www.castelfiorentino.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:b9:d0:6d:30:1d:8f:d4:ad:d7:b2:b8:e7:dc:2b:0c:f8:8d was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.castelfiorentino.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b9:d0:6d:30:1d:8f:d4:ad:d7:b2:b8:e7:dc:2b:0c:f8:8dSerial Number (int): 324566142035032989636191889171370262460557
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 26:31:f6:f6:82:22:6a:23:d4:f0:d3:be:2d:9a:0b:3f:38:7e:83:a7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ef:c8:d6:98:03:10:bd:c7:9c:23:03:0c:92:26:85:73:33:9b:57:02
Fingerprint (sha256): f5:cd:74:c4:ee:dd:ee:54:d0:62:71:f4:71:26:27:7d:b3:b9:ea:49:de:ea:55:04:71:05:6f:1c:e2:48:43:43
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.castelfiorentino.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.castelfiorentino.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.castelfiorentino.org
Other certificates including the domain name castelfiorentino.org
(limited to 100 certificates)
castelfiorentino.org
www.castelfiorentino.org
www.castelfiorentino.org
www.encup.com
kbs.asia
www.castelfiorentino.org
castelfiorentino.org
castelfiorentino.org
castelfiorentino.org
castelfiorentino.org
www.hotelriverinn.com
www.castelfiorentino.org
life.bible
castelfiorentino.org
www.castelfiorentino.org
www.castelfiorentino.org
www.castelfiorentino.org
www.encup.com
kbs.asia
www.castelfiorentino.org
castelfiorentino.org
castelfiorentino.org
castelfiorentino.org
castelfiorentino.org
www.hotelriverinn.com
www.castelfiorentino.org
life.bible
castelfiorentino.org
www.castelfiorentino.org
Certificate
The complete raw certificate details for www.castelfiorentino.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGaDCCBVCgAwIBAgISA7nQbTAdj9St17K459wrDPiNMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjkwNDU0MDdaFw0x OTEyMjgwNDU0MDdaMCMxITAfBgNVBAMTGHd3dy5jYXN0ZWxmaW9yZW50aW5vLm9y ZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALOF0I2qYaC4FcTzGqRF ikp2+fq009x9e96jXlaXYPQbKs2uo2as6eGXqjme15oH61I+OAXU3oGxma4m6X7m Lq5GtfRcWsjAWVhwb8OUxvhw23EDAOWKgBXIjauSMBNsBsoei/ChAAhVfBXx5d0Z ftFSToM7Snxr+cg9yxI8AauS+k4wrIcEn+qA47Qa+i6geT8mI9wuSULW4/9Y8zfT lcr/ib5dX3cQF6Ikvj8CVPVX6TiLnZzAsXLxZcHsyVKtnNGfBrj618Bx4azTMsUl q4UJDeYK3PsfiRj/3y0UjQ7BrKTxjBffv2Tstqxjr+4Z/cqUV67TsHYoaevP6h++ po5PrTdTEkGMIx4pnEungqPFoC8Ou5Drf+evscD06fpAKiFesY4+/MnxdLVTWOD9 H07xoEpCyLqO14nuJazLSrMJvbAGntpMKoDx5dlGyN6d/2FPUKmwe3tQhXTMam2v Ur4wwY/5DCemiorRDcs9z1vmfZ8ES1si3oYIajbbBWNvUrLZYrldf0U18jRuzkm7 6WsFhtR7iPM1qXZd6TZWz6BAW4x74erUHdH8clXf668D3wH2xscq3oFFDJlx5sRI BSMkeR0rn7hY+mTnXBT4HkIEFm+ys0JbMHmhjw8CGlTOEdk99ETWEEVvjYiStkxe ekh4uwoOBAuDG/DiwPw+5gRTAgMBAAGjggJtMIICaTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFCYx9vaCImoj1PDTvi2aCz84foOnMB8GA1UdIwQYMBaAFKhKamMEfd26 5tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDov L29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDov L2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIwYDVR0RBBwwGoIYd3d3LmNh c3RlbGZpb3JlbnRpbm8ub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQB gt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAdH7agzGtMxCRIZzOJU9CcMK//V5C IAjGNzV55hB7zFYAAAFte5VW6AAABAMARzBFAiB9dQ2G1XQgwFZVT7SUlXgbxZeq QZCYNpmcTPzrqDP8KAIhANMMM6vCSELDXK1FMI5UMPN2cTF8f6ldQJviCP7M/QmF AHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFte5VXAQAABAMA RzBFAiEA6rce4RZba94pkm+pg9MSFfHaJRdffw7tJ25qqwTkFxwCIASCB5zgFzFu PsjEXyXCMfkplAS2G6aGLemFGS4d7571MA0GCSqGSIb3DQEBCwUAA4IBAQCSYxKS LcsLVCQsbcIRXWB6Fr8jBcvxbSsoc3yZ59z7V/RavrjZI/JuyPBkT0fCkd1ikqZS Z4PyziK5QjgXBb9CzgtM1BcRG+2aIVRluoTUjVOTA+sNFIO2pMq/GC4pclhc63+i /tYslT8WPgxY7gUf6Qse5cMtnj1emL5mDSY1P+05br3HBqBmC882ylHOAhc1cOfk MY6NRLDuv4X6a1iBWMRWTOmNR+WMBorbe0vs4VFN92u4JxqN7XQgacE4Z3kxe9vb 0WQOFEIFbBWkRXahTIdujfk0O37pxiN35W/HBfEcW4ixiLIqLJLRy6ogLdjtpKuV jbJDwcaPYYfYFuqB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs4XQjaphoLgVxPMapEWK Snb5+rTT3H173qNeVpdg9Bsqza6jZqzp4ZeqOZ7XmgfrUj44BdTegbGZribpfuYu rka19FxayMBZWHBvw5TG+HDbcQMA5YqAFciNq5IwE2wGyh6L8KEACFV8FfHl3Rl+ 0VJOgztKfGv5yD3LEjwBq5L6TjCshwSf6oDjtBr6LqB5PyYj3C5JQtbj/1jzN9OV yv+Jvl1fdxAXoiS+PwJU9VfpOIudnMCxcvFlwezJUq2c0Z8GuPrXwHHhrNMyxSWr hQkN5grc+x+JGP/fLRSNDsGspPGMF9+/ZOy2rGOv7hn9ypRXrtOwdihp68/qH76m jk+tN1MSQYwjHimcS6eCo8WgLw67kOt/56+xwPTp+kAqIV6xjj78yfF0tVNY4P0f TvGgSkLIuo7Xie4lrMtKswm9sAae2kwqgPHl2UbI3p3/YU9QqbB7e1CFdMxqba9S vjDBj/kMJ6aKitENyz3PW+Z9nwRLWyLehghqNtsFY29SstliuV1/RTXyNG7OSbvp awWG1HuI8zWpdl3pNlbPoEBbjHvh6tQd0fxyVd/rrwPfAfbGxyregUUMmXHmxEgF IyR5HSufuFj6ZOdcFPgeQgQWb7KzQlsweaGPDwIaVM4R2T30RNYQRW+NiJK2TF56 SHi7Cg4EC4Mb8OLA/D7mBFMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 324566142035032989636191889171370262460557 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-29 04:54:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-28 04:54:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.castelfiorentino.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 732388773295107571745198943218633848004645396234756611318260387953341045173519354356069572780822553415570877217058325770241595328666712886242476614738546704674954939962963685009004135962858876685524154465725072623106896856628769070857556913372458887728995706474278306342447696548039361690112914659491133036815395495402269344666167866938484191937133401900134727667591086977557535937890494452663359310013465976541977553360211839850757240348803804515378823357234401115922463874282870855225464510492675853896540289350024423273498691679610997732012241422521495260483783470151956402606680748972246011272017733743291055682650446516820988512162397325610470982032678574263383711216646420204860262341250246293267258302710027110106463506535405534862672573894499848539536035494642669953432316227417045109604971575386080868821459688834078644853534059970878080164912699820795203694738362021104375679043086490705858890577414566587559557156716459811942947705074154063936415473210379007188586865841062255016898976760548376774327759444387399557720964679634016013170766264633298705645970568935909874430281148926793133014723737230999753251736991630237376417647617171173186438707871687133535210683712678994630568364854760875777842111666742293110915990611 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2631f6f682226a23d4f0d3be2d9a0b3f387e83a7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.castelfiorentino.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d7b9556e8000004030047304502207d750d86d57420c056554fb49495781bc597aa41909836999c4cfceba833fc28022100d30c33abc24842c35cad45308e5430f37671317c7fa95d409be208feccfd0985007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d7b9557010000040300473045022100eab71ee1165b6bde29926fa983d31215f1da25175f7f0eed276e6aab04e4171c02200482079ce017316e3ec8c45f25c231f9299404b61ba6862de985192e1def9ef5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00926312922dcb0b54242c6dc2115d607a16bf2305cbf16d2b28737c99e7dcfb57f45abeb8d923f26ec8f0644f47c291dd6292a6526783f2ce22b942381705bf42ce0b4cd417111bed9a215465ba84d48d539303eb0d1483b6a4cabf182e2972585ceb7fa2fed62c953f163e0c58ee051fe90b1ee5c32d9e3d5e98be660d26353fed396ebdc706a0660bcf36ca51ce02173570e7e4318e8d44b0eebf85fa6b588158c4564ce98d47e58c068adb7b4bece1514df76bb8271a8ded742069c1386779317bdbdbd1640e1442056c15a44576a14c876e8df9343b7ee9c62377e56fc705f11c5b88b188b22a2c92d1cbaa202dd8eda4ab958db243c1c68f6187d816ea81