stemdenver.org.ufx.co.za
Issued by R3
About this certificate
This digital certificate with serial number 03:fc:f2:35:93:5a:57:50:3b:f4:17:b1:b8:8e:25:e3:8b:f8 was issued on by Let's Encrypt.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=stemdenver.org.ufx.co.za
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:fc:f2:35:93:5a:57:50:3b:f4:17:b1:b8:8e:25:e3:8b:f8Serial Number (int): 347409965614742453275870837292223403625464
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 65:e7:ff:31:f1:04:57:26:40:32:24:ab:b5:69:51:f9:1a:8c:0f:55
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): cf:bd:65:92:56:fb:6f:88:2e:f3:42:5b:02:25:4e:f1:d9:db:25:d1
Fingerprint (sha256): 12:8d:68:4c:f0:64:c0:ab:52:62:14:7e:cf:13:80:64:e6:84:ec:c3:0f:2c:f8:a2:6b:bb:8f:42:37:43:6a:42
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate stemdenver.org.ufx.co.za
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stemdenver.org.ufx.co.za
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
822.cool.hemptelemeds.com
alfalfacounty.com
axischiropracticclinic.info
chiller.forsale
formalweddingfavors.com
javarius.com
kattenbarge.com
marketingsemantico.com.unitednationsforlife.org.mytattoo.in
stemdenver.org.ufx.co.za
thepfs.com
alfalfacounty.com
axischiropracticclinic.info
chiller.forsale
formalweddingfavors.com
javarius.com
kattenbarge.com
marketingsemantico.com.unitednationsforlife.org.mytattoo.in
stemdenver.org.ufx.co.za
thepfs.com
Other certificates including the domain name ufx.co.za
(limited to 100 certificates)
Certificate
The complete raw certificate details for stemdenver.org.ufx.co.za in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3zCCBMegAwIBAgISA/zyNZNaV1A79BexuI4l44v4MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMDcxNjI3NTlaFw0yNDA0MDYxNjI3NThaMCMxITAfBgNVBAMT GHN0ZW1kZW52ZXIub3JnLnVmeC5jby56YTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKdtUbACjcW7TBYjuLQRBDPyo8xOTJrlq5yPS1P4UcrJm1HZenc4 bA4aEHnhs7U675eeq6upzZcLwuNgJAd6V62XS5OiGCDCMd7160N29Os/ynASXT3P z7z4aQMQgYtgRtRAeqjZIO0EIRsD0jIiH3ioOI1cvN0sfr63yn9obtPpSA7Mn9lg lX6maU64Y1rA72KXj73ydILPiUtlJE2OHa+iBSxqQ05u9Vf4kykMxpDh/7Epmp5w IV3uLb1EUuX3gvXKjsS1wA/Tt2JPBcplNdSMl5CPobc6uTZO4rwf43R0eiUh/6HL bdX6H5FoRz1hRiSEWgAMV0192nBIUAYv1GsCAwEAAaOCAvwwggL4MA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUZef/MfEEVyZAMiSrtWlR+RqMD1UwHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wggECBgNVHREEgfowgfeCGTgyMi5jb29sLmhlbXB0ZWxlbWVk cy5jb22CEWFsZmFsZmFjb3VudHkuY29tghtheGlzY2hpcm9wcmFjdGljY2xpbmlj LmluZm+CD2NoaWxsZXIuZm9yc2FsZYIXZm9ybWFsd2VkZGluZ2Zhdm9ycy5jb22C DGphdmFyaXVzLmNvbYIPa2F0dGVuYmFyZ2UuY29tgjttYXJrZXRpbmdzZW1hbnRp Y28uY29tLnVuaXRlZG5hdGlvbnNmb3JsaWZlLm9yZy5teXRhdHRvby5pboIYc3Rl bWRlbnZlci5vcmcudWZ4LmNvLnphggp0aGVwZnMuY29tMBMGA1UdIAQMMAowCAYG Z4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAouK/1h7eLy8HoNZObTen 3GVDsMa1LqLat4r4mm31F9gAAAGM5PeT/AAABAMARzBFAiB8w586v72R9/Xc+bOF p1YBUxymibjCbYbsKHs4+V+gyAIhAKArKp4pnPCU9Ow7mcKjcRAs0C1wel8FIFQb 1f0TVCYDAHcAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGM5PeU gAAABAMASDBGAiEAnBgGFxana+UmEY7aqJnRBus07GNk8wyOANZXT1ZEGGkCIQD4 az6wlyy3tP+mzazkrek9YDSSYSbDy9C4D0X3ATdgmTANBgkqhkiG9w0BAQsFAAOC AQEAcNzU4lumD/CVBO4H4WLarPcfPCpxepd4oRY5uV/rnAVn0Nal2uOZ+mGT16Pp ooUPrx75K2MUgBHVkUU0QCeFOP/mvMRocXiQZiW5K0r5TobRjrimThlv8PxH3iOP tAMAEYBPWseoYdPYTylZGG+7yYEvlqV80ojRS3l5wWyTQOVjNsmlouM2TiG1clVx jJC1bsWTz4hUqyiYdoAAARWbpp6x95PObhdEGI+fZxwZesLVcnZp64oZNu4kDn+I jAB9OODeBYIK6ZobNUdlzwU7AmNlifqmbN+Qg78X/DPNqUrEsuOgw+ZZS0QHCz89 G+wj6LGFhvkImy/EG6AZy7vM5g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp21RsAKNxbtMFiO4tBEE M/KjzE5MmuWrnI9LU/hRysmbUdl6dzhsDhoQeeGztTrvl56rq6nNlwvC42AkB3pX rZdLk6IYIMIx3vXrQ3b06z/KcBJdPc/PvPhpAxCBi2BG1EB6qNkg7QQhGwPSMiIf eKg4jVy83Sx+vrfKf2hu0+lIDsyf2WCVfqZpTrhjWsDvYpePvfJ0gs+JS2UkTY4d r6IFLGpDTm71V/iTKQzGkOH/sSmannAhXe4tvURS5feC9cqOxLXAD9O3Yk8FymU1 1IyXkI+htzq5Nk7ivB/jdHR6JSH/octt1fofkWhHPWFGJIRaAAxXTX3acEhQBi/U awIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 347409965614742453275870837292223403625464 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-07 16:27:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-06 16:27:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stemdenver.org.ufx.co.za' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21135704182722736157462584453866193253767870797213877408687936135759120572167675709141461748165692405248774598689242332749940021179417368188535869543279893029545479697067382627372927954051400178145776736930178308965783005640407721116858145291617455844644200957951262357213519681826890856699005325043913233023043106934502384738854479401771747380728042597599568667107021377784190831090435821857097462292882983864331193952668951884312032087826108700364879778064259091654911178267634185669192532006504013719842079622779883755005869950320286192030367242690429968752829574188652022833240669114598410194259426844495703954539 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 65e7ff31f1045726403224abb56951f91a8c0f55 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (250 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '822.cool.hemptelemeds.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alfalfacounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'axischiropracticclinic.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chiller.forsale' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'formalweddingfavors.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'javarius.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kattenbarge.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketingsemantico.com.unitednationsforlife.org.mytattoo.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stemdenver.org.ufx.co.za' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thepfs.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018ce4f793fc000004030047304502207cc39f3abfbd91f7f5dcf9b385a75601531ca689b8c26d86ec287b38f95fa0c8022100a02b2a9e299cf094f4ec3b99c2a371102cd02d707a5f0520541bd5fd1354260300770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ce4f7948000000403004830460221009c18061716a76be526118edaa899d106eb34ec6364f30c8e00d6574f56441869022100f86b3eb0972cb7b4ffa6cdace4ade93d6034926126c3cbd0b80f45f701376099 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0070dcd4e25ba60ff09504ee07e162daacf71f3c2a717a9778a11639b95feb9c0567d0d6a5dae399fa6193d7a3e9a2850faf1ef92b63148011d591453440278538ffe6bcc4687178906625b92b4af94e86d18eb8a64e196ff0fc47de238fb4030011804f5ac7a861d3d84f2959186fbbc9812f96a57cd288d14b7979c16c9340e56336c9a5a2e3364e21b57255718c90b56ec593cf8854ab289876800001159ba69eb1f793ce6e1744188f9f671c197ac2d5727669eb8a1936ee240e7f888c007d38e0de05820ae99a1b354765cf053b02636589faa66cdf9083bf17fc33cda94ac4b2e3a0c3e6594b44070b3f3d1bec23e8b18586f9089b2fc41ba019cbbbcce6