DV SSL/TLS Certificate for thecommunityinvestment.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the thecommunityinvestment.org DV SSL/TLS Certificate

This certificate with serial number 06:ed:23:20:46:ea:8c:30:12:df:6b:4e:08:fc:89:50:c1:dc for thecommunityinvestment.org was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for thecommunityinvestment.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:ed:23:20:46:ea:8c:30:12:df:6b:4e:08:fc:89:50:c1:dc
Serial Number (int): 603367327122527289193491992432117929787868
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 32:b1:86:c6:d9:34:1b:63:fa:7d:61:0d:0a:18:d6:e8:1f:71:19:b0
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 04:03:88:1e:b6:c9:43:ae:e9:9b:65:25:4f:bd:d7:4d:14:0b:42:3f
Fingerprint (SHA-256): 9e:78:d3:76:ab:12:3e:78:17:95:32:b3:e0:8f:df:8c:51:1b:3d:15:d7:6a:50:09:9a:70:e2:cb:31:43:4f:85

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/93.crl

Check the revocation status for certificate thecommunityinvestment.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for thecommunityinvestment.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for thecommunityinvestment.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISBu0jIEbqjDAS32tOCPyJUMHcMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjA2MjEwNzE1WhcNMjUwOTA0MjEwNzE0WjAlMSMwIQYDVQQD
Exp0aGVjb21tdW5pdHlpbnZlc3RtZW50Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuUaettdgxDoiLFNTfpue47P80z0tn3B/uUyDffSglU/4vI
XkSVpbaZmbjoJn7pmX0iULRNqDPwStJpMOwMcXm9rCc+QupwvW3mVzrpmbzpZWPJ
2o/FAPcmfgOxXg/Z1aSvwy3XR048P+cvqUMy4a+dBZzMCl+CyBhsYsPC98SORv1p
6LB78fnFQU0UJUyZqH51DZ+vCnvrDV/zh9JIXspnA2m10MWVL4YZLNOVq5ze9PyY
q3bfKmhbdc/WtOMdJBQfZhqV5FrhbWpYjdbUb2268U/jherZISAvVIyKoJCDfIOm
B54ke7P41eOp0Qj3ZuZoIfpQ2777ut6ECAT+5s0CAwEAAaOCAkwwggJIMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQUMrGGxtk0G2P6fWENChjW6B9xGbAwHwYDVR0jBBgw
FoAUxc9GpOr0w8B6bJXELbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUF
BzAChhdodHRwOi8vcjExLmkubGVuY3Iub3JnLzBFBgNVHREEPjA8ghp0aGVjb21t
dW5pdHlpbnZlc3RtZW50Lm9yZ4Ied3d3LnRoZWNvbW11bml0eWludmVzdG1lbnQu
b3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6
Ly9yMTEuYy5sZW5jci5vcmcvOTMuY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADy
AHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGXR0dRbgAABAMA
SDBGAiEA/atzClLKkQ1lRA2+8wEJTtI7uNUYPFXcM8gzo3tgQK8CIQDigGmNg10i
kOCOqjktEu4hvobCzXZMkEIuXJ6QZdWwPQB3AN3cyjSV1+EWBeeVMvrHn/g9HFDf
2wA6FBJ2Ciysu8gqAAABl0dHWXIAAAQDAEgwRgIhALOZM9w6mrMCeupefHXlfA3f
om87BBa2brW0MO9H9TJ0AiEA4AZe0nKPSezdDdu7dHIzQ+UcUqnYpvx24cNfNfiz
QAAwDQYJKoZIhvcNAQELBQADggEBAHqvZOF6FcL6iuMHngWE3lLt0PM5ZyiyNvuI
faS4Um98ijqtwrmt93qgDYqb2uYeqGwlPSd7f6KGu8dH79RBeo55NotIkKzFCtBf
Uqyyrhd443GvLXY/WiFSvcO8zPpfaJIgzfTvoFMZMNb47NgDUEyHxN0CAs2m1dJZ
TIeiqINwclqkk0GQV/Yo6eNT17uRRLFHER5AH9NB0LS4bkmAHzTONy4DdjTXsGo2
1VM1A6lmYEGPxBB+p2RYai1Wj9JhViu6Ek/2jdNoFvJkSVWLUtYq9fZl+Xgif87P
gqBEky5eydElx0Ocsyzn9u5/RoG/aVCTtdb4sqVQsPBLJE68hq8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25Rp6212DEOiIsU1N+m5
7js/zTPS2fcH+5TIN99KCVT/i8heRJWltpmZuOgmfumZfSJQtE2oM/BK0mkw7Axx
eb2sJz5C6nC9beZXOumZvOllY8naj8UA9yZ+A7FeD9nVpK/DLddHTjw/5y+pQzLh
r50FnMwKX4LIGGxiw8L3xI5G/WnosHvx+cVBTRQlTJmofnUNn68Ke+sNX/OH0khe
ymcDabXQxZUvhhks05WrnN70/Jirdt8qaFt1z9a04x0kFB9mGpXkWuFtaliN1tRv
bbrxT+OF6tkhIC9UjIqgkIN8g6YHniR7s/jV46nRCPdm5mgh+lDbvvu63oQIBP7m
zQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 603367327122527289193491992432117929787868
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-06 21:07:15 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-04 21:07:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thecommunityinvestment.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27719374334659173408175843196486099343769435834530919316716056954992275477171334535770830530187650359619296328141915501008297729401185595243072688035785389614295487905982679176898868311263585919890366924841759764860672141871997378836881228087344526535435027175439165898798987598617586906740430634464518742487304436152857806657629037263091500524633974264476312702983356204734398368224231706914649180578087440949745172719873799563687581300331080305556491130060202749461307252224591373610605651973297256471837816664271356625356082309168513865155108603099505261813422988570554303568447896274361074377415402033311205222093
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							32b186c6d9341b63fa7d610d0a18d6e81f7119b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thecommunityinvestment.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thecommunityinvestment.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/93.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001974747516e0000040300483046022100fdab730a52ca910d65440dbef301094ed23bb8d5183c55dc33c833a37b6040af022100e280698d835d2290e08eaa392d12ee21be86c2cd764c90422e5c9e9065d5b03d007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000197474759720000040300483046022100b39933dc3a9ab3027aea5e7c75e57c0ddfa26f3b0416b66eb5b430ef47f53274022100e0065ed2728f49ecdd0ddbbb74723343e51c52a9d8a6fc76e1c35f35f8b34000
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007aaf64e17a15c2fa8ae3079e0584de52edd0f3396728b236fb887da4b8526f7c8a3aadc2b9adf77aa00d8a9bdae61ea86c253d277b7fa286bbc747efd4417a8e79368b4890acc50ad05f52acb2ae1778e371af2d763f5a2152bdc3bcccfa5f689220cdf4efa0531930d6f8ecd803504c87c4dd0202cda6d5d2594c87a2a88370725aa493419057f628e9e353d7bb9144b147111e401fd341d0b4b86e49801f34ce372e037634d7b06a36d5533503a96660418fc4107ea764586a2d568fd261562bba124ff68dd36816f26449558b52d62af5f665f978227fcecf82a044932e5ec9d125c7439cb32ce7f6ee7f4681bf695093b5d6f8b2a550b0f04b244ebc86af