locorotondo.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:5a:fb:7c:92:be:4f:4e:43:9e:6c:e0:14:1a:29:81:74:b8 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=locorotondo.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5a:fb:7c:92:be:4f:4e:43:9e:6c:e0:14:1a:29:81:74:b8Serial Number (int): 292296553866227370796465113979275054249144
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 36:22:25:fe:0e:0e:76:b8:f3:a7:9f:60:47:53:51:da:c3:b6:82:5e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b9:63:9f:12:6e:31:02:c3:ee:c3:b3:44:f8:f1:ee:27:da:45:f8:d3
Fingerprint (sha256): cf:55:32:82:e0:50:4f:c0:a7:30:37:ac:14:86:41:0a:6c:8f:cc:74:9e:0b:4e:c4:8f:11:0a:2c:33:7e:ca:b9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate locorotondo.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for locorotondo.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
locorotondo.org
Other certificates including the domain name locorotondo.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for locorotondo.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVjCCBT6gAwIBAgISA1r7fJK+T05DnmzgFBopgXS4MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjgxNTM5NDBaFw0x OTA4MjYxNTM5NDBaMBoxGDAWBgNVBAMTD2xvY29yb3RvbmRvLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBANEGXnZz71QexwzvM3QaBNfceeVMU0LR SPNgSDdu7WBhZJajAPfXTBxWOyUXDuWWqbA7SeYX44hjnIExNqVH9sPtx4B3NVzN sYiINtEFyMMpUAvDgKvmssTPt8mwEpnu90+sk4tFCC9Zc9EeswOLJSbLvK0W7ys9 +KYrm7nol9lKQ7ril+A6+9pva6evsU1+/99V4jW33eRoWi/F/3kV5tk5CsyI/EFa eierk+c558rBKIsyZtWtJwLhk1IpDAW4iYcE3NbW4OdOIsZA8h7cHSiYkY/Dd7M3 jIIw8RwWNLi7hX8D1L/RShBTROOmGsfb/jmcoe1FpDFgtxjTCyBxMyr+ozgDgg6t T+T/IVRnI0GuVmtmxD3gjkVwnbpaJoIKtMrSuysGkvFAiigKfZ/BWTdbIvidbMOE A4S4BRhe/Qmjf2C8sbHZZ3SJf7oLGzPK0vaNEnlC1OKkB+LzbwkvSDhvqKQgbhLN mKh9CcRcX/q76UyirKQhNsdZrNoq1+JKLJzGVWFBgvXkMot4VWqBG6yIK/Z/HqHD vP1NAIAlONAKdXvlT3mmtIvDL3Wp1SMj0cFLPTSGz/3uwOQ6tFVkAgmtb56m30vr Ai2fuixfJprpTK9b9rAI5iI2oVPsI1TvV6gKoRZ78wvIT4vW4lQx9GVpSKhfBiyd pkHEK5xy514rAgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDYi Jf4ODna486efYEdTUdrDtoJeMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPbG9jb3JvdG9uZG8ub3Jn MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHYAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYAAAFq/0/J PAAABAMARzBFAiEA1VsxqaFqLjYtyaUh18JHAkISbfw0s7TCOwJJQsDDv24CIEMs t8SK1GXg4ME5DwRePz5WeWvkSwP4Znyf+EuSuLYAAHYAKTxRllTIOWW6qlD8WAfU t2+/WHopctykwwz05UVH9HgAAAFq/0/JKgAABAMARzBFAiAzxGIh499KSJsgwO9J LxA5F4RF0QG7FVSZr/tM1LXjXQIhANxniNLpFuP3kNFF1DkMMBt2GNYGdY9kN5p0 /4c07Q8NMA0GCSqGSIb3DQEBCwUAA4IBAQBImLVOifWRANrSsLT7CNLt5XoVYy5j 06+WCNq9Rg6knPGucaHa1MFHWflTmSt+th0ZlhKGgMK9cVkucRUujqpCEbMBngvR zBmbvTrdjBFvb9t0zOEaBzr6CCQ+Hf95HdoOgKJh1ATZPvxOKZF4fnyHQkY8wM6L Vo+MexXjkc5N50MdH6uulxchPP4L/dHD7QSuoN+JEWyJSw9VvFMaQ3+gm+N8laD3 5B66vXWk5RSwK/07R/8C/1mtwjmPq3QZFmkmLcKxjSzFxIe0OyHJAScFnK4eB6A0 OdZ5yD5tlaOa/s2sMXnYLxpaYK6hfsvIX1xNB63vIdBzJ6XTQn40Jp1x -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0QZednPvVB7HDO8zdBoE 19x55UxTQtFI82BIN27tYGFklqMA99dMHFY7JRcO5ZapsDtJ5hfjiGOcgTE2pUf2 w+3HgHc1XM2xiIg20QXIwylQC8OAq+ayxM+3ybASme73T6yTi0UIL1lz0R6zA4sl Jsu8rRbvKz34piubueiX2UpDuuKX4Dr72m9rp6+xTX7/31XiNbfd5GhaL8X/eRXm 2TkKzIj8QVp6J6uT5znnysEoizJm1a0nAuGTUikMBbiJhwTc1tbg504ixkDyHtwd KJiRj8N3szeMgjDxHBY0uLuFfwPUv9FKEFNE46Yax9v+OZyh7UWkMWC3GNMLIHEz Kv6jOAOCDq1P5P8hVGcjQa5Wa2bEPeCORXCdulomggq0ytK7KwaS8UCKKAp9n8FZ N1si+J1sw4QDhLgFGF79CaN/YLyxsdlndIl/ugsbM8rS9o0SeULU4qQH4vNvCS9I OG+opCBuEs2YqH0JxFxf+rvpTKKspCE2x1ms2irX4kosnMZVYUGC9eQyi3hVaoEb rIgr9n8eocO8/U0AgCU40Ap1e+VPeaa0i8MvdanVIyPRwUs9NIbP/e7A5Dq0VWQC Ca1vnqbfS+sCLZ+6LF8mmulMr1v2sAjmIjahU+wjVO9XqAqhFnvzC8hPi9biVDH0 ZWlIqF8GLJ2mQcQrnHLnXisCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 292296553866227370796465113979275054249144 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-28 15:39:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-26 15:39:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'locorotondo.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 852747107217988859473175165317087790020381571854366000507156568172200824288209494276037765263903604056583226529478262152863053875815147851484220479940228697842715368764265481111292081135711411270851437311572805601794165208960676704844075685522940797100985785512686246928890107615847713038955099606508082469434605766049141784436436847276646772861215639185996071849468521794501446696260670477900085299417196491771912758238744056406500096387783945021192330943407070827396227871151841847999757297653117279868471353516619932357680962446320271184638120645507341522408399409448123716204839147135921148951022506985134859686142419248087043841148840974122567059317548513749470057785395451746393006653736634057775187259317526221314551321495100689791766363553176655717803606096866286808870898613882828178639453864890207894575092106182254198327622034688670924707385967140300173105599323681944903266771442697239604475610042002211497784237864074296906558131975142629170425166693555385716460242086950125139857821045761861757339630964530935928229433818155645039883087406897819487253197677469234032134117788353851501791628906216908181860251927425419622513852136031993673071626354589244171194336052999294481879355252130752536600149700782651399368826411 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 362225fe0e0e76b8f3a79f60475351dac3b6825e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'locorotondo.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016aff4fc93c0000040300473045022100d55b31a9a16a2e362dc9a521d7c2470242126dfc34b3b4c23b024942c0c3bf6e0220432cb7c48ad465e0e0c1390f045e3f3e56796be44b03f8667c9ff84b92b8b600007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016aff4fc92a0000040300473045022033c46221e3df4a489b20c0ef492f1039178445d101bb155499affb4cd4b5e35d022100dc6788d2e916e3f790d145d4390c301b7618d606758f64379a74ff8734ed0f0d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004898b54e89f59100dad2b0b4fb08d2ede57a15632e63d3af9608dabd460ea49cf1ae71a1dad4c14759f953992b7eb61d1996128680c2bd71592e71152e8eaa4211b3019e0bd1cc199bbd3add8c116f6fdb74cce11a073afa08243e1dff791dda0e80a261d404d93efc4e2991787e7c8742463cc0ce8b568f8c7b15e391ce4de7431d1fabae9717213cfe0bfdd1c3ed04aea0df89116c894b0f55bc531a437fa09be37c95a0f7e41ebabd75a4e514b02bfd3b47ff02ff59adc2398fab74191669262dc2b18d2cc5c487b43b21c90127059cae1e07a03439d679c83e6d95a39afecdac3179d82f1a5a60aea17ecbc85f5c4d07adef21d07327a5d3427e34269d71