ohs.oneidaschools.org
Issued by R3
About this certificate
This digital certificate with serial number 04:74:13:5e:f5:e0:f7:30:1a:67:11:20:89:c5:97:38:3e:ea was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ohs.oneidaschools.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:74:13:5e:f5:e0:f7:30:1a:67:11:20:89:c5:97:38:3e:eaSerial Number (int): 387947646684708426272031763227204348559082
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 90:64:ce:41:82:a4:22:3f:63:84:e1:b9:57:7a:8e:b1:ae:7d:13:8d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 58:59:1f:35:09:af:d6:ce:47:e4:14:f6:95:7c:05:60:21:e9:49:13
Fingerprint (sha256): 0d:36:85:e6:40:79:41:0c:84:b7:4f:99:2a:1b:5c:d0:96:db:7b:0a:e8:37:93:f2:df:a8:a8:ea:09:b8:5f:57
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ohs.oneidaschools.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ohs.oneidaschools.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ohs.oneidaschools.org
Other certificates including the domain name oneidaschools.org
(limited to 100 certificates)
oneidaschools.org
oneidaschools.org
ohs.oneidaschools.org
admin.oes.oneidaschools.org
admin.ae.jcsb.org
adfs.oneidaschools.org
oneidaschools.org
adfs.oneidaschools.org
adfs.oneidaschools.org
is7vikings.org
oneidaschools.org
oneidaschools.org
www.is7vikings.org
admin.oes.oneidaschools.org
oneidaschools.org
admin.oneidaschools.org
nem.lauderdale.k12.ms.us
mail.oneidaschools.org
www.newlima.k12.ok.us
adfs.oneidaschools.org
oneidaschools.org
oneidaschools.org
oneidaschools.org
oes.oneidaschools.org
adfs.oneidaschools.org
adfs.oneidaschools.org
admin.ces.lauderdale.k12.ms.us
www.oneidaschools.org
admin.ae.jcsb.org
admin.ae.jcsb.org
oneidaschools.org
ohs.oneidaschools.org
admin.oes.oneidaschools.org
admin.ae.jcsb.org
adfs.oneidaschools.org
oneidaschools.org
adfs.oneidaschools.org
adfs.oneidaschools.org
is7vikings.org
oneidaschools.org
oneidaschools.org
www.is7vikings.org
admin.oes.oneidaschools.org
oneidaschools.org
admin.oneidaschools.org
nem.lauderdale.k12.ms.us
mail.oneidaschools.org
www.newlima.k12.ok.us
adfs.oneidaschools.org
oneidaschools.org
oneidaschools.org
oneidaschools.org
oes.oneidaschools.org
adfs.oneidaschools.org
adfs.oneidaschools.org
admin.ces.lauderdale.k12.ms.us
www.oneidaschools.org
admin.ae.jcsb.org
admin.ae.jcsb.org
Certificate
The complete raw certificate details for ohs.oneidaschools.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISBHQTXvXg9zAaZxEgicWXOD7qMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjcwMTUxNDJaFw0yNDAzMjYwMTUxNDFaMCAxHjAcBgNVBAMT FW9ocy5vbmVpZGFzY2hvb2xzLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC AgoCggIBAK+y1RprQAv9FKwlepT3YDxpsOtPSNT9cCsYRavgCVjMHYDsdu64Ui1I ot6ufAo61aFmvDBR5sU36bcURIDMsE3KsjqeDv0Un+iHBL99pp99n1t3D7cIcUWV n5sP98GoIDqbpFAx2f+PFydiOLeResCkGSbjlzEf8J57rIj/kBTgtPrmOJrupGOh JJG6EgaQQsVUaD14L3YOC5a6ko88ZpeIHNo0H3VJgQxkMCtKD0E/FHc3jVVRuKPV m5fRIfzzX4RuNPwVScmHhNRjUfagO9D0ZIZGbWF4J6A8EMGVBfm+aI3MZSQRemIj 7OSOgJibt474XdExX9UA5jc9SKnyY95t7r33WsDmFZGI7rSB4Xa7tmEc6Cz3OCL+ cD7l/LUQuYSFWgF3d3siGYsdEdqyTZIp9dDNxufiLpxj9yOuYUKn3xDFsGNIvryW jrCZv1yG+gRZyxQRXDtaBqcMft5T/HXwYLD+dtN2Ff27SIb5KJdQ9zktCq6eNs9X AhHqdHV9kovGnM9erMA9xLhBxqcfT/46lue3LE8xVtL5id4IMIEZ2gdFQxTi2SXK 13nm4SZlPykjmimNZeduV0kzoYHDPjZeJeHgPwHZpykTr7lrNH0ckPAKz970UfOn VDqBFKydpzvOXbyNYK8tT4LpeCa4PmzUqjpzsNj22Vlk3OdUQx9NAgMBAAGjggIW MIICEjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJBkzkGCpCI/Y4ThuVd6jrGufRON MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkw RzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAC hhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMCAGA1UdEQQZMBeCFW9ocy5vbmVpZGFz Y2hvb2xzLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIE gfQEgfEA7wB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjKkv XaIAAAQDAEYwRAIgXO8Uoh5thdbUxswLJVkNsTvTF/5s0MSUeYmkYcW2USgCIH0L yS+5+YwDyNxH9aBUGMgDuc39noEBkelgJo6kqv9TAHYAO1N3dT4tuYBOizBbBv5A O2fYT8P0x70ADS1yb+H61BcAAAGMqS9dpAAABAMARzBFAiEAtza0Oo1SwH0dqwvS AQniKTxEmJyMy06jakVYnVPPiUQCIGErw3f2AgpNQXx4Q0l2Cm7Fwt1NmlOdsThg /kNz/+JMMA0GCSqGSIb3DQEBCwUAA4IBAQCuSaFQDrDXhDHLNBZadT/sVBhJynpD 0AD2vlr73+uysk83nObB3oC6jLl8eFFLE3e+QB+Gb8qRvKjPB+rXGqLsKXP1bHIL IEwWEG6aI/wV5i8LfNzWLacrHbm42oXOa3YLXDJms/bFsDqUhKnwdTPm/wokc/FC cYyjNpSyl00p064cJ/O0pQn/dd/d9QOPG53Ejw81bkcxFrSnG97kzCwy5pBVNCFT eS2HmgUPSLW21E4e8d5M0bJKO1FGOh4ojo/w5jR6lAmMZr+nQXcAbRbaEquubpXa sWajppRO1UJ7W4xbPq70UG0VtUOPeO23XG8tFPf3+eQ3d7XTbMNOSFOJ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7LVGmtAC/0UrCV6lPdg PGmw609I1P1wKxhFq+AJWMwdgOx27rhSLUii3q58CjrVoWa8MFHmxTfptxREgMyw TcqyOp4O/RSf6IcEv32mn32fW3cPtwhxRZWfmw/3waggOpukUDHZ/48XJ2I4t5F6 wKQZJuOXMR/wnnusiP+QFOC0+uY4mu6kY6EkkboSBpBCxVRoPXgvdg4LlrqSjzxm l4gc2jQfdUmBDGQwK0oPQT8UdzeNVVG4o9Wbl9Eh/PNfhG40/BVJyYeE1GNR9qA7 0PRkhkZtYXgnoDwQwZUF+b5ojcxlJBF6YiPs5I6AmJu3jvhd0TFf1QDmNz1IqfJj 3m3uvfdawOYVkYjutIHhdru2YRzoLPc4Iv5wPuX8tRC5hIVaAXd3eyIZix0R2rJN kin10M3G5+IunGP3I65hQqffEMWwY0i+vJaOsJm/XIb6BFnLFBFcO1oGpwx+3lP8 dfBgsP5203YV/btIhvkol1D3OS0Krp42z1cCEep0dX2Si8acz16swD3EuEHGpx9P /jqW57csTzFW0vmJ3ggwgRnaB0VDFOLZJcrXeebhJmU/KSOaKY1l525XSTOhgcM+ Nl4l4eA/AdmnKROvuWs0fRyQ8ArP3vRR86dUOoEUrJ2nO85dvI1gry1Pgul4Jrg+ bNSqOnOw2PbZWWTc51RDH00CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 387947646684708426272031763227204348559082 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-27 01:51:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-26 01:51:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ohs.oneidaschools.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 716787605184974398992057093012863163380644646563937361194133927413498603821997618110128968711479652074630513342923255419378898653305475796035756278388435334396707861571429502285317298136397743399568719017060522200513699735273490781047695643893946815555037649253359710832333575372238592347300095332362158910463839067052531667260642717314634629282417116693835608291183193363484018728973486323496570495291217014653636612874726441192241977562565397239915285583738135943225763280202487691671075792550260669536680539895770853384460465827592757874018624959009321432651921254954274648965401077919653721816115995200464880382260833201395001574833385171384863623862596089207675945912737978903020575026632603919558961216552829608841120850686525654239261536484227348344463856217731582548816685843157188775277980644600793078136378635388974225502811227750445015944101963004267614155371638455765598554382484040284753055841143140901437184347788950018532155896307323107757414632872156978056938417711939403973901234113400622519902907606045988951715319161566034365044938663071246857093835658259131501162074963426472771472810012981620120129104595271446575544106026167464302109796919268637631555086524854158659913474505994887560266040933428297226600521549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9064ce4182a4223f6384e1b9577a8eb1ae7d138d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohs.oneidaschools.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ca92f5da2000004030046304402205cef14a21e6d85d6d4c6cc0b25590db13bd317fe6cd0c4947989a461c5b6512802207d0bc92fb9f98c03c8dc47f5a05418c803b9cdfd9e810191e960268ea4aaff530076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ca92f5da40000040300473045022100b736b43a8d52c07d1dab0bd20109e2293c44989c8ccb4ea36a45589d53cf89440220612bc377f6020a4d417c784349760a6ec5c2dd4d9a539db13860fe4373ffe24c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ae49a1500eb0d78431cb34165a753fec541849ca7a43d000f6be5afbdfebb2b24f379ce6c1de80ba8cb97c78514b1377be401f866fca91bca8cf07ead71aa2ec2973f56c720b204c16106e9a23fc15e62f0b7cdcd62da72b1db9b8da85ce6b760b5c3266b3f6c5b03a9484a9f07533e6ff0a2473f142718ca33694b2974d29d3ae1c27f3b4a509ff75dfddf5038f1b9dc48f0f356e473116b4a71bdee4cc2c32e69055342153792d879a050f48b5b6d44e1ef1de4cd1b24a3b51463a1e288e8ff0e6347a94098c66bfa74177006d16da12abae6e95dab166a3a6944ed5427b5b8c5b3eaef4506d15b5438f78edb75c6f2d14f7f7f9e43777b5d36cc34e485389