www.agefa.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:95:1d:bd:2e:06:23:c4:a6:ce:54:35:35:12:71:14:e2:18 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.agefa.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:95:1d:bd:2e:06:23:c4:a6:ce:54:35:35:12:71:14:e2:18Serial Number (int): 312078460355961877094236268005315782697496
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c5:8c:e9:2a:14:18:f8:12:c9:2a:89:ea:4c:74:de:87:36:9b:16:03
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 8a:40:7d:7f:b2:1e:0d:b7:b8:4f:6c:f2:a1:9c:f0:00:db:77:14:75
Fingerprint (sha256): 2a:77:21:f8:3d:19:82:67:c7:f7:2a:82:5c:ff:74:ad:d7:0a:c2:e0:42:b9:1b:a0:0b:9a:27:93:76:bb:f2:bb
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.agefa.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.agefa.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.agefa.org
Other certificates including the domain name agefa.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.agefa.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA5UdvS4GI8SmzlQ1NRJxFOIYMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MjgxMjA3MzFaFw0x OTA5MjYxMjA3MzFaMBgxFjAUBgNVBAMTDXd3dy5hZ2VmYS5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDHMmXug1Eb1dR1OUANQyW/7T7qfQLZ7Sbt DMBjodY8xmTDgkjyzzXoiB+sX0CiaHgLxFGrA606NJ18D/gBDOwAwlf1g7eel+Eu pf0YZvqWpMl6WDA8/GJrc9Hc/04JITBK8ELzGvIw1FTLUvzAakmK/umwIlAWm5DK QkiUyF10+PUGsYU37SFfkx7jqTwg6JFCDkULRrx69v05OcxG++mOQJAQh70i3vaW gpJqk0lznYvPHUTxE2O7Iin+6krFQdUk/zaGtdzyERfCdX1wB7JHHK3hZN70oTPZ xKCIfqEud6nCxg7idq2ghn2CW6ZuWajeG6o5t4LGexKfovdWmnTxu+2q+9sMsTVB u22FHPOIJiyzRzEas5pMDdUD5y3oZx8zPETxACwUifATds+9BNcud/6dEHiRFQlk smDbBBSc2LlRnJysJnAnP8DOyxphTsSAii2+RVINJxt3ASYdX0hM35QT9IZqmk6q iGwYEp23nZJ03KVjA6FPM3avwacJgIPCEfwaWXsrsZ5nsA2mESaplEODorRjBBuD hGpRG4APl9gVSxRQe9J/aPVZh9kKaMDY/cRGsw4W4dQaeFQl1svz99PPBTk40eui O3yt0Xa6o2jLao1He0OX5ERLaQZNQA2CC6gNuqhdrn8zHgALmafIjXw8xzeUQpSO 2EyoT4ksfwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTFjOkq FBj4EskqiepMdN6HNpsWAzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5hZ2VmYS5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdQB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWueMrPaAAAE AwBGMEQCIFKKkaHlsjC0NQRn+4/4A3J6rV5fJHf64/Drjxofx7GWAiAAmHl41tx3 P09M3u6+JITi5A9mEMPSv+umThXkqyDsmgB3AGPy283oO8wszwtyhCdXazOkjWF3 j711pjixx2hUS9iNAAABa54ys+wAAAQDAEgwRgIhANfS7l3zOU/XXGqi0/YR5tiZ mAu+VLUVcgFiKT8OZn7QAiEA0A6asSN6H3lB4hB61pcyKuRhVLwKmnne1vpPPrIC CB4wDQYJKoZIhvcNAQELBQADggEBAEDYrx8CEEyUr6te/IrUE95ZOfHAAi0rRdXL vT9sjXN4okx3U9ucmF80iMBUZNAAGHoX10ZQyTTMErvbyi4/zTZTDw44NPsTkjn4 GV7DmqqVeu113TNv6g+4L9xKTUyAKpVPCXjdvqRekWJVfcriVcx0lSAYnhdNVEqG R4VD9XrnPe4XY5wY14T30uqxPbyG94EoGpCjVneW4X7Yj+GVzHqdcrOjdn6oSH3f ShQ1U/08rCFUlnwowOdaRfnNFLpCQN73rNNW6h2fEQhyUo1OPpQWLn7D7hZtUH4t 1qbsLOWsq1NimE7ZkX4hAfViGKFj0Y3cWmLdt2TdAWVoLMau+Uk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxzJl7oNRG9XUdTlADUMl v+0+6n0C2e0m7QzAY6HWPMZkw4JI8s816IgfrF9Aomh4C8RRqwOtOjSdfA/4AQzs AMJX9YO3npfhLqX9GGb6lqTJelgwPPxia3PR3P9OCSEwSvBC8xryMNRUy1L8wGpJ iv7psCJQFpuQykJIlMhddPj1BrGFN+0hX5Me46k8IOiRQg5FC0a8evb9OTnMRvvp jkCQEIe9It72loKSapNJc52Lzx1E8RNjuyIp/upKxUHVJP82hrXc8hEXwnV9cAey Rxyt4WTe9KEz2cSgiH6hLnepwsYO4natoIZ9glumblmo3huqObeCxnsSn6L3Vpp0 8bvtqvvbDLE1QbtthRzziCYss0cxGrOaTA3VA+ct6GcfMzxE8QAsFInwE3bPvQTX Lnf+nRB4kRUJZLJg2wQUnNi5UZycrCZwJz/AzssaYU7EgIotvkVSDScbdwEmHV9I TN+UE/SGappOqohsGBKdt52SdNylYwOhTzN2r8GnCYCDwhH8Gll7K7GeZ7ANphEm qZRDg6K0YwQbg4RqURuAD5fYFUsUUHvSf2j1WYfZCmjA2P3ERrMOFuHUGnhUJdbL 8/fTzwU5ONHrojt8rdF2uqNoy2qNR3tDl+RES2kGTUANgguoDbqoXa5/Mx4AC5mn yI18PMc3lEKUjthMqE+JLH8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 312078460355961877094236268005315782697496 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-28 12:07:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-26 12:07:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.agefa.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 812652320309475592286495916822614955809238386993991640723819663082086250514921869314863483189114264395105534613266379990110226440386267180665861926786814512278646244880569107185744030949698236421373215573616581774720798849222540384391737259628204928923896499732135180209172179861945699152886183179461692079236850637066278450501674921693473399161485674027396161930910021013983305255647953988633425225659775414959668607354099508969499183142858827984557549922937509441636017334506313484910519348500211503147444372734399181763389000121638497152735984882339089922496355780642047001707044545264408973293312822393289879600732869062314831914883342690777626044522670841349927462696131167512955345400703780244999663175139186365666284650262751647959579244940149392735903496504557827367937105759380433281238580008554709314524292458826044848714492482288994968249955998085565754867322433143263392191492392546748525738551289260314824941727263436216858752285865591208683765385224656825388046566168704380042003934421353787701402405123317982233157582265227962221422665429332658304280841410037858585595370297820553829741331431253046241883283296242220185847576911050167834446941558676453629082258633066110958306796823748766666150306495188342494150077567 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c58ce92a1418f812c92a89ea4c74de87369b1603 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agefa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016b9e32b3da00000403004630440220528a91a1e5b230b4350467fb8ff803727aad5e5f2477fae3f0eb8f1a1fc7b196022000987978d6dc773f4f4cdeeebe2484e2e40f6610c3d2bfeba64e15e4ab20ec9a00770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016b9e32b3ec0000040300483046022100d7d2ee5df3394fd75c6aa2d3f611e6d899980bbe54b515720162293f0e667ed0022100d00e9ab1237a1f7941e2107ad697322ae46154bc0a9a79ded6fa4f3eb202081e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0040d8af1f02104c94afab5efc8ad413de5939f1c0022d2b45d5cbbd3f6c8d7378a24c7753db9c985f3488c05464d000187a17d74650c934cc12bbdbca2e3fcd36530f0e3834fb139239f8195ec39aaa957aed75dd336fea0fb82fdc4a4d4c802a954f0978ddbea45e9162557dcae255cc749520189e174d544a86478543f57ae73dee17639c18d784f7d2eab13dbc86f781281a90a3567796e17ed88fe195cc7a9d72b3a3767ea8487ddf4a143553fd3cac2154967c28c0e75a45f9cd14ba4240def7acd356ea1d9f110872528d4e3e94162e7ec3ee166d507e2dd6a6ec2ce5acab5362984ed9917e2101f56218a163d18ddc5a62ddb764dd0165682cc6aef949