melfi.org
Issued by R3
About this certificate
This digital certificate with serial number 03:5a:c7:13:df:8b:6e:5e:f4:e5:6e:4d:49:5c:16:f6:1c:48 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=melfi.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5a:c7:13:df:8b:6e:5e:f4:e5:6e:4d:49:5c:16:f6:1c:48Serial Number (int): 292226890376990926422410526361975132658760
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b8:e3:2b:1f:fd:37:97:02:9c:d1:b5:a3:a4:06:22:71:3c:db:dd:3a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1e:f0:ce:07:0a:0c:8e:cd:4b:18:0c:5d:40:46:a4:98:56:2f:49:e1
Fingerprint (sha256): f0:bf:94:84:8d:11:88:a9:0e:b7:d1:d9:9a:ab:66:56:a5:87:72:33:9c:30:8e:b0:a0:3c:c1:0f:af:e4:07:2c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate melfi.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for melfi.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
melfi.org
Other certificates including the domain name melfi.org
(limited to 100 certificates)
www.frittura.com
melfi.org
123divorce.nl
www.dyntec.com
winnipeglesbian.com
394.ch
www.kathleennolan.com
www.conp.org
melfi.org
frittura.com
joyadamson.com
394.ch
bagnolomella.org
milwaukeesportsmedicine.com
melfi.org
farfallone.com
carbon-transit-case.com
budtended.com
northernirelandmma.com
www.lakebay.org
myzdac.top
www.dyntec.com
melfi.org
graziano.co
melfi.org
123divorce.nl
www.dyntec.com
winnipeglesbian.com
394.ch
www.kathleennolan.com
www.conp.org
melfi.org
frittura.com
joyadamson.com
394.ch
bagnolomella.org
milwaukeesportsmedicine.com
melfi.org
farfallone.com
carbon-transit-case.com
budtended.com
northernirelandmma.com
www.lakebay.org
myzdac.top
www.dyntec.com
melfi.org
graziano.co
Certificate
The complete raw certificate details for melfi.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4DCCBMigAwIBAgISA1rHE9+Lbl705W5NSVwW9hxIMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTcyMDEzMDJaFw0yNDAzMTYyMDEzMDFaMBQxEjAQBgNVBAMT CW1lbGZpLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKc2XSeX cuB/G/4oAak83dB6y3ZCaWhznXEC0Br0lrBMnqfWmdHkLAzTlnl5QC5Mn7AE5UKT kiZQ9qBkxv4Vbq3CzmZOCy2dUTrQCJeTH3l3uLAB2ndZSVNwThoobKprEgdx4bUY I/XsgqYxBBl4k1KT2fQ1uZgowIyXtY0aNNLZsfNvsfHF5zNJEbNII9iXM0U/sJj0 qR7WQH0Vo30fnFauflSoYanI0cFNBCWmf1yklZfplGxTgXgn7tqzrafT1K+fCiqw 9xgjvcGZWYVLHdxBr7YPdxTfhFWo3hWIaNEoU0S7BlZh4zoY11Dg4us74DF69GZ6 9Rx0zFpDFwEmkUeIlQDbG3I4+tx3jaQCdooPHne5ICU3C1IQRSuwllqTwcRF/xnn Hh2/VI9dt66vplrjhV2VhCskewUcYi0jjokLgK/7RlKairuzJdPuvIY3Xnsohveg JrbvtBo9ua3gjzKVtf+ieFZ0wISgDzTqDv4s2k0cPQ4pYbSSJV2WuBGESLnG6NAB fz6wSbPntCI2eTWKtKfEo1+w8zIQo5HsBOZh96wd4xECDH2OzSpadvAUVA5mPv3l 1/c7Ro5wb5APhE5Oioshx2NRmO9gtxCh2rSDpuBun05gM5E5Vv8zrcDvxsI1kIOZ IChZ01a0jNLkjl6VG5tcSLLipENCRjb7FyotAgMBAAGjggIMMIICCDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFLjjKx/9N5cCnNG1o6QGInE82906MB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCW1lbGZpLm9yZzATBgNVHSAEDDAKMAgG BmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABjHmgEjgAAAQDAEcwRQIhAL4wp/DddesIH5M3 Soc2tkPvCBd7eOl5R35rVK3IF4M2AiBGYfwBQDcMzSSdLtZj4blBPOOel9jEAA6e l5FqlVKInwB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjHmg Ej0AAAQDAEgwRgIhAM/I7eQPNcOyZ7hCiu78ae9R98h2F60KLmTSixn7bSAIAiEA hIet4jaICvdq8eE4K3umIiEZ8wF/kqGrdaaHJcVVM9MwDQYJKoZIhvcNAQELBQAD ggEBAInvA/gUI8gRre/t4QGQaBgPm1ZVT/3UMNcgJwtLEfyacAw/yorD507mOMRh J+Zbdl0uWkwNsXdJbU5IZKd+kjh97xKH2+wEhirm3DUiRfMqZEV1Jh+yIGmzNFF5 gmXKlnujg3SXT1VF1ABUQeAuqmjmCEdilYiPzdJ/IPHBokFSNwRE6yfajLVs8PwW 9WpAzRgWpQ+VqslLJz3nXKkZNcVGg+49328GiU45NHVUw9cQxRabpgbGnwpRItVC Qs2XnzDPlTkAj0KrEe3ya7rPfqkGXetiMigf9Db16Avn7cbMDmQX2tnCc9dc7WoC ipdQjp8Jsd7648hVwxnV7P5X77w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApzZdJ5dy4H8b/igBqTzd 0HrLdkJpaHOdcQLQGvSWsEyep9aZ0eQsDNOWeXlALkyfsATlQpOSJlD2oGTG/hVu rcLOZk4LLZ1ROtAIl5MfeXe4sAHad1lJU3BOGihsqmsSB3HhtRgj9eyCpjEEGXiT UpPZ9DW5mCjAjJe1jRo00tmx82+x8cXnM0kRs0gj2JczRT+wmPSpHtZAfRWjfR+c Vq5+VKhhqcjRwU0EJaZ/XKSVl+mUbFOBeCfu2rOtp9PUr58KKrD3GCO9wZlZhUsd 3EGvtg93FN+EVajeFYho0ShTRLsGVmHjOhjXUODi6zvgMXr0Znr1HHTMWkMXASaR R4iVANsbcjj63HeNpAJ2ig8ed7kgJTcLUhBFK7CWWpPBxEX/GeceHb9Uj123rq+m WuOFXZWEKyR7BRxiLSOOiQuAr/tGUpqKu7Ml0+68hjdeeyiG96Amtu+0Gj25reCP MpW1/6J4VnTAhKAPNOoO/izaTRw9DilhtJIlXZa4EYRIucbo0AF/PrBJs+e0IjZ5 NYq0p8SjX7DzMhCjkewE5mH3rB3jEQIMfY7NKlp28BRUDmY+/eXX9ztGjnBvkA+E Tk6KiyHHY1GY72C3EKHatIOm4G6fTmAzkTlW/zOtwO/GwjWQg5kgKFnTVrSM0uSO XpUbm1xIsuKkQ0JGNvsXKi0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 292226890376990926422410526361975132658760 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 20:13:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-16 20:13:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'melfi.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 682166908197109327195333643919730010605912961909190413513887482381830886553102898433193257701243074247137239130044192715977835518870982337409991864998531659941886301998194539459509355818512682671202673516343751055166263511494617091456208025020423393566221209522506356153436959574414774539639558494098775088747331336548470994371856250112477250027795731319259605331416059186902584689120818257145631738600647592397348062659364442300765724101754220393209674694360862750113577673579091746442984894586498980124354393513576246464194593483824754578602091255291346619404585646728343299261714035770688550163637015157951597318088626376814579356612332589224960549845150086158750135823431623176141280578756717157138995684989746484682595261313422797864974533582968332069855012110066624909753356316346416258134648788119067768122271006569680206473246547750799795212032140256492591783317780001753781286394328925137648920074938233272277043241548910897020803242605333159232040696039517874133998060366592390337486616054474629864458345736277588995960878020789574938580900810813846360766020837650929313681003052754950617692877499797851320559158004365393252833508817855697808257566384804680351353405587734232545894565244238792779715203524692395234801691181 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b8e32b1ffd3797029cd1b5a3a40622713cdbdd3a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'melfi.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c79a012380000040300473045022100be30a7f0dd75eb081f93374a8736b643ef08177b78e979477e6b54adc817833602204661fc0140370ccd249d2ed663e1b9413ce39e97d8c4000e9e97916a9552889f007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c79a0123d0000040300483046022100cfc8ede40f35c3b267b8428aeefc69ef51f7c87617ad0a2e64d28b19fb6d20080221008487ade236880af76af1e1382b7ba6222119f3017f92a1ab75a68725c55533d3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0089ef03f81423c811adefede1019068180f9b56554ffdd430d720270b4b11fc9a700c3fca8ac3e74ee638c46127e65b765d2e5a4c0db177496d4e4864a77e92387def1287dbec04862ae6dc352245f32a644575261fb22069b33451798265ca967ba38374974f5545d4005441e02eaa68e608476295888fcdd27f20f1c1a24152370444eb27da8cb56cf0fc16f56a40cd1816a50f95aac94b273de75ca91935c54683ee3ddf6f06894e39347554c3d710c5169ba606c69f0a5122d54242cd979f30cf9539008f42ab11edf26bbacf7ea9065deb6232281ff436f5e80be7edc6cc0e6417dad9c273d75ced6a028a97508e9f09b1defae3c855c319d5ecfe57efbc