*.app.carta.com

Issued by R3

About this certificate

This digital certificate with serial number 04:1e:12:72:9d:5d:f3:ce:2c:f3:4c:46:64:1a:42:d5:07:41 was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.app.carta.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:1e:12:72:9d:5d:f3:ce:2c:f3:4c:46:64:1a:42:d5:07:41
Serial Number (int): 358682135952217122941975204904613438621505
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 4e:22:ca:08:4a:0b:6e:d7:0b:6f:8a:6c:fb:87:04:b7:49:46:7f:94
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 8f:49:95:af:e9:ad:00:95:12:61:8c:e6:0f:d2:96:b2:ed:ca:b4:10
Fingerprint (sha256): 04:1a:31:ff:24:e6:83:bb:12:24:76:2e:3c:cf:4e:e1:4e:ab:09:6a:e5:96:a4:0d:a5:53:a7:6c:3c:b2:67:4a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate *.app.carta.com

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.app.carta.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.app.carta.com
*.carta.com
*.grpc.vpce.carta.com
*.vpce.carta.com
carta.com

Other certificates including the domain name carta.com

(limited to 100 certificates)
amtrust.kinnser.com
carta.us.unblu.app
calendar.peopleteam.carta.com
statuspage.io
hello.carta.com
statuspage.io
statuspage.io
amtrust.kinnser.com
statuspage.io
changes.carta.com
1pw-scim.carta.com
issquaredown.com
incorporate.carta.com
statuspage.io
calendar.peopleteam.carta.com
amtrust.kinnser.com
statuspage.io
statuspage.io
statuspage.io
community.carta.com
statuspage.io
statuspage.io
statuspage.io
preferences.carta.com
releasenotes.carta.com
statuspage.io
5657230527430656-fe3.pantheonsite.io
sandbox.carta.com
statuspage.io
statuspage.io
statuspage.io
changes.carta.com
carta.com
boardroom.carta.com
statuspage.io
statuspage.io
statuspage.io
main.auth.carta.com
carta.us.unblu.app
5657230527430656-fe3.pantheonsite.io
5657230527430656-fe3.pantheonsite.io
statuspage.io
5657230527430656-fe3.pantheonsite.io
*.app.carta.com
calendar.peopleteam.carta.com
statuspage.io
statuspage.io
releasenotes.carta.com
statuspage.io
calendar.fundadmin.carta.com
mixmax.carta.com
1pw-scim.carta.com
hello.carta.com
statuspage.io
statuspage.io
carta.com
tracking.peopleteam.carta.com
statuspage.io
ink.carta.com
carta.com
statuspage.io
statuspage.io
safes.carta.com
statuspage.io
na46-1.cdn.salesforce-communities.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
5657230527430656-fe3.pantheonsite.io
statuspage.io
releasenotes.carta.com
amtrust.kinnser.com
statuspage.io
1pw-scim.carta.com
carta.com
ssl809935.cloudflaressl.com
sandbox.carta.com
carta.com
statuspage.io
main.auth.carta.com
email.recruiting.carta.com
statuspage.io
www-contentful-test.carta.com
statuspage.io
1pw-scim.carta.com
calendar.fundadmin.carta.com
5657230527430656-fe3.pantheonsite.io
5657230527430656-fe3.pantheonsite.io
statuspage.io
statuspage.io
calendar.fundadmin.carta.com
unblu.demo.carta.com
5657230527430656-fe3.pantheonsite.io
changes.carta.com
changelog.carta.com
hello.carta.com
statuspage.io
community.carta.com
changes.carta.com

Certificate

The complete raw certificate details for *.app.carta.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEOTCCAyGgAwIBAgISBB4Scp1d884s80xGZBpC1QdBMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMDUxNjA2NTBaFw0yNDAzMDQxNjA2NDlaMBoxGDAWBgNVBAMM
DyouYXBwLmNhcnRhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM3+07b+NH4OWaFenD43m4qwVaS22WE8GtYl4pXK5qFqBLQqo4xL1OrgZLI4j7Ce
7KlnlPvIWAWTEr0QquxnxwZhUtgLWPX11mJWD6XvIUV2MaqeoCun78yh27CNNuxd
PMwj3ZuSjbr7Sk6BfBE2PKsLZgqhJQ3c6/RKnLlYeJrXc35qrn9TlIaXBlDkNVpm
tea2EoaqDWdYPzRwxraE9EEIf54CEO3lmhfPh3Typ4cmDWCs9B5pEXa6Wa7E8wml
WKLYMsaadlizjMMWEq6LOzy32x84ePkTYsIpfTuwOs7+hpfaqSm1k9Q+TdHH7L/p
jYgrAqhin+CVjCpeV9Czd80CAwEAAaOCAV8wggFbMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUTiLKCEoLbtcLb4ps+4cEt0lGf5QwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wWwYDVR0RBFQwUoIPKi5hcHAuY2FydGEuY29tggsqLmNhcnRhLmNvbYIVKi5n
cnBjLnZwY2UuY2FydGEuY29tghAqLnZwY2UuY2FydGEuY29tggljYXJ0YS5jb20w
EwYDVR0gBAwwCjAIBgZngQwBAgEwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZI
hvcNAQELBQADggEBAI0/HyJ7JND0WqDmEcbQopTqhmrootlqtsUgFstFOfCyaKm6
ayvT9xsPXpgZojHEj2PN/hE1KpN1950+bGLcXNei0tUila9Amo3KUWYxlz3atrZu
XY8fXap86bDwtsZG/ES+Kg9vDYRdXmr+1rX6tiavl6bVgDmUr7OJBq448C2cByq0
0kILPSEde88mdSiQL0AGtuGarWnTK9LJ6waVcJ3T37LoU2la29HYY2ZTsN1TLnNs
D2GU6WecgIyn206LYWPTegLFrXmFc9D+NaZrhr6nDd75x8CxxOkopwbrBn/0m+RO
IMG7FiNHZU7y+uHG9LTMSFsBKfEaJeGyIWyrCoQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzf7Ttv40fg5ZoV6cPjeb
irBVpLbZYTwa1iXilcrmoWoEtCqjjEvU6uBksjiPsJ7sqWeU+8hYBZMSvRCq7GfH
BmFS2AtY9fXWYlYPpe8hRXYxqp6gK6fvzKHbsI027F08zCPdm5KNuvtKToF8ETY8
qwtmCqElDdzr9EqcuVh4mtdzfmquf1OUhpcGUOQ1Wma15rYShqoNZ1g/NHDGtoT0
QQh/ngIQ7eWaF8+HdPKnhyYNYKz0HmkRdrpZrsTzCaVYotgyxpp2WLOMwxYSros7
PLfbHzh4+RNiwil9O7A6zv6Gl9qpKbWT1D5N0cfsv+mNiCsCqGKf4JWMKl5X0LN3
zQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 358682135952217122941975204904613438621505
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 16:06:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-04 16:06:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.app.carta.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26004512400574772627484502234861551431267512827032268059163769414302489978388517259559517483963450339213725995664752261357055178718213317509112862545583309385762524611996758602503024182975222493107662973120243248995893726502462338381460310778611562922897018559626146732935212650928956838180080808813374723998595471065270230585822073208464038435783000131550490748810919506145762757130591335740571948184058850323713868086820158593163330757347446040185872072094415654576154040503809674159310614078267737106016267432898810503591692856694620952811089758296118179768205901947236998063150395215061295685978625323238348257229
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4e22ca084a0b6ed70b6f8a6cfb8704b749467f94
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.app.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.grpc.vpce.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vpce.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carta.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008d3f1f227b24d0f45aa0e611c6d0a294ea866ae8a2d96ab6c52016cb4539f0b268a9ba6b2bd3f71b0f5e9819a231c48f63cdfe11352a9375f79d3e6c62dc5cd7a2d2d52295af409a8dca516631973ddab6b66e5d8f1f5daa7ce9b0f0b6c646fc44be2a0f6f0d845d5e6afed6b5fab626af97a6d5803994afb38906ae38f02d9c072ab4d2420b3d211d7bcf267528902f4006b6e19aad69d32bd2c9eb0695709dd3dfb2e853695adbd1d8636653b0dd532e736c0f6194e9679c808ca7db4e8b6163d37a02c5ad798573d0fe35a66b86bea70ddef9c7c0b1c4e928a706eb067ff49be44e20c1bb162347654ef2fae1c6f4b4cc485b0129f11a25e1b2216cab0a84