laroca.bar
Issued by R3
About this certificate
This digital certificate with serial number 03:af:e0:14:59:67:3a:a8:d2:d7:6b:31:6d:54:59:1e:42:54 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=laroca.bar
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:af:e0:14:59:67:3a:a8:d2:d7:6b:31:6d:54:59:1e:42:54Serial Number (int): 321184124736751072587791241428232589689428
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a4:8d:46:77:0a:92:93:7e:cf:a9:57:bf:9b:af:85:08:ce:b5:8c:38
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 73:3f:bf:04:bf:72:cc:7a:15:f1:75:bd:c4:d7:51:85:2c:3a:3f:63
Fingerprint (sha256): fd:55:73:5b:a7:c0:ba:a0:ec:a5:8c:60:6b:e4:72:60:dd:ce:57:8a:60:e8:72:13:86:56:46:36:69:3b:83:ea
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate laroca.bar
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for laroca.bar
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
laroca.bar
www.laroca.bar
www.laroca.bar
Other certificates including the domain name laroca.bar
(limited to 100 certificates)
Certificate
The complete raw certificate details for laroca.bar in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8DCCBNigAwIBAgISA6/gFFlnOqjS12sxbVRZHkJUMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDMxNzE5MTBaFw0yNDA3MDIxNzE5MDlaMBUxEzARBgNVBAMT Cmxhcm9jYS5iYXIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+UsKm PlLgEpZPqnpqKuWxc5xM32o75TVM9YG95kCj22mwnYTnpbTDnSbYrlWAcVueN+nf UjtgK6NcRdBW+03wKnBRZCPDU8I91Ia1jadl+XhqDsAFHprgAT/5eMCqUQnVErtq ATfX36nUJjIyKR5m1+CQcy2LphXuMDNJXPM0+EebYvE5gj+9dOkS6rrgT7lf82dh QVrmWyHoqYG6Qs5z1ThcjyjkjWfq6APSQ5MKq6ZiXapPow3ocNy6xhKB97pKxn6B mQ70OdB2jKw7BYSeInXTm6StcLiOS+hgLrSdRRot5S3eVV2tz7bh8bye3j6ZJkSi 1rt8Dn6TTMCcF/QNQm7WJFrt4X6CB+dJna4ix3EtIilxqCfGpyh9P5sKL1yUXLtP yKFD0NrZAdMzBWvDf/62l4Ou4viV2ruLoP2sfdizjmnMgO1AqyUuN132KCXaf2Ep MOSIJz0j+135TqGyV3xKyqwnCYZjnqflnqaU/wQGp/wVONLRAUwNrgEN243K4EzM pb6HafT0OoMnpZOHeC/tutWEMAK9v/k54/CSAV4BFdnJrflXF65Bsm4ZXrNTzqDZ 1fRavvj0FRZ1/hK43oWcKgtP3D8ZAWz40d9o0XgubA70VfDP5CsJLSi7VPMSsQ+u vQeEGixNm0ILHIKXh7sjDT9dcl/7Q2W+OgksrQIDAQABo4ICGzCCAhcwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBSkjUZ3CpKTfs+pV7+br4UIzrWMODAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcggpsYXJvY2EuYmFygg53d3cubGFyb2Nh LmJhcjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA 7wB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjqUvtBQAAAQD AEYwRAIgFWqgRZQWSLBIiMNFLkpPF7SZjHnkhGN2Mh03zrsRVSoCIGsb5bqYs3PE TpmKrMiMUMtkFip5wsI4yz/DXQf5+usYAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp 3GhCCp/mZ0xaOnQAAAGOpS+0WAAABAMARzBFAiEAqgWkKlASX8RBwXQdvz1LLLq0 Q3puJfJwYJCl7xnhkcMCIEcF2U+nAeD3N9UNOv+3FK+j2u7c8oslUNciPvMr1aq5 MA0GCSqGSIb3DQEBCwUAA4IBAQCkGVqeaId997+tU0p8pWH5e9q35uMbityhTzGh xX73oxlNOHh4OFLeHY9M4vFAxP12U1Ibatv2l4u8/W+UON2v2wIoQ/G3Xjb79QiI ONDjq8v8y8aVOH9t3WJAMuKpjrI8hq943MFzcjkVb9e01nCjpB6UK4w8PaiMi0C+ GBmGwefSvfQKzWT6VQSMAH+zqoR3jMeiY07dK4+I+uQsTtbAzWs7D7Ko6KVazDaM Lhya3nQtOlYtFWLu0aujuzVV978xcNl6VBiwEop/f3ZZPV77/z2cGz+AauvTuTsY 3bSNe1fCyJZ/V81hp32pM/C14Lyx+Pj3TjaIIEShOq457NH2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvlLCpj5S4BKWT6p6airl sXOcTN9qO+U1TPWBveZAo9tpsJ2E56W0w50m2K5VgHFbnjfp31I7YCujXEXQVvtN 8CpwUWQjw1PCPdSGtY2nZfl4ag7ABR6a4AE/+XjAqlEJ1RK7agE319+p1CYyMike ZtfgkHMti6YV7jAzSVzzNPhHm2LxOYI/vXTpEuq64E+5X/NnYUFa5lsh6KmBukLO c9U4XI8o5I1n6ugD0kOTCqumYl2qT6MN6HDcusYSgfe6SsZ+gZkO9DnQdoysOwWE niJ105ukrXC4jkvoYC60nUUaLeUt3lVdrc+24fG8nt4+mSZEota7fA5+k0zAnBf0 DUJu1iRa7eF+ggfnSZ2uIsdxLSIpcagnxqcofT+bCi9clFy7T8ihQ9Da2QHTMwVr w3/+tpeDruL4ldq7i6D9rH3Ys45pzIDtQKslLjdd9igl2n9hKTDkiCc9I/td+U6h sld8SsqsJwmGY56n5Z6mlP8EBqf8FTjS0QFMDa4BDduNyuBMzKW+h2n09DqDJ6WT h3gv7brVhDACvb/5OePwkgFeARXZya35VxeuQbJuGV6zU86g2dX0Wr749BUWdf4S uN6FnCoLT9w/GQFs+NHfaNF4LmwO9FXwz+QrCS0ou1TzErEPrr0HhBosTZtCCxyC l4e7Iw0/XXJf+0NlvjoJLK0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 321184124736751072587791241428232589689428 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 17:19:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 17:19:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'laroca.bar' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 776451250922160212331739224374767733119629818013403850668932171470858115133235030072269560709306026038188802842168751145301415377024363917838883459779400565080823317418918995780672420218303112448261657584670063799157632965393282535460156045425200673735902431177149654089523004844569256503894934490282841216534199800141185898119171607350198828501149367481083077852508565848641224924623328713537795699640149521993472890684449201305025192608970758970924338659337780400361924953212772014246622253501754721196410217192222270098238901596231308202375703818336220817581306285292017569592155657714489252800761668366013065874463648735766075412294541855391454163892117726618712980507730259319262850257383840490074651720876151406648927218549065264613701684075269635223936591278151702481939686539043053674452739625054196883083825068024744822164472293081071404288953413193741752623248546441818508074834559867410920512419076928887747582628104863230155771464343362595197127956942309783065325650077189317753336982339799592170732152911629952157188401456252935722156778651427160181963635555970797712671701935304050470594955291340469251434318276826059468815527525441660473499670329524660668800525309944001652759849628782502453256986917870776990353140909 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a48d46770a92937ecfa957bf9baf8508ceb58c38 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'laroca.bar' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.laroca.bar' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ea52fb41400000403004630440220156aa045941648b04888c3452e4a4f17b4998c79e4846376321d37cebb11552a02206b1be5ba98b373c44e998aacc88c50cb64162a79c2c238cb3fc35d07f9faeb1800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ea52fb4580000040300473045022100aa05a42a50125fc441c1741dbf3d4b2cbab4437a6e25f2706090a5ef19e191c302204705d94fa701e0f737d50d3affb714afa3daeedcf28b2550d7223ef32bd5aab9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a4195a9e68877df7bfad534a7ca561f97bdab7e6e31b8adca14f31a1c57ef7a3194d3878783852de1d8f4ce2f140c4fd7653521b6adbf6978bbcfd6f9438ddafdb022843f1b75e36fbf5088838d0e3abcbfccbc695387f6ddd624032e2a98eb23c86af78dcc1737239156fd7b4d670a3a41e942b8c3c3da88c8b40be181986c1e7d2bdf40acd64fa55048c007fb3aa84778cc7a2634edd2b8f88fae42c4ed6c0cd6b3b0fb2a8e8a55acc368c2e1c9ade742d3a562d1562eed1aba3bb3555f7bf3170d97a5418b0128a7f7f76593d5efbff3d9c1b3f806aebd3b93b18ddb48d7b57c2c8967f57cd61a77da933f0b5e0bcb1f8f8f74e36882044a13aae39ecd1f6