berna.org
Issued by R3
About this certificate
This digital certificate with serial number 03:f7:ae:a6:6e:57:27:74:dc:42:15:db:8e:70:04:d8:3e:a0 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=berna.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f7:ae:a6:6e:57:27:74:dc:42:15:db:8e:70:04:d8:3e:a0Serial Number (int): 345618752255267750289939363142917904940704
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6b:3a:2d:05:02:e5:46:2b:d0:cf:4f:1d:02:06:11:06:2b:d8:99:ae
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 6b:19:0a:50:8c:32:5e:98:e4:76:29:fc:dd:7d:5c:22:61:71:77:3d
Fingerprint (sha256): f3:26:32:42:47:4c:f1:b6:de:64:0e:f3:09:06:90:a4:75:3b:9d:70:24:87:59:fe:f1:8c:c2:06:91:14:c8:22
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate berna.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for berna.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
berna.org
Other certificates including the domain name berna.org
(limited to 100 certificates)
www.startup.la
www.goodtimespizza.com
salottocd.com
www.kamozine.com
www.iqpd.com
www.dementiapreventionstudy.org
www.topsportsbooksites.com
www.newish.org
berna.org
berna.org
berna.org
osumdphd.org
www.patente.co.uk
berna.org
covfefeed.com
www.inmueble.click
www.weedintosh.com
tickremoval.org
www.webstudionyc.com
hemba.bible
lasirenita.com
www.gratuite.com
berna.org
www.goodtimespizza.com
salottocd.com
www.kamozine.com
www.iqpd.com
www.dementiapreventionstudy.org
www.topsportsbooksites.com
www.newish.org
berna.org
berna.org
berna.org
osumdphd.org
www.patente.co.uk
berna.org
covfefeed.com
www.inmueble.click
www.weedintosh.com
tickremoval.org
www.webstudionyc.com
hemba.bible
lasirenita.com
www.gratuite.com
berna.org
Certificate
The complete raw certificate details for berna.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3jCCBMagAwIBAgISA/eupm5XJ3TcQhXbjnAE2D6gMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMjgwODI0MzRaFw0yNDA1MjgwODI0MzNaMBQxEjAQBgNVBAMT CWJlcm5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKk3i+NA /diYFuifSCttgi5qjFZmirUJ9ieNYhi8pSHxnRMggnJCpUqBwnCiQb+3QWVcQApf JvmwnOQ6FjkeCu2RUAZvp6ZVsu/IDqusW9LpLzOl1p5GR2N+g067PgFXxRw3D+/Q fLzphy+fKj4jBNIXdO62k5FyunRQcr/7sXFqQ/dgTlUt0oHmnvJf8B6WtL88JI1B MNe6brZXP81OD32ok1SOpHpc5MmIBfXpuxyAHYU8VRnVeogf1bVKO1/9LdtAuU5j XDCxyaB288h5fTNm1CPza6vTYmRtC4hBp+ELQzWwN4I8uEwShYXMdd9WpuPadny0 I2sw8N6G0jCrgMr09b5Y/lW7ZkTy9hthVm/39k+9SQSrfKyX1lpeuF0BXB4+DjOY ZARcHsWH04tMaXgrWqufluMQ7tQMonqs5ANYpKdRTxu+gDMc2CwUxxqXywYNFsN6 Hotyn9BFSzwfHIotWgCgczmcRUUE0t7nsoOR8vHAeC+x43j/u7SqKCxhFCpYJ0di TJhMJcc6dFCP+CtGEFFxbzE0U1T5F7yQc0zodAvcCskZbargrvxeJAyOo7m40oUI d4ax+SjaqcWNcJGk8Xs/QQsC5rkQP79fM6AQG30d6LqhqNynoRLk8yApl01YLxa6 rAN1wYO7rGFIjJo7o3JXuV4bxjD+E1tSKF1pAgMBAAGjggIKMIICBjAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFGs6LQUC5UYr0M9PHQIGEQYr2JmuMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCWJlcm5hLm9yZzATBgNVHSAEDDAKMAgG BmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABje8HrdwAAAQDAEcwRQIgXiEyPOFMgq1RKpHH Mm9djPJDorBUrgArIJIkNOgV0eECIQDSkJx2RWI+Peema7i+VdVH1kUkUUkgeKKl hl3O2icKIgB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABje8H reEAAAQDAEYwRAIgY6Vbc7nH/lLjlD4rGmDVKzyBzxkcyz91wV40zHZEabgCIE2s lB3GSQRzHHfByjtPQ/XCNEXbKcWc9MK4ojVqUDfmMA0GCSqGSIb3DQEBCwUAA4IB AQCFt2d/Lp4R9157wnozwKpqhSYM2uxp7XzR1gYlJ2qplPNO3Q9FQYrq7SC9MPYK 3Au6HJhcE3qlw2C5eYNqahxSkP7U561bdj41SChc0uAf+WQpzbSdib0OhW0U/jmh xAfxY29YJnuh/R2noJJcVEqPtDqNa5Dqgq/q0cs1fp8TwY1lWvwtqlQ9ss9GcQ11 jktYyHw40UKbmm3SDQ2mjc93KNbrg//pSAT3KjqMW5e8HVFokx+NaUHZlBTZgZr2 oQXGL82sawEN4dAPGStSy/PTI7hTNbwrdA5AzrYjmtOnKnSH4iPU3wB5Es8gURBa C4do5XiNmSURkFjxwthSTKy9 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqTeL40D92JgW6J9IK22C LmqMVmaKtQn2J41iGLylIfGdEyCCckKlSoHCcKJBv7dBZVxACl8m+bCc5DoWOR4K 7ZFQBm+nplWy78gOq6xb0ukvM6XWnkZHY36DTrs+AVfFHDcP79B8vOmHL58qPiME 0hd07raTkXK6dFByv/uxcWpD92BOVS3Sgeae8l/wHpa0vzwkjUEw17putlc/zU4P faiTVI6kelzkyYgF9em7HIAdhTxVGdV6iB/VtUo7X/0t20C5TmNcMLHJoHbzyHl9 M2bUI/Nrq9NiZG0LiEGn4QtDNbA3gjy4TBKFhcx131am49p2fLQjazDw3obSMKuA yvT1vlj+VbtmRPL2G2FWb/f2T71JBKt8rJfWWl64XQFcHj4OM5hkBFwexYfTi0xp eCtaq5+W4xDu1AyieqzkA1ikp1FPG76AMxzYLBTHGpfLBg0Ww3oei3Kf0EVLPB8c ii1aAKBzOZxFRQTS3ueyg5Hy8cB4L7HjeP+7tKooLGEUKlgnR2JMmEwlxzp0UI/4 K0YQUXFvMTRTVPkXvJBzTOh0C9wKyRltquCu/F4kDI6jubjShQh3hrH5KNqpxY1w kaTxez9BCwLmuRA/v18zoBAbfR3ouqGo3KehEuTzICmXTVgvFrqsA3XBg7usYUiM mjujcle5XhvGMP4TW1IoXWkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 345618752255267750289939363142917904940704 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-28 08:24:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-28 08:24:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'berna.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 690345041595526897451934082591535770989117079264084106384933639176259911874233272896144079362910169500947245295077253789963433120395359106694924808772190221729316130563852025561698784706274696219490503941656773989207993634944744741587019781318757177832573916604197391713671806727883609851955388731291908226859288283911511002244166925325278045709235005125117462820957346972206049513399047401117953753858302423710900453905130255030574203030158772855803444107788111960831694721081578291701214539240433637858317066614756248323264638323194682475746178005403499830596185498809839567317445640534119617958916388869495596062962119887015422553848073001548868944522826941354000407123859850624072325368575534080635921776288619024147312794337287144472283226725834747832143010346277715217756849503205979525949985781396216514657575689805200763169879998776860879630373243559026542429786562430136079754789191489989754043272591617823695750100256803317573284366443872349868942300495394388409854774344358445378535838937889870553979807140179025119560085108016786425068034160674939777366947699678909408648451034720801209125693396040253498771319055613113324193010570997469276318797843799653935370003887645251692740498242386422623073912350759997273486679401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6b3a2d0502e5462bd0cf4f1d020611062bd899ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'berna.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018def07addc000004030047304502205e21323ce14c82ad512a91c7326f5d8cf243a2b054ae002b20922434e815d1e1022100d2909c7645623e3de7a66bb8be55d547d6452451492078a2a5865dceda270a220075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018def07ade10000040300463044022063a55b73b9c7fe52e3943e2b1a60d52b3c81cf191ccb3f75c15e34cc764469b802204dac941dc64904731c77c1ca3b4f43f5c23445db29c59cf4c2b8a2356a5037e6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0085b7677f2e9e11f75e7bc27a33c0aa6a85260cdaec69ed7cd1d60625276aa994f34edd0f45418aeaed20bd30f60adc0bba1c985c137aa5c360b979836a6a1c5290fed4e7ad5b763e3548285cd2e01ff96429cdb49d89bd0e856d14fe39a1c407f1636f58267ba1fd1da7a0925c544a8fb43a8d6b90ea82afead1cb357e9f13c18d655afc2daa543db2cf46710d758e4b58c87c38d1429b9a6dd20d0da68dcf7728d6eb83ffe94804f72a3a8c5b97bc1d5168931f8d6941d99414d9819af6a105c62fcdac6b010de1d00f192b52cbf3d323b85335bc2b740e40ceb6239ad3a72a7487e223d4df007912cf2051105a0b8768e5788d9925119058f1c2d8524cacbd