www.lavinia.net
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:26:e0:9c:f5:53:41:d4:95:da:d7:d5:49:11:c6:6c:ff:e9 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.lavinia.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:26:e0:9c:f5:53:41:d4:95:da:d7:d5:49:11:c6:6c:ff:e9Serial Number (int): 361678435715189064695669224822535562788841
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 1a:fc:e3:db:38:49:b0:24:6d:5b:00:de:89:61:1c:a0:63:e5:81:19
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b6:76:f6:fa:58:15:63:0b:f2:95:81:ee:6c:01:bc:9f:5c:78:99:dc
Fingerprint (sha256): f5:f0:3a:d1:c7:e5:16:b1:bc:59:6e:4d:6c:ac:81:10:86:27:1e:f2:e7:97:f0:b2:69:40:e7:77:20:27:9c:a3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.lavinia.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.lavinia.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.lavinia.net
Other certificates including the domain name lavinia.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.lavinia.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVjCCBT6gAwIBAgISBCbgnPVTQdSV2tfVSRHGbP/pMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMzEwNTMyMjVaFw0y MDAzMzAwNTMyMjVaMBoxGDAWBgNVBAMTD3d3dy5sYXZpbmlhLm5ldDCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBALQL/aP/C9V1/hs+qhHxSCsIfsEaDjnx Ku4trrwxTrxLJQW81WK2baUej/R7fZlQeSNwUHQW+l+J+VtxuoKvMLAv0Cy/xkrG Splzctu9AQ2YxzuGbtjGpUrGOceRqEk2iIM5LPJzJtasliu04r8Ppz6zDvc++LIl FFRJSdCPOhXvSZYX/kTBGWWshyClcVsEZoWw7xD4MnY8208KvsFfxfe/GaAKyApb P1WkpMTetjCHJ3fwY4NCrbqbBt7rOmInOAbSFy+UUZhbC73zaVdSv7EU5ih5JrQj UxPIBRPmHgyTV0XCQ/RJ0MTqcUj783ss6m4Bg72kwSEx/VP3X18iN47XTx+61SpT HE9iOYyzOjppbek/AkLz/4y2Hgxm9Vlh/TWk2+/Me4bDhV6C8ZCqKbYst4IL9yTz yobmcUGPhFf6+moPIYdGBs4pfHU5vROamf7/PD2+le+4zj9glmgBuMHSkA8uPUp4 2cATjy1E/AE0nb7B7BRgH6Z+ifhp4TmWW7VAMI6cYWX7JYeZppFhuTHzYSmzkt0R 3Sebh0jBjwV8z/8VEvQB1rAsM99dLo75ew59RiSXJWe3GePrwjVWThRnxC69coDD GBdZUzNk0h1GsPYzW4Q7ULrW+QMR0+M1yz26aIAJdXUYX9VrspXl/Seq44hfFnSA K4EvM6gDxuY5AgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBr8 49s4SbAkbVsA3olhHKBj5YEZMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3LmxhdmluaWEubmV0 MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFvWqfT uQAABAMARzBFAiBWW7NmcfbgckLvDm09T3HmZgv0eXiaVCOIXr/SFL1VOwIhAMUV 4RTS8YFdvSSuSZQ515MmH5cD04ee4G+OtrvftmD4AHYAB7dcG+V9aP/xsMYdIxXH uuZXfFeUt2ruvGE6GmnTohwAAAFvWqfT5gAABAMARzBFAiA0XWflvCE1b2smWoT+ 68V3na8CeHhrGYKfXEE+NRXS0QIhAJxR2eNlTlMyt1hn4G+jQ7d592WY/Uw4iT6F KXKTRjqsMA0GCSqGSIb3DQEBCwUAA4IBAQAuR4GS2erX6iAW1ivzCKN2sAJdLiDh bs1wNQ4mJrOFIKbggmIRAv5j4I/7wxGzr5iHonSbVrOrkLJBnf6Mjpbc7V5bijPl EK6ICrl6nPNsGgP24mg3wQipCVJWrZSR4oNiq/THSTzo5VgB/X+7Vfh1qiJQN5P7 VKyPJPUR8nsYFR/6ZM52GNVU97Q3OAwREM3BQhcj/NUvYFPEdp+8RJTLcf56OYfp iC3P/MpZ4cyx9NPIktZaaFmmNeoisH6/7FT3N8j/3+sN9cylPbKp655H2HR9DPSH obLMMy6oXzaq5GLyZ1KdDuJXwNA79c9HxIEX7W3scFkjkLd5hoIDWios -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtAv9o/8L1XX+Gz6qEfFI Kwh+wRoOOfEq7i2uvDFOvEslBbzVYrZtpR6P9Ht9mVB5I3BQdBb6X4n5W3G6gq8w sC/QLL/GSsZKmXNy270BDZjHO4Zu2MalSsY5x5GoSTaIgzks8nMm1qyWK7Tivw+n PrMO9z74siUUVElJ0I86Fe9Jlhf+RMEZZayHIKVxWwRmhbDvEPgydjzbTwq+wV/F 978ZoArICls/VaSkxN62MIcnd/Bjg0KtupsG3us6Yic4BtIXL5RRmFsLvfNpV1K/ sRTmKHkmtCNTE8gFE+YeDJNXRcJD9EnQxOpxSPvzeyzqbgGDvaTBITH9U/dfXyI3 jtdPH7rVKlMcT2I5jLM6Omlt6T8CQvP/jLYeDGb1WWH9NaTb78x7hsOFXoLxkKop tiy3ggv3JPPKhuZxQY+EV/r6ag8hh0YGzil8dTm9E5qZ/v88Pb6V77jOP2CWaAG4 wdKQDy49SnjZwBOPLUT8ATSdvsHsFGAfpn6J+GnhOZZbtUAwjpxhZfslh5mmkWG5 MfNhKbOS3RHdJ5uHSMGPBXzP/xUS9AHWsCwz310ujvl7Dn1GJJclZ7cZ4+vCNVZO FGfELr1ygMMYF1lTM2TSHUaw9jNbhDtQutb5AxHT4zXLPbpogAl1dRhf1WuyleX9 J6rjiF8WdIArgS8zqAPG5jkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 361678435715189064695669224822535562788841 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-31 05:32:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-30 05:32:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.lavinia.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 734527018686301109429135763040665916115482398204731030268002278660318337488522826479192473437495633532406912377718941076788145102248424048298611784548389896096444526917741997529552623457510708038567774560851956906718207457325451992441379258396624903727097927159984144962684987329840518417556225623200409160016727868513167161699109189613114626758796965895070074101665401915123212534544039848589706979423324312624688359359567663562230949091594874595736915029577357137248850176003086018337965383247076652817317798051232530835634615184626666234372076062797363919372625403113752496612141724243627025611900546985156433619906093879810475511595161386157691547239563286107236412019035926487298428539392359526659258262353787015882714763678427285148582394713682209754304480946105658954532677672765776559173831516108114389404166237443325293068422580420589789643417160548964223934747885068489569382086703910498273065237501185617631777538559990938268145032208172281953973674835016808109421319458883254281623816988563604157870110411366705267551831577418618921683989220205387858204322389748710773902938607751277273560801650061671998642568392471439178583574313451768995969346600246095558540775083620471638905509059882041716606889806651496788709008953 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1afce3db3849b0246d5b00de89611ca063e58119 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lavinia.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f5aa7d3b900000403004730450220565bb36671f6e07242ef0e6d3d4f71e6660bf479789a5423885ebfd214bd553b022100c515e114d2f1815dbd24ae499439d793261f9703d3879ee06f8eb6bbdfb660f800760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f5aa7d3e600000403004730450220345d67e5bc21356f6b265a84feebc5779daf0278786b19829f5c413e3515d2d10221009c51d9e3654e5332b75867e06fa343b779f76598fd4c38893e85297293463aac . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002e478192d9ead7ea2016d62bf308a376b0025d2e20e16ecd70350e2626b38520a6e082621102fe63e08ffbc311b3af9887a2749b56b3ab90b2419dfe8c8e96dced5e5b8a33e510ae880ab97a9cf36c1a03f6e26837c108a9095256ad9491e28362abf4c7493ce8e55801fd7fbb55f875aa22503793fb54ac8f24f511f27b18151ffa64ce7618d554f7b437380c1110cdc1421723fcd52f6053c4769fbc4494cb71fe7a3987e9882dcffcca59e1ccb1f4d3c892d65a6859a635ea22b07ebfec54f737c8ffdfeb0df5cca53db2a9eb9e47d8747d0cf487a1b2cc332ea85f36aae462f267529d0ee257c0d03bf5cf47c48117ed6dec70592390b7798682035a2a2c