www.baronissi.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:1c:2d:57:84:0c:98:06:81:10:74:57:da:0b:36:5d:12:8a was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.baronissi.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:1c:2d:57:84:0c:98:06:81:10:74:57:da:0b:36:5d:12:8aSerial Number (int): 270925033736979885877858778741298316513930
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c7:81:4d:ef:a3:09:07:b8:f9:8f:88:6b:08:6b:ba:2a:22:b5:2c:c3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): a9:06:66:dd:3f:03:ac:33:ca:c5:97:0f:4b:35:16:28:7d:5c:c7:53
Fingerprint (sha256): e0:62:70:17:80:21:15:74:dc:05:48:17:f8:7e:3b:d7:18:35:95:c5:2d:ba:44:50:27:7b:8a:5d:44:5e:94:31
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.baronissi.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.baronissi.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.baronissi.org
Other certificates including the domain name baronissi.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.baronissi.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWjCCBUKgAwIBAgISAxwtV4QMmAaBEHRX2gs2XRKKMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDYxNjEwMzBaFw0y MDA1MDYxNjEwMzBaMBwxGjAYBgNVBAMTEXd3dy5iYXJvbmlzc2kub3JnMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA04FKMxwaWxX+7XIeUlmJxE1+iiTP x2ILR4/9V10qRPmjDLFBkbVAh5WCNK9S3MU9Aj1fUhvC5P60Jrig/G7Nao0wLFh7 CdXAfFTozH9ZeWMPfyXoFpoTgoeSllRwxRpENpQx4SDUKSE2PWOQunjm1z9H072U 5StlBxFaMiwOiVOPSFbefbZXlC+4QOrPRe1eT9Y3cg/v+RdjUfXoN4IvmiXKtDmV YHoTwrktEf8qe6tTUQI9RRM3NQr+ShJt1hMW3vokjRwllXUvLRfP/LAMmkpMizFP WlvsCWXNhWa/tXA74TDnRCa8LI1X8h8gGLFPKziESjfHzhBPzwJ4VoXLhHRlKS7C 76HNn+qioj7VAyyxtnozz3o3TyJp6j9X1Qpwn5B3PbiNbZZnlgIBB2e2yyHD8n9z e7SLmlmUkZvKi2xO7w2ho4qVKedrqobA1cj6dMbQQX24XfZX+6Ijm60ErMjjyGPr nCJadAzWitdpaD6YnBzPaKTv2ljuGfkpxBZGkID4mE+Yq/lAijdK9Kaa323NToKH NDhVDh+3tx5KGqPKxVdQvea6heekZuU0WMEGONNtfyDvXauiQE4RiLCXNjS7gdcS UgtYClFxLHRNIxSRjGaN/qFVZi6PtVCubuXhaXfFxZAxUPp24lGvrQNgI2bS9dh1 b6y7hQFOld0TmpMCAwEAAaOCAmYwggJiMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU x4FN76MJB7j5j4hrCGu6KiK1LMMwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl 7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5p bnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p bnQteDMubGV0c2VuY3J5cHQub3JnLzAcBgNVHREEFTATghF3d3cuYmFyb25pc3Np Lm9yZzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkC BAIEgfUEgfIA8AB2AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAAB cBt7TTkAAAQDAEcwRQIhAOncV4wojrrT815hRoP4M55E2BUZld5qk7FSV2fXjGqK AiBk+7zH8YmWd4tdbbU/HzbsX4SdSFgaVPc0BQ+eFsTZswB2ALIeBcyLos2KIE6H ZvkruYolIGdr2vpw57JJUy3vi5BeAAABcBt7TSkAAAQDAEcwRQIhAMp2TdPCiW8N ZE9m6w3qWwUkWBAFBymfOU2kHDY9kHktAiAApizpx01OZWOECCVLYLOmFgA/cFPx mIyhyWyot1BY3DANBgkqhkiG9w0BAQsFAAOCAQEAQ8K8WPl+eIjGJs9bymaMwdNa rvKWAwcxNT70hiOmK7DUkAi4phwWDVPCF3yO5kTJ8V0e4OWXZN7MuYre8APfmEyw 4ArOlzH9qvqH6U5VyjAIaBM3w0XId/WXqsz8ebvtrEoPNCTY7V6kTbd/KZ1FqXh8 HsptftJyfZuIy2yEtkIGfNLHEwPyg3lJ8/g1orRtLyt9BlM3oWuxfZPr/z9YVp+r F7fh+UCYmwOsA0hnQXNebKWi6adpgZp25d2mgeoXhPKtBWUxVHyp+LGbFMrt+z82 VyEeMhLnZCw+aLd1iwF6uWUbzJd0seyevNUkXFg50jTiMl9VzdyXcq4pE04WTg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA04FKMxwaWxX+7XIeUlmJ xE1+iiTPx2ILR4/9V10qRPmjDLFBkbVAh5WCNK9S3MU9Aj1fUhvC5P60Jrig/G7N ao0wLFh7CdXAfFTozH9ZeWMPfyXoFpoTgoeSllRwxRpENpQx4SDUKSE2PWOQunjm 1z9H072U5StlBxFaMiwOiVOPSFbefbZXlC+4QOrPRe1eT9Y3cg/v+RdjUfXoN4Iv miXKtDmVYHoTwrktEf8qe6tTUQI9RRM3NQr+ShJt1hMW3vokjRwllXUvLRfP/LAM mkpMizFPWlvsCWXNhWa/tXA74TDnRCa8LI1X8h8gGLFPKziESjfHzhBPzwJ4VoXL hHRlKS7C76HNn+qioj7VAyyxtnozz3o3TyJp6j9X1Qpwn5B3PbiNbZZnlgIBB2e2 yyHD8n9ze7SLmlmUkZvKi2xO7w2ho4qVKedrqobA1cj6dMbQQX24XfZX+6Ijm60E rMjjyGPrnCJadAzWitdpaD6YnBzPaKTv2ljuGfkpxBZGkID4mE+Yq/lAijdK9Kaa 323NToKHNDhVDh+3tx5KGqPKxVdQvea6heekZuU0WMEGONNtfyDvXauiQE4RiLCX NjS7gdcSUgtYClFxLHRNIxSRjGaN/qFVZi6PtVCubuXhaXfFxZAxUPp24lGvrQNg I2bS9dh1b6y7hQFOld0TmpMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 270925033736979885877858778741298316513930 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-06 16:10:30 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-06 16:10:30 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.baronissi.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 862865275455737128610446986579631155754886522362758788342991006861516133236362702480094215247944084871494004290323313305237830109461979300736624984971440282493858530274791150355097589420953830283431738993598283630236277472226878323612015657049189750820843170259979192048314583296561114924502127747431274326206554731664708717106724662117621932983284076979017267703596943021672552080852032548741165761308001681403435292618134495674805206949684126978349797870420932289062329719674295477293657924903046427888367329481571965846521645656056423951418454948015126448641125614218940738931152081701609066700596028114783852558038249660376099255003062209758333124574803553621663327078488863302174260406164096793489875400133174049471773502607875201826865455494996356760192896806446945433710753133664289533192347833257273990148723832967130208577091356140784693391722648831611787763046578362924106866057145351953680745026248174036104486585124830586242753719584858340449158706469708704522834847333330429210275127620959856761142757457787909689771119275164872246506822849382113427874638588601597657774442671620907522184453603400153774324817189495454222310417322522328926183727413387068446286374787912967072024401344536516933492462582000944805143878291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c7814defa30907b8f98f886b086bba2a22b52cc3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.baronissi.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a112128418759681714558000001701b7b4d390000040300473045022100e9dc578c288ebad3f35e614683f8339e44d8151995de6a93b1525767d78c6a8a022064fbbcc7f18996778b5d6db53f1f36ec5f849d48581a54f734050f9e16c4d9b3007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001701b7b4d290000040300473045022100ca764dd3c2896f0d644f66eb0dea5b052458100507299f394da41c363d90792d022000a62ce9c74d4e65638408254b60b3a616003f7053f1988ca1c96ca8b75058dc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0043c2bc58f97e7888c626cf5bca668cc1d35aaef296030731353ef48623a62bb0d49008b8a61c160d53c2177c8ee644c9f15d1ee0e59764deccb98adef003df984cb0e00ace9731fdaafa87e94e55ca3008681337c345c877f597aaccfc79bbedac4a0f3424d8ed5ea44db77f299d45a9787c1eca6d7ed2727d9b88cb6c84b642067cd2c71303f2837949f3f835a2b46d2f2b7d065337a16bb17d93ebff3f58569fab17b7e1f940989b03ac03486741735e6ca5a2e9a769819a76e5dda681ea1784f2ad056531547ca9f8b19b14caedfb3f3657211e3212e7642c3e68b7758b017ab9651bcc9774b1ec9ebcd5245c5839d234e2325f55cddc9772ae29134e164e