www.almeno.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:4d:32:27:0f:22:89:5d:73:47:b2:b4:bd:a5:9a:3e:05:bb was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.almeno.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:4d:32:27:0f:22:89:5d:73:47:b2:b4:bd:a5:9a:3e:05:bbSerial Number (int): 287605264254532144279575780079528893613499
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 3d:8f:34:c6:1a:22:6e:ab:8d:75:ff:18:34:a6:fd:3c:d0:d6:48:e8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 3d:c9:31:34:05:4b:e9:20:2e:5c:a2:9d:3b:7c:d6:24:0d:09:85:e5
Fingerprint (sha256): ee:25:3d:be:76:14:d7:14:85:35:79:57:e7:f0:6a:b6:4a:4a:36:c3:ee:4f:bf:8c:16:4a:ba:d5:3b:b8:07:17
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.almeno.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.almeno.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.almeno.com
Other certificates including the domain name almeno.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.almeno.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA00yJw8iiV1zR7K0vaWaPgW7MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMjkwMzA2MTdaFw0y MDAyMjcwMzA2MTdaMBkxFzAVBgNVBAMTDnd3dy5hbG1lbm8uY29tMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5W0HtCQnreEq/bt1Z1bKkbJMaM5x4tHq 1LRXVDbCz9ocgUTXmLbBWPIqxHVMtSA3OE3yUzJfMgJo9op3x9d1UfneiYZZsR/G viCv7MwCnPVHUUqA6J218Cc7XorSpQmWYWisRN+K3fmOE8a9fn9BSyGQNhB3c2z3 YkGuSXvh9Mc1NxHPDGvhbvh82mqt/Dvod1d3OMjWyBG+Io3J+FElbCoFdhcuvncf /Xrg10TWgiMlh08Ktv5iTKWvgAGZVUubG3oYi0wBwsVE9yumeX9fU3+iAi9XsB0o hud7bsjwxwrOaUpCHiS9nR6LG80H19AbHqsxR+5jGlZr+Mvigx09229Rl5qiN16K Ao61OIDqJnkV8KP1qq1jfD0t/1ujtDDnSJ2MBtBG727Sw+XrrAS5xXiYpE+Mf3U7 QwfnyIaDrfuM20NX/ulP6tVXSglqRMJvSWqkaDIDyNZ9xNHkIj9pWF+bjHBxf57W pu5q4vFadG3NE+knDjFJ0oMODe4EpuqQqZnVnAGQ2G28U3r0P1bqehTXbCxPI4Dg KtkVA4Mn6JsEY7Wy5HWtZwRFP57wA4NupEHqfE9cv21XpV6QZnqXR+Mwq93f8LPA eINHyuetRpoXLGcUA93rTyKEOg9c/jkxN3ilYPy0mEJ4XUiPp5clJfcpQmQb4hwu Sfu9PVQi1usCAwEAAaOCAmEwggJdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUPY80 xhoibquNdf8YNKb9PNDWSOgwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAZBgNVHREEEjAQgg53d3cuYWxtZW5vLmNvbTBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQIGCisGAQQB1nkCBAIEgfME gfAA7gB1APCVpFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABbrVWifcA AAQDAEYwRAIgBFHBb9OGEs7CkAECqSucgBLlcliQePQpa2TqU1Y4ZzECICHPJxTV yglYV+NOIb9qELLJ+np5+vFZWLt2ppqYWoTDAHUAB7dcG+V9aP/xsMYdIxXHuuZX fFeUt2ruvGE6GmnTohwAAAFutVaKaAAABAMARjBEAiBxQK7/ORgu49h5g7jkJUfD r6OSUrNBzid9+2znj5bf/gIgGpibvLms2c9vfu5Bpb92ELIIoIfnZex2Le/TgpLj z2gwDQYJKoZIhvcNAQELBQADggEBAJye/SwazFPEQEpIgcTsmTS4QX43/pmoNBev R65eSVM6OrNEgutZMv2H05UjMqS+IXHPhRELgLoCq6RSpKOoG0QQJSBEl54NbdRh RwfYyqpbqLGGHMmANBF9D59mL9LU7U9V/xweGjPhPoMGWAWSybJrQgztiKdoJ5eQ /vpkV1E0pUqusoJnOiM83COaamAOdb45UJWgYQEoNv2UUbGWjFIz3qknaONeE9Mn +SbD5BquESO9Q5s+5fl98IVgonUDNWHLpTMKSvX/oIAaC+s1TfAtg6CwPfY+KeqW uz7nkO4iJ3Y2B58DMh3WKQoa+3EQVzA7pzRFfZu+IU+w8zSxOt4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5W0HtCQnreEq/bt1Z1bK kbJMaM5x4tHq1LRXVDbCz9ocgUTXmLbBWPIqxHVMtSA3OE3yUzJfMgJo9op3x9d1 UfneiYZZsR/GviCv7MwCnPVHUUqA6J218Cc7XorSpQmWYWisRN+K3fmOE8a9fn9B SyGQNhB3c2z3YkGuSXvh9Mc1NxHPDGvhbvh82mqt/Dvod1d3OMjWyBG+Io3J+FEl bCoFdhcuvncf/Xrg10TWgiMlh08Ktv5iTKWvgAGZVUubG3oYi0wBwsVE9yumeX9f U3+iAi9XsB0ohud7bsjwxwrOaUpCHiS9nR6LG80H19AbHqsxR+5jGlZr+Mvigx09 229Rl5qiN16KAo61OIDqJnkV8KP1qq1jfD0t/1ujtDDnSJ2MBtBG727Sw+XrrAS5 xXiYpE+Mf3U7QwfnyIaDrfuM20NX/ulP6tVXSglqRMJvSWqkaDIDyNZ9xNHkIj9p WF+bjHBxf57Wpu5q4vFadG3NE+knDjFJ0oMODe4EpuqQqZnVnAGQ2G28U3r0P1bq ehTXbCxPI4DgKtkVA4Mn6JsEY7Wy5HWtZwRFP57wA4NupEHqfE9cv21XpV6QZnqX R+Mwq93f8LPAeINHyuetRpoXLGcUA93rTyKEOg9c/jkxN3ilYPy0mEJ4XUiPp5cl JfcpQmQb4hwuSfu9PVQi1usCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 287605264254532144279575780079528893613499 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-29 03:06:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-27 03:06:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.almeno.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 935976007084618556019382842263893815159139378576071366209873639325307066200516714808885743649712956662202911723118301586865523076398280011399376514407198621697485857445022678979059950300810466128130014895261629243276315804071368141176499651580555048109933855232261158252324051696851785961496437465502621870842555805296784213925010492358016430069703125610147950490176394830153375634598213376524718025822626095253919318318585568343256083854552216515526576123474578045406324862176504365920426701594475414247832101408488427920366575373322593101411190235678369862200523764621374328689836900153835056094848707882700328180441484662008736293531229121138382098153258134989762387833725282161825982104584298084478077780987132786213224322907551097963617300923259273092474868964435405183320551721476009987840744560410950822324010340920250599082329111882695600572863989618538118781607357256952515157264357522740558099557182310592985714467951423709719375814494512291051801255388096232953446089041750362402114026011817267087403915902548128811550694258175025725449188988689961971226402776450002964058519763834861142237815328037376553978714789979823055952260899149308514422370774890919671487434693647229892393439764194961655475967251205816201639024363 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3d8f34c61a226eab8d75ff1834a6fd3cd0d648e8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.almeno.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016eb55689f7000004030046304402200451c16fd38612cec2900102a92b9c8012e572589078f4296b64ea5356386731022021cf2714d5ca095857e34e21bf6a10b2c9fa7a79faf15958bb76a69a985a84c300750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016eb5568a68000004030046304402207140aeff39182ee3d87983b8e42547c3afa39252b341ce277dfb6ce78f96dffe02201a989bbcb9acd9cf6f7eee41a5bf7610b208a087e765ec762defd38292e3cf68 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009c9efd2c1acc53c4404a4881c4ec9934b8417e37fe99a83417af47ae5e49533a3ab34482eb5932fd87d3952332a4be2171cf85110b80ba02aba452a4a3a81b4410252044979e0d6dd4614707d8caaa5ba8b1861cc98034117d0f9f662fd2d4ed4f55ff1c1e1a33e13e8306580592c9b26b420ced88a768279790fefa64575134a54aaeb282673a233cdc239a6a600e75be395095a061012836fd9451b1968c5233dea92768e35e13d327f926c3e41aae1123bd439b3ee5f97df08560a275033561cba5330a4af5ffa0801a0beb354df02d83a0b03df63e29ea96bb3ee790ee22277636079f03321dd6290a1afb711057303ba734457d9bbe214fb0f334b13ade