avivainvestors.be
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:62:a1:70:9d:e1:49:c5:96:eb:20:3b:d3:32:a1:ee:a5:c4 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=avivainvestors.be
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:62:a1:70:9d:e1:49:c5:96:eb:20:3b:d3:32:a1:ee:a5:c4Serial Number (int): 294899120200289712331331753148451231016388
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 9a:c7:8f:a2:37:07:f6:7f:9e:f5:f6:cd:d1:60:2d:46:03:2a:3c:bb
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 18:78:0e:cd:05:e7:c0:8e:dc:2e:ea:a2:3b:60:3b:f5:86:4d:3a:d8
Fingerprint (sha256): c5:11:0d:40:c4:58:64:95:d3:e3:ad:22:eb:16:93:e5:80:f7:0c:18:72:13:70:55:64:ae:26:da:6a:9b:4b:67
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate avivainvestors.be
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for avivainvestors.be
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
avivainvestors.be
www.avivainvestors.be
www.avivainvestors.be
Other certificates including the domain name avivainvestors.be
(limited to 100 certificates)
www.eserve.avivaservices.co.uk
avivainvestors.be
avivainvestors.be
no.avivainvestors.com
avivainvestors.be
cutredtape.co.uk
avivainvestors.lu
insights.avivainvestors.com
www.friendslife.com
avivacommunityfund.co.uk
avivacorporateplatform.co.uk
login.avivainvestors.com
www.friendslife.com
avivainvestors.be
www.avivainvestors.be
www.avivainvestors.be
avivainvestors.be
salescloud-bg.aviva.pl
avivainvestors.be
avivainvestors.be
no.avivainvestors.com
avivainvestors.be
cutredtape.co.uk
avivainvestors.lu
insights.avivainvestors.com
www.friendslife.com
avivacommunityfund.co.uk
avivacorporateplatform.co.uk
login.avivainvestors.com
www.friendslife.com
avivainvestors.be
www.avivainvestors.be
www.avivainvestors.be
avivainvestors.be
salescloud-bg.aviva.pl
Certificate
The complete raw certificate details for avivainvestors.be in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgISA2KhcJ3hScWW6yA70zKh7qXEMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMTgxNTUxMTZaFw0y MDA2MTYxNTUxMTZaMBwxGjAYBgNVBAMTEWF2aXZhaW52ZXN0b3JzLmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bI765E/lRDnt3aUbf5b4jNrLwu1 Uv+gdA0KliFG9+Zp60dbS6x1On7/WZP0FkC2O+bZ4xR++xPTXK3Y5/vj3vxrB3qo CPvMfAfMsavhJ75MggfGaPEABWiVCrMFx17sRVOtEq/MDGP74byQqE+P1t86UPYS uAj7oaDMoK9Swk9F93Kx+hKnMqBPFKX59/vA8yOfmd3br4abJzZHcaLo8z474WH5 lUN1l6rhaAChPOyPk84tTnd1nBzrNPS+yuVP81KAPAcUKA7uPnOArbAlIOCv5wXO oiajwHUgUjG8wr0+yhC64ZuMecYQoLmZSDuhjcSED7oVc+p/OSYCrEn/nwIDAQAB o4ICfTCCAnkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSax4+iNwf2f5719s3RYC1G Ayo8uzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcB AQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlw dC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlw dC5vcmcvMDMGA1UdEQQsMCqCEWF2aXZhaW52ZXN0b3JzLmJlghV3d3cuYXZpdmFp bnZlc3RvcnMuYmUwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEw KDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgor BgEEAdZ5AgQCBIH1BIHyAPAAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWW gXFFWAAAAXDujm0wAAAEAwBHMEUCIQCkk6vG22r12+L0hXms/Hx1McrqCoBQ99+I vSRmt50HrAIgG/YmsBVAM7CDSOR/gijSzIaBMYiFNYXXTyZ+vKdjKfgAdgCyHgXM i6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAXDujm0YAAAEAwBHMEUCIQCQ BICFh8XROugnmKqg1rcgTLog4kY5Vm4YaHPhKyBfCAIgPeWdRPpJME/JwX52Ulfj aWM6/KsW/9qYRao4FqF8magwDQYJKoZIhvcNAQELBQADggEBAFacto0za9lsFU7z e42v5hS1ApiaSLvJD4AScF7UCjC8FB5tNIc41YCvz8AxEAOZstW1mciIJkLl5dVo pVmtLzHRqxjfLfeYqnMHL1yp6hb79tTWryNTo+H0kIs4FpsWeAKrY5Jip0BYDQ7O pGRk0MKRj+z7qL6r3h1CQFADp/ScFGe/IMSJ/FqvyE0IqIKlDVku/L3CmEnfXAEC aLQXRj87Dp6wWxlu3ldrTQidfIpYSOBzWuTKsJtVQbLtAH3it965pZRJL+EAZrxO 3+6IBH2TYaMKOp1CXiWKiC7P+JCvJomPm9zWc1WDi8vz7o4AsVsYbgAPEPakcVCU nzfFdqQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bI765E/lRDnt3aUbf5b 4jNrLwu1Uv+gdA0KliFG9+Zp60dbS6x1On7/WZP0FkC2O+bZ4xR++xPTXK3Y5/vj 3vxrB3qoCPvMfAfMsavhJ75MggfGaPEABWiVCrMFx17sRVOtEq/MDGP74byQqE+P 1t86UPYSuAj7oaDMoK9Swk9F93Kx+hKnMqBPFKX59/vA8yOfmd3br4abJzZHcaLo 8z474WH5lUN1l6rhaAChPOyPk84tTnd1nBzrNPS+yuVP81KAPAcUKA7uPnOArbAl IOCv5wXOoiajwHUgUjG8wr0+yhC64ZuMecYQoLmZSDuhjcSED7oVc+p/OSYCrEn/ nwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294899120200289712331331753148451231016388 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-18 15:51:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-16 15:51:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'avivainvestors.be' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29501415549390382105534088735549615834500529426288925406706533548227974129161467759724815176421360431965029685808686331515665185773464647865531333699643773381595097754970047354771445849086543002455286026713435183866294366761936592126612991150630339698297282624188935922538268453164668749581801531898929681478070519376380582430806984983847518156053230348580014041466102675363852055870887669017073310009792681736515254511283248969472373380423392074718147086565416127615048320399471712999022146166703479591972800007291608863145581265262974190933085904192087816469548795055177352962535221887402050477056979947721463562143 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9ac78fa23707f67f9ef5f6cdd1602d46032a3cbb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avivainvestors.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivainvestors.be' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000170ee8e6d300000040300473045022100a493abc6db6af5dbe2f48579acfc7c7531caea0a8050f7df88bd2466b79d07ac02201bf626b0154033b08348e47f8228d2cc86813188853585d74f267ebca76329f8007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e00000170ee8e6d1800000403004730450221009004808587c5d13ae82798aaa0d6b7204cba20e24639566e186873e12b205f0802203de59d44fa49304fc9c17e765257e369633afcab16ffda9845aa3816a17c99a8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00569cb68d336bd96c154ef37b8dafe614b502989a48bbc90f8012705ed40a30bc141e6d348738d580afcfc031100399b2d5b599c8882642e5e5d568a559ad2f31d1ab18df2df798aa73072f5ca9ea16fbf6d4d6af2353a3e1f4908b38169b167802ab639262a740580d0ecea46464d0c2918fecfba8beabde1d42405003a7f49c1467bf20c489fc5aafc84d08a882a50d592efcbdc29849df5c010268b417463f3b0e9eb05b196ede576b4d089d7c8a5848e0735ae4cab09b5541b2ed007de2b7deb9a594492fe10066bc4edfee88047d9361a30a3a9d425e258a882ecff890af26898f9bdcd67355838bcbf3ee8e00b15b186e000f10f6a47150949f37c576a4