frontend.production.ricci.agiprod.agifly.cloud

Issued by R3

About this certificate

This digital certificate with serial number 04:69:bc:94:4a:6e:18:25:79:99:e1:80:b0:ec:c4:d1:b0:fe was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=frontend.production.ricci.agiprod.agifly.cloud

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:69:bc:94:4a:6e:18:25:79:99:e1:80:b0:ec:c4:d1:b0:fe
Serial Number (int): 384429457086503034080273542014062174515454
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: a7:9e:7e:8a:53:b4:aa:ea:e2:8f:18:5a:68:6c:f6:99:7f:3b:31:b7
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ff:37:55:5e:12:a6:a6:6e:fa:96:fd:06:1c:48:fb:6e:aa:f7:e6:27
Fingerprint (sha256): cc:8b:71:8e:7f:8a:6b:44:79:72:b5:c4:9f:50:f9:48:fc:21:fe:45:7f:aa:5f:28:1e:f0:da:91:79:4b:22:c0

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate frontend.production.ricci.agiprod.agifly.cloud

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for frontend.production.ricci.agiprod.agifly.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

frontend.production.ricci.agiprod.agifly.cloud
riccirealestate.be
www.riccirealestate.be

Other certificates including the domain name agifly.cloud

(limited to 100 certificates)

Certificate

The complete raw certificate details for frontend.production.ricci.agiprod.agifly.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISBGm8lEpuGCV5meGAsOzE0bD+MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MTQwMjE4MzBaFw0yNDA4MTIwMjE4MjlaMDkxNzA1BgNVBAMT
LmZyb250ZW5kLnByb2R1Y3Rpb24ucmljY2kuYWdpcHJvZC5hZ2lmbHkuY2xvdWQw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRRaMP/x0pcnRiMDGwmprv
KkmGmVQZZUxIXeKHB6efXVf2M20/byM+TQHxvqpQS6BfDbQbGveVA98rETtvmFCz
e7hsxKGA/BHmri1VPhm7rMtBcIY/ovVtXF6oQuORefuxTV2mDb2bJ6PTXvQkccYg
iGiVyN5FwykEkLJGAVNbj3orwn6dIQwfFnUQrzTlKAC9JobZTR6OLw72kY3zKr3C
ElaAahcLDC1M/bQYHxMvByi4QacWfzN6IBkdle3Zl8z+w1+7w0yV+DtOqAPIRB8i
f5aWf79xiN+F2PAkvEMaMC6QRPTEEK9+IpFRQJDUJi+HERmh4hdVQ6Gqj7GVaLI5
AgMBAAGjggJeMIICWjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKeefopTtKrq4o8Y
Wmhs9pl/OzG3MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsG
AQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIG
CCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMGUGA1UdEQReMFyCLmZy
b250ZW5kLnByb2R1Y3Rpb24ucmljY2kuYWdpcHJvZC5hZ2lmbHkuY2xvdWSCEnJp
Y2NpcmVhbGVzdGF0ZS5iZYIWd3d3LnJpY2NpcmVhbGVzdGF0ZS5iZTATBgNVHSAE
DDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AO7N0GTV2xrO
xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABj3Ub21kAAAQDAEgwRgIhALW6ZTVs
sSZRY+H3ilS6TeykUOWWPQS0pke67NjTk+3HAiEAkVnKBa1xM8LkZFxhCdNz2bu1
JpWJfX8HkMJduviQGWEAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE
cwAAAY91G9tgAAAEAwBIMEYCIQCibf8SRkQjbEphe8CpliCw1QioNnjPtdEwf4rE
mdbPEAIhAIgJ1qG+2H7/UQg465Yv6sS84rCDsOr06L4tGcdWvglYMA0GCSqGSIb3
DQEBCwUAA4IBAQBSmZMa1pFNWr2cCcNlmP5LQujb4k0BTVf8PMGM7gMjpYVr0CwC
viJ2SVlufRW9IDW2wU3xFm3pttSkRyVpuOKNzlC+8g4uaGxGLjyJRSpkejsM6Kik
ai4m0CihV6wvnUcgGQwHqsuKYh5WBX5e0v6/2wf6nlgPKseoId9H65Kuiv7MOxIz
L1enYJlFhP0rUmEuizqnN1F09lc6l+Ymy3Gi+VLY9owfP43JccCdG1JULpJGYuSb
kYSdJQ9EwvoUMariJOTKJyALcN/bDjmFWB3tKq4qLL+M8qmig1FHQlnL+ayLdPzo
EoXq34M/gJUr1vNMcybGydi6Vn1+fX8aKU6+
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UWjD/8dKXJ0YjAxsJqa
7ypJhplUGWVMSF3ihwenn11X9jNtP28jPk0B8b6qUEugXw20Gxr3lQPfKxE7b5hQ
s3u4bMShgPwR5q4tVT4Zu6zLQXCGP6L1bVxeqELjkXn7sU1dpg29myej0170JHHG
IIholcjeRcMpBJCyRgFTW496K8J+nSEMHxZ1EK805SgAvSaG2U0eji8O9pGN8yq9
whJWgGoXCwwtTP20GB8TLwcouEGnFn8zeiAZHZXt2ZfM/sNfu8NMlfg7TqgDyEQf
In+Wln+/cYjfhdjwJLxDGjAukET0xBCvfiKRUUCQ1CYvhxEZoeIXVUOhqo+xlWiy
OQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 384429457086503034080273542014062174515454
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 02:18:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-12 02:18:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'frontend.production.ricci.agiprod.agifly.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26418145004123555052146658388631938994495466209139626004581022299890125639418658213062777620270798601795420851706114035142477216318955408707038378972696300192593002526833710342193234618926692978682308591116622417374827212522983887342402958202952743507467017900900137124390489464007613001961952264026649700021938155993666988697211732325853249718261132675898765557921941647648902038460900222940438624126950354381475150754679381355760829397389941161886828832759880589323863083955319754978575302760506923821207358592641439372457543462852245582538353542088576553957662649925770770945190804363283618577409076521355662897721
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a79e7e8a53b4aaeae28f185a686cf6997f3b31b7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'frontend.production.ricci.agiprod.agifly.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riccirealestate.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.riccirealestate.be'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f751bdb590000040300483046022100b5ba65356cb1265163e1f78a54ba4deca450e5963d04b4a647baecd8d393edc70221009159ca05ad7133c2e4645c6109d373d9bbb52695897d7f0790c25dbaf890196100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f751bdb600000040300483046022100a26dff124644236c4a617bc0a99620b0d508a83678cfb5d1307f8ac499d6cf100221008809d6a1bed87eff510838eb962feac4bce2b083b0eaf4e8be2d19c756be0958
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005299931ad6914d5abd9c09c36598fe4b42e8dbe24d014d57fc3cc18cee0323a5856bd02c02be227649596e7d15bd2035b6c14df1166de9b6d4a4472569b8e28dce50bef20e2e686c462e3c89452a647a3b0ce8a8a46a2e26d028a157ac2f9d4720190c07aacb8a621e56057e5ed2febfdb07fa9e580f2ac7a821df47eb92ae8afecc3b12332f57a760994584fd2b52612e8b3aa7375174f6573a97e626cb71a2f952d8f68c1f3f8dc971c09d1b52542e924662e49b91849d250f44c2fa1431aae224e4ca27200b70dfdb0e3985581ded2aae2a2cbf8cf2a9a28351474259cbf9ac8b74fce81285eadf833f80952bd6f34c7326c6c9d8ba567d7e7d7f1a294ebe