pinnacle.pt
Issued by R3
About this certificate
This digital certificate with serial number 03:d8:62:4a:07:09:f1:53:df:42:87:4e:12:0d:7c:9e:20:22 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=pinnacle.pt
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:d8:62:4a:07:09:f1:53:df:42:87:4e:12:0d:7c:9e:20:22Serial Number (int): 334968497766522509351464702782140734906402
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e3:a8:59:d1:db:ec:5f:39:00:a5:03:42:0a:90:d0:a1:5c:12:3f:4d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 30:59:27:9e:90:67:b9:36:a8:2b:97:c2:cd:12:4c:4b:0a:6c:06:a1
Fingerprint (sha256): e1:0f:d5:c8:1e:e8:f6:de:20:65:83:0f:75:9b:f1:19:ac:6e:cb:21:58:74:be:f1:62:1b:79:96:15:b4:4c:ca
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate pinnacle.pt
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pinnacle.pt
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pinnacle.pt
www.pinnacle.pt
www.pinnacle.pt
Other certificates including the domain name pinnacle.pt
(limited to 100 certificates)
Certificate
The complete raw certificate details for pinnacle.pt in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISA9hiSgcJ8VPfQodOEg18niAiMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MjEyMzA0MzdaFw0yNDA4MTkyMzA0MzZaMBYxFDASBgNVBAMT C3Bpbm5hY2xlLnB0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlBs1 cgPSzGED6eaaq6qsFOla3uSO9B5WJNY6o3c5jfBvpfARrtH3n0w89kHKN7Vln6Zb JW8TGcgcCj1Au0iXmqZGBIDRRw8lzOA4+kap82TOv2NC5AeA+XdDn1WHYGi/xpdh Jao2DyX2pljL7q6HUiSNK7gNzKeCYF75W0x+AAOwY02CwqwNKHcnrg0rffIFqHmQ yTs+9VhDKXbBSEFZEFnKkvcTfX8lonXPncziqLFWjmmZvOEMKCTJcJnGTjf9XHwY ENjcZ+Jyt8RS1anbCxLB32Z3jTsLv1jQ30CQwZVItKcLI1CAqbg0GB0pbVtLoxkc Gw1/NEyane+SMhzfG0A91sKYkqiEt7tBXkc30IlfC/GlKFTiSZOIhWgSDZRYuHS2 +XBZxTj46MHYlrDgm5e6o4nDyuUQSTs0L7vYA25Zann/lPGymv6Jj+w6J1F4UzMZ dpbGpLkrT538HRPfNQwzTutQ/HdbExW8byDCf6udTC6mCqB8EosH7mrR8/rCXCfR khE+UM1u9jfjZLD0PeTnfBmdbqN3blkkrymhC+fIdivgVxODz3chX6rpXF4E+vRC hw4OY16XQYstuYmkp+dp68/g8hDoICvGwtK6eiXVAMcZuAOwkAng3gfkFWg+CVRb qnAVdAR0anfZmDyI5jv5FkwRRFFcxs01t5hvwAUCAwEAAaOCAiAwggIcMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU46hZ0dvsXzkApQNCCpDQoVwSP00wHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wJwYDVR0RBCAwHoILcGlubmFjbGUucHSCD3d3dy5waW5u YWNsZS5wdDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcE gfQA8gB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABj52dOXUA AAQDAEgwRgIhAJpuXc3b9cgfPo/Tj10AEZTAk+rQh43GC+t0rJ9qhb3FAiEAhl+L Eiy72NB2z5jAzMlACG9TjKpbqk06ZtYMTRxPcfMAdwDuzdBk1dsazsVct520zROi ModGfLzs3sNRSFlGcR+1mwAAAY+dnTl0AAAEAwBIMEYCIQDdVtnUYvEgRh8K4NGl 7ZayCLporHP7nyz5K96ZWjmDmgIhAJamUs/2BoSI9Q+E/lx6ecXxZGe/NXG0xpcu Q4nEeQYGMA0GCSqGSIb3DQEBCwUAA4IBAQB4niOlUSQabteAMWJTefPe2H5BfwWS xvjDSk8Di5L5YHAZSazvUvuQ08Zmfe1N/Y5EKCd3qUpzmT0asWzbjxfkxyEwFB+C RCxTCpVzlDhEwiBJE3MiPHMhK8gQSxc7fb0QnsTx3VEPaYMbRNC9tmNqVui0uBXi J0nejtTi90z6GwAzQBx28dLKUZJRwn1odebiC1f0STlKD6evQzzEdna+DiC29lf0 18Nx1B9wXTNo4QlvstQeAxNvSUTqGyCnYGRazKID6PhAY5L129+3iRx4NlHL5T0K YE/8KdTFSzCyooOTsTWhgvrj7yFJyMG7L9DiRzJzF6W3OK6sOq72PY0C -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlBs1cgPSzGED6eaaq6qs FOla3uSO9B5WJNY6o3c5jfBvpfARrtH3n0w89kHKN7Vln6ZbJW8TGcgcCj1Au0iX mqZGBIDRRw8lzOA4+kap82TOv2NC5AeA+XdDn1WHYGi/xpdhJao2DyX2pljL7q6H UiSNK7gNzKeCYF75W0x+AAOwY02CwqwNKHcnrg0rffIFqHmQyTs+9VhDKXbBSEFZ EFnKkvcTfX8lonXPncziqLFWjmmZvOEMKCTJcJnGTjf9XHwYENjcZ+Jyt8RS1anb CxLB32Z3jTsLv1jQ30CQwZVItKcLI1CAqbg0GB0pbVtLoxkcGw1/NEyane+SMhzf G0A91sKYkqiEt7tBXkc30IlfC/GlKFTiSZOIhWgSDZRYuHS2+XBZxTj46MHYlrDg m5e6o4nDyuUQSTs0L7vYA25Zann/lPGymv6Jj+w6J1F4UzMZdpbGpLkrT538HRPf NQwzTutQ/HdbExW8byDCf6udTC6mCqB8EosH7mrR8/rCXCfRkhE+UM1u9jfjZLD0 PeTnfBmdbqN3blkkrymhC+fIdivgVxODz3chX6rpXF4E+vRChw4OY16XQYstuYmk p+dp68/g8hDoICvGwtK6eiXVAMcZuAOwkAng3gfkFWg+CVRbqnAVdAR0anfZmDyI 5jv5FkwRRFFcxs01t5hvwAUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 334968497766522509351464702782140734906402 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 23:04:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-19 23:04:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pinnacle.pt' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 604220924024502435609842289170906433037781380072976377194154408449755734644265744390580177189904178271553671573381037370149837031904253374038697970850465486863810266529233182625066543386140045282559077970889674442036300614345588683031934758302222795330912062524343584519497565804229765988853683906993417455307694951070921047683653587081464979699579609225217074696305964718300717093025511752332236553004432417249323858677800193568813900122719790333727890562672358579324132638096003460890423108668341883680778056344304669376903471853278413117226216298301081653748761885021393853509765282651429114190495393660977933101502458820040021881523169011546820033430945009805090562302092269678610247782384964186012826272146738110629562130819430903775890683439047947665057682296446272879758024727210746462806426467959206900735335987253849898613104102479578929725695931767523380697555265333096339495630081106333426536847280386110680408394106281777584241679766269164587825277048101159437419917982529512692949139994125365803538842511703485719622585838885357203861078810282061905209512438671225325452970924438297258328591665785571219416481459260082103216856147937948766096314441013949335545994083155312975530845581812241213557102247741533490162679813 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e3a859d1dbec5f3900a503420a90d0a15c123f4d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pinnacle.pt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pinnacle.pt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f9d9d397500000403004830460221009a6e5dcddbf5c81f3e8fd38f5d001194c093ead0878dc60beb74ac9f6a85bdc5022100865f8b122cbbd8d076cf98c0ccc940086f538caa5baa4d3a66d60c4d1c4f71f3007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f9d9d39740000040300483046022100dd56d9d462f120461f0ae0d1a5ed96b208ba68ac73fb9f2cf92bde995a39839a02210096a652cff6068488f50f84fe5c7a79c5f16467bf3571b4c6972e4389c4790606 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00789e23a551241a6ed78031625379f3ded87e417f0592c6f8c34a4f038b92f960701949acef52fb90d3c6667ded4dfd8e44282777a94a73993d1ab16cdb8f17e4c72130141f82442c530a9573943844c220491373223c73212bc8104b173b7dbd109ec4f1dd510f69831b44d0bdb6636a56e8b4b815e22749de8ed4e2f74cfa1b0033401c76f1d2ca519251c27d6875e6e20b57f449394a0fa7af433cc47676be0e20b6f657f4d7c371d41f705d3368e1096fb2d41e03136f4944ea1b20a760645acca203e8f8406392f5dbdfb7891c783651cbe53d0a604ffc29d4c54b30b2a28393b135a182fae3ef2149c8c1bb2fd0e247327317a5b738aeac3aaef63d8d02