHTz1 kzsQlpvefHVgNfzS1c7U3PkHKJNX1EsSjWTpSUNKf5NRfGaKlLwQtVXvnptTmSEK h+JDL1dyXhcwlKN3/an497vs+ld8NSsl3RS+YiOcPvdzEltp3aMYCHgo7rdf4vPk bLAcR+wDKYo9uXI8maWDV19zmJwS77zdy+pe4vM2CRV0yCyB3ZfGz+GBYg//Ky2B TBDB4uFYpSn408k5SZWbnroyD+0VFdE6WWl4LceCob2d2kSj5+mERxqKvQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzjOx441aKOdoDQdfrloP nhOHV1iY8gM+zkNIpmORU8hadFmqwdA7liizTuYbwaKcxaEEhlkNFRz10TSTaW7Z 5Die1Og7dtbgmPjdw6zyowEPqI7w+yyQbVR3ZKVO5krNiPkVgS1E7MEkF9WhVEov XNB6gFe2qJJ8g9IOvjz31LOFi2s9pAmHPEXMD5Km94PuKo0FHI4LYAQKz6/+V0EV P3ST0e+reHExkjIjcWIH4Q0i2sriWOYFF/4FnsV+rP7sLoZfRUtOt2gXAVGvGbDN XsvYCZEz9SXhsoJO+Nocw/836rbYuaQ7WUd8g9/DGJPUElAtJJoRqX+2p/Yxu4w3 /uulOUi/iTNfUYcN0R5c13jlKZHa5Wjb4TiUH4UUjTI1821h1b5PpmtTz+3W38ov 7uDQCmeE3YOuCKAHjI68IieJ6Ljx8wmSO6JUXufL60Trda2mWfOamPD6E3ZnzZpx 73znEvqAMD9NpMrUI0lGrvFFmjqdtGc4bNRAzv74eWEe8fjrI7/ph4kBv6dF38mH NPrYYFAZWxVxG2XthZKqmJChUCn9R457CFvPWqUaC0jTS9swv6gob6w32LUkTUpo 3YctRxV9II9+KlBoN9R1H8OaqtfgiuQH1cE0cyXXEdRW2FpIempLDycu9sCjq7I0 pfPB5gs8I1MGTz5hPI96ZuUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 309198641466838762597209332883778482667306 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-27 11:51:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-26 11:51:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'santachiara.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 841230493262515923010746539558896757491595434328884575623246524584578421073583966090383924949541226759034977814141118298921002380433149544223745481079591869546813167463877987183121392384123646163220900687790422827249078610141330307280475530749465065398706217480917890235120675989673358788916285319208306602363631593956622957514885239579024984804826292754995102331587781544455094579883619383735893182798291869387830462037591675325692966002779440781322752871248961822776804278895459281463489530030482140758572546496964772780514485818230775977850335384176339377928993505987994914630347314462648122941890189455714247116812944396097365596594015191991440954031294105364076984619916786767912428576184232710628428892046734091515982488077922816810740660849902976070852124861197107671935883535183476360700577326443554144010822919264219226218777214052136057029019545366600772592436468895596905374984171464870398734091823169781815535841472851709138277050160936702613840863283687386346560550181017488828130615969882874934304009632290324889796741807884140965081015287985207256620423435978945213078284570932948088328916058841091809069873282256004644313389424826934200437332785506141185077586062136768563405001881898242267563245934798404004416743141 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3449e6cc1872cd6a00cc7fe9d6dca45594c67376 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'santachiara.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016fe70eeaa90000040300473045022100d5c4280dae29a0ad3c7f9903951cefb819eb61f880f8ede0b646f9c664536396022007bf9a17eab6d3b915bcef50cc8967fa3733ed60f638e5042fa942351aba6e38007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016fe70eeaa200000403004830460221009aabe3a35ee05de180367fa0f19a0f19e21c8bcc0fb1fb531ed5d15776728ecf022100b2b633d85583eb1c4150336e0ec1f9b88deb80bb57bd69809cf4744078916b1b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006408936f850e63302a4e441f53e20795e535055d29bb181e136363e08d73352b1aacc6a21258a50ecb45e4365ad76dd684cda505b97359d72cfad436b8863215f1e91d3cf5933b10969bde7c756035fcd2d5ced4dcf907289357d44b128d64e949434a7f93517c668a94bc10b555ef9e9b5399210a87e2432f57725e173094a377fda9f8f7bbecfa577c352b25dd14be62239c3ef773125b69dda318087828eeb75fe2f3e46cb01c47ec03298a3db9723c99a583575f73989c12efbcddcbea5ee2f336091574c82c81dd97c6cfe181620fff2b2d814c10c1e2e158a529f8d3c93949959b9eba320fed1515d13a5969782dc782a1bd9dda44a3e7e984471a8abd