ciavpn.com

Issued by R3

About this certificate

This digital certificate with serial number 03:a0:82:c0:b1:c1:48:e5:47:87:89:48:b7:61:5b:3f:40:4d was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=ciavpn.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:a0:82:c0:b1:c1:48:e5:47:87:89:48:b7:61:5b:3f:40:4d
Serial Number (int): 315955836668379867158500542350965096792141
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: e2:ec:47:8f:88:75:99:0c:d5:df:1f:45:4e:57:ee:e8:bc:b2:31:01
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 88:4d:bd:cf:24:e7:68:ea:46:08:ba:6f:46:47:b1:ee:aa:2d:a8:02
Fingerprint (sha256): e2:f4:06:50:4a:6f:26:87:40:13:54:aa:f6:5d:2f:8e:a5:d5:9d:f0:13:78:4b:21:87:ca:3b:2e:43:3a:42:e4

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate ciavpn.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ciavpn.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ciavpn.com
www.ciavpn.com

Other certificates including the domain name ciavpn.com

(limited to 100 certificates)
tickremovalvideo.com
medical-internship.com
bunnycasino.com
ciavpn.com
www.fussball.codes
www.lymetickdisease.com
www.altovpn.com
ciavpn.com
flexiblephotoswap.com
indiancoinexchange.com
www.visibilityconsultants.com
ciavpn.com
leukose.com
globaldatacollection.com

Certificate

The complete raw certificate details for ciavpn.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISA6CCwLHBSOVHh4lIt2FbP0BNMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMzAxMzAxNTlaFw0yNDA2MjgxMzAxNThaMBUxEzARBgNVBAMT
CmNpYXZwbi5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCt9JI3
qJDg666skaiaeetqubB2m8QxTCz9b9QefwuMrzyxTqZvj+OmFakVioU+tWc2tmDb
ZTqZdwcf6zfKLysV8OD6aZ3XfNsBPv7fbA0g/5OqgRNyuDay3OkOpJN7Xeh5645b
3jnM6az3hLHil4PtPpJVdaLPCQK8FJQqwbWa+lUU1CfoNwoPlUaTpGxgNdNoUTth
PYVrfIINGyP3x1EOAH9kEYtX/guoq9cDA/rEgZe+i0/o5BTrlIijLeEQ9yD8MTZR
J/qcdozuKP8GXT08qvXLq2V9KSgLRecP1PMXslMA6k9VQ64KhAdnSmyAQxBASeMa
Wz3ibcpKuFUVIc11uMaU4deZyx5FmqvXqQO5nYEmv29TLoXYlff1XNKzupY99hgZ
2VAESsLO7v1awZ48EAC6eZFYIEmMIZpdNUztaDCbIMPYlYkBAmhSg+VV6gRAXa0L
tW4K/BmHqV2LEx5xGyihCoJ5AE+luD0eVzGLlvBSx83usE6IoKSCRAifIYsWU6uL
OZJs9/OU6R4V0xEv+wEmn5KbUUaLZ+nXsiUcPWSQ9/OYEtrJWC3gXPw/u0NrCiux
OJjBG4Tn56Ye6QXdOJvbPB/lapnU49DYYhIkQxoW8u05I+ClhwAFNQWy0ECiuwLE
y38rFaiBX/T1DTE228OPZWHY7JnM1BRwbIF/nwIDAQABo4ICHDCCAhgwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBTi7EePiHWZDNXfH0VOV+7ovLIxATAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggpjaWF2cG4uY29tgg53d3cuY2lhdnBu
LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjo+qzGUAAAQD
AEcwRQIgOstXdoLmGxmBjrdZ5wIOONnBR8lnw7v+owQNeWtyGAwCIQDtCJ7/Kaqa
vc2sABhTyK3z6tvo/rFmit08PKXXi3N3gwB2ADtTd3U+LbmAToswWwb+QDtn2E/D
9Me9AA0tcm/h+tQXAAABjo+qzG4AAAQDAEcwRQIgSVCsANzanVcU2r0zvyJxfuV4
Ty/sUgLKCXgAFzBiBBwCIQCyF5IcyypqVFgQC5KB25kkDD/JsI/Xbd/L7S4S0F+Z
GDANBgkqhkiG9w0BAQsFAAOCAQEAI3jAM78cFgmU89WMl0Y5K5vQvOh0lOExM0BW
XsKoD9e5MYy9a0NjmzKcUeJLnWz0j9Uo/jrUUvJphSKrJkPSeCaNfyZW520NoxyH
OjjcEBJkZfa0+XBCrHb1WwwwHlc5kkWeucl7xtdGwDzydVd3i/+DPrpQNMzHK3AH
OPDGnKBds9foTTLamc/Iz+7C4huBnl5K25LgySBb4n6X+G6qTQQ1b+14wSE7HlHY
jJxMlXoOd58fHicD2ojjHh1Kigoy9i+FFDIODfygyFGN2P3Kjy6JOMrxAqfbCcXd
EyxmDl8ePjsScUxVJ5sPC6Z2abF33E5WhE/Z1+4sSgMiKbtO+g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArfSSN6iQ4OuurJGomnnr
armwdpvEMUws/W/UHn8LjK88sU6mb4/jphWpFYqFPrVnNrZg22U6mXcHH+s3yi8r
FfDg+mmd13zbAT7+32wNIP+TqoETcrg2stzpDqSTe13oeeuOW945zOms94Sx4peD
7T6SVXWizwkCvBSUKsG1mvpVFNQn6DcKD5VGk6RsYDXTaFE7YT2Fa3yCDRsj98dR
DgB/ZBGLV/4LqKvXAwP6xIGXvotP6OQU65SIoy3hEPcg/DE2USf6nHaM7ij/Bl09
PKr1y6tlfSkoC0XnD9TzF7JTAOpPVUOuCoQHZ0psgEMQQEnjGls94m3KSrhVFSHN
dbjGlOHXmcseRZqr16kDuZ2BJr9vUy6F2JX39VzSs7qWPfYYGdlQBErCzu79WsGe
PBAAunmRWCBJjCGaXTVM7WgwmyDD2JWJAQJoUoPlVeoEQF2tC7VuCvwZh6ldixMe
cRsooQqCeQBPpbg9Hlcxi5bwUsfN7rBOiKCkgkQInyGLFlOrizmSbPfzlOkeFdMR
L/sBJp+Sm1FGi2fp17IlHD1kkPfzmBLayVgt4Fz8P7tDaworsTiYwRuE5+emHukF
3Tib2zwf5WqZ1OPQ2GISJEMaFvLtOSPgpYcABTUFstBAorsCxMt/KxWogV/09Q0x
NtvDj2Vh2OyZzNQUcGyBf58CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 315955836668379867158500542350965096792141
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-30 13:01:59 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-28 13:01:58 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ciavpn.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 709675936616573639943762944248735498229562217922007472878627444303276523742639199028369590788441351093674680987605124939277902228216812164791144244701697095799702346776717098656500567289731423388054597858075165624066627707128449881380151971483870761213772305558838965234594469136732921616432894340286968821969838161696709422900207550858098414242801096225574504093572481071096650185029343955917451072072851810959324012572438423394977048770821087319192430002812097394981121215777053924603422986337628232292375862910435902243356953261165041542302760090732955059065674942850952844223249365401848267218279947486126167267357460640809572456847751760271321576864835780457273565186039354563390430380421434744032072602866070492964332982815791081802816656638568793700451320338013096686563758981760823990092424151188117800828395700038920860368437062449432276949376802086998386688624837513849541113685474489775847845610944111403167710346222229179502677113471552430435330689464509793171322469069574659234134891984189617647485394481439026227949122736461498447113944714269159411489186940009228344809943650877706902653108781429722636406202344511778924210459306968065820086393602338850027682255862790429351386817396024868256676316197217616559714959263
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e2ec478f8875990cd5df1f454e57eee8bcb23101
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ciavpn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ciavpn.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e8faacc65000004030047304502203acb577682e61b19818eb759e7020e38d9c147c967c3bbfea3040d796b72180c022100ed089eff29aa9abdcdac001853c8adf3eadbe8feb1668add3c3ca5d78b7377830076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e8faacc6e000004030047304502204950ac00dcda9d5714dabd33bf22717ee5784f2fec5202ca097800173062041c022100b217921ccb2a6a5458100b9281db99240c3fc9b08fd76ddfcbed2e12d05f9918
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002378c033bf1c160994f3d58c9746392b9bd0bce87494e1313340565ec2a80fd7b9318cbd6b43639b329c51e24b9d6cf48fd528fe3ad452f2698522ab2643d278268d7f2656e76d0da31c873a38dc10126465f6b4f97042ac76f55b0c301e573992459eb9c97bc6d746c03cf27557778bff833eba5034ccc72b700738f0c69ca05db3d7e84d32da99cfc8cfeec2e21b819e5e4adb92e0c9205be27e97f86eaa4d04356fed78c1213b1e51d88c9c4c957a0e779f1f1e2703da88e31e1d4a8a0a32f62f8514320e0dfca0c8518dd8fdca8f2e8938caf102a7db09c5dd132c660e5f1e3e3b12714c55279b0f0ba67669b177dc4e56844fd9d7ee2c4a032229bb4efa