generation-sara-foundation.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:08:8f:8a:f3:50:d8:1f:9f:68:9f:93:40:d0:b7:a7:76:44 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=generation-sara-foundation.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:08:8f:8a:f3:50:d8:1f:9f:68:9f:93:40:d0:b7:a7:76:44Serial Number (int): 264249917806042642103721786365658368800324
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e8:d2:3e:63:94:00:88:71:89:e4:74:ef:71:cc:89:55:17:12:a6:0f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 85:a6:28:9f:f7:51:d4:40:34:b9:1c:fc:5d:53:1a:3a:7d:92:88:ea
Fingerprint (sha256): 00:01:90:9a:ba:20:10:37:ca:08:d0:6f:2d:74:cd:da:43:0f:6a:1e:80:4c:1b:3f:8b:00:5b:de:75:60:2c:0a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate generation-sara-foundation.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for generation-sara-foundation.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
generation-sara-foundation.org
www.generation-sara-foundation.org
www.generation-sara-foundation.org
Other certificates including the domain name generation-sara-foundation.org
(limited to 100 certificates)
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
Certificate
The complete raw certificate details for generation-sara-foundation.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgISAwiPivNQ2B+faJ+TQNC3p3ZEMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MDcxNzU1MDBaFw0x NzExMDUxNzU1MDBaMCkxJzAlBgNVBAMTHmdlbmVyYXRpb24tc2FyYS1mb3VuZGF0 aW9uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4OFMHaTgSC Td/jACGikznp9+kx2TAPsxFHydgKwYJy0ykYaff41pBoBN+OZhe66jOe6amojcnD Vr8QViaJWj8nfRrlwP4t3nIzP6gtr4q5k4WeJmxtGM7jUqcrohw8DYiWd/QVjVhM wJv4pSLcJt2g/jB5uoW4ubcWjNzgCDQ8Yszu08YFvCqse8i26I8KJdjVAjuYVJqP CaplqW+XCmqYXUnHyGJccjGyygaXRwR/5jCnUzEKcOne+XhoBxvxq8tRMpSLsP51 o/IhHppwfQcMFTTt9aRRtViqhDGd2DAHH2m7CSPZkieDDqVOpe2aQf78J79mcGp4 IWu2czajcUMCAwEAAaOCAkIwggI+MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU6NI+ Y5QAiHGJ5HTvccyJVRcSpg8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzBNBgNVHREERjBEgh5nZW5lcmF0aW9uLXNhcmEt Zm91bmRhdGlvbi5vcmeCInd3dy5nZW5lcmF0aW9uLXNhcmEtZm91bmRhdGlvbi5v cmcwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYG CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy eXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAcOV6GGqocHOA 9M/F8r/8tnrgi4GR2NOUQshpmGp5TiEJbCjIhYwd4o9L9u0bZ89d1c8iG3HPuYmN 4H9g0a+ku7gL8BUinL82lJMjz8lHAO6OjKc6B80jSMVkOSoUTqoGM9rlxJcFpwHC kMSdTNk09QDBViFaS/8W1zgcG3A6nbLhuzUxA+48wPL4haMzZ5EdivVDDgiYxtI6 QViNY1lb0zy7/y+I+nFTZ60Po92AM49zqfyQJoQvm1uJBY5XWpv1IrtX+QsI0eqm Okf7pZIyG1Accm2Sj0tovSkNNuBRrk9jamN0B87eHUR2mUukGPevKrU9DK4sEtLi 0BusIj+j4w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg4UwdpOBIJN3+MAIaKT Oen36THZMA+zEUfJ2ArBgnLTKRhp9/jWkGgE345mF7rqM57pqaiNycNWvxBWJola Pyd9GuXA/i3ecjM/qC2virmThZ4mbG0YzuNSpyuiHDwNiJZ39BWNWEzAm/ilItwm 3aD+MHm6hbi5txaM3OAINDxizO7TxgW8Kqx7yLbojwol2NUCO5hUmo8JqmWpb5cK aphdScfIYlxyMbLKBpdHBH/mMKdTMQpw6d75eGgHG/Gry1EylIuw/nWj8iEemnB9 BwwVNO31pFG1WKqEMZ3YMAcfabsJI9mSJ4MOpU6l7ZpB/vwnv2Zwangha7ZzNqNx QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 264249917806042642103721786365658368800324 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-07 17:55:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-05 17:55:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'generation-sara-foundation.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23992221584350896118469749120322257649636898576365727325886808026218876215047485773766809484077830246562998675177164699025167866475310357565274158668560292068828708882115264167874911727337004825861399259640824959253668095060925806487374586319834104851591364825167223362459511588995331778505123527288044578920937617108959129205845401976060396725700263036492380019108462082279616501456314202353141074656718057382930489696649456905789955971889823870344363546250929116643011630712137969187341020317859960218282482087840241222243646970443905672381093027957540814906152535250466712394000102929351221280745705678112957886787 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e8d23e639400887189e474ef71cc89551712a60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'generation-sara-foundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generation-sara-foundation.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0070e57a186aa8707380f4cfc5f2bffcb67ae08b8191d8d39442c869986a794e21096c28c8858c1de28f4bf6ed1b67cf5dd5cf221b71cfb9898de07f60d1afa4bbb80bf015229cbf36949323cfc94700ee8e8ca73a07cd2348c564392a144eaa0633dae5c49705a701c290c49d4cd934f500c156215a4bff16d7381c1b703a9db2e1bb353103ee3cc0f2f885a33367911d8af5430e0898c6d23a41588d63595bd33cbbff2f88fa715367ad0fa3dd80338f73a9fc9026842f9b5b89058e575a9bf522bb57f90b08d1eaa63a47fba592321b501c726d928f4b68bd290d36e051ae4f636a637407cede1d4476994ba418f7af2ab53d0cae2c12d2e2d01bac223fa3e3