DV SSL/TLS Certificate for paulogasparotto.com.br

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the paulogasparotto.com.br DV SSL/TLS Certificate

This certificate with serial number 05:0c:5b:1d:db:89:26:48:84:04:1b:30:3a:ee:56:fc:a9:d4 for paulogasparotto.com.br was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for paulogasparotto.com.br provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:0c:5b:1d:db:89:26:48:84:04:1b:30:3a:ee:56:fc:a9:d4
Serial Number (int): 439765932838791629209745848935120509905364
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: e4:0e:36:cd:02:a8:b5:c6:25:93:8c:74:ec:2a:2b:96:38:c1:09:5e
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): fa:98:96:72:73:7d:ab:f5:46:6a:00:39:d7:87:00:16:1f:96:06:6c
Fingerprint (SHA-256): 87:b0:ed:e1:b2:ee:a6:b1:b9:2f:64:96:47:84:8d:59:fa:30:4a:80:a3:d9:a8:c1:89:9d:d6:83:61:04:1e:9e

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/85.crl

Check the revocation status for certificate paulogasparotto.com.br
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for paulogasparotto.com.br

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for paulogasparotto.com.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISBQxbHduJJkiEBBswOu5W/KnUMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNzA3MjExMjM2WhcNMjUxMDA1MjExMjM1WjAhMR8wHQYDVQQD
ExZwYXVsb2dhc3Bhcm90dG8uY29tLmJyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEApjY73MlTh5LGMlv4v5R6oIaiERwd5pC+nrlI5ZdIKDK+zznMmaDM
LoA1pzECJnLSxxh47YXT5dyfprH5LAlohKJAR1druu7QTa1jbLZLizwv0+LL5GSX
nRvzpNHyIAaxOZ1peKszPpz8q0znUhROsXyghRSOCYw3mKmq1VEsYRVLMp92/eNl
XikSb1y13fJleU54K4EX80E0STmvzwTnlcAsLes+Ic4F18HUkUHH6Aq614OcLmG4
aiH6P68I9XKxGp4QloT726B17t4i9thfDCLz38KdBdPGPV1kjBSJHdUsAhueqgpu
TMB2C/GkuWkhH5r+ImkvvSM23QZGRDtawQIDAQABo4ICQDCCAjwwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBTkDjbNAqi1xiWTjHTsKiuWOMEJXjAfBgNVHSMEGDAWgBS7
vMNHpeS8qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKG
F2h0dHA6Ly9yMTAuaS5sZW5jci5vcmcvMDsGA1UdEQQ0MDKCGCoucGF1bG9nYXNw
YXJvdHRvLmNvbS5icoIWcGF1bG9nYXNwYXJvdHRvLmNvbS5icjATBgNVHSAEDDAK
MAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEwLmMubGVuY3Iu
b3JnLzg1LmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AH1ZHhLheCp7HGFn
fF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABl+bxXHoAAAQDAEYwRAIgOuTfIN5SukHr
pUXd2Bu+pU9xyAO0T4WsDLck1qg8L60CIGbYqNtlZPERJZx74jBG2PAvf0vsCRoC
L695ph2K8J6UAHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGX
5vFcmAAABAMASDBGAiEA29FWs3eDH8uGsK0JthLbQru/cFW9CC+ZQJUsShfDFx0C
IQCXEvbC8HLTJi+RpcNmzLe1o79Guz53XKCmq25oygNwVjANBgkqhkiG9w0BAQsF
AAOCAQEAzuKcyyi/C4MZon0PAR2dkXwMdzsXODn7G3Eq6aU+YgqXap0cfBQNzHd9
2Gg2y+hMGkki5Y56V3rNX3Xm2xxIZABnd0xJ1Ji/jAfREyHBhFmPi44RbPb7Ucs7
uEYY18du41hffBrSdQlP6ZRCJrGQpevu+LkHCBYrcb5VDXliMqPzDWDwo/lUf5ml
dnicR0g/EQEehrVi32yhc0Kd9ARtBxE6jLzMcF6chFghqqS7E9jC1U7BS9xi7WHe
YtPFkILKdExxFGz47X/nf27LisSwWi9FEEYhHNDzzq6WtLG8W2n61nw4MxMKR9cn
9S8XV+P9cn6qJ6omohdlWZAd1nqhkQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjY73MlTh5LGMlv4v5R6
oIaiERwd5pC+nrlI5ZdIKDK+zznMmaDMLoA1pzECJnLSxxh47YXT5dyfprH5LAlo
hKJAR1druu7QTa1jbLZLizwv0+LL5GSXnRvzpNHyIAaxOZ1peKszPpz8q0znUhRO
sXyghRSOCYw3mKmq1VEsYRVLMp92/eNlXikSb1y13fJleU54K4EX80E0STmvzwTn
lcAsLes+Ic4F18HUkUHH6Aq614OcLmG4aiH6P68I9XKxGp4QloT726B17t4i9thf
DCLz38KdBdPGPV1kjBSJHdUsAhueqgpuTMB2C/GkuWkhH5r+ImkvvSM23QZGRDta
wQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 439765932838791629209745848935120509905364
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-07 21:12:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-05 21:12:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'paulogasparotto.com.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20982302326478930274963218807436913248513072010004232774914484324961266693568053559409866818462726898114367915025700220666625495905309568614515981903904878894596163665050087825782489432899849943482881693320387152102231784969572948398746294355761193781288099402408433370867550359850194560609489494273155932389480660011431349896872378439430565636876383803108806055155681043871921061278962300034539282425484203709117260421866687252509501383241655213840981666902861038495941634490291808926557931376622383112880126253573359808428155103875673514037055041377249258458969956478399674703928621344436369187528337810014940650177
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e40e36cd02a8b5c625938c74ec2a2b9638c1095e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.paulogasparotto.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paulogasparotto.com.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/85.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000197e6f15c7a000004030046304402203ae4df20de52ba41eba545ddd81bbea54f71c803b44f85ac0cb724d6a83c2fad022066d8a8db6564f111259c7be23046d8f02f7f4bec091a022faf79a61d8af09e94007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197e6f15c980000040300483046022100dbd156b377831fcb86b0ad09b612db42bbbf7055bd082f9940952c4a17c3171d0221009712f6c2f072d3262f91a5c366ccb7b5a3bf46bb3e775ca0a6ab6e68ca037056
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00cee29ccb28bf0b8319a27d0f011d9d917c0c773b173839fb1b712ae9a53e620a976a9d1c7c140dcc777dd86836cbe84c1a4922e58e7a577acd5f75e6db1c48640067774c49d498bf8c07d11321c184598f8b8e116cf6fb51cb3bb84618d7c76ee3585f7c1ad275094fe9944226b190a5ebeef8b90708162b71be550d796232a3f30d60f0a3f9547f99a576789c47483f11011e86b562df6ca173429df4046d07113a8cbccc705e9c845821aaa4bb13d8c2d54ec14bdc62ed61de62d3c59082ca744c71146cf8ed7fe77f6ecb8ac4b05a2f451046211cd0f3ceae96b4b1bc5b69fad67c3833130a47d727f52f1757e3fd727eaa27aa26a2176559901dd67aa191