chfindiafoundation.org
Issued by R3
About this certificate
This digital certificate with serial number 03:dd:24:9e:a7:1e:bf:c1:9f:88:ba:35:6b:99:4e:68:fb:38 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=chfindiafoundation.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:dd:24:9e:a7:1e:bf:c1:9f:88:ba:35:6b:99:4e:68:fb:38Serial Number (int): 336587936865158640237661730800432402987832
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f9:a3:74:5a:25:88:82:93:d8:ec:8b:c3:28:0b:84:4b:25:ba:b6:8d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 43:b6:cf:ff:6f:ed:6c:b8:92:58:f5:14:c8:4a:c2:91:42:98:88:1a
Fingerprint (sha256): 21:20:f6:20:39:0e:5a:6b:5f:c3:79:3b:98:50:36:84:bf:94:0b:be:51:d4:2c:b4:85:2d:6c:4a:47:1a:75:95
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate chfindiafoundation.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for chfindiafoundation.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.chfindiafoundation.org
chfindiafoundation.org
chfindiafoundation.org
Other certificates including the domain name chfindiafoundation.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for chfindiafoundation.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISA90knqcev8GfiLo1a5lOaPs4MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MTEwOTE2MDhaFw0yMzEyMTAwOTE2MDdaMCExHzAdBgNVBAMT FmNoZmluZGlhZm91bmRhdGlvbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQC9xnJY+FWw7i5KeYqbbkPKGVgSLZgjs8lTa3B1gxKxINeA98a4dZYF 1O5ZnKLMdJhRvSzWZ0sZ5v5KQvvsVqFPGwf4kU2G6OW3sEeM56wtl5iylI0iX2FW tsabeUWORZl5k8w7/1cUaONM95NG7QzuQ2nAX2iM//QqEVJCGYH6Js3iqlKX31nt AxU6g/Gnjcq7b90C6wFnMS3dYkxr1feezpZGk668hiwuxwmzxIHUxphkbO4Lndqi UNc2b6etK2PdnlS9FB/xzEdcuuL0YmAffVn4cy0HHKKyt/nRmSejtySSzCsBIYui +BoY55GQ5CHumWt5sChlu7nKRgjSihtDAgMBAAGjggIzMIICLzAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFPmjdFoliIKT2OyLwygLhEsluraNMB8GA1UdIwQYMBaAFBQu sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s ZW5jci5vcmcvMDsGA1UdEQQ0MDKCGCouY2hmaW5kaWFmb3VuZGF0aW9uLm9yZ4IW Y2hmaW5kaWFmb3VuZGF0aW9uLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUG CisGAQQB1nkCBAIEgfYEgfMA8QB3ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4d CYEl7bSZAAABioO9yuMAAAQDAEgwRgIhAIsZ/MpYoWme1jE7Mb+UZUiMU2dAVQ3n xR0M9P13GUOfAiEA6xZBjfAElSAp6fMC1RElEAvmQfTUfjL4Xlg7gNjA43IAdgB6 MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYqDvcsJAAAEAwBHMEUC IQCK1vZEWe2ucNzCwsNahqD4g+bzpsmAifa/0cObRmZPnwIgRBDzUWws1YhQBmqe SicCYOlXvMevwZeWHxmicXpXyu0wDQYJKoZIhvcNAQELBQADggEBALPmXk5ER3C1 YxCWUfCsrbta4kQoo26W4jGiRCKaPjKXCDpHhymhXAEems6+M4lZ8O1gV4nkatTy XFxVv/Dyz0nugx50e9pIYcBjOL4lHUKuNX5+23FurqIApIekDY8A602UmeADEbOV 0G/wcLYzgWJMlORLmHs2qMHF4C66nNobitmiYn9MCHn55MW1TLbXUvmO5JYjHRDF KIVGKIak0ZHIsk8C7SokH7h6L5Mo8TMlRL9Mbn7FmxU95mAVTA0jRKuLLV9iUGBX fpqMRMZlkAh2Wt8wpA+fmdTttd9SsgVVLkUWw4BaTNR/H73rxJsWL9Dl3OkBqM9D EbQ9Zcmfhpo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcZyWPhVsO4uSnmKm25D yhlYEi2YI7PJU2twdYMSsSDXgPfGuHWWBdTuWZyizHSYUb0s1mdLGeb+SkL77Fah TxsH+JFNhujlt7BHjOesLZeYspSNIl9hVrbGm3lFjkWZeZPMO/9XFGjjTPeTRu0M 7kNpwF9ojP/0KhFSQhmB+ibN4qpSl99Z7QMVOoPxp43Ku2/dAusBZzEt3WJMa9X3 ns6WRpOuvIYsLscJs8SB1MaYZGzuC53aolDXNm+nrStj3Z5UvRQf8cxHXLri9GJg H31Z+HMtBxyisrf50Zkno7ckkswrASGLovgaGOeRkOQh7plrebAoZbu5ykYI0oob QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336587936865158640237661730800432402987832 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-11 09:16:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-10 09:16:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chfindiafoundation.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23956897338805664403418401729107584134898615423484605352581257742550900701672096060595381012905704953189076733129786432332633173159086036130858204765321720890642922531416255514255296195288795570489065860994976257731931205507842758816663388568090297653294975726985907095771983382296135223245380406219216620756909440312803887327796410476599580295213949572199938651085962884008616165021076285578160648110454123519612154210479878381309072629453483348352858171180632039198179396930761768399203329556947165023679202357513812060941237735947059903100194817462894517055852615116918121942277978668531125894322931974578564111171 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f9a3745a25888293d8ec8bc3280b844b25bab68d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.chfindiafoundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chfindiafoundation.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a83bdcae300000403004830460221008b19fcca58a1699ed6313b31bf9465488c536740550de7c51d0cf4fd7719439f022100eb16418df004952029e9f302d51125100be641f4d47e32f85e583b80d8c0e3720076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a83bdcb0900000403004730450221008ad6f64459edae70dcc2c2c35a86a0f883e6f3a6c98089f6bfd1c39b46664f9f02204410f3516c2cd58850066a9e4a270260e957bcc7afc197961f19a2717a57caed . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b3e65e4e444770b563109651f0acadbb5ae24428a36e96e231a244229a3e3297083a478729a15c011e9acebe338959f0ed605789e46ad4f25c5c55bff0f2cf49ee831e747bda4861c06338be251d42ae357e7edb716eaea200a487a40d8f00eb4d9499e00311b395d06ff070b63381624c94e44b987b36a8c1c5e02eba9cda1b8ad9a2627f4c0879f9e4c5b54cb6d752f98ee496231d10c52885462886a4d191c8b24f02ed2a241fb87a2f9328f1332544bf4c6e7ec59b153de660154c0d2344ab8b2d5f625060577e9a8c44c6659008765adf30a40f9f99d4edb5df52b205552e4516c3805a4cd47f1fbdebc49b162fd0e5dce901a8cf4311b43d65c99f869a