divino.je
Issued by R3
About this certificate
This digital certificate with serial number 04:3d:07:85:0f:82:a4:42:9b:f2:2a:f8:bd:29:bd:f2:b6:4f was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=divino.je
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:3d:07:85:0f:82:a4:42:9b:f2:2a:f8:bd:29:bd:f2:b6:4fSerial Number (int): 369216363595257553649724599015431650588239
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: f1:ad:81:3a:0a:d2:16:72:c6:39:8b:d3:20:f1:f5:df:6e:23:8e:43
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): e7:c4:35:4b:b0:2a:c3:98:33:c0:a8:e5:b6:a7:cb:42:49:c2:f2:79
Fingerprint (sha256): f5:33:1a:ff:db:fc:ad:52:04:39:84:02:31:ae:3f:c7:9e:e0:79:bd:f3:fd:49:6b:0c:31:fb:41:05:e0:4c:3e
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate divino.je
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for divino.je
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
divino.je
divinowines.co.uk
divinowines.je
www.divinowines.co.uk
www.divinowines.je
divinowines.co.uk
divinowines.je
www.divinowines.co.uk
www.divinowines.je
Other certificates including the domain name divino.je
(limited to 100 certificates)
Certificate
The complete raw certificate details for divino.je in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISBD0HhQ+CpEKb8ir4vSm98rZPMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTgxMDU2NTlaFw0yNDA3MTcxMDU2NThaMBQxEjAQBgNVBAMT CWRpdmluby5qZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0vQCIj ir1uRyEWmuvMglhkXuqiK+QlIUO8N19MgpBY66SRzy2icX/c2+5xpivGyfJlQuQL Yvm4eGbd7iNhjE4R1S5mT2j9GAzLX84lEo/VQC2Q0Ss44QELcjYiOpjdUYA72qEe HNx/dhlTU03AVugu/zsgRDk/56mAZXd3hx09k9nbbzco6YkIsql+KWspDv7aUlzE 0c6OV9eiXLvvaPNVK7cGcsSzlcjJfJHhLnhArWKVsI0Qe8aIM3oBijYwHNCelVOc VIxMjePvIjKgU2nCSWkcjjWKxh6SqAxXOj5wDVXL8aPZGN/NGLjk7blvoB4QsHai T4dQp646TFyDX30CAwEAAaOCAlkwggJVMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU 8a2BOgrSFnLGOYvTIPH1324jjkMwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wYgYD VR0RBFswWYIJZGl2aW5vLmplghFkaXZpbm93aW5lcy5jby51a4IOZGl2aW5vd2lu ZXMuamWCFXd3dy5kaXZpbm93aW5lcy5jby51a4ISd3d3LmRpdmlub3dpbmVzLmpl MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO8REwPAAABAMASDBG AiEAnzb64XTD3OyUOX4MeTXIbiWBsnE6am6r8bXblOBGK8UCIQD01YyzplowUxdw o3jAbcUN3vPholDaiwFHuWaKCzwDJwB1AHb/iD8KtvuVUcJhzPWHujS0pM27Kdxo Qgqf5mdMWjp0AAABjvERMGQAAAQDAEYwRAIgK1Qf24zz8lNuTOqek78i7FBOPXIP m3UZ37AtpgqtsVoCICIoRekIY4BuwmbSazAe9VSLACAEDDpOFo+Rqk8bFMcKMA0G CSqGSIb3DQEBCwUAA4IBAQCgEj4y1SskenfKL+eKYMD6voDkXbv0gK+N+CCQHToB HS1o0Vs5NR9gi8RI2bBFBmapuP45Tv3T0ANb9nLopPJmYaPJUiybSCT5BJ6v3rPp iED16r5VswLGx/BJEeXBMtVSc0EvhgB8Y2VU7+eu4S0uoOlLvzOCm/SzglbGNMft pKKlGGn9TnULcX1NaQ0QtknEZ0LFNvidKIvhygLxkRRcb7o+ADQNDVMx1MpBH0t1 i5igN3yzK2hAi07Q5hZwp2pucjzjTUVaaf/e04F2CyJSn9TAZ6zH7UEQPiizQfuj jGMfeD0m5xmPB2RQtm0+lOtqDhOvoZwxm7ctHPHGpKu5 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS9AIiOKvW5HIRaa68yC WGRe6qIr5CUhQ7w3X0yCkFjrpJHPLaJxf9zb7nGmK8bJ8mVC5Ati+bh4Zt3uI2GM ThHVLmZPaP0YDMtfziUSj9VALZDRKzjhAQtyNiI6mN1RgDvaoR4c3H92GVNTTcBW 6C7/OyBEOT/nqYBld3eHHT2T2dtvNyjpiQiyqX4paykO/tpSXMTRzo5X16Jcu+9o 81UrtwZyxLOVyMl8keEueECtYpWwjRB7xogzegGKNjAc0J6VU5xUjEyN4+8iMqBT acJJaRyONYrGHpKoDFc6PnANVcvxo9kY380YuOTtuW+gHhCwdqJPh1CnrjpMXINf fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 369216363595257553649724599015431650588239 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-18 10:56:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-17 10:56:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'divino.je' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21862526859399088693013372061415022849051658052034099597478669045394211534876633053748112530710295901326011845970739286017322989033203767501333197649319852068194883517870997723407317440708812640815955941342706623136349400761789051138514277325583653953684183728309432943898632931029380350243142739156841403323877814855894532160623088262477517048588631475381584538076544862608221861223054780925771693698274140343902908993228112050066713946112070821805032743221108462384804717789617885727327683309930844308521845565363229920241875471217951293655100518288632116694989849548705347536927648512471528387050214824966466264957 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f1ad813a0ad21672c6398bd320f1f5df6e238e43 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'divino.je' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'divinowines.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'divinowines.je' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.divinowines.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.divinowines.je' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ef111303c00000403004830460221009f36fae174c3dcec94397e0c7935c86e2581b2713a6a6eabf1b5db94e0462bc5022100f4d58cb3a65a30531770a378c06dc50ddef3e1a250da8b0147b9668a0b3c032700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ef1113064000004030046304402202b541fdb8cf3f2536e4cea9e93bf22ec504e3d720f9b7519dfb02da60aadb15a0220222845e90863806ec266d26b301ef5548b0020040c3a4e168f91aa4f1b14c70a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a0123e32d52b247a77ca2fe78a60c0fabe80e45dbbf480af8df820901d3a011d2d68d15b39351f608bc448d9b0450666a9b8fe394efdd3d0035bf672e8a4f26661a3c9522c9b4824f9049eafdeb3e98840f5eabe55b302c6c7f04911e5c132d55273412f86007c636554efe7aee12d2ea0e94bbf33829bf4b38256c634c7eda4a2a51869fd4e750b717d4d690d10b649c46742c536f89d288be1ca02f191145c6fba3e00340d0d5331d4ca411f4b758b98a0377cb32b68408b4ed0e61670a76a6e723ce34d455a69ffded381760b22529fd4c067acc7ed41103e28b341fba38c631f783d26e7198f076450b66d3e94eb6a0e13afa19c319bb72d1cf1c6a4abb9