www.nglscoalition.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:aa:b0:8e:11:8f:37:d3:90:e6:e6:12:f0:5c:5a:b4:7b:95 was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.nglscoalition.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:aa:b0:8e:11:8f:37:d3:90:e6:e6:12:f0:5c:5a:b4:7b:95
Serial Number (int): 406531827893160450459210016042774978395029
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 8d:d5:3c:9f:72:db:87:5e:c0:af:ab:d7:aa:19:e7:2c:d0:c6:4c:b6
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): d3:16:42:2c:00:4d:4a:f4:86:9e:d7:8a:15:05:3b:b5:2c:b1:ef:94
Fingerprint (sha256): 0d:78:2e:0c:67:2e:9d:c3:f5:44:f5:ba:85:56:d3:89:2e:db:02:47:10:89:d4:ad:57:cd:7d:1e:9d:54:e1:56

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.nglscoalition.org

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.nglscoalition.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ngls.missionmedia.net
nglscoalition.org
www.nglscoalition.org

Other certificates including the domain name nglscoalition.org

(limited to 100 certificates)
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org
www.nglscoalition.org

Certificate

The complete raw certificate details for www.nglscoalition.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISBKqwjhGPN9OQ5uYS8FxatHuVMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMjQxOTIzNTRaFw0y
MDAyMjIxOTIzNTRaMCAxHjAcBgNVBAMTFXd3dy5uZ2xzY29hbGl0aW9uLm9yZzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKFYMFKLyW0vRW38LAz9KkYM
/rW2QRoRwTWhcp/kfN6IMgnS6cgQ/y5n7cNh6HXzoKKYYLyGGLPFsuk+XFeNhQxY
LmKmU4BIp/SHoMFMtNp+lBtLLtOU3qD4EmTowUy1GRtvpuhWA9E3sSNqCAJFkCy5
LbWMdYayIeBmgv8pmYNw8QvjVbR9MgQyzQ17dvtICyX8tCV9K4OqIcKRcto/eweM
jgfdtQHMJom4++sD//u+v8c7EmkenmqlSrZ+p6KyQbWghlNgUUdlJFt2r/WxUMua
bKn/Xlt1SZGMVUJtQ9vDRoSWFxfRib87ENXaUaVavl+Yi/VFdGK6X4SsIwDkaLcC
AwEAAaOCApMwggKPMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjdU8n3Lbh17Ar6vX
qhnnLNDGTLYwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYB
BQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2Vu
Y3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2Vu
Y3J5cHQub3JnLzBKBgNVHREEQzBBghVuZ2xzLm1pc3Npb25tZWRpYS5uZXSCEW5n
bHNjb2FsaXRpb24ub3JnghV3d3cubmdsc2NvYWxpdGlvbi5vcmcwTAYDVR0gBEUw
QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov
L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgBe
p3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAW6fFce2AAAEAwBHMEUC
IEwimQaPKOuuaine+bXKtYJsgT+7nnm5CryOBkZ7WPOnAiEAlrpX3cjSbDKRNAkG
XB3YJnrcgMlibATH1Su1/ZZNG0EAdQCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOey
SVMt74uQXgAAAW6fFceqAAAEAwBGMEQCIBfwnCOwp4XqLYOTMmVjz3DbR4t3sJOY
E0usNKvWazxnAiBC/YWBO6euIfEyywm0xIZL5fEB9gyoG1qHR+PmnwdWGzANBgkq
hkiG9w0BAQsFAAOCAQEAG+RgAS1rHTWbFUqss1TM/HrYFEyB1y0de/+KWEZqmz43
nk3nwEWll78lMmc203k4pKRtjTjU2CBuSzuO6FZ3HxQ+vHv8VKOOPlEifLeU2R0T
kZBgo1bwkBT+f26+IKgcIXNEFuzBGE8P1tSUfLwumKfBWgxPv5Xk3/OjwHRJj+mt
Sdn582M33dJUENkXGRj2H1/wuGctYGeMQHHtKMfdEVHY/a+z2qEJvdod8lEu1MxG
8o2ssXs/jjdC/HjnW8Rs0ZIfgzxy4vsoi6dBXdq7xIjlBc4B8gitzTH4UlgFz61/
llV2ZTdbV3i6WWv+njnUqvf+NEHvLfPkG3muF9heng==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVgwUovJbS9FbfwsDP0q
Rgz+tbZBGhHBNaFyn+R83ogyCdLpyBD/Lmftw2HodfOgophgvIYYs8Wy6T5cV42F
DFguYqZTgEin9IegwUy02n6UG0su05TeoPgSZOjBTLUZG2+m6FYD0TexI2oIAkWQ
LLkttYx1hrIh4GaC/ymZg3DxC+NVtH0yBDLNDXt2+0gLJfy0JX0rg6ohwpFy2j97
B4yOB921Acwmibj76wP/+76/xzsSaR6eaqVKtn6norJBtaCGU2BRR2UkW3av9bFQ
y5psqf9eW3VJkYxVQm1D28NGhJYXF9GJvzsQ1dpRpVq+X5iL9UV0YrpfhKwjAORo
twIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 406531827893160450459210016042774978395029
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-24 19:23:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-22 19:23:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.nglscoalition.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20367854597672100173240539551975986850229723503639298993292730180218098347273811931945560537787820496668511452931854929348433003119434775489099751786371334599788393832683634277982450696642379624208514511077590066511224688287686148518563686614862493329210511071681653322714828448063910885826671239957514326322510026670500989467901833631412371751705161400792957919697464061251273114278849635515011084848867029760266598089213807203146556943520238609594048667581602123172034839424767612141428838191648891150031232470309929353723178362048727139064539120342259481332319026341436055948436110438545531327212656244308142483639
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8dd53c9f72db875ec0afabd7aa19e72cd0c64cb6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngls.missionmedia.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nglscoalition.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nglscoalition.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016e9f15c7b6000004030047304502204c2299068f28ebae6a29def9b5cab5826c813fbb9e79b90abc8e06467b58f3a702210096ba57ddc8d26c32913409065c1dd8267adc80c9626c04c7d52bb5fd964d1b41007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e9f15c7aa0000040300463044022017f09c23b0a785ea2d8393326563cf70db478b77b09398134bac34abd66b3c67022042fd85813ba7ae21f132cb09b4c4864be5f101f60ca81b5a8747e3e69f07561b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001be460012d6b1d359b154aacb354ccfc7ad8144c81d72d1d7bff8a58466a9b3e379e4de7c045a597bf25326736d37938a4a46d8d38d4d8206e4b3b8ee856771f143ebc7bfc54a38e3e51227cb794d91d13919060a356f09014fe7f6ebe20a81c21734416ecc1184f0fd6d4947cbc2e98a7c15a0c4fbf95e4dff3a3c074498fe9ad49d9f9f36337ddd25410d9171918f61f5ff0b8672d60678c4071ed28c7dd1151d8fdafb3daa109bdda1df2512ed4cc46f28dacb17b3f8e3742fc78e75bc46cd1921f833c72e2fb288ba7415ddabbc488e505ce01f208adcd31f8525805cfad7f96557665375b5778ba596bfe9e39d4aaf7fe3441ef2df3e41b79ae17d85e9e