thecommunityinvestment.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:6d:a2:ae:50:87:22:4a:05:43:f3:80:0e:f9:30:33:bc:da was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=thecommunityinvestment.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:6d:a2:ae:50:87:22:4a:05:43:f3:80:0e:f9:30:33:bc:daSerial Number (int): 385756161749693002742690418284022610509018
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: e0:eb:46:75:00:33:54:bf:f7:f8:4d:17:fd:ff:2a:be:15:2b:4c:df
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 4f:8b:49:cd:c9:07:f9:27:ce:bb:01:91:0a:c9:80:07:21:b7:32:fc
Fingerprint (sha256): 00:00:6e:90:79:94:2a:54:72:2b:0f:5e:1e:a5:1d:91:c2:a5:5a:16:e5:7e:19:fa:60:54:e3:be:fd:9d:11:1a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate thecommunityinvestment.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thecommunityinvestment.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thecommunityinvestment.org
www.thecommunityinvestment.org
www.thecommunityinvestment.org
Other certificates including the domain name thecommunityinvestment.org
(limited to 100 certificates)
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
thecommunityinvestment.org
Certificate
The complete raw certificate details for thecommunityinvestment.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgISBG2irlCHIkoFQ/OADvkwM7zaMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAxMTQxMTUwMjNaFw0x ODA0MTQxMTUwMjNaMCUxIzAhBgNVBAMTGnRoZWNvbW11bml0eWludmVzdG1lbnQu b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b4+irDvZX4ok30H zzf4QOnDDmh0cRiknjDgUmBOcijdrZQKk3sKIDov/A4uO3NerhtNz9S8FMSC3/8c lcwhgOUSYHdhvvzyGR5ALsKi/vzhh6c6hm0kAmy+OzfgzYvtN2Lpg2u1Wn6aDfW6 m2A4GOMyrcuKErSYqOlvLFgQ+OHTTIGefQi/45RvurNM4eg+BUHCfPXnJ9ZCD/Fu GWYnwgSHL7HiiSlbkdinQOynUs8l1XpEkiSd+JFGMHRY+HDgR4C2JDWoPdGg+TiC 6Qvk7J/wlK8gqKinN0xqyIstBg4KDKPzwazpnyvtWjNIwxqSQuXxm4HJVFk9TM7q i5z7MQIDAQABo4ICOjCCAjYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTg60Z1ADNU v/f4TRf9/yq+FStM3zAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMEUGA1UdEQQ+MDyCGnRoZWNvbW11bml0eWludmVzdG1l bnQub3Jngh53d3cudGhlY29tbXVuaXR5aW52ZXN0bWVudC5vcmcwgf4GA1UdIASB 9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv c2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAmx8RnVdP8ydfAGNXXksF2AfwCFrX msk4iXcSi/xUwHmwnkO49B6zHjs276t/rFin1G1Iard0FygzOqG2NVOPwP8J1URz MaCzlP2OsGHEFHJAqe91peb8X4Su0hmYb0GpbfujQecY99Y5mTbAuTXMDU7ZMulV 8+AtafbELNoOdMlkCVnxLZUBqYLdb7LTrwdlltvBQihBf5kP9ZkJgaCULoffQutg +NSaQ0toxHoojTe9fjX35cRXqxK2B6qjDC7CWcB/nD24QermlXJA+VFNVB6vHJh6 VHVprAdtk1Yc+68DJ0Izion2uw4dlLoRy9dtVU6Hqnpp97HcRSdcuCVIsw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b4+irDvZX4ok30Hzzf4 QOnDDmh0cRiknjDgUmBOcijdrZQKk3sKIDov/A4uO3NerhtNz9S8FMSC3/8clcwh gOUSYHdhvvzyGR5ALsKi/vzhh6c6hm0kAmy+OzfgzYvtN2Lpg2u1Wn6aDfW6m2A4 GOMyrcuKErSYqOlvLFgQ+OHTTIGefQi/45RvurNM4eg+BUHCfPXnJ9ZCD/FuGWYn wgSHL7HiiSlbkdinQOynUs8l1XpEkiSd+JFGMHRY+HDgR4C2JDWoPdGg+TiC6Qvk 7J/wlK8gqKinN0xqyIstBg4KDKPzwazpnyvtWjNIwxqSQuXxm4HJVFk9TM7qi5z7 MQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 385756161749693002742690418284022610509018 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-14 11:50:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-14 11:50:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thecommunityinvestment.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27992478360139541692806561252229345547153158984895029229348245282154400637075973621054705928205034156597188717317922130697455503234318398130242757320258713916471008074632928843210052064430655027594102998634536932379009319794961198155114443906740879059067051393088898278015397246542507307255661304535489295306528950725841958509574342837797048542523125487828588861245831400345313173787605212582822676018569105920494428681248982842737768797652677624443317362736014621330689392690379383583367053782709444465775491930253306401009253128186256051921590253725969652400923323767234191514019984847559113863240835504488000060209 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e0eb4675003354bff7f84d17fdff2abe152b4cdf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thecommunityinvestment.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thecommunityinvestment.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009b1f119d574ff3275f0063575e4b05d807f0085ad79ac9388977128bfc54c079b09e43b8f41eb31e3b36efab7fac58a7d46d486ab7741728333aa1b635538fc0ff09d5447331a0b394fd8eb061c4147240a9ef75a5e6fc5f84aed219986f41a96dfba341e718f7d6399936c0b935cc0d4ed932e955f3e02d69f6c42cda0e74c9640959f12d9501a982dd6fb2d3af076596dbc14228417f990ff5990981a0942e87df42eb60f8d49a434b68c47a288d37bd7e35f7e5c457ab12b607aaa30c2ec259c07f9c3db841eae6957240f9514d541eaf1c987a547569ac076d93561cfbaf032742338a89f6bb0e1d94ba11cbd76d554e87aa7a69f7b1dc45275cb82548b3