bernareggio.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:5d:64:03:c9:a6:65:42:26:ee:96:82:0c:f7:58:c7:a4:1e was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=bernareggio.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5d:64:03:c9:a6:65:42:26:ee:96:82:0c:f7:58:c7:a4:1eSerial Number (int): 293116060385344627504039585651360528835614
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 96:cb:20:c0:cf:0e:c5:1a:41:34:6b:b9:3f:2f:a7:7b:95:be:e8:33
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 95:68:88:2e:7d:ee:b7:03:e3:b7:43:28:a1:02:0c:cf:10:2b:eb:9d
Fingerprint (sha256): d0:f2:33:df:6d:f3:79:a3:d2:fb:d4:44:8a:a5:14:90:e1:35:61:b6:3b:0a:75:37:14:5f:33:4e:04:d3:9c:1c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate bernareggio.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bernareggio.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bernareggio.org
Other certificates including the domain name bernareggio.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for bernareggio.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVjCCBT6gAwIBAgISA11kA8mmZUIm7paCDPdYx6QeMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjkwNzI4NThaFw0x OTEyMjgwNzI4NThaMBoxGDAWBgNVBAMTD2Jlcm5hcmVnZ2lvLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMJxygTVItraaLRE8m9JrDvftYud6g3C e8s+UXMDVfh9QkRc8CvBs6CY5GMX1U+PJPR+mdRjo917+MnGOCBizSdWmE/Gb5fE LlXiBYOq31ne7nIn1dNkVy4HzuR6zBXeSoJeeWfyN6SVw756sXgTCenwkAUf7EZV /NiZJ7zUTjh9/wiOFVEhVrFeKTZxrEsXI875NRxULJ29TK4MY5RAeQ0X7X0PwmKa CMxNilKiq9CAOBJYOnyR+cnd8Y0lfZNnj9G1e2Yv/KBUxA05BoCIVqeGWigtDLes mivGDy2MJuDfs/LW3B2ZyTiTEoPo5JLRPGuPUpUDnaeMS2czVYA7vCYFf8N9Gxav PWslGr9Tb7uVfJh+moG9TV7ug+bA1OhWtyEDs3K5p4Ks8XRKuel9nrwBLRtgBkOt un3+VZZ9i0Bxn4RHQxSwgylzEKwV3XGcNbQSU2aecMIBm4tuh5eP6xMLjjjENQrB Dyan0jzv9aimc0/IzGm3CJ9BF1sTqsn1MVBFs9OAZXUmDnaJcf28LJZz5NbEs2w4 GSn/tK1xzfW2T8wakcZIawVMLrMsTfjqtIbF+r3IwVbVtLLTy4DPUgQmrm/nqb3r xLf8vnil9ItO5e6o796P6cx5VdVV+Ru/4HBtybI9QnDTHHbV07k8V/BEtlyga+kR rby3j1EM+91lAgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJbL IMDPDsUaQTRruT8vp3uVvugzMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPYmVybmFyZWdnaW8ub3Jn MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHcAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYAAAFtfCMZ fgAABAMASDBGAiEAv3jlHAquKi7VRWBjvtFEkXmWRI1P4H8yH+QHJ4Lry4YCIQDU ep9XsoZKB58JTk2OAwMitdHmlsgEGqBMfDK1iPunYAB1ACk8UZZUyDlluqpQ/FgH 1Ldvv1h6KXLcpMMM9OVFR/R4AAABbXwjGYMAAAQDAEYwRAIgb7k4fkmocf5tD3vX bq9o7K70fCN3M5XRt0e7FIdj2cgCIGnlnAbrz7gt/CQzIYbpOiddIpo2vfr0N36w tftadVZuMA0GCSqGSIb3DQEBCwUAA4IBAQBFtiY9kY1r5/P2vo3lP1mM/njcm+w9 cigzTOeZfQZYo+IyXmpK2phAmjie69acWEI61r0xKFYpN8TwiHE7NOsH/PF62lHD wGiy+2AIy47BZ3Tz0pMIZZBV9evxPDDUw+6SR/ZSc8L7aHLL33Nxt2sg6/FI4SCQ X00ygNduA2YoC9EQtPnTAntfr0okAium9N0+Pf6S/WUYjp5A0yWl+ntMDBNvZxNB +6AhQBOei4xQ221vsq3ThfMaIiDOK/Kr7oSsnGp//MO/WMvhf88r1cXB86okZgvn uSEOq+lSDkSN0mMS0fQSH3tato8Fj0Ma4l5sFbms+HP9YGp85PYaD0mE -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwnHKBNUi2tpotETyb0ms O9+1i53qDcJ7yz5RcwNV+H1CRFzwK8GzoJjkYxfVT48k9H6Z1GOj3Xv4ycY4IGLN J1aYT8Zvl8QuVeIFg6rfWd7ucifV02RXLgfO5HrMFd5Kgl55Z/I3pJXDvnqxeBMJ 6fCQBR/sRlX82JknvNROOH3/CI4VUSFWsV4pNnGsSxcjzvk1HFQsnb1MrgxjlEB5 DRftfQ/CYpoIzE2KUqKr0IA4Elg6fJH5yd3xjSV9k2eP0bV7Zi/8oFTEDTkGgIhW p4ZaKC0Mt6yaK8YPLYwm4N+z8tbcHZnJOJMSg+jkktE8a49SlQOdp4xLZzNVgDu8 JgV/w30bFq89ayUav1Nvu5V8mH6agb1NXu6D5sDU6Fa3IQOzcrmngqzxdEq56X2e vAEtG2AGQ626ff5Vln2LQHGfhEdDFLCDKXMQrBXdcZw1tBJTZp5wwgGbi26Hl4/r EwuOOMQ1CsEPJqfSPO/1qKZzT8jMabcIn0EXWxOqyfUxUEWz04BldSYOdolx/bws lnPk1sSzbDgZKf+0rXHN9bZPzBqRxkhrBUwusyxN+Oq0hsX6vcjBVtW0stPLgM9S BCaub+epvevEt/y+eKX0i07l7qjv3o/pzHlV1VX5G7/gcG3Jsj1CcNMcdtXTuTxX 8ES2XKBr6RGtvLePUQz73WUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 293116060385344627504039585651360528835614 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 07:28:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-28 07:28:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bernareggio.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 793264305346931269756582732487481313436634106693962280971984322784909912495921608856202015110503817535405863381268436829459396995643819236908966763779236434729612647711990369337651929608232776990867762966070649391195198502623082679942272167684551598585792997527041754234087957775191336909894642883472431838488082654658810892398411972788607236121465929791426169820008392122893392511395623827643075992012805320244846737365937126823708122371932757652309575738012027059405276592008288513705984550563408869858860605097303743596393305951772649632043209141471926245531588282280564320281440537617034921266654755494423362404225647158141807291873420356607181728628478795599650543257782617736789493376502791527690477569638018925576562429210864978888650127589951848813907285883841245604686693348363899345399992375537561176624267192029671542919501096740122354928596847557664800124764217830873434664698448730939916499280145043189001561104241349848048900143468287194494567540002280644285258380021919240131975865288469083134460982315898128082730543707094601894675301757176430833505240114671002113721812704845368037938855048493334046981804810805601174751795388281414502222194708293539673028796531851159048251663483610220424518916348578516366173920613 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 96cb20c0cf0ec51a41346bb93f2fa77b95bee833 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bernareggio.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d7c23197e0000040300483046022100bf78e51c0aae2a2ed5456063bed144917996448d4fe07f321fe4072782ebcb86022100d47a9f57b2864a079f094e4d8e030322b5d1e696c8041aa04c7c32b588fba760007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d7c231983000004030046304402206fb9387e49a871fe6d0f7bd76eaf68ecaef47c23773395d1b747bb148763d9c8022069e59c06ebcfb82dfc24332186e93a275d229a36bdfaf4377eb0b5fb5a75566e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0045b6263d918d6be7f3f6be8de53f598cfe78dc9bec3d7228334ce7997d0658a3e2325e6a4ada98409a389eebd69c58423ad6bd3128562937c4f088713b34eb07fcf17ada51c3c068b2fb6008cb8ec16774f3d29308659055f5ebf13c30d4c3ee9247f65273c2fb6872cbdf7371b76b20ebf148e120905f4d3280d76e0366280bd110b4f9d3027b5faf4a24022ba6f4dd3e3dfe92fd65188e9e40d325a5fa7b4c0c136f671341fba02140139e8b8c50db6d6fb2add385f31a2220ce2bf2abee84ac9c6a7ffcc3bf58cbe17fcf2bd5c5c1f3aa24660be7b9210eabe9520e448dd26312d1f4121f7b5ab68f058f431ae25e6c15b9acf873fd606a7ce4f61a0f4984