airquality.gsfc.nasa.gov

Issued by R3

About this certificate

This digital certificate with serial number 04:e9:32:4a:3f:05:9d:f7:8b:a9:64:3b:83:1e:7a:83:9a:ff was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=airquality.gsfc.nasa.gov

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:e9:32:4a:3f:05:9d:f7:8b:a9:64:3b:83:1e:7a:83:9a:ff
Serial Number (int): 427801782127613260197731200915247460489983
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 25:76:8f:56:95:b3:00:38:d4:b4:e5:f6:8a:e7:2a:50:df:c7:5d:ef
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): e4:0d:3f:2d:38:e8:01:90:73:8d:b7:a5:62:07:f4:31:3a:cd:1b:f8
Fingerprint (sha256): 00:bc:bc:19:e1:11:df:21:25:02:15:16:93:21:38:1f:17:94:fb:22:ae:19:aa:95:81:d8:db:e0:0c:76:89:05

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate airquality.gsfc.nasa.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for airquality.gsfc.nasa.gov

Public Key Algorithm

ECDSA

Key Size

384

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

airquality.gsfc.nasa.gov

Other certificates including the domain name nasa.gov

(limited to 100 certificates)
*.jpl.nasa.gov
*.jpl.nasa.gov
*.jpl.nasa.gov
sma.gsfc.nasa.gov
*.jpl.nasa.gov
maptis.ndc.nasa.gov
*.jpl.nasa.gov
nirps-staging.msfc.nasa.gov
plop.nascom.nasa.gov
aerocenter.gsfc.nasa.gov
grin.hq.nasa.gov
*.jpl.nasa.gov
*.jpl.nasa.gov
*.jpl.nasa.gov
7-seas.gsfc.nasa.gov
lrp.at.nasa.gov
spacecomm.nasa.gov
www-gsfc.edn.gsfc.nasa.gov
science.hq.nasa.gov
server-mpo.arc.nasa.gov
*.jpl.nasa.gov
*.fltops.jpl.nasa.gov
hsi.arc.nasa.gov
step.nasa.gov
ensight.eosdis.nasa.gov
photonics.gsfc.nasa.gov
education.jsc.nasa.gov
AntiSpam.ndc.nasa.gov
cptrace.nasa.gov
msfcvpn.nasa.gov
devexpresswayc1.jpl.nasa.gov
sip.jpl.nasa.gov
omisips2.omisips.eosdis.nasa.gov
*.jpl.nasa.gov
nai-ar.ndc.nasa.gov
code.luna.nasa.gov
atfi.hq.nasa.gov
veritas.ndc.nasa.gov
handbook.appdat.jsc.nasa.gov
*.jpl.nasa.gov
gs6102dsc-atrain.gesdisc.eosdis.nasa.gov
stereo-ssc.nascom.nasa.gov
*.dip.amesaero.nasa.gov
monitoring.eva.appdat.jsc.nasa.gov
*.jpl.nasa.gov
straw.nasa.gov
code541.gsfc.nasa.gov
*.jpl.nasa.gov
nescacademy.larc.nasa.gov
ecc.earthdata.nasa.gov
*.jpl.nasa.gov
cptrace.nasa.gov
corrosion.ksc.nasa.gov
minx-docs.arc.nasa.gov
omisips1.omisips.eosdis.nasa.gov
ceres-wg.larc.nasa.gov
*.jpl.nasa.gov
supplychain1.gsfc.nasa.gov
aerocenter.gsfc.nasa.gov
*.jpl.nasa.gov
search.earthdata.nasa.gov
docserver.gesdisc.eosdis.nasa.gov
xanth.nsstc.nasa.gov
science.wff.nasa.gov
dashboard.sandbox.lpdaac.earthdata.nasa.gov
*.jpl.nasa.gov
*.jpl.nasa.gov
istd.gsfc.nasa.gov
uat.earthdata.nasa.gov
*.hq.nasa.gov
sra.jsc.nasa.gov
gs6102dsc-web2.gesdisc.eosdis.nasa.gov
*.jpl.nasa.gov
cxfmea-cil.nasa.gov
glitch.jpl.nasa.gov
openhouse.larc.nasa.gov
*.jpl.nasa.gov
femci.gsfc.nasa.gov
*.jpl.nasa.gov
vso1.nascom.nasa.gov
cpex.jpl.nasa.gov
urap.gsfc.nasa.gov
*.mdscc.nasa.gov
airquality.gsfc.nasa.gov
lance4.modaps.eosdis.nasa.gov
*.jpl.nasa.gov
fcportal.nsstc.nasa.gov
*.nccs.nasa.gov
sms-web.gdscc.fltops.jpl.nasa.gov
*.jpl.nasa.gov
*.jpl.nasa.gov
*.jpl.nasa.gov
sfa.staging.ird.appdat.jsc.nasa.gov
omisips1.omisips.eosdis.nasa.gov
lacerta.gsfc.nasa.gov
developer.sit.earthdata.nasa.gov
sta3cd-map.larc.nasa.gov
gsfcvpn.nasa.gov
iris.production.appdat.jsc.nasa.gov
ozoneaq.gpc.gsfc.nasa.gov

Certificate

The complete raw certificate details for airquality.gsfc.nasa.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIETjCCAzagAwIBAgISBOkySj8FnfeLqWQ7gx56g5r/MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MTAwMzAwMTdaFw0yNDA4MDgwMzAwMTZaMCMxITAfBgNVBAMT
GGFpcnF1YWxpdHkuZ3NmYy5uYXNhLmdvdjB2MBAGByqGSM49AgEGBSuBBAAiA2IA
BBBzp2u5b/f+NMlRAMIMfXEUKUr/3ulvTYfJ/NtPlWe5yd1truBTwZ1dyS+uYLzG
yPEPl8SS1VcvfWtnpbzANCAl4aRKZY/q0Tw8p9kqS7DzOkm2aeIvkgoWibxBEcNb
MaOCAhkwggIVMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUJXaPVpWzADjUtOX2iucq
UN/HXe8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUH
AQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYB
BQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYYWlycXVh
bGl0eS5nc2ZjLm5hc2EuZ292MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYB
BAHWeQIEAgSB9ASB8QDvAHUAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4
ZG4AAAGPYKirTQAABAMARjBEAiApB5sGD4sgWaCDC6oFHHHwtpE8tucXrbYUZ1W9
PBjRywIgfpLg8TYPUd1SidgXZsHILuBAq2Ka0Uu4eqPe6lpz2VQAdgBIsONr2qZH
NA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY9gqKuqAAAEAwBHMEUCIQDWJ1Nc
pzbis5EsOSwZclOJuthjKVYaCP/VM4DGMhDFaQIgfufM2/6Ue00+D89AoJF7pxvZ
ryzxoIWk9vD3KJAyL/owDQYJKoZIhvcNAQELBQADggEBAKwAvall25+FfpJjLem+
6sw6NpuVF4R9G/CIYOk8msNy5+WLkkvJ5vPjlqxLWj/49dyGTeM5tA8EcsgssaAL
W549PqJs7+fFA1U+d49QXVwfMa7fr+OeY3hWFvqYirDCnE28Ce0CeH2R48gMDInd
HRFVlBY/IcD0r3DNSuYZFjfRWT0fGn5W68OUZcWtszCPKSdjp1Pv5ukuyEQu8N/n
JtN6s4shO4DGtKMqaJ9Dw+pyrWd+WJ/rw/+cjG6zeN6V1B+b7mIJdarWnDD+aI8J
Vxfj5zejpcwVC9m5b7NNyA40WnJncyszgJ0Wy/qPYiy9jrUs/ALJDnDtwKVAYi16
TGM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEEHOna7lv9/40yVEAwgx9cRQpSv/e6W9N
h8n820+VZ7nJ3W2u4FPBnV3JL65gvMbI8Q+XxJLVVy99a2elvMA0ICXhpEplj+rR
PDyn2SpLsPM6SbZp4i+SChaJvEERw1sx
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 427801782127613260197731200915247460489983
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-10 03:00:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-08 03:00:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'airquality.gsfc.nasa.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.132.0.34 (secp384r1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (776 bits)
				00041073a76bb96ff7fe34c95100c20c7d7114294affdee96f4d87c9fcdb4f9567b9c9dd6daee053c19d5dc92fae60bcc6c8f10f97c492d5572f7d6b67a5bcc0342025e1a44a658fead13c3ca7d92a4bb0f33a49b669e22f920a1689bc4111c35b31
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							25768f5695b30038d4b4e5f68ae72a50dfc75def
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'airquality.gsfc.nasa.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f60a8ab4d0000040300463044022029079b060f8b2059a0830baa051c71f0b6913cb6e717adb6146755bd3c18d1cb02207e92e0f1360f51dd5289d81766c1c82ee040ab629ad14bb87aa3deea5a73d95400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f60a8abaa0000040300473045022100d627535ca736e2b3912c392c19725389bad86329561a08ffd53380c63210c56902207ee7ccdbfe947b4d3e0fcf40a0917ba71bd9af2cf1a085a4f6f0f72890322ffa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ac00bda965db9f857e92632de9beeacc3a369b9517847d1bf08860e93c9ac372e7e58b924bc9e6f3e396ac4b5a3ff8f5dc864de339b40f0472c82cb1a00b5b9e3d3ea26cefe7c503553e778f505d5c1f31aedfafe39e63785616fa988ab0c29c4dbc09ed02787d91e3c80c0c89dd1d115594163f21c0f4af70cd4ae6191637d1593d1f1a7e56ebc39465c5adb3308f292763a753efe6e92ec8442ef0dfe726d37ab38b213b80c6b4a32a689f43c3ea72ad677e589febc3ff9c8c6eb378de95d41f9bee620975aad69c30fe688f095717e3e737a3a5cc150bd9b96fb34dc80e345a7267732b33809d16cbfa8f622cbd8eb52cfc02c90e70edc0a540622d7a4c63