krita.org

Issued by R3

About this certificate

This digital certificate with serial number 04:ee:dc:ca:be:91:fe:a3:b4:2c:60:2d:2f:92:13:d8:8c:62 was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=krita.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:ee:dc:ca:be:91:fe:a3:b4:2c:60:2d:2f:92:13:d8:8c:62
Serial Number (int): 429729829922487161774632037528950246247522
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 24:95:52:bf:f8:c9:21:c4:07:0e:e4:a7:9b:f5:22:55:56:1d:4a:d8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 37:5b:34:fc:11:c0:3d:85:8a:30:2e:cb:94:ca:40:47:b4:cf:7c:99
Fingerprint (sha256): f4:8f:94:5f:83:1b:d6:36:33:4e:3e:26:94:8a:a7:62:ac:58:47:dd:6d:09:24:17:3e:b1:ee:75:6e:0a:df:bc

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate krita.org

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for krita.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

docs.krita.org
jp.krita.org
krita.org
scripting.krita.org
www.krita.org

Other certificates including the domain name krita.org

(limited to 100 certificates)
share.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
sni.cloudflaressl.com
krita.org
incapsula.com
docs.krita.org
share.krita.org
*.krita.org
krita.org
krita.org
docs.krita.org
share.krita.org
share.krita.org
share.krita.org
krita.org
share.krita.org
share.krita.org
krita.org
krita.org
sni.cloudflaressl.com
share.krita.org
share.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
incapsula.com
krita.org
krita.org
docs.krita.org
docs.krita.org
share.krita.org
docs.krita.org
*.krita.org
docs.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
docs.krita.org
share.krita.org
docs.krita.org
incapsula.com
*.krita.org
krita.org
krita.org
*.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
docs.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
krita.org
krita.org
krita.org
krita.org
share.krita.org
krita.org
docs.krita.org
sni.cloudflaressl.com
krita.org
krita.org

Certificate

The complete raw certificate details for krita.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISBO7cyr6R/qO0LGAtL5IT2IxiMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTUwNTMxNTJaFw0yNDA1MTUwNTMxNTFaMBQxEjAQBgNVBAMT
CWtyaXRhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANWAMdIm
+kVUAn7Bg0Ceb22Zy+A4XbqQthQS4Al6nx5CUgEx9rsChmtggDW864LmR81VTpTj
trioMOviw3or16jL8o70M5D64JsQR4Fbk9i26FmZs6NOO+JJc6LTJCYeXFSNI0K5
a+L3das9p21+Qt3YbVghGvXa/g/veipYHezMR2e1xhXxvTvHArXAU/DxE6tgWEt7
hsj2a7vWN+9XgFj8NSP4NTRa8V1XpCgSIccoh3QBJ4X7A86Kqtkafo109CS26iWL
Fi7SvDapzepOBjOjnbf438Es7E7viD4dhk4mZxSBSZqZ/c9CyOQyHvqxYtz5YBrA
FFwicCqIsrPmjv8CAwEAAaOCAk0wggJJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
JJVSv/jJIcQHDuSnm/UiVVYdStgwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v
nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s
ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wVgYD
VR0RBE8wTYIOZG9jcy5rcml0YS5vcmeCDGpwLmtyaXRhLm9yZ4IJa3JpdGEub3Jn
ghNzY3JpcHRpbmcua3JpdGEub3Jngg13d3cua3JpdGEub3JnMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAdv+IPwq2+5VRwmHM
9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGNq3bowAAABAMARjBEAiAHhAZVUpe012/E
uubnd0yOCfcpQZ9D/ntnrWIZndtcuAIgP54EIAH02qEV3/uHivqCi8H3Xr15SRJA
LwlGgQXsO38AdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY2r
duoqAAAEAwBIMEYCIQCWeOZHfx787kqDsUdqn79f/y/6ebn5mPUnW+0IM2UNaQIh
AINCl+GP7ubaf3h04GsCvULgNJE5nSkULGQFRmE/VjTPMA0GCSqGSIb3DQEBCwUA
A4IBAQBzwB5Jva0iRrsyn1N5PsHEtNwj9Z9NPQ5FqaE2f4ejKFIcHlBqWwFxIbXf
sc5/60ygTl0Dd7A2wgFCk8vXXWIgG51maR6i6pm+176njuFtcyXXfJVRnFCN/Hwp
UR4Wzvvf1x4AzcYUj0+G5Up2f/w3lhgSMH/c2Ys34+K7aNg4xRSS/NIhcYCtf5bD
P9exJZeZ8QgELOZal3bCS/MH/vzLSCCnxpSglrpfWI0l7mHhnREVufZFmqWHFXeX
erCs3IdR7s8D1G5cjPBGe/K6BxeexZibDowfZs2dLLv+/60ji6X/8TvNoqna4bXK
VUyybLSM4+UuwLBd1GheBisebUm6
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YAx0ib6RVQCfsGDQJ5v
bZnL4DhdupC2FBLgCXqfHkJSATH2uwKGa2CANbzrguZHzVVOlOO2uKgw6+LDeivX
qMvyjvQzkPrgmxBHgVuT2LboWZmzo0474klzotMkJh5cVI0jQrlr4vd1qz2nbX5C
3dhtWCEa9dr+D+96Klgd7MxHZ7XGFfG9O8cCtcBT8PETq2BYS3uGyPZru9Y371eA
WPw1I/g1NFrxXVekKBIhxyiHdAEnhfsDzoqq2Rp+jXT0JLbqJYsWLtK8NqnN6k4G
M6Odt/jfwSzsTu+IPh2GTiZnFIFJmpn9z0LI5DIe+rFi3PlgGsAUXCJwKoiys+aO
/wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 429729829922487161774632037528950246247522
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-15 05:31:52 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-15 05:31:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'krita.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26951974077460597057405967798031723723808244199157938724934081992442209008685218783594617915736574085407163740308890609256157459062137398013411458087987118964743076768650952373082137323423375347742685756877822455366679221149165270891691580342718185304356595863071553803725276869284655846708059085765538304315434148063150508194995374826041767299983421837048347398674441971617634174455851237844845415409135739156835691398921763944511376555303577689966029706225313896571896887130631128717025183757960371442158877319349523418370233383617292258161170184257431612683902482952035169451453292113993305133620714128205209308927
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							249552bff8c921c4070ee4a79bf52255561d4ad8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docs.krita.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jp.krita.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'krita.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scripting.krita.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.krita.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018dab76e8c000000403004630440220078406555297b4d76fc4bae6e7774c8e09f729419f43fe7b67ad62199ddb5cb802203f9e042001f4daa115dffb878afa828bc1f75ebd794912402f09468105ec3b7f00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dab76ea2a00000403004830460221009678e6477f1efcee4a83b1476a9fbf5fff2ffa79b9f998f5275bed0833650d69022100834297e18feee6da7f7874e06b02bd42e03491399d29142c640546613f5634cf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0073c01e49bdad2246bb329f53793ec1c4b4dc23f59f4d3d0e45a9a1367f87a328521c1e506a5b017121b5dfb1ce7feb4ca04e5d0377b036c2014293cbd75d62201b9d66691ea2ea99bed7bea78ee16d7325d77c95519c508dfc7c29511e16cefbdfd71e00cdc6148f4f86e54a767ffc37961812307fdcd98b37e3e2bb68d838c51492fcd2217180ad7f96c33fd7b1259799f108042ce65a9776c24bf307fefccb4820a7c694a096ba5f588d25ee61e19d1115b9f6459aa5871577977ab0acdc8751eecf03d46e5c8cf0467bf2ba07179ec5989b0e8c1f66cd9d2cbbfeffad238ba5fff13bcda2a9dae1b5ca554cb26cb48ce3e52ec0b05dd4685e062b1e6d49ba