krita.org
Issued by R3
About this certificate
This digital certificate with serial number 04:ee:dc:ca:be:91:fe:a3:b4:2c:60:2d:2f:92:13:d8:8c:62 was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=krita.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:ee:dc:ca:be:91:fe:a3:b4:2c:60:2d:2f:92:13:d8:8c:62Serial Number (int): 429729829922487161774632037528950246247522
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 24:95:52:bf:f8:c9:21:c4:07:0e:e4:a7:9b:f5:22:55:56:1d:4a:d8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 37:5b:34:fc:11:c0:3d:85:8a:30:2e:cb:94:ca:40:47:b4:cf:7c:99
Fingerprint (sha256): f4:8f:94:5f:83:1b:d6:36:33:4e:3e:26:94:8a:a7:62:ac:58:47:dd:6d:09:24:17:3e:b1:ee:75:6e:0a:df:bc
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate krita.org
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for krita.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
docs.krita.org
jp.krita.org
krita.org
scripting.krita.org
www.krita.org
jp.krita.org
krita.org
scripting.krita.org
www.krita.org
Other certificates including the domain name krita.org
(limited to 100 certificates)
share.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
sni.cloudflaressl.com
krita.org
incapsula.com
docs.krita.org
share.krita.org
*.krita.org
krita.org
krita.org
docs.krita.org
share.krita.org
share.krita.org
share.krita.org
krita.org
share.krita.org
share.krita.org
krita.org
krita.org
sni.cloudflaressl.com
share.krita.org
share.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
incapsula.com
krita.org
krita.org
docs.krita.org
docs.krita.org
share.krita.org
docs.krita.org
*.krita.org
docs.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
docs.krita.org
share.krita.org
docs.krita.org
incapsula.com
*.krita.org
krita.org
krita.org
*.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
docs.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
krita.org
krita.org
krita.org
krita.org
share.krita.org
krita.org
docs.krita.org
sni.cloudflaressl.com
krita.org
krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
sni.cloudflaressl.com
krita.org
incapsula.com
docs.krita.org
share.krita.org
*.krita.org
krita.org
krita.org
docs.krita.org
share.krita.org
share.krita.org
share.krita.org
krita.org
share.krita.org
share.krita.org
krita.org
krita.org
sni.cloudflaressl.com
share.krita.org
share.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
incapsula.com
krita.org
krita.org
docs.krita.org
docs.krita.org
share.krita.org
docs.krita.org
*.krita.org
docs.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
docs.krita.org
share.krita.org
docs.krita.org
incapsula.com
*.krita.org
krita.org
krita.org
*.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
docs.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
krita.org
krita.org
krita.org
krita.org
share.krita.org
krita.org
docs.krita.org
sni.cloudflaressl.com
krita.org
krita.org
Certificate
The complete raw certificate details for krita.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISBO7cyr6R/qO0LGAtL5IT2IxiMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTUwNTMxNTJaFw0yNDA1MTUwNTMxNTFaMBQxEjAQBgNVBAMT CWtyaXRhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANWAMdIm +kVUAn7Bg0Ceb22Zy+A4XbqQthQS4Al6nx5CUgEx9rsChmtggDW864LmR81VTpTj trioMOviw3or16jL8o70M5D64JsQR4Fbk9i26FmZs6NOO+JJc6LTJCYeXFSNI0K5 a+L3das9p21+Qt3YbVghGvXa/g/veipYHezMR2e1xhXxvTvHArXAU/DxE6tgWEt7 hsj2a7vWN+9XgFj8NSP4NTRa8V1XpCgSIccoh3QBJ4X7A86Kqtkafo109CS26iWL Fi7SvDapzepOBjOjnbf438Es7E7viD4dhk4mZxSBSZqZ/c9CyOQyHvqxYtz5YBrA FFwicCqIsrPmjv8CAwEAAaOCAk0wggJJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU JJVSv/jJIcQHDuSnm/UiVVYdStgwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wVgYD VR0RBE8wTYIOZG9jcy5rcml0YS5vcmeCDGpwLmtyaXRhLm9yZ4IJa3JpdGEub3Jn ghNzY3JpcHRpbmcua3JpdGEub3Jngg13d3cua3JpdGEub3JnMBMGA1UdIAQMMAow CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAdv+IPwq2+5VRwmHM 9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGNq3bowAAABAMARjBEAiAHhAZVUpe012/E uubnd0yOCfcpQZ9D/ntnrWIZndtcuAIgP54EIAH02qEV3/uHivqCi8H3Xr15SRJA LwlGgQXsO38AdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY2r duoqAAAEAwBIMEYCIQCWeOZHfx787kqDsUdqn79f/y/6ebn5mPUnW+0IM2UNaQIh AINCl+GP7ubaf3h04GsCvULgNJE5nSkULGQFRmE/VjTPMA0GCSqGSIb3DQEBCwUA A4IBAQBzwB5Jva0iRrsyn1N5PsHEtNwj9Z9NPQ5FqaE2f4ejKFIcHlBqWwFxIbXf sc5/60ygTl0Dd7A2wgFCk8vXXWIgG51maR6i6pm+176njuFtcyXXfJVRnFCN/Hwp UR4Wzvvf1x4AzcYUj0+G5Up2f/w3lhgSMH/c2Ys34+K7aNg4xRSS/NIhcYCtf5bD P9exJZeZ8QgELOZal3bCS/MH/vzLSCCnxpSglrpfWI0l7mHhnREVufZFmqWHFXeX erCs3IdR7s8D1G5cjPBGe/K6BxeexZibDowfZs2dLLv+/60ji6X/8TvNoqna4bXK VUyybLSM4+UuwLBd1GheBisebUm6 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YAx0ib6RVQCfsGDQJ5v bZnL4DhdupC2FBLgCXqfHkJSATH2uwKGa2CANbzrguZHzVVOlOO2uKgw6+LDeivX qMvyjvQzkPrgmxBHgVuT2LboWZmzo0474klzotMkJh5cVI0jQrlr4vd1qz2nbX5C 3dhtWCEa9dr+D+96Klgd7MxHZ7XGFfG9O8cCtcBT8PETq2BYS3uGyPZru9Y371eA WPw1I/g1NFrxXVekKBIhxyiHdAEnhfsDzoqq2Rp+jXT0JLbqJYsWLtK8NqnN6k4G M6Odt/jfwSzsTu+IPh2GTiZnFIFJmpn9z0LI5DIe+rFi3PlgGsAUXCJwKoiys+aO /wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 429729829922487161774632037528950246247522 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-15 05:31:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-15 05:31:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'krita.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26951974077460597057405967798031723723808244199157938724934081992442209008685218783594617915736574085407163740308890609256157459062137398013411458087987118964743076768650952373082137323423375347742685756877822455366679221149165270891691580342718185304356595863071553803725276869284655846708059085765538304315434148063150508194995374826041767299983421837048347398674441971617634174455851237844845415409135739156835691398921763944511376555303577689966029706225313896571896887130631128717025183757960371442158877319349523418370233383617292258161170184257431612683902482952035169451453292113993305133620714128205209308927 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 249552bff8c921c4070ee4a79bf52255561d4ad8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docs.krita.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jp.krita.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'krita.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scripting.krita.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.krita.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018dab76e8c000000403004630440220078406555297b4d76fc4bae6e7774c8e09f729419f43fe7b67ad62199ddb5cb802203f9e042001f4daa115dffb878afa828bc1f75ebd794912402f09468105ec3b7f00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dab76ea2a00000403004830460221009678e6477f1efcee4a83b1476a9fbf5fff2ffa79b9f998f5275bed0833650d69022100834297e18feee6da7f7874e06b02bd42e03491399d29142c640546613f5634cf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0073c01e49bdad2246bb329f53793ec1c4b4dc23f59f4d3d0e45a9a1367f87a328521c1e506a5b017121b5dfb1ce7feb4ca04e5d0377b036c2014293cbd75d62201b9d66691ea2ea99bed7bea78ee16d7325d77c95519c508dfc7c29511e16cefbdfd71e00cdc6148f4f86e54a767ffc37961812307fdcd98b37e3e2bb68d838c51492fcd2217180ad7f96c33fd7b1259799f108042ce65a9776c24bf307fefccb4820a7c694a096ba5f588d25ee61e19d1115b9f6459aa5871577977ab0acdc8751eecf03d46e5c8cf0467bf2ba07179ec5989b0e8c1f66cd9d2cbbfeffad238ba5fff13bcda2a9dae1b5ca554cb26cb48ce3e52ec0b05dd4685e062b1e6d49ba