exchangedchurch.org
Issued by R3
About this certificate
This digital certificate with serial number 03:a5:e2:99:6d:d0:00:43:3b:e0:15:f4:06:e3:cf:14:d3:0a was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=exchangedchurch.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:a5:e2:99:6d:d0:00:43:3b:e0:15:f4:06:e3:cf:14:d3:0aSerial Number (int): 317784650512964519109014181964028329644810
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 2e:3f:2c:f8:19:40:e2:e7:9c:ae:fb:69:ba:e8:31:46:ea:a3:ad:76
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 56:23:52:b4:61:c8:bc:59:7a:a6:14:fe:b9:8d:4f:9a:36:ed:c0:25
Fingerprint (sha256): 32:2e:35:b9:d3:77:ed:b3:a8:fc:a6:52:e8:0f:b8:63:9d:cf:5d:60:eb:cd:ce:ae:43:d2:7a:8d:27:9d:0d:76
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate exchangedchurch.org
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for exchangedchurch.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
buygoldandplatinum.com
exchangedchurch.org
opeasea.com
savemoneyonaccidentinsurance.com
sghaadi.com
exchangedchurch.org
opeasea.com
savemoneyonaccidentinsurance.com
sghaadi.com
Other certificates including the domain name exchangedchurch.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for exchangedchurch.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISA6XimW3QAEM74BX0BuPPFNMKMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTMxNjE2NDdaFw0yNDA3MTIxNjE2NDZaMB4xHDAaBgNVBAMT E2V4Y2hhbmdlZGNodXJjaC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDl+AgdC8CvdsTrlYeTZlkfejqIrcH2lHNm2wxaSCRsoysCYqDkTw8ehq3O AkmDnK0W68E2OmrdXYnojTndtKqpC3ATrHj7ItzCQPrQSgzB2azVLztczIABO4eD 4UuODdgxLleVPnlGGT5Jb3Wn4iNDWuRh6RU5Ag+QKeKan9zBDlTijcPDgDH0PFKh jZQWbJYfnvrTHZWGRVdGMedSZ9aKOgScvGprgIR4O0w5X/Wppg5lFGlQJBu2E64E EcbGAAea6aUG7/AXfihzSXmODjoCE7EXLd7Ca22wQPn131kTTvAmiizglqazOzjx ceOFpU/GgiQkBkP/xDkV4LKs05/BAgMBAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFC4/LPgZQOLnnK77abroMUbqo612MB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMHIGA1UdEQRrMGmCFmJ1eWdvbGRhbmRwbGF0aW51bS5jb22CE2V4Y2hh bmdlZGNodXJjaC5vcmeCC29wZWFzZWEuY29tgiBzYXZlbW9uZXlvbmFjY2lkZW50 aW5zdXJhbmNlLmNvbYILc2doYWFkaS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw ggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQA7U3d1Pi25gE6LMFsG/kA7Z9hPw/TH vQANLXJv4frUFwAAAY7Ydi8VAAAEAwBGMEQCIGXdb3g27+wZ/87b8+YWPChCztsR RGSj3x7WBRD9C/06AiA/83fLdMQ5Pry8+Rgzpj1cYB/fLv2nPe2NlLTdg3ZaXwB1 AN/hVuuqBa+1nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABjth2L+kAAAQDAEYw RAIgYvnFn1XaLofdfBtym/QFPxvV2LA2jRiK3ZZn3N5matYCIHZyVxS4kqTCtceh TWZjd81i2+t6P7dAO9W0RZq7vV6+MA0GCSqGSIb3DQEBCwUAA4IBAQA8YXfm1x7s Z3wzyXbcCx5/9xSBLUOND1ESU17CAo50G7EQUF0yiTz9vZf75ek0pEDhw+5a42XG Vf7sqNJMGeZuqCxCShyqWIJzwQjJxMeEx6TGaT18ncgTAfWvb2MfSdjQfXgRd7EP qvQIk6rtCePIi3uNUvI57kq1kbIbUK+ek/opXhJ5FGfLXC9EJq32RsejhhwPClzO RYPnx+HOhgSdBOlGN74GAl0DbH0yRMaYbP32MO1LBxuK6m5ill9xXYAwWstngGo8 U6T4a79iikFtE6KdPZ3e9REVfTjd+Qsu1+yHBVWaj1D9BDj7F7ziE7MHuKdqoe/c uvIX4Nj3dTdv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fgIHQvAr3bE65WHk2ZZ H3o6iK3B9pRzZtsMWkgkbKMrAmKg5E8PHoatzgJJg5ytFuvBNjpq3V2J6I053bSq qQtwE6x4+yLcwkD60EoMwdms1S87XMyAATuHg+FLjg3YMS5XlT55Rhk+SW91p+Ij Q1rkYekVOQIPkCnimp/cwQ5U4o3Dw4Ax9DxSoY2UFmyWH5760x2VhkVXRjHnUmfW ijoEnLxqa4CEeDtMOV/1qaYOZRRpUCQbthOuBBHGxgAHmumlBu/wF34oc0l5jg46 AhOxFy3ewmttsED59d9ZE07wJoos4Jamszs48XHjhaVPxoIkJAZD/8Q5FeCyrNOf wQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 317784650512964519109014181964028329644810 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-13 16:16:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-12 16:16:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'exchangedchurch.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29030880823665357285507364514227005498253465130783973687781053703321320544919175694796228972229420751238060478465250055348801326243757256050909191025944923890989959044056847904297608270237417987733785990543215258299340557653415458943901640068303451023402671133563077708997806000847238124475965704002828197705612375039847302706479281629310300218040752412310072120327677141248188951338746766359555449782586183041599810701333050641052506048020761766387878112809556962602922108571830659659075197195651627733638464586105374385277752528554343080524526236891223794438219986994757757043199032790719421164156797127836252217281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2e3f2cf81940e2e79caefb69bae83146eaa3ad76 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buygoldandplatinum.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exchangedchurch.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opeasea.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'savemoneyonaccidentinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sghaadi.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ed8762f150000040300463044022065dd6f7836efec19ffcedbf3e6163c2842cedb114464a3df1ed60510fd0bfd3a02203ff377cb74c4393ebcbcf91833a63d5c601fdf2efda73ded8d94b4dd83765a5f007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ed8762fe90000040300463044022062f9c59f55da2e87dd7c1b729bf4053f1bd5d8b0368d188add9667dcde666ad6022076725714b892a4c2b5c7a14d666377cd62dbeb7a3fb7403bd5b4459abbbd5ebe . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003c6177e6d71eec677c33c976dc0b1e7ff714812d438d0f5112535ec2028e741bb110505d32893cfdbd97fbe5e934a440e1c3ee5ae365c655feeca8d24c19e66ea82c424a1caa588273c108c9c4c784c7a4c6693d7c9dc81301f5af6f631f49d8d07d781177b10faaf40893aaed09e3c88b7b8d52f239ee4ab591b21b50af9e93fa295e12791467cb5c2f4426adf646c7a3861c0f0a5cce4583e7c7e1ce86049d04e94637be06025d036c7d3244c6986cfdf630ed4b071b8aea6e62965f715d80305acb67806a3c53a4f86bbf628a416d13a29d3d9ddef511157d38ddf90b2ed7ec8705559a8f50fd0438fb17bce213b307b8a76aa1efdcbaf217e0d8f775376f