deandrea.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:b4:e1:9e:b7:14:5f:fc:c0:e0:11:2d:04:a0:7e:7b:ab:07 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=deandrea.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b4:e1:9e:b7:14:5f:fc:c0:e0:11:2d:04:a0:7e:7b:ab:07Serial Number (int): 322887584236300145292056010288640883927815
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e2:7c:89:ea:55:e4:93:7a:eb:a3:d2:18:13:70:22:06:9e:22:b5:cc
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 02:5b:6b:28:9d:3f:64:4d:1f:2a:69:75:48:3c:16:08:13:2d:3f:ed
Fingerprint (sha256): fd:73:8b:55:55:14:01:56:a7:b7:e3:52:8b:97:b8:cc:dd:dd:e5:23:43:81:5a:28:61:95:62:5b:f8:42:c8:3d
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate deandrea.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for deandrea.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
deandrea.com
Other certificates including the domain name deandrea.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for deandrea.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISA7ThnrcUX/zA4BEtBKB+e6sHMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjUxMjMwNTZaFw0x OTA4MjMxMjMwNTZaMBcxFTATBgNVBAMTDGRlYW5kcmVhLmNvbTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAMRtK3jkkRs4vIkOa64uMC8pfvJSsz0MpZpB XvZP6rySjeGNcYRHavr9AfFJ1gHSdNU1h8RmH+UmFknrLx27Duk+5qAx20bpynAG ynI4a4tcky+N/TEmNKuBqfqZ3+F6EzKdVXKiKmaaiRMUr5GT1iELTKRjyG+32s3W dRZ4A67EaoQ4LYYMATKdfJxt219pQgDvnEMhggtbbfM1rjmPFvBn5MMJiu3lMwKQ 5TH8NtAWpu46scDZkKKTiRzLhxdbAxfhCTd1Vw7q+ni+tHPLrWo7ruH0VyIuKOMn 5iKUgcBHkiyG0QWCvFJKBq0u9tjBeVRXbLn0cz7TuEIqEj7MzP3dPOlrsNQULl2Z gYeAGXS7lNO5iN3WBHiWKgjnLzloy5lnZAkdKvhlMgzUEFHoOV49pjvOWWrUb8lK WalzxAnnY681T8GeKre2lgGAqh9/NsvTRHprZSqvIEqk1Sthh6nq8eYXFDqU0nbE Kw5zZPJNSurrE4CAFSU9Y9VNGuEWoV3VJWmBLzdx+LaAjLYoDoKht0nI0ba70+AN 2/97evhYv7V8Ai0LdbWaWywjQZLN1eS+0w3JTIwJX3enUgh7ThJrIeWIS78JoMU/ xKdA1kKUtWFVX4lyv7Wx/wwkMrvV3RE8/T+R183UM5rvimlrjai0o2V+OKlOvVb1 3NYf1FS/AgMBAAGjggJgMIICXDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOJ8iepV 5JN666PSGBNwIgaeIrXMMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMZGVhbmRyZWEuY29tMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv AHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFq7y/rSwAABAMA RzBFAiEArtOskFtBrc8A2Cbi3EEqxXaL1OPf47qVMNBuR/xEkVsCIFNYsCDxif9b twARR3D46dF0ur/hI2vJv1I+952tttOhAHUAY/Lbzeg7zCzPC3KEJ1drM6SNYXeP vXWmOLHHaFRL2I0AAAFq7y/rSAAABAMARjBEAiB/YVSqSmP2qjx2KBT4D1v8Ymk6 f8thtZyWg57/k6JO8AIgcJK/L/3eiUhrAZyzB72QsPSpwRwZRFHzPO5ziMkveI8w DQYJKoZIhvcNAQELBQADggEBACkq54cZtJ7yathYtCcwZB3ND+7mn8mJdxkOg+aN QQlsg0+5DQdtPUqpQZBqc3rEid33x/dKnDtGd9cPsbYGioXUvPW7YzIjMI4aHX2L F9Ckrw0THjj25ZXqL9nlfvEoVYqcaPrLj1T25fHrsx5ZcDSeIdl9bnBIQPWxM19v r5/0fNd2r+5dji04FZD6NHkV3p4wXXMt5a8kf0JudS2ZI8JHWpBARDmgaunJeJ7J qyW2z1Ie1DNO3swY8GoHlzL+sFfDeDvCnMkEYsGMC339pJNwcChAqitR2AeHgWnC Zg0o6KK3JUnPUOdncozO8TdAKVQPOqKxQNMIMhjfeqAUS2c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxG0reOSRGzi8iQ5rri4w Lyl+8lKzPQylmkFe9k/qvJKN4Y1xhEdq+v0B8UnWAdJ01TWHxGYf5SYWSesvHbsO 6T7moDHbRunKcAbKcjhri1yTL439MSY0q4Gp+pnf4XoTMp1VcqIqZpqJExSvkZPW IQtMpGPIb7fazdZ1FngDrsRqhDgthgwBMp18nG3bX2lCAO+cQyGCC1tt8zWuOY8W 8GfkwwmK7eUzApDlMfw20Bam7jqxwNmQopOJHMuHF1sDF+EJN3VXDur6eL60c8ut ajuu4fRXIi4o4yfmIpSBwEeSLIbRBYK8UkoGrS722MF5VFdsufRzPtO4QioSPszM /d086Wuw1BQuXZmBh4AZdLuU07mI3dYEeJYqCOcvOWjLmWdkCR0q+GUyDNQQUeg5 Xj2mO85ZatRvyUpZqXPECedjrzVPwZ4qt7aWAYCqH382y9NEemtlKq8gSqTVK2GH qerx5hcUOpTSdsQrDnNk8k1K6usTgIAVJT1j1U0a4RahXdUlaYEvN3H4toCMtigO gqG3ScjRtrvT4A3b/3t6+Fi/tXwCLQt1tZpbLCNBks3V5L7TDclMjAlfd6dSCHtO Emsh5YhLvwmgxT/Ep0DWQpS1YVVfiXK/tbH/DCQyu9XdETz9P5HXzdQzmu+KaWuN qLSjZX44qU69VvXc1h/UVL8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 322887584236300145292056010288640883927815 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-25 12:30:56 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-23 12:30:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'deandrea.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 801349979448193940524113342079713170717819064680085851215763369500803500395202251925159758739246370437821392383504189687107802692881971747278501577719762288925779001597372796392375462033175118575217640200489706022863459544352788668155847783396192672936902062053451405095152060379998822302543966807627733612368603110497789267101730690367599844105215817558829567314963231538704562871659666414434591151129193157381496671207558598031699266168031090484592137186082720148694085685225701739992784870094109534049673302170261595888715492801018751404284203428466180122412648014816584308550120456598005504499969099397160033532316701541631082437353250954979468185270965587894020396202161245046534068284248917955931970173632312886818930408582675136343915674411950905369084224643383524297299605397933254832415232721231912719615873378880147322913759615949690136511834611499991642060385438273834996210997944039130849987625354272871476706558337789224279136707139271160961803323539495898422383644577536019071708272058995676606260759143830598148735741860139537851312635932756046499426677756767661248335778601344632261703183745691565059367046999630794367369260842335489110366389492624480672912255459189288786911376569989667939673214352038980736154621119 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e27c89ea55e4937aeba3d218137022069e22b5cc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'deandrea.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016aef2feb4b0000040300473045022100aed3ac905b41adcf00d826e2dc412ac5768bd4e3dfe3ba9530d06e47fc44915b02205358b020f189ff5bb700114770f8e9d174babfe1236bc9bf523ef79dadb6d3a100750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016aef2feb48000004030046304402207f6154aa4a63f6aa3c762814f80f5bfc62693a7fcb61b59c96839eff93a24ef002207092bf2ffdde89486b019cb307bd90b0f4a9c11c194451f33cee7388c92f788f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00292ae78719b49ef26ad858b42730641dcd0feee69fc98977190e83e68d41096c834fb90d076d3d4aa941906a737ac489ddf7c7f74a9c3b4677d70fb1b6068a85d4bcf5bb633223308e1a1d7d8b17d0a4af0d131e38f6e595ea2fd9e57ef128558a9c68facb8f54f6e5f1ebb31e5970349e21d97d6e704840f5b1335f6faf9ff47cd776afee5d8e2d381590fa347915de9e305d732de5af247f426e752d9923c2475a90404439a06ae9c9789ec9ab25b6cf521ed4334edecc18f06a079732feb057c3783bc29cc90462c18c0b7dfda49370702840aa2b51d807878169c2660d28e8a2b72549cf50e767728ccef1374029540f3aa2b140d3083218df7aa0144b67