link.buzzfeed.com

Issued by R3

About this certificate

This digital certificate with serial number 03:ae:de:6d:ee:f3:91:65:cd:60:df:42:c4:59:40:1a:d6:cd was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=link.buzzfeed.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:ae:de:6d:ee:f3:91:65:cd:60:df:42:c4:59:40:1a:d6:cd
Serial Number (int): 320841649061456791760362810295456414488269
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: fa:d3:a4:d6:4a:57:54:a6:7a:27:2b:a2:ce:6d:f3:50:90:d3:bc:65
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): bb:15:ea:b1:58:5e:d2:eb:f1:11:48:c0:95:6e:49:fe:75:90:53:d6
Fingerprint (sha256): 06:4f:df:32:ea:8d:ac:35:7e:9d:2c:55:71:29:95:7a:30:38:65:94:a0:50:28:92:b7:fa:fd:b9:05:46:5b:0a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate link.buzzfeed.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for link.buzzfeed.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

link.buzzfeed.com

Other certificates including the domain name buzzfeed.com

(limited to 100 certificates)
statuspage.io
www.advertise.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
japan-status.dialpad.com
buzzfeed-brand.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
r.ssl.fastly.net
*.app-west.buzzfeed.io
*.buzzfeed.com
p.ssl.fastly.net
se.emails.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
beta-dashboard.buzzfeed.com
p.ssl.fastly.net
sslvs03.igloosoftware.com
f2.shared.global.fastly.net
shopwith.buzzfeed.com
p.ssl.fastly.net
p.ssl.fastly.net
*.app-west.buzzfeed.io
link.buzzfeed.com
returns.buzzfeed.com
f2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
r.ssl.fastly.net
japan-status.dialpad.com
r.ssl.fastly.net
buzzfeed.com
statuspage.io
statuspage.io
dns-vetting1l.map.fastly.net
statuspage.io
buzzfeed.map.fastly.net
dns-vetting1j.map.fastly.net
h5.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
japan-status.dialpad.com
statuspage.io
p.ssl.fastly.net
buzzfeed.com
n2.shared.global.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1l.map.fastly.net
sslvs03.igloosoftware.com
p.ssl.fastly.net
statuspage.io
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
n2.shared.global.fastly.net
sslvs03.igloosoftware.com
m.ssl.fastly.net
dns-vetting1j.map.fastly.net
statuspage.io
li.lisecurelink.com
statuspage.io
buzzfeed-community.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
link.buzzfeed.com
tech.buzzfeed.com
p.ssl.fastly.net
m.ssl.fastly.net
statuspage.io
f2.shared.global.fastly.net
n2.shared.global.fastly.net
r.ssl.fastly.net
statuspage.io
p.ssl.fastly.net
shop.buzzfeed.com
f2.shared.global.fastly.net
statuspage.io
m.ssl.fastly.net
n2.shared.global.fastly.net
statuspage.io
dns-vetting1l.map.fastly.net
b2-alt.shared.global.fastly.net
japan-status.dialpad.com
li.lisecurelink.com
www.buzzfeed.com
lab.buzzfeed.com
sslvs03.igloosoftware.com
h5.buzzfeed.com
h5.buzzfeed.com
link.buzzfeed.com
r.ssl.fastly.net
dns-vetting1j.map.fastly.net
buymethat.buzzfeed.com
auth-demo.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
r.ssl.fastly.net
f2.shared.global.fastly.net

Certificate

The complete raw certificate details for link.buzzfeed.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgISA67ebe7zkWXNYN9CxFlAGtbNMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMTYyMDU5MjNaFw0yNDAzMTUyMDU5MjJaMBwxGjAYBgNVBAMT
EWxpbmsuYnV6emZlZWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8w3+jLJ+e088OV1Awzvm0Fdp2UUHw6wdDPUFHFzafQhSWW6hr4n2BrzXBRaJ
UxBbyqviRtsoXuOTqWhj9yttS3nxfPNIQmYsKsSozx/6d8gSnoll8RzjVSmM685B
1X9ms9JYnH/qio+sOqaIVUZkZGxFQzgNWpu25+9sa1IYetOvVDnNXcN0/ymEi+gb
CrhhovXa4UNhvhiDrdArbo62Umojslmz8LrW5fNbyq2YCQUDKF7LDb6UJtaiDhhA
62D6IySI8cb9UuYDU2uMXhHx1ojydOtPLiF0oJto7EKv9lmMIFJw81qDVB0lTDNN
Gwo5TYNeT16LQdvIGdqZ12iviQIDAQABo4ICEjCCAg4wDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBT606TWSldUpnonK6LObfNQkNO8ZTAfBgNVHSMEGDAWgBQULrMXt1hW
y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6
Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu
b3JnLzAcBgNVHREEFTATghFsaW5rLmJ1enpmZWVkLmNvbTATBgNVHSAEDDAKMAgG
BmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ADtTd3U+LbmAToswWwb+
QDtn2E/D9Me9AA0tcm/h+tQXAAABjHSkJWwAAAQDAEYwRAIgUkRGFtzIF3X6HDe4
FbTjBBBZwQQN7v1qRrcahnyxWXwCIGIEmYDO+n5BW9pMvLl6Ix5rEaE0SBM23ZHe
6TLa3R2jAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMdKQl
mAAABAMARzBFAiBkg3v1FM/z01TKi/JZgyhyjfZhl2Y9ku73znW+f7MHQQIhAIoh
u/AE+ACNAwwzqulyveCLm6MDKKngBlhbz4cRgEvFMA0GCSqGSIb3DQEBCwUAA4IB
AQAhi0Qeq4jxMfRHWeoUnok/D+XsmncGhQVUKnAvJJFz8/Qm1DDsJrD9pCwO1NXF
fvbHu4cg7Ytd4fuFm3KxgVCzYH7Rx2a/57FAurwNMMzKafQuRwk8ABkYXFImqS4x
19QarDw2jvmSLpxKh16dFRAeVMEoP8LP8T1qKnz0ZV0tF3280TjFTveZh6l7cnPG
tpfKTofRKXp6ApRIw+261z4xd6CstakQwOcDC15eddDT1WmofVvK6zxr11hu7h5Y
tqj5lEpscp1DnPxF9hxR+rBC2TdX4l4n64vkvNIOsmPHCEtGysX0aiVCkLp4GSXz
aueyh/q5QC18NIJmezYYc8Sy
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8w3+jLJ+e088OV1Awzvm
0Fdp2UUHw6wdDPUFHFzafQhSWW6hr4n2BrzXBRaJUxBbyqviRtsoXuOTqWhj9ytt
S3nxfPNIQmYsKsSozx/6d8gSnoll8RzjVSmM685B1X9ms9JYnH/qio+sOqaIVUZk
ZGxFQzgNWpu25+9sa1IYetOvVDnNXcN0/ymEi+gbCrhhovXa4UNhvhiDrdArbo62
Umojslmz8LrW5fNbyq2YCQUDKF7LDb6UJtaiDhhA62D6IySI8cb9UuYDU2uMXhHx
1ojydOtPLiF0oJto7EKv9lmMIFJw81qDVB0lTDNNGwo5TYNeT16LQdvIGdqZ12iv
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 320841649061456791760362810295456414488269
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-16 20:59:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-15 20:59:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'link.buzzfeed.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30682808970228571511661977510420607890137426101174916834445992792971558686974622755965614333722266174709828182017590759327624511945722976730390365799727031983643908981029224644575838592668790800453074620685770320067538072949162231118571454605394690635738460976250429766564537508562777279410546193693632527457969400165541133775465769725831941733833858583156626210466105638493449881776483913216881942115530126205092598456876946636991516999322172008127952686319703677261562340282909672256647435657094134104826283865531798434918098723349880342713698679353175426890607216312655877220622357748594461147402674473812586180489
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fad3a4d64a5754a67a272ba2ce6df35090d3bc65
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'link.buzzfeed.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c74a4256c0000040300463044022052444616dcc81775fa1c37b815b4e3041059c1040deefd6a46b71a867cb1597c022062049980cefa7e415bda4cbcb97a231e6b11a134481336dd91dee932dadd1da300760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c74a425980000040300473045022064837bf514cff3d354ca8bf2598328728df66197663d92eef7ce75be7fb307410221008a21bbf004f8008d030c33aae972bde08b9ba30328a9e006585bcf8711804bc5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00218b441eab88f131f44759ea149e893f0fe5ec9a77068505542a702f249173f3f426d430ec26b0fda42c0ed4d5c57ef6c7bb8720ed8b5de1fb859b72b18150b3607ed1c766bfe7b140babc0d30ccca69f42e47093c0019185c5226a92e31d7d41aac3c368ef9922e9c4a875e9d15101e54c1283fc2cff13d6a2a7cf4655d2d177dbcd138c54ef79987a97b7273c6b697ca4e87d1297a7a029448c3edbad73e3177a0acb5a910c0e7030b5e5e75d0d3d569a87d5bcaeb3c6bd7586eee1e58b6a8f9944a6c729d439cfc45f61c51fab042d93757e25e27eb8be4bcd20eb263c7084b46cac5f46a254290ba781925f36ae7b287fab9402d7c3482667b361873c4b2