generation-sara-foundation.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:08:8f:8a:f3:50:d8:1f:9f:68:9f:93:40:d0:b7:a7:76:44 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=generation-sara-foundation.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:08:8f:8a:f3:50:d8:1f:9f:68:9f:93:40:d0:b7:a7:76:44
Serial Number (int): 264249917806042642103721786365658368800324
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: e8:d2:3e:63:94:00:88:71:89:e4:74:ef:71:cc:89:55:17:12:a6:0f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 85:a6:28:9f:f7:51:d4:40:34:b9:1c:fc:5d:53:1a:3a:7d:92:88:ea
Fingerprint (sha256): 00:01:90:9a:ba:20:10:37:ca:08:d0:6f:2d:74:cd:da:43:0f:6a:1e:80:4c:1b:3f:8b:00:5b:de:75:60:2c:0a

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate generation-sara-foundation.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for generation-sara-foundation.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

generation-sara-foundation.org
www.generation-sara-foundation.org

Other certificates including the domain name generation-sara-foundation.org

(limited to 100 certificates)
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org

Certificate

The complete raw certificate details for generation-sara-foundation.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAwiPivNQ2B+faJ+TQNC3p3ZEMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MDcxNzU1MDBaFw0x
NzExMDUxNzU1MDBaMCkxJzAlBgNVBAMTHmdlbmVyYXRpb24tc2FyYS1mb3VuZGF0
aW9uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4OFMHaTgSC
Td/jACGikznp9+kx2TAPsxFHydgKwYJy0ykYaff41pBoBN+OZhe66jOe6amojcnD
Vr8QViaJWj8nfRrlwP4t3nIzP6gtr4q5k4WeJmxtGM7jUqcrohw8DYiWd/QVjVhM
wJv4pSLcJt2g/jB5uoW4ubcWjNzgCDQ8Yszu08YFvCqse8i26I8KJdjVAjuYVJqP
CaplqW+XCmqYXUnHyGJccjGyygaXRwR/5jCnUzEKcOne+XhoBxvxq8tRMpSLsP51
o/IhHppwfQcMFTTt9aRRtViqhDGd2DAHH2m7CSPZkieDDqVOpe2aQf78J79mcGp4
IWu2czajcUMCAwEAAaOCAkIwggI+MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU6NI+
Y5QAiHGJ5HTvccyJVRcSpg8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo
7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnLzBNBgNVHREERjBEgh5nZW5lcmF0aW9uLXNhcmEt
Zm91bmRhdGlvbi5vcmeCInd3dy5nZW5lcmF0aW9uLXNhcmEtZm91bmRhdGlvbi5v
cmcwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYG
CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH
AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u
IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg
dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy
eXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAcOV6GGqocHOA
9M/F8r/8tnrgi4GR2NOUQshpmGp5TiEJbCjIhYwd4o9L9u0bZ89d1c8iG3HPuYmN
4H9g0a+ku7gL8BUinL82lJMjz8lHAO6OjKc6B80jSMVkOSoUTqoGM9rlxJcFpwHC
kMSdTNk09QDBViFaS/8W1zgcG3A6nbLhuzUxA+48wPL4haMzZ5EdivVDDgiYxtI6
QViNY1lb0zy7/y+I+nFTZ60Po92AM49zqfyQJoQvm1uJBY5XWpv1IrtX+QsI0eqm
Okf7pZIyG1Accm2Sj0tovSkNNuBRrk9jamN0B87eHUR2mUukGPevKrU9DK4sEtLi
0BusIj+j4w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg4UwdpOBIJN3+MAIaKT
Oen36THZMA+zEUfJ2ArBgnLTKRhp9/jWkGgE345mF7rqM57pqaiNycNWvxBWJola
Pyd9GuXA/i3ecjM/qC2virmThZ4mbG0YzuNSpyuiHDwNiJZ39BWNWEzAm/ilItwm
3aD+MHm6hbi5txaM3OAINDxizO7TxgW8Kqx7yLbojwol2NUCO5hUmo8JqmWpb5cK
aphdScfIYlxyMbLKBpdHBH/mMKdTMQpw6d75eGgHG/Gry1EylIuw/nWj8iEemnB9
BwwVNO31pFG1WKqEMZ3YMAcfabsJI9mSJ4MOpU6l7ZpB/vwnv2Zwangha7ZzNqNx
QwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 264249917806042642103721786365658368800324
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-07 17:55:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-05 17:55:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'generation-sara-foundation.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23992221584350896118469749120322257649636898576365727325886808026218876215047485773766809484077830246562998675177164699025167866475310357565274158668560292068828708882115264167874911727337004825861399259640824959253668095060925806487374586319834104851591364825167223362459511588995331778505123527288044578920937617108959129205845401976060396725700263036492380019108462082279616501456314202353141074656718057382930489696649456905789955971889823870344363546250929116643011630712137969187341020317859960218282482087840241222243646970443905672381093027957540814906152535250466712394000102929351221280745705678112957886787
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e8d23e639400887189e474ef71cc89551712a60f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'generation-sara-foundation.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generation-sara-foundation.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0070e57a186aa8707380f4cfc5f2bffcb67ae08b8191d8d39442c869986a794e21096c28c8858c1de28f4bf6ed1b67cf5dd5cf221b71cfb9898de07f60d1afa4bbb80bf015229cbf36949323cfc94700ee8e8ca73a07cd2348c564392a144eaa0633dae5c49705a701c290c49d4cd934f500c156215a4bff16d7381c1b703a9db2e1bb353103ee3cc0f2f885a33367911d8af5430e0898c6d23a41588d63595bd33cbbff2f88fa715367ad0fa3dd80338f73a9fc9026842f9b5b89058e575a9bf522bb57f90b08d1eaa63a47fba592321b501c726d928f4b68bd290d36e051ae4f636a637407cede1d4476994ba418f7af2ab53d0cae2c12d2e2d01bac223fa3e3