www.pianezza.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:24:fc:84:c6:46:d9:fd:8b:c7:d9:36:9e:2a:cf:1c:90:3c was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.pianezza.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:24:fc:84:c6:46:d9:fd:8b:c7:d9:36:9e:2a:cf:1c:90:3cSerial Number (int): 273922677864088187686260246795056613986364
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 2c:f1:0e:45:19:20:91:55:4b:5e:03:10:ab:6f:a1:17:e5:32:fc:8e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 8e:64:7e:88:c4:d6:38:8e:49:77:23:35:4e:c8:25:77:5e:9f:b0:37
Fingerprint (sha256): d0:d4:2c:ea:c4:51:91:fc:43:c5:41:ca:21:b2:d3:99:23:63:b9:63:e7:d3:88:21:a6:bd:b1:43:2f:26:da:e5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.pianezza.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.pianezza.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.pianezza.org
Other certificates including the domain name pianezza.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.pianezza.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWTCCBUGgAwIBAgISAyT8hMZG2f2Lx9k2nirPHJA8MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDQxOTQxMjJaFw0y MDAzMDMxOTQxMjJaMBsxGTAXBgNVBAMTEHd3dy5waWFuZXp6YS5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDfpGCudJtZXVAYl/bNVaB2f1jLTKgY HvTO/hevpkxBRP08+Jw5o4vW5yHSBCACeR4Qq9YNBW+/cViFRfSXxveRUr31UsyS vvaY/6du5poYyVKzefTJ2y2L0cgpRCQ/fjM7QBG7JUnjEt2YUR0luZxEZAKfR3tY Eny8ncvmCaU9uP+s1ub2X0SrWBwMrBwfa1Nz78zoN+6HmDG6l7ucPiNjvYWAWOlB 447HOTWwm6CUCodAbzVovByCJAxBs0P+tUT6JSYb1GwDWPwWgjj1HwLQLW+PlWE9 +Ls/OLXhJg3tcXuZFaICi9Lll4+LDCcu8fJPfF3oSx4pV53IKmVHXAnfqkzs5BPp Cxxfynb4/8P8PNx/g1mIVseFbDP8Z2jIXTZfH2oKt5RYpNDAMXsHzs6MzCgrWJno rapFe/Qy1lLQnfH4Zdd5FxehZSizznlT/WN577IegD9EUZux2ybsoh0rQ12/ekt4 GgAb7BttpaVue0QWxUBrx73xV6M9q5NfRM/W0Y4n6MP2n6lOVTYUmCb8jaQoHMsW XVB5rqburksaWln+CwKSbjkpuR9/tfL2C+XeGoSO87JkrApGNGea+34N7Dg/xAPP zwozwfgBSYs8pfD0XfyDzuGw4d3QUI3yTkaWN6Ms0aS0X1xwHiddgp1J24XIp08W N7UQJPAYFm2B3QIDAQABo4ICZjCCAmIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQs 8Q5FGSCRVUteAxCrb6EX5TL8jjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEHd3dy5waWFuZXp6YS5v cmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQC BIH2BIHzAPEAdwBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAW7S pVwPAAAEAwBIMEYCIQD+jJAK/qkGEkSQoE4k1i2Icy9p2BpdnygrPOGnVyFLcwIh ANveL3g5WsNeJ+d1oCrxq1Qg5zHWSvzT/lwRL60NR97jAHYAB7dcG+V9aP/xsMYd IxXHuuZXfFeUt2ruvGE6GmnTohwAAAFu0qVb9QAABAMARzBFAiEAidZWaWA9azNI TUKhZxEQBPXasc3TE4+VFA9mTLPbP/gCIB+TVrRRRerCMVvQgtwZ42BCyPaca3gF +IpKO118ft+9MA0GCSqGSIb3DQEBCwUAA4IBAQAljxwyXYDC9US2xHmJU78RrRUi 9FgZHBLXYR4tU9RVmRa7ANysx5wehW+/yRZA3bJ5KP+A0gq7PRzycnx7b5JbzUna LmqMjbdr9ELdBZnhcvcyEAhqIspSoB3PQUxupEOlG3fC4c4CO/CDOE72mLpwMXa2 5WGVqad07qKl5A6lBL55+cfX9MGQOnosEH/fD9bUhHRWx7rCappjlwKcsKstjje/ XKo9LcIdgUlys1dg/Ixryk1hQTGcTua49r3tSneth0m8m1sYXyGXaFzn8VK9H52b YFCCscJlEPotbP71M51mTdqaks3DatToFoYQCajooAS8/OxsYyqMEO0YRPSL -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA36RgrnSbWV1QGJf2zVWg dn9Yy0yoGB70zv4Xr6ZMQUT9PPicOaOL1uch0gQgAnkeEKvWDQVvv3FYhUX0l8b3 kVK99VLMkr72mP+nbuaaGMlSs3n0ydsti9HIKUQkP34zO0ARuyVJ4xLdmFEdJbmc RGQCn0d7WBJ8vJ3L5gmlPbj/rNbm9l9Eq1gcDKwcH2tTc+/M6Dfuh5gxupe7nD4j Y72FgFjpQeOOxzk1sJuglAqHQG81aLwcgiQMQbND/rVE+iUmG9RsA1j8FoI49R8C 0C1vj5VhPfi7Pzi14SYN7XF7mRWiAovS5ZePiwwnLvHyT3xd6EseKVedyCplR1wJ 36pM7OQT6QscX8p2+P/D/Dzcf4NZiFbHhWwz/GdoyF02Xx9qCreUWKTQwDF7B87O jMwoK1iZ6K2qRXv0MtZS0J3x+GXXeRcXoWUos855U/1jee+yHoA/RFGbsdsm7KId K0Ndv3pLeBoAG+wbbaWlbntEFsVAa8e98VejPauTX0TP1tGOJ+jD9p+pTlU2FJgm /I2kKBzLFl1Qea6m7q5LGlpZ/gsCkm45Kbkff7Xy9gvl3hqEjvOyZKwKRjRnmvt+ Dew4P8QDz88KM8H4AUmLPKXw9F38g87hsOHd0FCN8k5GljejLNGktF9ccB4nXYKd SduFyKdPFje1ECTwGBZtgd0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 273922677864088187686260246795056613986364 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-04 19:41:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-03 19:41:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.pianezza.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 912380167612277831756551897228046887345276414520723041787091658025833661840008071817315699825053987033488452108990964233547724398212380783822994667763523822346916522920251478770184032589260642051669082859887015739386850577611814333274579607697547261854826241945512229512332347005101901904941876925209863372248925625737525742169770349294109706031874899342352675376176541579859772796853697611031408016289634496318405922021517884692722156243840836518879182436079710323702848709438014416683306024765112008557689291138915362411830575508742686565547940986123438525798157667059156802060148231569695151333995757741524709692559719998692841052291251088955129027343360718990607817689665838833763028464623727751174136185871021902737643422502874773815013501563532367578589899261649516803869209336284008365259999200425996434430443210869450503938527689128548724427326330842069805730804447381247753234396202508002304690164423612268658585460467055520048564483262097504824337774624860220822470441229938421509634669320149032468695207720382546689662910628068575526448683224702233567465910002602583461541001673968849061939319787243055614783814679766819707570161191504169249424433176442632292990664274334153188339955875367530553452451865522354714384892381 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2cf10e45192091554b5e0310ab6fa117e532fc8e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pianezza.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016ed2a55c0f0000040300483046022100fe8c900afea906124490a04e24d62d88732f69d81a5d9f282b3ce1a757214b73022100dbde2f78395ac35e27e775a02af1ab5420e731d64afcd3fe5c112fad0d47dee300760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ed2a55bf5000004030047304502210089d65669603d6b33484d42a167111004f5dab1cdd3138f95140f664cb3db3ff802201f9356b45145eac2315bd082dc19e36042c8f69c6b7805f88a4a3b5d7c7edfbd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00258f1c325d80c2f544b6c4798953bf11ad1522f458191c12d7611e2d53d4559916bb00dcacc79c1e856fbfc91640ddb27928ff80d20abb3d1cf2727c7b6f925bcd49da2e6a8c8db76bf442dd0599e172f73210086a22ca52a01dcf414c6ea443a51b77c2e1ce023bf083384ef698ba703176b6e56195a9a774eea2a5e40ea504be79f9c7d7f4c1903a7a2c107fdf0fd6d4847456c7bac26a9a6397029cb0ab2d8e37bf5caa3d2dc21d814972b35760fc8c6bca4d6141319c4ee6b8f6bded4a77ad8749bc9b5b185f2197685ce7f152bd1f9d9b605082b1c26510fa2d6cfef5339d664dda9a92cdc36ad4e816861009a8e8a004bcfcec6c632a8c10ed1844f48b