baronissi.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:e3:35:c2:70:d2:d9:7c:67:1d:94:4f:3d:c3:ef:28:54:74 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=baronissi.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e3:35:c2:70:d2:d9:7c:67:1d:94:4f:3d:c3:ef:28:54:74Serial Number (int): 338652413764036025821746423697822959817844
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: af:45:0c:c1:b2:e0:54:21:14:f7:28:23:0d:0f:0f:e3:34:8b:be:53
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 8f:30:72:83:ff:87:2f:c2:6b:f4:50:34:d4:23:23:14:c9:6d:0d:2f
Fingerprint (sha256): d1:d1:57:aa:7d:fc:0f:a5:fb:03:c6:60:25:78:8e:d5:93:8c:67:80:3d:56:6e:4a:09:ce:e9:6b:e1:bf:de:72
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate baronissi.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for baronissi.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
baronissi.org
Other certificates including the domain name baronissi.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for baronissi.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgISA+M1wnDS2XxnHZRPPcPvKFR0MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjgwMTMzNTVaFw0x OTA4MjYwMTMzNTVaMBgxFjAUBgNVBAMTDWJhcm9uaXNzaS5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDCPbSSPgABVdDj8kHFlCGcoOjuNNi1I2Mo cWYSrab2rsz1xyMZht7cpNHF07mid0KDuUUOwevBssHuPTlHIh/MbXPqwHZJul8S lDWxAc1fK0Qe+7/0pSygTMO9G8PnjWID/9TTXxE94HFqYYe6bLmKy5hr2cUOyV3h pm0ua6+3wfN7ePHOwqHklc5WCdiS0IZY5I+bHUSzTPC+KUwnhMDPQ1reWD8Aa9As x2zYcQ5tUYE7q+oOwTbv1vkQXRQOEe2xPIzAuedKDt17yd3fUgm9SIrJ+hGH/eJD ifRfSswzDbSMdgnmQAqv8Xnvb/NfYVOKKIfUo9Rp+FEn1d80HUTm7EoTMRfa7KMz 8c+hhXXM2eO6pZPauNWO+U6jh1RseKyx1bWbOyp7kPNzReiKWciXjcnWNTVzLv5z KW18EaEcWxJ5mEKMn/d2cBsO7hDAeuZKo2ocxf7eqBABhd3tXF2mFPMaBlQR4csp SOuKm2ftfZy8A51qkdTiNgqQm/zH2eXq8zxIERwZyxqyIGEKKoQo/VPiMWrgCsAl xjj2wyOTbD8ZrSEKU0ODrDd2mGG/aqepFJp3O6t4QyeYzMJ9nlF0i0SRr7VvHQYz C0rLlLOy/RHfIHQ1doZ+2oeS7aSOL671m9Hunuh/F/czV8KgsvWCwE9QL2jadmt1 Cd6+Fw0RdQIDAQABo4ICYzCCAl8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSvRQzB suBUIRT3KCMNDw/jNIu+UzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDWJhcm9uaXNzaS5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHz APEAdwBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWr8SXy/AAAE AwBIMEYCIQCFB0p7rPCWu3MdNIplT+WnV7XjPikdtLQmI/kJ05dvIAIhALO/j7ok ktDGBrkNAzB7R0aaMv7706Nj1UTg6R4LNsujAHYAb1N2rDHwMRnYmQCkURX/dxUc EdkCwQApBo2yCJo32RMAAAFq/El93wAABAMARzBFAiAUZF3j6a8qvBEvc3f0vSVh vzWHgoTksrYyhJ80ypRtzAIhANQIjuwrNNnKIx0rijE1XbqrMJxOoKo1NxXeluq1 pIhfMA0GCSqGSIb3DQEBCwUAA4IBAQAK/BOTNLyy/785j37s21mCyI8FwoRqwvnQ 5BAz/ezNu/oiS71NbqYACz70iaveYv8ERuxu+aZiwSnXwp1aZLP5WzVpC6KHSb52 D9ttfsMLmb69v9j7GbrkpZFmY9SgXAX8/jDF+A585+yaUFFJRx7KYDWmgXzhxV9Z o18YUHJnLcl3FuQdTt50UrMKZ5rcUHO5TOvDKIC33zuNhRGe2/WHeBBfkyBvjnkh GjZM54ex7nvzq3PVUAVpbJfCuaIz1Rl09R/p284mOgfyqq0PsWMr336Rig5dTcSy WzcD9W+Azc5Wljfl7HRuB9UNWmX/rNmEpJ6MHGGAnD3NQUE0sSaP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwj20kj4AAVXQ4/JBxZQh nKDo7jTYtSNjKHFmEq2m9q7M9ccjGYbe3KTRxdO5ondCg7lFDsHrwbLB7j05RyIf zG1z6sB2SbpfEpQ1sQHNXytEHvu/9KUsoEzDvRvD541iA//U018RPeBxamGHumy5 isuYa9nFDsld4aZtLmuvt8Hze3jxzsKh5JXOVgnYktCGWOSPmx1Es0zwvilMJ4TA z0Na3lg/AGvQLMds2HEObVGBO6vqDsE279b5EF0UDhHtsTyMwLnnSg7de8nd31IJ vUiKyfoRh/3iQ4n0X0rMMw20jHYJ5kAKr/F572/zX2FTiiiH1KPUafhRJ9XfNB1E 5uxKEzEX2uyjM/HPoYV1zNnjuqWT2rjVjvlOo4dUbHissdW1mzsqe5Dzc0XoilnI l43J1jU1cy7+cyltfBGhHFsSeZhCjJ/3dnAbDu4QwHrmSqNqHMX+3qgQAYXd7Vxd phTzGgZUEeHLKUjriptn7X2cvAOdapHU4jYKkJv8x9nl6vM8SBEcGcsasiBhCiqE KP1T4jFq4ArAJcY49sMjk2w/Ga0hClNDg6w3dphhv2qnqRSadzureEMnmMzCfZ5R dItEka+1bx0GMwtKy5Szsv0R3yB0NXaGftqHku2kji+u9ZvR7p7ofxf3M1fCoLL1 gsBPUC9o2nZrdQnevhcNEXUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338652413764036025821746423697822959817844 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-28 01:33:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-26 01:33:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'baronissi.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 792434292522167776225574728963631573611779007320062031006417248806612684283085803282112770288748905518658682216984719828654522410505411438898005816058598979662958539264351603881233379366096872132002222764226949443549551010250605696236507575173279929380458228351528056539448298408933341100713931610004188900234778339560881918054669063854338929737238572885481833998950066449342185892343557831537155518536569903887462645445731850884632309009212478564152310303311566149358067052597402199023078661199983790940782928296627135066174694079711437027368120182976563387703108657273650709787848698782720609208586182998007954151622072668653157616597393308195581053948580961341616826830663085289960903803845414097139990951949873956304900442812790811676142427686656897313786192886165034439215312253914840116139995739874815283480152612906713003933870787178640609293069828487518208838142503291060527199003366467614479694517706839714646105107845878886313138335627671662271602385678369386931343443625078577955867469057349291769002085230810410521759140758857695101900154785613465603157549642875183161857973116084089072728385484435080176344503066383092592151274254847577793475315623747218061052541814982924674295737291695212348206541288895899272978698613 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) af450cc1b2e0542114f728230d0f0fe3348bbe53 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'baronissi.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016afc497cbf000004030048304602210085074a7bacf096bb731d348a654fe5a757b5e33e291db4b42623f909d3976f20022100b3bf8fba2492d0c606b90d03307b47469a32fefbd3a363d544e0e91e0b36cba30076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016afc497ddf0000040300473045022014645de3e9af2abc112f7377f4bd2561bf35878284e4b2b632849f34ca946dcc022100d4088eec2b34d9ca231d2b8a31355dbaab309c4ea0aa353715de96eab5a4885f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000afc139334bcb2ffbf398f7eecdb5982c88f05c2846ac2f9d0e41033fdeccdbbfa224bbd4d6ea6000b3ef489abde62ff0446ec6ef9a662c129d7c29d5a64b3f95b35690ba28749be760fdb6d7ec30b99bebdbfd8fb19bae4a5916663d4a05c05fcfe30c5f80e7ce7ec9a505149471eca6035a6817ce1c55f59a35f185072672dc97716e41d4ede7452b30a679adc5073b94cebc32880b7df3b8d85119edbf58778105f93206f8e79211a364ce787b1ee7bf3ab73d55005696c97c2b9a233d51974f51fe9dbce263a07f2aaad0fb1632bdf7e918a0e5d4dc4b25b3703f56f80cdce569637e5ec746e07d50d5a65ffacd984a49e8c1c61809c3dcd414134b1268f