laroca.bar

Issued by R3

About this certificate

This digital certificate with serial number 03:af:e0:14:59:67:3a:a8:d2:d7:6b:31:6d:54:59:1e:42:54 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=laroca.bar

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:af:e0:14:59:67:3a:a8:d2:d7:6b:31:6d:54:59:1e:42:54
Serial Number (int): 321184124736751072587791241428232589689428
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: a4:8d:46:77:0a:92:93:7e:cf:a9:57:bf:9b:af:85:08:ce:b5:8c:38
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 73:3f:bf:04:bf:72:cc:7a:15:f1:75:bd:c4:d7:51:85:2c:3a:3f:63
Fingerprint (sha256): fd:55:73:5b:a7:c0:ba:a0:ec:a5:8c:60:6b:e4:72:60:dd:ce:57:8a:60:e8:72:13:86:56:46:36:69:3b:83:ea

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate laroca.bar

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for laroca.bar

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

laroca.bar
www.laroca.bar

Other certificates including the domain name laroca.bar

(limited to 100 certificates)
laroca.bar
laroca.bar
laroca.bar
laroca.bar
laroca.bar
laroca.bar
laroca.bar

Certificate

The complete raw certificate details for laroca.bar in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgISA6/gFFlnOqjS12sxbVRZHkJUMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MDMxNzE5MTBaFw0yNDA3MDIxNzE5MDlaMBUxEzARBgNVBAMT
Cmxhcm9jYS5iYXIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+UsKm
PlLgEpZPqnpqKuWxc5xM32o75TVM9YG95kCj22mwnYTnpbTDnSbYrlWAcVueN+nf
UjtgK6NcRdBW+03wKnBRZCPDU8I91Ia1jadl+XhqDsAFHprgAT/5eMCqUQnVErtq
ATfX36nUJjIyKR5m1+CQcy2LphXuMDNJXPM0+EebYvE5gj+9dOkS6rrgT7lf82dh
QVrmWyHoqYG6Qs5z1ThcjyjkjWfq6APSQ5MKq6ZiXapPow3ocNy6xhKB97pKxn6B
mQ70OdB2jKw7BYSeInXTm6StcLiOS+hgLrSdRRot5S3eVV2tz7bh8bye3j6ZJkSi
1rt8Dn6TTMCcF/QNQm7WJFrt4X6CB+dJna4ix3EtIilxqCfGpyh9P5sKL1yUXLtP
yKFD0NrZAdMzBWvDf/62l4Ou4viV2ruLoP2sfdizjmnMgO1AqyUuN132KCXaf2Ep
MOSIJz0j+135TqGyV3xKyqwnCYZjnqflnqaU/wQGp/wVONLRAUwNrgEN243K4EzM
pb6HafT0OoMnpZOHeC/tutWEMAK9v/k54/CSAV4BFdnJrflXF65Bsm4ZXrNTzqDZ
1fRavvj0FRZ1/hK43oWcKgtP3D8ZAWz40d9o0XgubA70VfDP5CsJLSi7VPMSsQ+u
vQeEGixNm0ILHIKXh7sjDT9dcl/7Q2W+OgksrQIDAQABo4ICGzCCAhcwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBSkjUZ3CpKTfs+pV7+br4UIzrWMODAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggpsYXJvY2EuYmFygg53d3cubGFyb2Nh
LmJhcjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA
7wB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjqUvtBQAAAQD
AEYwRAIgFWqgRZQWSLBIiMNFLkpPF7SZjHnkhGN2Mh03zrsRVSoCIGsb5bqYs3PE
TpmKrMiMUMtkFip5wsI4yz/DXQf5+usYAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp
3GhCCp/mZ0xaOnQAAAGOpS+0WAAABAMARzBFAiEAqgWkKlASX8RBwXQdvz1LLLq0
Q3puJfJwYJCl7xnhkcMCIEcF2U+nAeD3N9UNOv+3FK+j2u7c8oslUNciPvMr1aq5
MA0GCSqGSIb3DQEBCwUAA4IBAQCkGVqeaId997+tU0p8pWH5e9q35uMbityhTzGh
xX73oxlNOHh4OFLeHY9M4vFAxP12U1Ibatv2l4u8/W+UON2v2wIoQ/G3Xjb79QiI
ONDjq8v8y8aVOH9t3WJAMuKpjrI8hq943MFzcjkVb9e01nCjpB6UK4w8PaiMi0C+
GBmGwefSvfQKzWT6VQSMAH+zqoR3jMeiY07dK4+I+uQsTtbAzWs7D7Ko6KVazDaM
Lhya3nQtOlYtFWLu0aujuzVV978xcNl6VBiwEop/f3ZZPV77/z2cGz+AauvTuTsY
3bSNe1fCyJZ/V81hp32pM/C14Lyx+Pj3TjaIIEShOq457NH2
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvlLCpj5S4BKWT6p6airl
sXOcTN9qO+U1TPWBveZAo9tpsJ2E56W0w50m2K5VgHFbnjfp31I7YCujXEXQVvtN
8CpwUWQjw1PCPdSGtY2nZfl4ag7ABR6a4AE/+XjAqlEJ1RK7agE319+p1CYyMike
ZtfgkHMti6YV7jAzSVzzNPhHm2LxOYI/vXTpEuq64E+5X/NnYUFa5lsh6KmBukLO
c9U4XI8o5I1n6ugD0kOTCqumYl2qT6MN6HDcusYSgfe6SsZ+gZkO9DnQdoysOwWE
niJ105ukrXC4jkvoYC60nUUaLeUt3lVdrc+24fG8nt4+mSZEota7fA5+k0zAnBf0
DUJu1iRa7eF+ggfnSZ2uIsdxLSIpcagnxqcofT+bCi9clFy7T8ihQ9Da2QHTMwVr
w3/+tpeDruL4ldq7i6D9rH3Ys45pzIDtQKslLjdd9igl2n9hKTDkiCc9I/td+U6h
sld8SsqsJwmGY56n5Z6mlP8EBqf8FTjS0QFMDa4BDduNyuBMzKW+h2n09DqDJ6WT
h3gv7brVhDACvb/5OePwkgFeARXZya35VxeuQbJuGV6zU86g2dX0Wr749BUWdf4S
uN6FnCoLT9w/GQFs+NHfaNF4LmwO9FXwz+QrCS0ou1TzErEPrr0HhBosTZtCCxyC
l4e7Iw0/XXJf+0NlvjoJLK0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 321184124736751072587791241428232589689428
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 17:19:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 17:19:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'laroca.bar'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 776451250922160212331739224374767733119629818013403850668932171470858115133235030072269560709306026038188802842168751145301415377024363917838883459779400565080823317418918995780672420218303112448261657584670063799157632965393282535460156045425200673735902431177149654089523004844569256503894934490282841216534199800141185898119171607350198828501149367481083077852508565848641224924623328713537795699640149521993472890684449201305025192608970758970924338659337780400361924953212772014246622253501754721196410217192222270098238901596231308202375703818336220817581306285292017569592155657714489252800761668366013065874463648735766075412294541855391454163892117726618712980507730259319262850257383840490074651720876151406648927218549065264613701684075269635223936591278151702481939686539043053674452739625054196883083825068024744822164472293081071404288953413193741752623248546441818508074834559867410920512419076928887747582628104863230155771464343362595197127956942309783065325650077189317753336982339799592170732152911629952157188401456252935722156778651427160181963635555970797712671701935304050470594955291340469251434318276826059468815527525441660473499670329524660668800525309944001652759849628782502453256986917870776990353140909
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a48d46770a92937ecfa957bf9baf8508ceb58c38
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'laroca.bar'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.laroca.bar'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ea52fb41400000403004630440220156aa045941648b04888c3452e4a4f17b4998c79e4846376321d37cebb11552a02206b1be5ba98b373c44e998aacc88c50cb64162a79c2c238cb3fc35d07f9faeb1800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ea52fb4580000040300473045022100aa05a42a50125fc441c1741dbf3d4b2cbab4437a6e25f2706090a5ef19e191c302204705d94fa701e0f737d50d3affb714afa3daeedcf28b2550d7223ef32bd5aab9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a4195a9e68877df7bfad534a7ca561f97bdab7e6e31b8adca14f31a1c57ef7a3194d3878783852de1d8f4ce2f140c4fd7653521b6adbf6978bbcfd6f9438ddafdb022843f1b75e36fbf5088838d0e3abcbfccbc695387f6ddd624032e2a98eb23c86af78dcc1737239156fd7b4d670a3a41e942b8c3c3da88c8b40be181986c1e7d2bdf40acd64fa55048c007fb3aa84778cc7a2634edd2b8f88fae42c4ed6c0cd6b3b0fb2a8e8a55acc368c2e1c9ade742d3a562d1562eed1aba3bb3555f7bf3170d97a5418b0128a7f7f76593d5efbff3d9c1b3f806aebd3b93b18ddb48d7b57c2c8967f57cd61a77da933f0b5e0bcb1f8f8f74e36882044a13aae39ecd1f6