www.iff-charity.org

Issued by Encryption Everywhere DV TLS CA - G2

About this certificate

This digital certificate with serial number 03:80:17:4d:22:25:16:96:b1:81:b2:c4:a9:65:9b:7e was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.iff-charity.org

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:80:17:4d:22:25:16:96:b1:81:b2:c4:a9:65:9b:7e
Serial Number (int): 4652770591803930403053478979813350270
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 5d:85:cc:96:90:b0:61:ae:f9:8f:eb:19:5f:38:48:7b:72:69:70:39
AuthorityKeyId: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6

Fingerprint (sha1): c2:b4:34:93:bb:c3:05:7c:73:7e:e9:53:ac:e0:d0:ec:a7:13:07:4c
Fingerprint (sha256): 0f:22:a4:71:6b:28:8b:79:fe:2d:60:8b:84:90:3a:1f:10:60:e3:11:a1:1d:d7:8a:2e:af:0d:3d:85:92:62:05

Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com

Check the revocation status for certificate www.iff-charity.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.iff-charity.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.iff-charity.org

Other certificates including the domain name iff-charity.org

(limited to 100 certificates)
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
dev.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
new.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org

Certificate

The complete raw certificate details for www.iff-charity.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgIQA4AXTSIlFpaxgbLEqWWbfjANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzIwHhcNMjMwOTI4MDAwMDAwWhcNMjQwOTI3MjM1OTU5WjAe
MRwwGgYDVQQDExN3d3cuaWZmLWNoYXJpdHkub3JnMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAySHDzjTw3l5kRqvJab+rIgXjLzSC1JDqyVeh6B5dnzz9
8Kfrzr919fif4th6TCr4RsJpLrxW8enaJTryAenAfjcQgP/1hhl0U5Me7IvYTsUQ
44XmnjWVfrySulAwtAiGjfExypWmgcOvbKEf7eFu5Ps9qSZC55ptDI1klrmQmYyr
tpb1x0jETfD7oxuCwpoJpGrehGu/sPCv26F3xDlaJyRU4p7xB1k0e1uZdjbQmhD3
2SNmnQ4FK91Azy1xTHySLncSVKIhzUXrw+S1W62bZhf2Lw8vq49SAd1+VavGZPQQ
HN2QYd2VoYMEcdJ8sJAZ7IITkQy63/5CBDYpP+4irQIDAQABo4IC5TCCAuEwHwYD
VR0jBBgwFoAUeN+RkF/u3qz2xXXr1UxVU+8kSrYwHQYDVR0OBBYEFF2FzJaQsGGu
+Y/rGV84SHtyaXA5MB4GA1UdEQQXMBWCE3d3dy5pZmYtY2hhcml0eS5vcmcwPgYD
VR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp
Y2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDov
L29jc3AuZGlnaWNlcnQuY29tMEoGCCsGAQUFBzAChj5odHRwOi8vY2FjZXJ0cy5k
aWdpY2VydC5jb20vRW5jcnlwdGlvbkV2ZXJ5d2hlcmVEVlRMU0NBLUcyLmNydDAM
BgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgB2/4g/Crb7
lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYrdsx6iAAAEAwBHMEUCIGjG4pF6
6LeCs4Jqn80/QB7AbCU16hkLLIjQU4DkAXyMAiEAniucRerKlXgk7daYSTIjHMJ1
MkDMi1281YG26YCdHGgAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE
cwAAAYrdsx7DAAAEAwBGMEQCIB48j8PV5dhwRktGoF8JbfADHx/kFjZPCZ1T1toN
o7cBAiBaYU2pILUnHlb+iisPerRM2sduS3/KOzNJxofpWPJTJgB2ANq2v2s/tbYi
n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABit2zHpgAAAQDAEcwRQIgZfe8GTsN
TWikkld6nt0iNS8yxLdl0krGH7u6V7vvanwCIQDiQI6BAI902d/JhDsISLpzxEK7
jgXjZJ4GtMUhUpWW2DANBgkqhkiG9w0BAQsFAAOCAQEAmwG9B3dFJL0cHbkF1npP
//Q4IbV3+e7i/ttk0Q1mi/JpfrLX3RvWILVCQnGiTgpiVthsshwAb6vHKKBh8rCv
1erSroHlLbFQSp3XTQ5wLHupI1IL+PH7sEzBsE2JNg9/2/BiSWx52o4C4kDud9Nn
JcueZYtSPaUZ5z7i6xudzxNx8VUwrJ/VKOslSkJoinuuApqNYoFy5wH8Nhm+dQSG
R7VJ0PvX2MB6KLG9+fqujeJIh3vf620K4YoUduBdj0yUKaQ7ohiTwUNp9Iu45KIe
DdKu3Cvs5oMTKX1urXqWP8GarhGQgODhyH3utdMHAmzhXbXzHE4Ibfbkuvg0Hz7V
Kw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySHDzjTw3l5kRqvJab+r
IgXjLzSC1JDqyVeh6B5dnzz98Kfrzr919fif4th6TCr4RsJpLrxW8enaJTryAenA
fjcQgP/1hhl0U5Me7IvYTsUQ44XmnjWVfrySulAwtAiGjfExypWmgcOvbKEf7eFu
5Ps9qSZC55ptDI1klrmQmYyrtpb1x0jETfD7oxuCwpoJpGrehGu/sPCv26F3xDla
JyRU4p7xB1k0e1uZdjbQmhD32SNmnQ4FK91Azy1xTHySLncSVKIhzUXrw+S1W62b
Zhf2Lw8vq49SAd1+VavGZPQQHN2QYd2VoYMEcdJ8sJAZ7IITkQy63/5CBDYpP+4i
rQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4652770591803930403053478979813350270
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.iff-charity.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25390549373772642879229883850937439120189363615930009964514205905288739148195830101402667525609991258975774119599227236722860042904961038966594343666839735574842274099186772947686634864958235725707646793477647913472666190538862848961013338122838761185031759049730341605226934352956358815571833730978487023593882361962184289453281505647105854134548255340898442341727781613953989899484342629082683260468626747946956513512815969439753962206051236184480548848643614708877337050176838411480047728513103048806468643891204860022443719007870678316028794670887687786273623691755639669284568328081758969413341414361297171915437
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5d85cc9690b061aef98feb195f38487b72697039
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iff-charity.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018addb31ea20000040300473045022068c6e2917ae8b782b3826a9fcd3f401ec06c2535ea190b2c88d05380e4017c8c0221009e2b9c45eaca957824edd6984932231cc2753240cc8b5dbcd581b6e9809d1c6800750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018addb31ec3000004030046304402201e3c8fc3d5e5d870464b46a05f096df0031f1fe416364f099d53d6da0da3b70102205a614da920b5271e56fe8a2b0f7ab44cdac76e4b7fca3b3349c687e958f25326007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018addb31e980000040300473045022065f7bc193b0d4d68a492577a9edd22352f32c4b765d24ac61fbbba57bbef6a7c022100e2408e81008f74d9dfc9843b0848ba73c442bb8e05e3649e06b4c521529596d8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009b01bd07774524bd1c1db905d67a4ffff43821b577f9eee2fedb64d10d668bf2697eb2d7dd1bd620b5424271a24e0a6256d86cb21c006fabc728a061f2b0afd5ead2ae81e52db1504a9dd74d0e702c7ba923520bf8f1fbb04cc1b04d89360f7fdbf062496c79da8e02e240ee77d36725cb9e658b523da519e73ee2eb1b9dcf1371f15530ac9fd528eb254a42688a7bae029a8d628172e701fc3619be75048647b549d0fbd7d8c07a28b1bdf9faae8de248877bdfeb6d0ae18a1476e05d8f4c9429a43ba21893c14369f48bb8e4a21e0dd2aedc2bece68313297d6ead7a963fc19aae119080e0e1c87deeb5d307026ce15db5f31c4e086df6e4baf8341f3ed52b