lignana.com
Issued by R3
About this certificate
This digital certificate with serial number 03:8a:b1:e9:4e:f6:60:d3:e6:6f:bc:be:fe:a1:e9:fb:08:dd was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=lignana.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8a:b1:e9:4e:f6:60:d3:e6:6f:bc:be:fe:a1:e9:fb:08:ddSerial Number (int): 308532309192340260417994403957843416516829
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: af:ca:43:7e:d5:b5:9e:7c:e4:5f:2a:44:de:c0:f1:cf:37:48:12:1a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b8:65:53:1f:e9:cd:7c:1e:d4:2c:0d:e6:37:d1:00:73:27:2e:d0:38
Fingerprint (sha256): f6:90:7b:27:a6:aa:73:8e:1f:63:f5:e4:0b:94:19:a7:6c:f1:88:1b:8d:8c:82:33:7f:f7:ca:65:a2:8c:1d:86
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate lignana.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lignana.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lignana.com
Other certificates including the domain name lignana.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for lignana.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5DCCBMygAwIBAgISA4qx6U72YNPmb7y+/qHp+wjdMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMzAxOTEyNDRaFw0yNDA2MjgxOTEyNDNaMBYxFDASBgNVBAMT C2xpZ25hbmEuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApVXB RATxtKsKFzn5PklNej1IREpYyRNu7NTHegBqKQNsc/1be7cMZUAu5QUHK8X9hp14 K5k4N85Ni4cMslPOj25S/ofT53yHdOCU+gBxckvwNjDvyEKZYGriYDpBEXmd6YmI /qW1g6ChrWezPtyxjKFfbLVrZMqCtRPu0rDLxDIDXyR+yYgVkmX6LsUlqkM4oqDO Fc65nJrQ+D8W6epuwKzzsr93ludHwFirmAQf7wNMN/gt6g5XoqaX6MPmEKx59+H5 8S3A5iqbulX0yDiy2rE7HkZKRXkGTeGyeuVYeXqkA+Uw+l+Q2PC0og9xGtyrYl5O GvTdCCtb6ZwTER1XwzWqlkoArVu+sYGE62MducdRkOP1Qks9AK7Ao34BRjqStexK t4AK93eNFVUeRoRKFJDOikQH4ZzrbVOV3UNCO+ij+jFBJlIiZQT2wJY9J5gp9ZEy uZtFOwqOSgFmhV9Z5boWHm2JkHlz5dZhNKhJCfC3QDEfUS4KSjaEjcmxrfkZEv9q 43OBmediub1AzZODtmN0wHU4UlFcXm8OaWU4/wYpsddkL8rZFSPdn/XxIKjgbmVp PSgynxN5GEBXc0yTVBWArKuS//iX/SD127ilB0x6JaZ1X5wwfDQoNa3onY/vi1Cj lwZZUlL2KwqrrPNAaXz41GOaWGoWTIzF01qkSIUCAwEAAaOCAg4wggIKMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUr8pDftW1nnzkXypE3sDxzzdIEhowHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wFgYDVR0RBA8wDYILbGlnbmFuYS5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwBIsONr2qZHNA/l agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY6Q/j5SAAAEAwBIMEYCIQCiKHl9djPB DQjbYUYg6Zm+c60MURDe090uWBEiKVuDgAIhALkwH9bf8JBijpRKkSsDPn98zLdK bh5OMWFV6DhbqlaoAHYAouK/1h7eLy8HoNZObTen3GVDsMa1LqLat4r4mm31F9gA AAGOkP4+cwAABAMARzBFAiAhTIvS8Kdkf/gl6Kb8TIREp6xbOeaPEWvJ0nnHoaAo FwIhAMtwIK2RjN/Yr/TZKgjhfAWW8MgvV4AB1WyzY7o8VDKZMA0GCSqGSIb3DQEB CwUAA4IBAQAMC3cwqNJWfe/etrYL4NaWocbZxAxRDAhls4/TNjlRw63xsETGms47 6dvWP8PT0qA42d6h4/+9W87lHLfed9nISyEao52IJ9tl8LH+ksaTT+D3fy3wORQG vr8atZk1rIVLsjMKyZCEOpaWFI/kxPl62bVFFdli7+iHXhWqWEgFA5NTb31ikehW pV8vpw1BMQz5pO81ps2jVw9aF0AC1gDBYyzJtOMreHnC2lkgSyqpjpH0Mdnf0Tk7 3S3O1NxHBu8SeuTYki3PSr2t6aUVLYMS+LOaTVBKdDHcKHAXklvEcGCONY9ehOC0 ll1k2MWcu2InAqWWdaZoRG4L6kvA6uuJ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApVXBRATxtKsKFzn5PklN ej1IREpYyRNu7NTHegBqKQNsc/1be7cMZUAu5QUHK8X9hp14K5k4N85Ni4cMslPO j25S/ofT53yHdOCU+gBxckvwNjDvyEKZYGriYDpBEXmd6YmI/qW1g6ChrWezPtyx jKFfbLVrZMqCtRPu0rDLxDIDXyR+yYgVkmX6LsUlqkM4oqDOFc65nJrQ+D8W6epu wKzzsr93ludHwFirmAQf7wNMN/gt6g5XoqaX6MPmEKx59+H58S3A5iqbulX0yDiy 2rE7HkZKRXkGTeGyeuVYeXqkA+Uw+l+Q2PC0og9xGtyrYl5OGvTdCCtb6ZwTER1X wzWqlkoArVu+sYGE62MducdRkOP1Qks9AK7Ao34BRjqStexKt4AK93eNFVUeRoRK FJDOikQH4ZzrbVOV3UNCO+ij+jFBJlIiZQT2wJY9J5gp9ZEyuZtFOwqOSgFmhV9Z 5boWHm2JkHlz5dZhNKhJCfC3QDEfUS4KSjaEjcmxrfkZEv9q43OBmediub1AzZOD tmN0wHU4UlFcXm8OaWU4/wYpsddkL8rZFSPdn/XxIKjgbmVpPSgynxN5GEBXc0yT VBWArKuS//iX/SD127ilB0x6JaZ1X5wwfDQoNa3onY/vi1CjlwZZUlL2KwqrrPNA aXz41GOaWGoWTIzF01qkSIUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308532309192340260417994403957843416516829 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-30 19:12:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-28 19:12:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lignana.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 674507871415405877136296245095547355444258280782389982270564458296920475302613743812401930133322804979888464856125057864946196302056797777270964579722956116213185845868072409753626607111419463100886022493018468952523357601826586292943612681355414134354986081670924175983183036898178168479556625020852156285911654878653120046458623711248744903415114757140512541675595523898528837451084551399169127625713689237426700708103143893674470912423672981053461675732961540778088572342397830346503283325193218875210916637098928704952117429948780538262506738525843342553559591320631647256584019578236988316331285543440526239910172144052469472492271228973760420518425001906850584006185974770886706464495603897548204706241486385699218112038226585518999186748009123457828395017433075624801534263538814567187160775145850203249275242921693848853795443571494295884559873119898235533286383080795367308109364803214031815118975971747113225174091680029553177089242915473224304156189934300793041828500404888482033718908303260844046063183125566707855985947678476432303018557656172390053942363826789078028488291781800582145888611186168833938401840333230341983030937879637834473083973813137158235755251053338939741195894657746457362172172734046459448736893061 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) afca437ed5b59e7ce45f2a44dec0f1cf3748121a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lignana.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e90fe3e520000040300483046022100a228797d7633c10d08db614620e999be73ad0c5110ded3dd2e581122295b8380022100b9301fd6dff090628e944a912b033e7f7cccb74a6e1e4e316155e8385baa56a8007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e90fe3e7300000403004730450220214c8bd2f0a7647ff825e8a6fc4c8444a7ac5b39e68f116bc9d279c7a1a02817022100cb7020ad918cdfd8aff4d92a08e17c0596f0c82f578001d56cb363ba3c543299 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000c0b7730a8d2567defdeb6b60be0d696a1c6d9c40c510c0865b38fd3363951c3adf1b044c69ace3be9dbd63fc3d3d2a038d9dea1e3ffbd5bcee51cb7de77d9c84b211aa39d8827db65f0b1fe92c6934fe0f77f2df0391406bebf1ab59935ac854bb2330ac990843a9696148fe4c4f97ad9b54515d962efe8875e15aa5848050393536f7d6291e856a55f2fa70d41310cf9a4ef35a6cda3570f5a174002d600c1632cc9b4e32b7879c2da59204b2aa98e91f431d9dfd1393bdd2dced4dc4706ef127ae4d8922dcf4abdade9a5152d8312f8b39a4d504a7431dc287017925bc470608e358f5e84e0b4965d64d8c59cbb622702a59675a668446e0bea4bc0eaeb89