stemdenver.org.ufx.co.za

Issued by R3

About this certificate

This digital certificate with serial number 03:fc:f2:35:93:5a:57:50:3b:f4:17:b1:b8:8e:25:e3:8b:f8 was issued on by Let's Encrypt.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=stemdenver.org.ufx.co.za

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:fc:f2:35:93:5a:57:50:3b:f4:17:b1:b8:8e:25:e3:8b:f8
Serial Number (int): 347409965614742453275870837292223403625464
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 65:e7:ff:31:f1:04:57:26:40:32:24:ab:b5:69:51:f9:1a:8c:0f:55
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): cf:bd:65:92:56:fb:6f:88:2e:f3:42:5b:02:25:4e:f1:d9:db:25:d1
Fingerprint (sha256): 12:8d:68:4c:f0:64:c0:ab:52:62:14:7e:cf:13:80:64:e6:84:ec:c3:0f:2c:f8:a2:6b:bb:8f:42:37:43:6a:42

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate stemdenver.org.ufx.co.za

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for stemdenver.org.ufx.co.za

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

822.cool.hemptelemeds.com
alfalfacounty.com
axischiropracticclinic.info
chiller.forsale
formalweddingfavors.com
javarius.com
kattenbarge.com
marketingsemantico.com.unitednationsforlife.org.mytattoo.in
stemdenver.org.ufx.co.za
thepfs.com

Other certificates including the domain name ufx.co.za

(limited to 100 certificates)
ufx.co.za
ufx.co.za
stemdenver.org.ufx.co.za
ufx.co.za
ufx.co.za
ufx.co.za
ufx.co.za
ufx.co.za
filetminion.com.mnmeetings.statenationals.us.ufx.co.za
ufx.co.za
ufx.co.za
ufx.co.za
ufx.co.za

Certificate

The complete raw certificate details for stemdenver.org.ufx.co.za in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgISA/zyNZNaV1A79BexuI4l44v4MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMDcxNjI3NTlaFw0yNDA0MDYxNjI3NThaMCMxITAfBgNVBAMT
GHN0ZW1kZW52ZXIub3JnLnVmeC5jby56YTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKdtUbACjcW7TBYjuLQRBDPyo8xOTJrlq5yPS1P4UcrJm1HZenc4
bA4aEHnhs7U675eeq6upzZcLwuNgJAd6V62XS5OiGCDCMd7160N29Os/ynASXT3P
z7z4aQMQgYtgRtRAeqjZIO0EIRsD0jIiH3ioOI1cvN0sfr63yn9obtPpSA7Mn9lg
lX6maU64Y1rA72KXj73ydILPiUtlJE2OHa+iBSxqQ05u9Vf4kykMxpDh/7Epmp5w
IV3uLb1EUuX3gvXKjsS1wA/Tt2JPBcplNdSMl5CPobc6uTZO4rwf43R0eiUh/6HL
bdX6H5FoRz1hRiSEWgAMV0192nBIUAYv1GsCAwEAAaOCAvwwggL4MA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQUZef/MfEEVyZAMiSrtWlR+RqMD1UwHwYDVR0jBBgwFoAU
FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB
hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p
LmxlbmNyLm9yZy8wggECBgNVHREEgfowgfeCGTgyMi5jb29sLmhlbXB0ZWxlbWVk
cy5jb22CEWFsZmFsZmFjb3VudHkuY29tghtheGlzY2hpcm9wcmFjdGljY2xpbmlj
LmluZm+CD2NoaWxsZXIuZm9yc2FsZYIXZm9ybWFsd2VkZGluZ2Zhdm9ycy5jb22C
DGphdmFyaXVzLmNvbYIPa2F0dGVuYmFyZ2UuY29tgjttYXJrZXRpbmdzZW1hbnRp
Y28uY29tLnVuaXRlZG5hdGlvbnNmb3JsaWZlLm9yZy5teXRhdHRvby5pboIYc3Rl
bWRlbnZlci5vcmcudWZ4LmNvLnphggp0aGVwZnMuY29tMBMGA1UdIAQMMAowCAYG
Z4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAouK/1h7eLy8HoNZObTen
3GVDsMa1LqLat4r4mm31F9gAAAGM5PeT/AAABAMARzBFAiB8w586v72R9/Xc+bOF
p1YBUxymibjCbYbsKHs4+V+gyAIhAKArKp4pnPCU9Ow7mcKjcRAs0C1wel8FIFQb
1f0TVCYDAHcAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGM5PeU
gAAABAMASDBGAiEAnBgGFxana+UmEY7aqJnRBus07GNk8wyOANZXT1ZEGGkCIQD4
az6wlyy3tP+mzazkrek9YDSSYSbDy9C4D0X3ATdgmTANBgkqhkiG9w0BAQsFAAOC
AQEAcNzU4lumD/CVBO4H4WLarPcfPCpxepd4oRY5uV/rnAVn0Nal2uOZ+mGT16Pp
ooUPrx75K2MUgBHVkUU0QCeFOP/mvMRocXiQZiW5K0r5TobRjrimThlv8PxH3iOP
tAMAEYBPWseoYdPYTylZGG+7yYEvlqV80ojRS3l5wWyTQOVjNsmlouM2TiG1clVx
jJC1bsWTz4hUqyiYdoAAARWbpp6x95PObhdEGI+fZxwZesLVcnZp64oZNu4kDn+I
jAB9OODeBYIK6ZobNUdlzwU7AmNlifqmbN+Qg78X/DPNqUrEsuOgw+ZZS0QHCz89
G+wj6LGFhvkImy/EG6AZy7vM5g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp21RsAKNxbtMFiO4tBEE
M/KjzE5MmuWrnI9LU/hRysmbUdl6dzhsDhoQeeGztTrvl56rq6nNlwvC42AkB3pX
rZdLk6IYIMIx3vXrQ3b06z/KcBJdPc/PvPhpAxCBi2BG1EB6qNkg7QQhGwPSMiIf
eKg4jVy83Sx+vrfKf2hu0+lIDsyf2WCVfqZpTrhjWsDvYpePvfJ0gs+JS2UkTY4d
r6IFLGpDTm71V/iTKQzGkOH/sSmannAhXe4tvURS5feC9cqOxLXAD9O3Yk8FymU1
1IyXkI+htzq5Nk7ivB/jdHR6JSH/octt1fofkWhHPWFGJIRaAAxXTX3acEhQBi/U
awIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 347409965614742453275870837292223403625464
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-07 16:27:59 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-06 16:27:58 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stemdenver.org.ufx.co.za'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21135704182722736157462584453866193253767870797213877408687936135759120572167675709141461748165692405248774598689242332749940021179417368188535869543279893029545479697067382627372927954051400178145776736930178308965783005640407721116858145291617455844644200957951262357213519681826890856699005325043913233023043106934502384738854479401771747380728042597599568667107021377784190831090435821857097462292882983864331193952668951884312032087826108700364879778064259091654911178267634185669192532006504013719842079622779883755005869950320286192030367242690429968752829574188652022833240669114598410194259426844495703954539
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							65e7ff31f1045726403224abb56951f91a8c0f55
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (250 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '822.cool.hemptelemeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alfalfacounty.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'axischiropracticclinic.info'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chiller.forsale'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'formalweddingfavors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'javarius.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kattenbarge.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketingsemantico.com.unitednationsforlife.org.mytattoo.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stemdenver.org.ufx.co.za'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thepfs.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018ce4f793fc000004030047304502207cc39f3abfbd91f7f5dcf9b385a75601531ca689b8c26d86ec287b38f95fa0c8022100a02b2a9e299cf094f4ec3b99c2a371102cd02d707a5f0520541bd5fd1354260300770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ce4f7948000000403004830460221009c18061716a76be526118edaa899d106eb34ec6364f30c8e00d6574f56441869022100f86b3eb0972cb7b4ffa6cdace4ade93d6034926126c3cbd0b80f45f701376099
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0070dcd4e25ba60ff09504ee07e162daacf71f3c2a717a9778a11639b95feb9c0567d0d6a5dae399fa6193d7a3e9a2850faf1ef92b63148011d591453440278538ffe6bcc4687178906625b92b4af94e86d18eb8a64e196ff0fc47de238fb4030011804f5ac7a861d3d84f2959186fbbc9812f96a57cd288d14b7979c16c9340e56336c9a5a2e3364e21b57255718c90b56ec593cf8854ab289876800001159ba69eb1f793ce6e1744188f9f671c197ac2d5727669eb8a1936ee240e7f888c007d38e0de05820ae99a1b354765cf053b02636589faa66cdf9083bf17fc33cda94ac4b2e3a0c3e6594b44070b3f3d1bec23e8b18586f9089b2fc41ba019cbbbcce6