www.airoldi.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:62:3f:06:1a:1a:6b:c4:65:6a:b9:d7:48:4c:cf:22:c4:60 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.airoldi.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:62:3f:06:1a:1a:6b:c4:65:6a:b9:d7:48:4c:cf:22:c4:60Serial Number (int): 294768302800484244512994714146578496668768
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b9:a8:7e:4f:f2:07:f5:7c:a6:5a:2d:ff:cd:66:7e:d2:c6:83:5c:a0
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e4:e5:b2:68:f2:2d:7f:07:7b:dc:81:f3:a4:42:e1:fb:c5:e6:00:89
Fingerprint (sha256): ed:92:b1:fc:8e:68:1e:c0:5b:8f:83:81:9d:0e:25:e1:5c:45:e8:bc:e1:3e:bc:dc:ca:f9:48:06:80:d6:3d:ac
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.airoldi.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.airoldi.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.airoldi.com
Other certificates including the domain name airoldi.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.airoldi.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVTCCBT2gAwIBAgISA2I/Bhoaa8RlarnXSEzPIsRgMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDkxMzEyMzBaFw0y MDAzMDgxMzEyMzBaMBoxGDAWBgNVBAMTD3d3dy5haXJvbGRpLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKtpOcHB0QHcekaImwbLkD5SWDQCufVy oivOskwq7ZA3JkZCRNVe3XIANgnaV4FOWYfVXw03Mbhf4dIiJOopGE/VqkfKkkJq wYVk5t9xQq7EjFQBoHHG5qTDhllWgETZeVCK3pFywzXXabQ0Bm47xIpdFwso5UeM 6Dx5t7rElIDjqDIdUZvMaf7963MvcJt4yLbuvfM4RnoD8QJWATtrTEDjLUKttIrE /cw1IQZDyJv3OR07JRalRUHwGZrXYUT5Uu7aMgGGPcIUfEHTv8+IdkhVRJkSiY5k pc4+T/nH/LZD4tKx0VXuW9fI+yLvoho9ebAOz4Lj1dVFqstSPvNdGzVAWjez8F3K WJCQz9jvgWuDU4JAJ6taPwFrdD+3INy9AOOJtzQfHducreFJ7Pyvi7xDw2UjvcUh 2cF0Bvzf5V0lhkozKmSy7APT3n9zPMnHLBpu5OPqzzpV/STWIODzcUZOSTUeP7zN ZHM0PGDj2e1AG7s21CahInfxWmye2TlmHdMO2tnHntknmo9XLYUQo0KlvbOevydv 7qNfilj9nFbGbPDSt+PrHZy8rFOIVWDPDQPmxWXRSmKfr4RxrT/HVd03s5Ayk3bI RN0WxCBqPUilumjg7Hv6jU+EFW5QlrCLQQGBtmYZGKVi5hA2Q39t0MndYWsBPqqI HGfqu22x0clTAgMBAAGjggJjMIICXzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLmo fk/yB/V8plot/81mftLGg1ygMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3LmFpcm9sZGkuY29t MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB 9ASB8QDvAHYA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFu6wEh GAAABAMARzBFAiEAtskP+OOjlh10Oj4LZwxQzSAaF4s1rO4UlAFP5RiwDXgCICEX dr4kZwfQtL8IjGCcgdNF3ysEWMiwUTIucV+cKANZAHUAB7dcG+V9aP/xsMYdIxXH uuZXfFeUt2ruvGE6GmnTohwAAAFu6wEhcgAABAMARjBEAiAUTVX4svGsSVE9oWFZ smMm5aYgwU61VV77cR1+wcA9yQIgQ/C2zuJwqpRbLZBH+3xO35aF0rdi+gnOVf+8 Tc5wVDMwDQYJKoZIhvcNAQELBQADggEBABvZrbJZrqr2dVV7sj4rcf3SdebmUAMj prUCakXBkV8o0jcnrUvwN8p1gxbmdF0e+tmwFkRfYM7oUY8JgKngJGcMCbviTRKN gqR0TFDuVq5ILQKOTzN9ZTBxBOH80lCIxvGXIgUWPTWMVBfWysKhf9T24ZQ4tTCr uwPsrnfcGg2YtX1ICOFGp0+DyvUuxoS3ErqgDMJyQedH4BoXJXG2LBJFmkdZe5op RAj3aG1Yil93M+glFoO3o3tmfBVs8oK3a+iPsQ89vMmZ6thJl9e1/sfB3wRKQTZY b1EQAkvxN7vQWte/noD4Exx0w69bz8SYaLtjLe7dF9VdDuuGm0zKMhY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2k5wcHRAdx6RoibBsuQ PlJYNAK59XKiK86yTCrtkDcmRkJE1V7dcgA2CdpXgU5Zh9VfDTcxuF/h0iIk6ikY T9WqR8qSQmrBhWTm33FCrsSMVAGgccbmpMOGWVaARNl5UIrekXLDNddptDQGbjvE il0XCyjlR4zoPHm3usSUgOOoMh1Rm8xp/v3rcy9wm3jItu698zhGegPxAlYBO2tM QOMtQq20isT9zDUhBkPIm/c5HTslFqVFQfAZmtdhRPlS7toyAYY9whR8QdO/z4h2 SFVEmRKJjmSlzj5P+cf8tkPi0rHRVe5b18j7Iu+iGj15sA7PguPV1UWqy1I+810b NUBaN7PwXcpYkJDP2O+Ba4NTgkAnq1o/AWt0P7cg3L0A44m3NB8d25yt4Uns/K+L vEPDZSO9xSHZwXQG/N/lXSWGSjMqZLLsA9Pef3M8yccsGm7k4+rPOlX9JNYg4PNx Rk5JNR4/vM1kczQ8YOPZ7UAbuzbUJqEid/FabJ7ZOWYd0w7a2cee2Seaj1cthRCj QqW9s56/J2/uo1+KWP2cVsZs8NK34+sdnLysU4hVYM8NA+bFZdFKYp+vhHGtP8dV 3TezkDKTdshE3RbEIGo9SKW6aODse/qNT4QVblCWsItBAYG2ZhkYpWLmEDZDf23Q yd1hawE+qogcZ+q7bbHRyVMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294768302800484244512994714146578496668768 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-09 13:12:30 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-08 13:12:30 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.airoldi.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 699296022533214401468430176912404702883332211064813964610667997507301569614449135195374277597844898035131756758152502444755230500397990404466170313367489839256428659598525796530698159075771790831180618547081655813289013089613027182905661936301048220920960343226802177422513007787361861972785740332274655863534164588755760521827224983955918268509003310118944545107059961543354698304951649079568085691020151673037223180402980804116637327146889013618135452228281665326684738366174000340772800562554035279774584744374055459112524233180794358703444982698061677470153207450323712365286993153589666585407507835764169602376859763842368650791730666341462623004177920911423481292447705702940963844918344832406931246440685350711765532511984692476034233802637200110397231851045303532376308244561262947167333298439227177258383338473026472883740822793472391792839023584207783962366896053571694787812369760752509601066429571909889995562619210829698637187929463029261008746943915131281417841649465789538198080908135504678423474350218277284023774947768763679078039112027242015101716371876835999588013624649158352299043927903924599213465949125207446462928372345182203825238802011144695344733126119718264315563973273492836003977176489779991206859753811 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b9a87e4ff207f57ca65a2dffcd667ed2c6835ca0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airoldi.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016eeb0121180000040300473045022100b6c90ff8e3a3961d743a3e0b670c50cd201a178b35acee1494014fe518b00d780220211776be246707d0b4bf088c609c81d345df2b0458c8b051322e715f9c28035900750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016eeb01217200000403004630440220144d55f8b2f1ac49513da16159b26326e5a620c14eb5555efb711d7ec1c03dc9022043f0b6cee270aa945b2d9047fb7c4edf9685d2b762fa09ce55ffbc4dce705433 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001bd9adb259aeaaf675557bb23e2b71fdd275e6e6500323a6b5026a45c1915f28d23727ad4bf037ca758316e6745d1efad9b016445f60cee8518f0980a9e024670c09bbe24d128d82a4744c50ee56ae482d028e4f337d65307104e1fcd25088c6f1972205163d358c5417d6cac2a17fd4f6e19438b530abbb03ecae77dc1a0d98b57d4808e146a74f83caf52ec684b712baa00cc27241e747e01a172571b62c12459a47597b9a294408f7686d588a5f7733e8251683b7a37b667c156cf282b76be88fb10f3dbcc999ead84997d7b5fec7c1df044a4136586f5110024bf137bbd05ad7bf9e80f8131c74c3af5bcfc49868bb632deedd17d55d0eeb869b4cca3216