www.bffct.org
Issued by R3
About this certificate
This digital certificate with serial number 04:5b:b4:2e:1e:ae:d2:2d:1c:1f:ed:af:4b:77:78:e5:89:04 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.bffct.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5b:b4:2e:1e:ae:d2:2d:1c:1f:ed:af:4b:77:78:e5:89:04Serial Number (int): 379654339624066198994427995120061890529540
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: de:6f:77:6d:7d:d7:84:fe:b3:00:69:d5:cd:e8:f7:23:8a:e0:ee:a4
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 59:67:e3:2f:7b:cf:51:04:a7:c2:eb:57:03:c8:d3:7a:7e:8f:92:a2
Fingerprint (sha256): 2b:e0:24:43:f4:a3:f2:7a:24:88:d7:6e:f8:7e:b9:44:73:44:57:fc:b6:93:43:93:04:37:d7:d5:af:1c:3b:a4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.bffct.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bffct.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bffct.org
www.bffct.org
www.bffct.org
Other certificates including the domain name bffct.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.bffct.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgISBFu0Lh6u0i0cH+2vS3d45YkEMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA4MTExNzUwNDlaFw0yMzExMDkxNzUwNDhaMBgxFjAUBgNVBAMT DXd3dy5iZmZjdC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM TtgSqHqznjGPKAwhqIfgfvty4w+k9bhdG3Ai0QLbKeq7+RoA4rnKvxY9Xqd8ieif Mm+kB8FMwBCtBURAd7bQQXwVlKOkfbXuoHncisdIniWrHvlKR10C3fW4yg75dGvZ worazzQRqqj4zu7DT1zU0mxAizePJ/dxugWpMbVmljsjKf0dAZ/YkAoSnSS9VqIM bkhgr4S9sN/53B9BVAxWG6Z9CZVQGbrdO8LOCx8BMA5Eaqt3BeAcHRGyj1WgEGdk d6VMPRwE+u8F2vXOhPcvdf7HA99m6j4QbAucZj3JDSNIksMcW17FG0ZY3KK6qdEy ZMdO5LLVcJa4ocECxjLDAgMBAAGjggIaMIICFjAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFN5vd21914T+swBp1c3o9yOK4O6kMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv MCMGA1UdEQQcMBqCCWJmZmN0Lm9yZ4INd3d3LmJmZmN0Lm9yZzATBgNVHSAEDDAK MAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3ALc++yTfnE26dfI5 xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABieXv3xUAAAQDAEgwRgIhAKBPyiE+5cFF Y4QAWrzB1l1RzVe/PuEQUDKfLm+x607aAiEAikZ8920STrJlauUTLR6L1rxxKcWr Z1fgP8fGWa16k2gAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAA AYnl7982AAAEAwBGMEQCIBKnTBQr/7pIoVjYFb4fzVmWiCUWBRLZhjuOmYaSAbxF AiBd/AifNolQtsmPDRGMcD/ZyIZn7XrkVZ+Tv9V7x6e7fjANBgkqhkiG9w0BAQsF AAOCAQEAbQW5AuuwzKpKxnGTo05MX31wPTXzYGqsb2tWVsSc8tmKWkjfzgJIyGr5 axEyezJdBH9ICK/RZB1LmuZXC9O5V67jgXEUdqo7QuoGmSMicr+qffuY6vsvxwxV WmrvL9twstB7S1C8i9XxkP8tNjPMnQPOplhrfoX8AU2+UrRCbIiphtCuUgT2SlAD CsUWUp9GIXvRT7awfgcwK0LWTFDiM1cUcu4upqfjZ2U/1+//9RjO9Fkyx9hMt7Pp revfnmuZS52bQFQODs0vBI60l8q3P99v396e+KOJaLHaycY03F8IiBY8CjYJkLzW pcPd1qkKYi5qhWz0g1o7BZCxkBC7VQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE7YEqh6s54xjygMIaiH 4H77cuMPpPW4XRtwItEC2ynqu/kaAOK5yr8WPV6nfInonzJvpAfBTMAQrQVEQHe2 0EF8FZSjpH217qB53IrHSJ4lqx75SkddAt31uMoO+XRr2cKK2s80Eaqo+M7uw09c 1NJsQIs3jyf3cboFqTG1ZpY7Iyn9HQGf2JAKEp0kvVaiDG5IYK+EvbDf+dwfQVQM VhumfQmVUBm63TvCzgsfATAORGqrdwXgHB0Rso9VoBBnZHelTD0cBPrvBdr1zoT3 L3X+xwPfZuo+EGwLnGY9yQ0jSJLDHFtexRtGWNyiuqnRMmTHTuSy1XCWuKHBAsYy wwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 379654339624066198994427995120061890529540 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-11 17:50:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-09 17:50:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bffct.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25791493655643371297531123970857167745746491817317238593489179583480525630758049242083481986429941762278765985056692645701994194206310100340652703570075536027263398048400788525566109535005768248680465965160859320730521425672607922215188822848113339143633066885474972988668343123749973262939060297771796521864041695532249370028825683068656459963674915282411813025694504778897069088797099977213024828871644443909984605137529162150585591300910369125615720844087311617927288262834960690512878364107675447788707002437970524053065328775742946218716980675634857760353615536111759724222003345408981609356254367566351928013507 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) de6f776d7dd784feb30069d5cde8f7238ae0eea4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bffct.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bffct.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000189e5efdf150000040300483046022100a04fca213ee5c1456384005abcc1d65d51cd57bf3ee11050329f2e6fb1eb4eda0221008a467cf76d124eb2656ae5132d1e8bd6bc7129c5ab6757e03fc7c659ad7a93680075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000189e5efdf360000040300463044022012a74c142bffba48a158d815be1fcd59968825160512d9863b8e99869201bc4502205dfc089f368950b6c98f0d118c703fd9c88667ed7ae4559f93bfd57bc7a7bb7e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006d05b902ebb0ccaa4ac67193a34e4c5f7d703d35f3606aac6f6b5656c49cf2d98a5a48dfce0248c86af96b11327b325d047f4808afd1641d4b9ae6570bd3b957aee381711476aa3b42ea0699232272bfaa7dfb98eafb2fc70c555a6aef2fdb70b2d07b4b50bc8bd5f190ff2d3633cc9d03cea6586b7e85fc014dbe52b4426c88a986d0ae5204f64a50030ac516529f46217bd14fb6b07e07302b42d64c50e233571472ee2ea6a7e367653fd7effff518cef45932c7d84cb7b3e9adebdf9e6b994b9d9b40540e0ecd2f048eb497cab73fdf6fdfde9ef8a38968b1dac9c634dc5f0888163c0a360990bcd6a5c3ddd6a90a622e6a856cf4835a3b0590b19010bb55