www.giedre.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:22:88:4f:02:73:5e:0e:1a:12:72:b0:85:4e:48:d4:09:f3 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.giedre.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:22:88:4f:02:73:5e:0e:1a:12:72:b0:85:4e:48:d4:09:f3Serial Number (int): 273087643519176387043174261741931921148403
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 32:81:6b:6a:a5:ae:0e:64:97:06:c7:80:2a:1b:6f:0c:e4:55:34:ec
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): de:b9:34:4d:63:a2:30:b9:ca:23:46:1d:72:60:55:df:56:23:03:53
Fingerprint (sha256): c9:75:a3:b2:57:17:59:d2:49:9a:33:7c:62:50:80:85:e5:84:c6:f6:45:5e:68:15:9a:c8:63:50:10:4c:2f:7e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.giedre.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.giedre.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.giedre.org
Other certificates including the domain name giedre.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.giedre.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgISAyKITwJzXg4aEnKwhU5I1AnzMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMzAxMzA1MjZaFw0y MDA2MjgxMzA1MjZaMBkxFzAVBgNVBAMTDnd3dy5naWVkcmUub3JnMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyKvIW2RCYNx3n5bRGUQVzQUSfqPlwuLO v7oyak4Y4vyP7RFRJMHjQe5DiZNtUft/hokRa8Tu0NqGXEKaTXyMuiTYdaLsj1nb 65yB/2YUrmt4D91dECogsJ3ZJLVAUPaazi5ZTpZrCzfFyVp3at2DRYND6LX7XzqP zHcwE3lIsFR5FtJp7DSCajtHLH60FpuoAXMVB+zSSH9n+tOUQANYb8tYeDd54Csl MlH67/WIPrn5B2iDPgan3aO3KRlcZ09DAXfN1/Jy1JWOs6sZ3O6mGgEYwIVxgSgT aInGMg+53F0CnjWmIj3GEop95hxKx0iE1WMOF+shpc6vVLsF0w8tiEOeY4K+iNtu 3A6yF2X+H4MvnR8LS6qKjcal9lpmCdcw6sadXiYRZidButadXP8RoQP2I2rK0Mm+ 1HUCoZmxdmGB072pqaO16CHi81Hq73rlqWJjqB80ZA0NJeyFnq1xykqIqj4FdpOX us2M157kEWXuwsgmKfTzhE9ORbbXJBeVneTnT8tmT3+u0p+0tmr4jfNsfcTZjKu5 vB6/hmxZGKX0SbK3aDE+kiJl65xgHGzqIjOwZ48qh6N2VYRc5MicTAIBZKbIOKSK Xxe8uaU4Zr3K5O5vYCy3OouQovKv3z47LPsaRfkGS+q3Gb2SMeeSl6myM7cGYZNl ngfagPm7sB8CAwEAAaOCAmIwggJeMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUMoFr aqWuDmSXBseAKhtvDORVNOwwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAZBgNVHREEEjAQgg53d3cuZ2llZHJlLm9yZzBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQE gfEA7wB1AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vyQVRuAAABcSvC6osA AAQDAEYwRAIgb36oStFEIg5obMQ3NYe2TNnA/3kmvVTpciBLLwFdXbsCIHZqV7Mf ea4dMBYagXGMqdO7Io6/AOTmxthqJNJl+361AHYAsh4FzIuizYogTodm+Su5iiUg Z2va+nDnsklTLe+LkF4AAAFxK8LqgAAABAMARzBFAiEAzxjD1l7eJUenjZswKEr9 yHnX541ztIISenPKRQk+oY4CIDNHFvJSZgSBSLBptIt5Ut/w9eXoujy1oWMXiG22 nt3XMA0GCSqGSIb3DQEBCwUAA4IBAQAV++dlp9K8bl/nO02+s00DWtDGQMj1fX9u Ch97KoUkc33waw7ZBkeR+w1fPJZMTxw6h6uMS1M2uJcHfL4KWxF1gD9VRAzK09hq k6/76+HofgKPhxLMzJutx+3JssunwN1OqqKQBs1AJtn0g/0E+6qvhnA+GglODPVg 3tKM3gMYwbIrzukkc64satSjASLMbe6G4T/8dxg4G1JBBFwtNHix/JPMPbSkmzsj 0mo8RfMYMRenu2VaOul2FepqUM1Jw6TTTKR3CdXSSHiU3G/rgJ8g3Ou0YbzbCBIX VO6gP9YsUVFrMbA1h8FpImtR6DlBXm9fFLaxpZA4FvCR/2OKk0o2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyKvIW2RCYNx3n5bRGUQV zQUSfqPlwuLOv7oyak4Y4vyP7RFRJMHjQe5DiZNtUft/hokRa8Tu0NqGXEKaTXyM uiTYdaLsj1nb65yB/2YUrmt4D91dECogsJ3ZJLVAUPaazi5ZTpZrCzfFyVp3at2D RYND6LX7XzqPzHcwE3lIsFR5FtJp7DSCajtHLH60FpuoAXMVB+zSSH9n+tOUQANY b8tYeDd54CslMlH67/WIPrn5B2iDPgan3aO3KRlcZ09DAXfN1/Jy1JWOs6sZ3O6m GgEYwIVxgSgTaInGMg+53F0CnjWmIj3GEop95hxKx0iE1WMOF+shpc6vVLsF0w8t iEOeY4K+iNtu3A6yF2X+H4MvnR8LS6qKjcal9lpmCdcw6sadXiYRZidButadXP8R oQP2I2rK0Mm+1HUCoZmxdmGB072pqaO16CHi81Hq73rlqWJjqB80ZA0NJeyFnq1x ykqIqj4FdpOXus2M157kEWXuwsgmKfTzhE9ORbbXJBeVneTnT8tmT3+u0p+0tmr4 jfNsfcTZjKu5vB6/hmxZGKX0SbK3aDE+kiJl65xgHGzqIjOwZ48qh6N2VYRc5Mic TAIBZKbIOKSKXxe8uaU4Zr3K5O5vYCy3OouQovKv3z47LPsaRfkGS+q3Gb2SMeeS l6myM7cGYZNlngfagPm7sB8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 273087643519176387043174261741931921148403 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-30 13:05:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-28 13:05:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.giedre.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 818666360661557350506668781893733809928494688150751485319006727628606029850900082886607616930676757529041881857194681210030177726751824622100989264199532594480950952854139736408687321329381839827157517243508472797796600968977136532696337888069911487284795825331521991926332903217794701765570617310027314286769488669097260556197891988872502509910569246334298282243263698349504505917054327055471910614874569185780370472850125094016943511954249285179753958819444099531313789954981597789234428277488880679223947221055647646123104289953544632269262417318202927668838300390869493284178960622575727958366451005372135052275140428349315914074223755364476601930355622110304429276757824724235052997811506608420367245523253869757558223347078249151551261340187391118176596672487153902635580044993210210284869545056506456189350824108460681133145614158577623661050073882462660722016650183970452060851053364052139933132821515887886444584217163125203410937914146269167364373714871264909961050328814531585832143421832978013445951540305379073330841457875033807892706576028270156222756429377849784315099412418187451785499931309592063518518372092008225717021854696255518881266217385914681709849811823180312867118375521540467030296174689958873224531652639 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 32816b6aa5ae0e649706c7802a1b6f0ce45534ec . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.giedre.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001712bc2ea8b000004030046304402206f7ea84ad144220e686cc4373587b64cd9c0ff7926bd54e972204b2f015d5dbb0220766a57b31f79ae1d30161a81718ca9d3bb228ebf00e4e6c6d86a24d265fb7eb5007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001712bc2ea800000040300473045022100cf18c3d65ede2547a78d9b30284afdc879d7e78d73b482127a73ca45093ea18e0220334716f25266048148b069b48b7952dff0f5e5e8ba3cb5a16317886db69eddd7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0015fbe765a7d2bc6e5fe73b4dbeb34d035ad0c640c8f57d7f6e0a1f7b2a8524737df06b0ed9064791fb0d5f3c964c4f1c3a87ab8c4b5336b897077cbe0a5b1175803f55440ccad3d86a93affbebe1e87e028f8712cccc9badc7edc9b2cba7c0dd4eaaa29006cd4026d9f483fd04fbaaaf86703e1a094e0cf560ded28cde0318c1b22bcee92473ae2c6ad4a30122cc6dee86e13ffc7718381b5241045c2d3478b1fc93cc3db4a49b3b23d26a3c45f3183117a7bb655a3ae97615ea6a50cd49c3a4d34ca47709d5d2487894dc6feb809f20dcebb461bcdb08121754eea03fd62c51516b31b03587c169226b51e839415e6f5f14b6b1a5903816f091ff638a934a36