carta.com

Issued by R3

About this certificate

This digital certificate with serial number 03:11:f8:b0:94:6d:2c:35:b8:f8:68:5a:fe:d9:d6:bb:0f:fa was issued on by Let's Encrypt.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=carta.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:11:f8:b0:94:6d:2c:35:b8:f8:68:5a:fe:d9:d6:bb:0f:fa
Serial Number (int): 267452223430584628426392191633535245422586
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 4a:d8:fc:2c:91:73:54:9c:5a:68:d0:c0:f7:43:62:79:45:8f:09:5b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ac:56:2a:5c:64:57:2b:5c:3d:68:2b:55:d8:9d:3a:66:7f:b7:15:a3
Fingerprint (sha256): 05:e0:6c:e4:97:82:ea:24:a2:14:bc:0c:79:d8:19:91:87:33:86:0b:ff:8a:40:f5:ff:30:a4:5d:77:89:1c:27

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate carta.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for carta.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.app.carta.com
*.carta.com
*.demo.carta.com
*.ink.carta.com
*.sandbox.carta.com
carta.com

Other certificates including the domain name carta.com

(limited to 100 certificates)
amtrust.kinnser.com
carta.us.unblu.app
calendar.peopleteam.carta.com
statuspage.io
hello.carta.com
statuspage.io
statuspage.io
amtrust.kinnser.com
statuspage.io
changes.carta.com
1pw-scim.carta.com
issquaredown.com
incorporate.carta.com
statuspage.io
calendar.peopleteam.carta.com
amtrust.kinnser.com
statuspage.io
statuspage.io
statuspage.io
community.carta.com
statuspage.io
statuspage.io
statuspage.io
preferences.carta.com
releasenotes.carta.com
statuspage.io
5657230527430656-fe3.pantheonsite.io
sandbox.carta.com
statuspage.io
statuspage.io
statuspage.io
changes.carta.com
carta.com
boardroom.carta.com
statuspage.io
statuspage.io
statuspage.io
main.auth.carta.com
carta.us.unblu.app
5657230527430656-fe3.pantheonsite.io
5657230527430656-fe3.pantheonsite.io
statuspage.io
5657230527430656-fe3.pantheonsite.io
*.app.carta.com
calendar.peopleteam.carta.com
statuspage.io
statuspage.io
releasenotes.carta.com
statuspage.io
calendar.fundadmin.carta.com
mixmax.carta.com
1pw-scim.carta.com
hello.carta.com
statuspage.io
statuspage.io
carta.com
tracking.peopleteam.carta.com
statuspage.io
ink.carta.com
carta.com
statuspage.io
statuspage.io
safes.carta.com
statuspage.io
na46-1.cdn.salesforce-communities.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
5657230527430656-fe3.pantheonsite.io
statuspage.io
releasenotes.carta.com
amtrust.kinnser.com
statuspage.io
1pw-scim.carta.com
carta.com
ssl809935.cloudflaressl.com
sandbox.carta.com
carta.com
statuspage.io
main.auth.carta.com
email.recruiting.carta.com
statuspage.io
www-contentful-test.carta.com
statuspage.io
1pw-scim.carta.com
calendar.fundadmin.carta.com
5657230527430656-fe3.pantheonsite.io
5657230527430656-fe3.pantheonsite.io
statuspage.io
statuspage.io
calendar.fundadmin.carta.com
unblu.demo.carta.com
5657230527430656-fe3.pantheonsite.io
changes.carta.com
changelog.carta.com
hello.carta.com
statuspage.io
community.carta.com
changes.carta.com

Certificate

The complete raw certificate details for carta.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEQjCCAyqgAwIBAgISAxH4sJRtLDW4+Gha/tnWuw/6MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMDUwMDEwMDNaFw0yNDAyMDMwMDEwMDJaMBQxEjAQBgNVBAMT
CWNhcnRhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALDySJz3
rhehc4+4X0zWTSsLbi0gs1fPw470/FwE7jk4P9wQOTGZ8bso4pWkqw52iMfAC3YG
eDDGQ27BE1dvYswEDdYmIKpIMxixahLJZ8wIXxl6/IjJtuiqqxOqGOGsjqscJmws
TX/qtJa76oQgPY5Sv2UEmfGhxOj5yqcGQsxWPVXtkVxmiRTrsDGZPfXnklsCCZ0S
jJwfuxrVYSQp/BnENmpa9QgR//PfhmyV4zTW8faQV7D3g4MsWIvnTbytrqI+SGzh
tvTv/bx4tgGZWglxhmNVUb0nPimldyGkM/fFhkPiCz5CApqgpYKXaLWVfVS5HdDa
pahGlb8FXbVZG+0CAwEAAaOCAW4wggFqMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
Stj8LJFzVJxaaNDA90NieUWPCVswHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v
nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s
ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wagYD
VR0RBGMwYYIPKi5hcHAuY2FydGEuY29tggsqLmNhcnRhLmNvbYIQKi5kZW1vLmNh
cnRhLmNvbYIPKi5pbmsuY2FydGEuY29tghMqLnNhbmRib3guY2FydGEuY29tgglj
YXJ0YS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwEwYKKwYBBAHWeQIEAwEB/wQC
BQAwDQYJKoZIhvcNAQELBQADggEBAAeOZrtBzzIZWoMaO5I1Oqew/Ql4EAOcQZ6C
08N/ZDi9F0GInh5eUQln5/+e+7zuyJM0bs9VgNlvsK9AW3CQFC4OZz1jz8PIegdC
vLIzNPcFADTLDg5/pyGroXx5N1GxAcO0+LPHy1tHXVwwQZeK9o/YMsmz9+fXsTtE
DZtfkrq4sOfquXgE8Nq0duiB9QUAnG9dmRnv9noB+x64+diDPIr0E2QkSEdpnoA8
n0mKOL/zkTIlqxk6a2ZCcrYeCverIC0E0CxCrwE98pOGBRLNRR0mayY9p8W6wYwN
9iRTUhXhDekkR1nUYDbrktEvA65f1ePueRcBcm1gU64L6xF7gYA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPJInPeuF6Fzj7hfTNZN
KwtuLSCzV8/DjvT8XATuOTg/3BA5MZnxuyjilaSrDnaIx8ALdgZ4MMZDbsETV29i
zAQN1iYgqkgzGLFqEslnzAhfGXr8iMm26KqrE6oY4ayOqxwmbCxNf+q0lrvqhCA9
jlK/ZQSZ8aHE6PnKpwZCzFY9Ve2RXGaJFOuwMZk99eeSWwIJnRKMnB+7GtVhJCn8
GcQ2alr1CBH/89+GbJXjNNbx9pBXsPeDgyxYi+dNvK2uoj5IbOG29O/9vHi2AZla
CXGGY1VRvSc+KaV3IaQz98WGQ+ILPkICmqClgpdotZV9VLkd0NqlqEaVvwVdtVkb
7QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 267452223430584628426392191633535245422586
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-05 00:10:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-03 00:10:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'carta.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22337416192318157618545847518683739570862043428164487609763444612517618275886191850322723904777213268978180849068559056162566006334053293873394504161318336179959260784710922100952809815952334626394906607848043058439698256722652381233162683713481643852552667932687531789697194415389803533807378430208988150289077807340469027152601395066574691779335455192442504319647505437851299415238755126479808920050780373998849778458239430138445233791772996602053796938687046116878521990107149656632459983956737981543128533995380732687700839001343493492631195114053835722423014865436773328769306409405934009999321320510039134903277
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4ad8fc2c9173549c5a68d0c0f7436279458f095b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.app.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.demo.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ink.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sandbox.carta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carta.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00078e66bb41cf32195a831a3b92353aa7b0fd097810039c419e82d3c37f6438bd1741889e1e5e510967e7ff9efbbceec893346ecf5580d96fb0af405b7090142e0e673d63cfc3c87a0742bcb23334f7050034cb0e0e7fa721aba17c793751b101c3b4f8b3c7cb5b475d5c3041978af68fd832c9b3f7e7d7b13b440d9b5f92bab8b0e7eab97804f0dab476e881f505009c6f5d9919eff67a01fb1eb8f9d8833c8af41364244847699e803c9f498a38bff3913225ab193a6b664272b61e0af7ab202d04d02c42af013df293860512cd451d266b263da7c5bac18c0df624535215e10de9244759d46036eb92d12f03ae5fd5e3ee791701726d6053ae0beb117b8180