ciavpn.com
Issued by R3
About this certificate
This digital certificate with serial number 03:a0:82:c0:b1:c1:48:e5:47:87:89:48:b7:61:5b:3f:40:4d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ciavpn.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a0:82:c0:b1:c1:48:e5:47:87:89:48:b7:61:5b:3f:40:4dSerial Number (int): 315955836668379867158500542350965096792141
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e2:ec:47:8f:88:75:99:0c:d5:df:1f:45:4e:57:ee:e8:bc:b2:31:01
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 88:4d:bd:cf:24:e7:68:ea:46:08:ba:6f:46:47:b1:ee:aa:2d:a8:02
Fingerprint (sha256): e2:f4:06:50:4a:6f:26:87:40:13:54:aa:f6:5d:2f:8e:a5:d5:9d:f0:13:78:4b:21:87:ca:3b:2e:43:3a:42:e4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ciavpn.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ciavpn.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ciavpn.com
www.ciavpn.com
www.ciavpn.com
Other certificates including the domain name ciavpn.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for ciavpn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8TCCBNmgAwIBAgISA6CCwLHBSOVHh4lIt2FbP0BNMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMzAxMzAxNTlaFw0yNDA2MjgxMzAxNThaMBUxEzARBgNVBAMT CmNpYXZwbi5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCt9JI3 qJDg666skaiaeetqubB2m8QxTCz9b9QefwuMrzyxTqZvj+OmFakVioU+tWc2tmDb ZTqZdwcf6zfKLysV8OD6aZ3XfNsBPv7fbA0g/5OqgRNyuDay3OkOpJN7Xeh5645b 3jnM6az3hLHil4PtPpJVdaLPCQK8FJQqwbWa+lUU1CfoNwoPlUaTpGxgNdNoUTth PYVrfIINGyP3x1EOAH9kEYtX/guoq9cDA/rEgZe+i0/o5BTrlIijLeEQ9yD8MTZR J/qcdozuKP8GXT08qvXLq2V9KSgLRecP1PMXslMA6k9VQ64KhAdnSmyAQxBASeMa Wz3ibcpKuFUVIc11uMaU4deZyx5FmqvXqQO5nYEmv29TLoXYlff1XNKzupY99hgZ 2VAESsLO7v1awZ48EAC6eZFYIEmMIZpdNUztaDCbIMPYlYkBAmhSg+VV6gRAXa0L tW4K/BmHqV2LEx5xGyihCoJ5AE+luD0eVzGLlvBSx83usE6IoKSCRAifIYsWU6uL OZJs9/OU6R4V0xEv+wEmn5KbUUaLZ+nXsiUcPWSQ9/OYEtrJWC3gXPw/u0NrCiux OJjBG4Tn56Ye6QXdOJvbPB/lapnU49DYYhIkQxoW8u05I+ClhwAFNQWy0ECiuwLE y38rFaiBX/T1DTE228OPZWHY7JnM1BRwbIF/nwIDAQABo4ICHDCCAhgwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBTi7EePiHWZDNXfH0VOV+7ovLIxATAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggpjaWF2cG4uY29tgg53d3cuY2lhdnBu LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA 8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjo+qzGUAAAQD AEcwRQIgOstXdoLmGxmBjrdZ5wIOONnBR8lnw7v+owQNeWtyGAwCIQDtCJ7/Kaqa vc2sABhTyK3z6tvo/rFmit08PKXXi3N3gwB2ADtTd3U+LbmAToswWwb+QDtn2E/D 9Me9AA0tcm/h+tQXAAABjo+qzG4AAAQDAEcwRQIgSVCsANzanVcU2r0zvyJxfuV4 Ty/sUgLKCXgAFzBiBBwCIQCyF5IcyypqVFgQC5KB25kkDD/JsI/Xbd/L7S4S0F+Z GDANBgkqhkiG9w0BAQsFAAOCAQEAI3jAM78cFgmU89WMl0Y5K5vQvOh0lOExM0BW XsKoD9e5MYy9a0NjmzKcUeJLnWz0j9Uo/jrUUvJphSKrJkPSeCaNfyZW520NoxyH OjjcEBJkZfa0+XBCrHb1WwwwHlc5kkWeucl7xtdGwDzydVd3i/+DPrpQNMzHK3AH OPDGnKBds9foTTLamc/Iz+7C4huBnl5K25LgySBb4n6X+G6qTQQ1b+14wSE7HlHY jJxMlXoOd58fHicD2ojjHh1Kigoy9i+FFDIODfygyFGN2P3Kjy6JOMrxAqfbCcXd EyxmDl8ePjsScUxVJ5sPC6Z2abF33E5WhE/Z1+4sSgMiKbtO+g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArfSSN6iQ4OuurJGomnnr armwdpvEMUws/W/UHn8LjK88sU6mb4/jphWpFYqFPrVnNrZg22U6mXcHH+s3yi8r FfDg+mmd13zbAT7+32wNIP+TqoETcrg2stzpDqSTe13oeeuOW945zOms94Sx4peD 7T6SVXWizwkCvBSUKsG1mvpVFNQn6DcKD5VGk6RsYDXTaFE7YT2Fa3yCDRsj98dR DgB/ZBGLV/4LqKvXAwP6xIGXvotP6OQU65SIoy3hEPcg/DE2USf6nHaM7ij/Bl09 PKr1y6tlfSkoC0XnD9TzF7JTAOpPVUOuCoQHZ0psgEMQQEnjGls94m3KSrhVFSHN dbjGlOHXmcseRZqr16kDuZ2BJr9vUy6F2JX39VzSs7qWPfYYGdlQBErCzu79WsGe PBAAunmRWCBJjCGaXTVM7WgwmyDD2JWJAQJoUoPlVeoEQF2tC7VuCvwZh6ldixMe cRsooQqCeQBPpbg9Hlcxi5bwUsfN7rBOiKCkgkQInyGLFlOrizmSbPfzlOkeFdMR L/sBJp+Sm1FGi2fp17IlHD1kkPfzmBLayVgt4Fz8P7tDaworsTiYwRuE5+emHukF 3Tib2zwf5WqZ1OPQ2GISJEMaFvLtOSPgpYcABTUFstBAorsCxMt/KxWogV/09Q0x NtvDj2Vh2OyZzNQUcGyBf58CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 315955836668379867158500542350965096792141 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-30 13:01:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-28 13:01:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ciavpn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 709675936616573639943762944248735498229562217922007472878627444303276523742639199028369590788441351093674680987605124939277902228216812164791144244701697095799702346776717098656500567289731423388054597858075165624066627707128449881380151971483870761213772305558838965234594469136732921616432894340286968821969838161696709422900207550858098414242801096225574504093572481071096650185029343955917451072072851810959324012572438423394977048770821087319192430002812097394981121215777053924603422986337628232292375862910435902243356953261165041542302760090732955059065674942850952844223249365401848267218279947486126167267357460640809572456847751760271321576864835780457273565186039354563390430380421434744032072602866070492964332982815791081802816656638568793700451320338013096686563758981760823990092424151188117800828395700038920860368437062449432276949376802086998386688624837513849541113685474489775847845610944111403167710346222229179502677113471552430435330689464509793171322469069574659234134891984189617647485394481439026227949122736461498447113944714269159411489186940009228344809943650877706902653108781429722636406202344511778924210459306968065820086393602338850027682255862790429351386817396024868256676316197217616559714959263 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e2ec478f8875990cd5df1f454e57eee8bcb23101 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ciavpn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ciavpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e8faacc65000004030047304502203acb577682e61b19818eb759e7020e38d9c147c967c3bbfea3040d796b72180c022100ed089eff29aa9abdcdac001853c8adf3eadbe8feb1668add3c3ca5d78b7377830076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e8faacc6e000004030047304502204950ac00dcda9d5714dabd33bf22717ee5784f2fec5202ca097800173062041c022100b217921ccb2a6a5458100b9281db99240c3fc9b08fd76ddfcbed2e12d05f9918 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002378c033bf1c160994f3d58c9746392b9bd0bce87494e1313340565ec2a80fd7b9318cbd6b43639b329c51e24b9d6cf48fd528fe3ad452f2698522ab2643d278268d7f2656e76d0da31c873a38dc10126465f6b4f97042ac76f55b0c301e573992459eb9c97bc6d746c03cf27557778bff833eba5034ccc72b700738f0c69ca05db3d7e84d32da99cfc8cfeec2e21b819e5e4adb92e0c9205be27e97f86eaa4d04356fed78c1213b1e51d88c9c4c957a0e779f1f1e2703da88e31e1d4a8a0a32f62f8514320e0dfca0c8518dd8fdca8f2e8938caf102a7db09c5dd132c660e5f1e3e3b12714c55279b0f0ba67669b177dc4e56844fd9d7ee2c4a032229bb4efa