www.giorgia.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:02:cd:ff:88:dd:cf:d0:0c:12:b3:5e:02:8f:40:07:40:bd was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.giorgia.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:02:cd:ff:88:dd:cf:d0:0c:12:b3:5e:02:8f:40:07:40:bdSerial Number (int): 262291241079938895924685461942034093260989
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e5:ea:52:b1:e8:6a:cf:8b:25:0b:56:7d:2a:f9:df:35:03:66:11:fe
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 23:38:02:c1:d0:72:c8:8f:15:af:9d:66:6f:1e:b2:3b:3f:6d:91:19
Fingerprint (sha256): cd:e7:8c:e5:7c:6d:8e:cd:1e:de:66:c4:b7:69:a8:70:5a:a9:d8:e3:61:b1:40:3a:7e:52:77:c0:46:ac:f1:69
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.giorgia.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.giorgia.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.giorgia.org
Other certificates including the domain name giorgia.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.giorgia.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVDCCBTygAwIBAgISAwLN/4jdz9AMErNeAo9AB0C9MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjcxNjU4MjlaFw0x OTA4MjUxNjU4MjlaMBoxGDAWBgNVBAMTD3d3dy5naW9yZ2lhLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMHTzgBQB6RQh8DKRgri9PZGozJFU7O4 u2mhmv5uRXjNNbAAKx7zJdXfwiZjiY0nDAseGmipO3o5nKkiT1clS1w8yFJf1lqE i1mA2sumNeOafIn3aiEY+hMdM5dylwlzPXclHfz+fAHCjfRdTjj0Bz8g63EtzlvI KL8P3N6D2o8cMrvqFvTnQbhxXrKkjrpiy29kqIDxwgOQs7ZqLAnwF0I31MUB/fdI 0bqoFeZ9FaqrUIa1KQe1nYeZAnwHiqHPX/uLNlXZNK7lnNKl0Sv/70OcvP5WD1rJ 8WkJx5cXyNv70YipeX1la3FKzFjlbIpxWrfBcqye2nAC+SQ/4cRtYTsphDgfowzD Zuct7Mqtmjv7qy3+1+RST7JkXEDnpGR9VcQeSEZzVLESP2mvvfAJkp9WoSblqvMF oCuEtMrdYo8L9iINJJE0ExPFcuWUkd6h7cD8ervIoSBNVjX6WSprXYOtK9tsVB7B T3+nwdcBA6VGg7cXpCsTBSGbq8pFesb0NN//pvd7kMzSQ1fL+fzkNOzPuLDBDg8B XUJnULnj2W7TQO8kC/tFBVfOHx46KYLeJH6qXKxHGHQsiH9ZhnR75hb31cTqC49f fSTmRgZSwhI0VHhtKiquUIiOd7tgL4fo+Jyr86UIAr+20YTogTNEWthBNJ4Y9Sw5 yqYmotvEg2pxAgMBAAGjggJiMIICXjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOXq UrHoas+LJQtWfSr53zUDZhH+MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3Lmdpb3JnaWEub3Jn MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB 8wSB8ADuAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFq+nGX gAAABAMARzBFAiEAhdW0A9+qP/EaDkD3oTFaZquqMxxfr9/ped1vbZvBdLYCIDXu bWAreT8aI8FrBLOC5M6+CdjM9bgh1XsHt+JQ3mTTAHQAKTxRllTIOWW6qlD8WAfU t2+/WHopctykwwz05UVH9HgAAAFq+nGY9QAABAMARTBDAiBdQgVEj7ZKh9FlgfLU JBrhN0qdARr3djm/QYTfRA/YvQIfK8fSKvugxiLYAoaVyfn0a4uxw2+7VHNVlXi3 9dMrrzANBgkqhkiG9w0BAQsFAAOCAQEAC4wsn5cIGd/z92n2jhL2SMzphPeRs6cv g3pyupkLDgzxTPjGKwyRGmqbOcCR57ejYfQNgYFunYIPTQzT0NuYuY3torRUWYgx qSgIxrIndasB0HJb7ZZ7RekW0LIB4jdx1qO77E7pLnsz85iQk5/dyqlhYo+2GH3b hxeLNGIUcwcHQOho42ghJi4HkIwLEcrfbD9d5ChXVX08D6EZNKbw0gCY07L/7VYT uzXUf1f8pZTspZbxot8JRy0u64cVQUOAwQTxB/EWaGeDHObHIWxf3HnpeMV9PQHw F7ioGZs5qWCJ+M8JqrPimN+fRcVUY0/99GdLmunPu4ql7j5lGvh+GQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwdPOAFAHpFCHwMpGCuL0 9kajMkVTs7i7aaGa/m5FeM01sAArHvMl1d/CJmOJjScMCx4aaKk7ejmcqSJPVyVL XDzIUl/WWoSLWYDay6Y145p8ifdqIRj6Ex0zl3KXCXM9dyUd/P58AcKN9F1OOPQH PyDrcS3OW8govw/c3oPajxwyu+oW9OdBuHFesqSOumLLb2SogPHCA5CztmosCfAX QjfUxQH990jRuqgV5n0VqqtQhrUpB7Wdh5kCfAeKoc9f+4s2Vdk0ruWc0qXRK//v Q5y8/lYPWsnxaQnHlxfI2/vRiKl5fWVrcUrMWOVsinFat8FyrJ7acAL5JD/hxG1h OymEOB+jDMNm5y3syq2aO/urLf7X5FJPsmRcQOekZH1VxB5IRnNUsRI/aa+98AmS n1ahJuWq8wWgK4S0yt1ijwv2Ig0kkTQTE8Vy5ZSR3qHtwPx6u8ihIE1WNfpZKmtd g60r22xUHsFPf6fB1wEDpUaDtxekKxMFIZurykV6xvQ03/+m93uQzNJDV8v5/OQ0 7M+4sMEODwFdQmdQuePZbtNA7yQL+0UFV84fHjopgt4kfqpcrEcYdCyIf1mGdHvm FvfVxOoLj199JOZGBlLCEjRUeG0qKq5QiI53u2Avh+j4nKvzpQgCv7bRhOiBM0Ra 2EE0nhj1LDnKpiai28SDanECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 262291241079938895924685461942034093260989 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-27 16:58:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-25 16:58:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.giorgia.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 790746647926317121512056356352258178209558321566504129918047841720356619095354584453830356436324475750399467063305040780945542190834888103112179725928912597265302051724415666964213196872007749595398178362773999729289559592898974318845728983801796548447207569848034153751797486365830898748250481103264141528539948760070422137799865565741126836440932623311510117777986515372675537068939958794442595714541891367811840027861966217740274831504634435912874332423507708946043805867004797354220639416515768566443623073112226424670971753120411585010968825678079427697754754437540918957285788562486777949263154893781638510697542559476310811631244938505858497489531375848844763178695914448220116137914637106330162176483626225625267239036383580486238989623445706467637671090437252457268671488093327553130661648320704228807912892937802817526585510161136597340651709837261569442299853478319238974967315578824801309306965982515279590847743918242804587979425124529477874370689507256975660868588697498354688130450371772253511647496825799409286107772311269106529132780040326483259673752870698286866173552906876477706896011795801948214598125551876523167104461024243081769637505863458343978008207040828762160743786847309785234990330437151157753838004849 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e5ea52b1e86acf8b250b567d2af9df35036611fe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.giorgia.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016afa719780000004030047304502210085d5b403dfaa3ff11a0e40f7a1315a66abaa331c5fafdfe979dd6f6d9bc174b6022035ee6d602b793f1a23c16b04b382e4cebe09d8ccf5b821d57b07b7e250de64d3007400293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016afa7198f5000004030045304302205d4205448fb64a87d16581f2d4241ae1374a9d011af77639bf4184df440fd8bd021f2bc7d22afba0c622d8028695c9f9f46b8bb1c36fbb5473559578b7f5d32baf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000b8c2c9f970819dff3f769f68e12f648cce984f791b3a72f837a72ba990b0e0cf14cf8c62b0c911a6a9b39c091e7b7a361f40d81816e9d820f4d0cd3d0db98b98deda2b454598831a92808c6b22775ab01d0725bed967b45e916d0b201e23771d6a3bbec4ee92e7b33f39890939fddcaa961628fb6187ddb87178b34621473070740e868e36821262e07908c0b11cadf6c3f5de42857557d3c0fa11934a6f0d20098d3b2ffed5613bb35d47f57fca594eca596f1a2df09472d2eeb8715414380c104f107f1166867831ce6c7216c5fdc79e978c57d3d01f017b8a8199b39a96089f8cf09aab3e298df9f45c554634ffdf4674b9ae9cfbb8aa5ee3e651af87e19