bufalo.org

Issued by R3

About this certificate

This digital certificate with serial number 04:b5:82:f0:a5:13:26:93:35:6c:0f:6a:4f:93:ee:70:0c:07 was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=bufalo.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:b5:82:f0:a5:13:26:93:35:6c:0f:6a:4f:93:ee:70:0c:07
Serial Number (int): 410214301278543793980518863760716880415751
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: c4:c4:10:c2:f0:09:bf:7c:f3:82:59:98:00:98:33:8b:66:25:9d:3b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): f2:48:02:1e:3e:80:70:5c:c0:f9:be:55:b7:3d:38:9c:45:05:6f:ef
Fingerprint (sha256): 34:90:e5:2a:ff:f8:88:4b:a5:b3:2a:52:2c:50:39:ad:b7:c6:07:c2:fb:93:41:06:05:85:3a:ae:67:1a:85:28

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate bufalo.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bufalo.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bufalo.org

Other certificates including the domain name bufalo.org

(limited to 100 certificates)
athenawisdom.me
www.bufalo.org
bufalo.org
bufalo.org
www.bufalo.org
www.bufalo.org
kbs.asia
www.bufalo.org
www.bufalo.org
bufalo.org
bufalo.org
www.bufalo.org
www.rehabilitationreview.org
bufalo.org
jayvion.org
bufalo.org

Certificate

The complete raw certificate details for bufalo.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISBLWC8KUTJpM1bA9qT5PucAwHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MjIxNjIxMzBaFw0yNDA4MjAxNjIxMjlaMBUxEzARBgNVBAMT
CmJ1ZmFsby5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCx0715
HyArsJsqUaZDOilE5X0SEVFok3WGNl/9nDXRMqXOUu+C6JWcR8hRiXebMuTa/ltE
YVYwiRJxwag9CE/RRTTdOiwWAfy1V+hZ/VKa4bMWMc+g6KP45Tx8D9xoiFQUmoY/
1BHwJmK7BieiFoh0dbZHePSVzW7VgpmPAJsamXjNqm2nMZChLUxu2rlnI6IfhHL8
YZcsasb649+g+qAR1UL3xUP+ov+ACi80tOvaQPcpsJ5qKUeBGeimGga9rYCaaz0t
RV8REDrW5YJNQJvCNxG+o/sfJ4QWKhX4t4rE9qjFzDOXAWi4GH7YzMMjp2N/DFbI
9JXkBIDfO47LX8Zh37jL1WJPdc2NhCJWvy9RwYLwD6VH7Mi+qvr5kuTYtQ4mZzDQ
Aqy9KmTwX3KRitEocWVuhVRKOQjuYRxWughL2KcK0COotWHEQasLkQ8mTLI4r6pr
Fudli1xbAOThX6d8wl10kBeEPmsnCgEMXm4Y4zB3CIcP8CkpaMyJG+hJAAjn2GM3
HRvCdfR70mFPe3DX/ONH5gMxZMeE5FBWeBuzbTwC5HRqYyMuANZrSQSkAFSUIn30
HemfKWRN2RUQiDjEW5+TjPdFNWssrvd5hDsXwQXLRqNuDIQJ80kMRoJUEsegCKhh
kHxvbBIvc3D+tUgM4vPPgu7eLZhjhXZIrQdn0QIDAQABo4ICDDCCAggwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBTExBDC8Am/fPOCWZgAmDOLZiWdOzAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAVBgNVHREEDjAMggpidWZhbG8ub3JnMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAPxdLT9ciR1iUHWUc
hL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPoVKDOgAABAMARzBFAiAtCxTbAz2Nz8UD
ezVq/xmds68N2tTCPPxkAi9cnMs+jgIhAOlUaunLEynywc9k/SH6ELOke3ZvL1HY
SathTYFHTnRAAHYA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGP
oVKEMAAABAMARzBFAiAkC2DbCMWq+wmQlNHXHK7qHIFKqDXVIy/by4HqxjbVtwIh
AKIIBL+FTWke6i3+YlitHxXVmf2AePj709pcp+nXplqCMA0GCSqGSIb3DQEBCwUA
A4IBAQBhRKPTP8UNuS9wpHZZvu9Fo7n8f3CkgUAXF+RkbuRp9HXUuE33tkRzJwwZ
mNApE+3sHgOPOmkx+uYNMXJr14APFxUyWiaX9FlrdQEZQZpcl+hIiLgy4S71pgcc
D1afZged8SaaDo62+F9jJQYBUiyUeorjgOo4yjtmVxovOFLdZzxFRbI/yXrPSP0T
kG6lznmMWVzjVmPCDbqwEkwInC43lHosJva3CGPYM0NJ2hbtDtgX6GqVC0fqqoBb
y9wBDxxrIKCYqdG2UVanRbVtoN6j/Sl5kn6giFleetQ8fSmBlLDORtApXAdQMC1j
iD62GVrmDV/87cpSrf1o/T3SifgW
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsdO9eR8gK7CbKlGmQzop
ROV9EhFRaJN1hjZf/Zw10TKlzlLvguiVnEfIUYl3mzLk2v5bRGFWMIkSccGoPQhP
0UU03TosFgH8tVfoWf1SmuGzFjHPoOij+OU8fA/caIhUFJqGP9QR8CZiuwYnohaI
dHW2R3j0lc1u1YKZjwCbGpl4zaptpzGQoS1Mbtq5ZyOiH4Ry/GGXLGrG+uPfoPqg
EdVC98VD/qL/gAovNLTr2kD3KbCeailHgRnophoGva2Amms9LUVfERA61uWCTUCb
wjcRvqP7HyeEFioV+LeKxPaoxcwzlwFouBh+2MzDI6djfwxWyPSV5ASA3zuOy1/G
Yd+4y9ViT3XNjYQiVr8vUcGC8A+lR+zIvqr6+ZLk2LUOJmcw0AKsvSpk8F9ykYrR
KHFlboVUSjkI7mEcVroIS9inCtAjqLVhxEGrC5EPJkyyOK+qaxbnZYtcWwDk4V+n
fMJddJAXhD5rJwoBDF5uGOMwdwiHD/ApKWjMiRvoSQAI59hjNx0bwnX0e9JhT3tw
1/zjR+YDMWTHhORQVngbs208AuR0amMjLgDWa0kEpABUlCJ99B3pnylkTdkVEIg4
xFufk4z3RTVrLK73eYQ7F8EFy0ajbgyECfNJDEaCVBLHoAioYZB8b2wSL3Nw/rVI
DOLzz4Lu3i2YY4V2SK0HZ9ECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 410214301278543793980518863760716880415751
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-22 16:21:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-20 16:21:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bufalo.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 725471313957315825975523153528931970879195328509090372044246069187182784953873736889583077041256333132482926247963624461741031931736017843805589723281249226822107147409886916786519779856979343238095213881101580668451653669765252408739897485477906801558243917090811604042976286212390199880242306631286019580120399898478260483109910606526118737753824867496451907856913987720371131936361092030132139633339986795082055528877672107728338770515181119954385656687192673345647912859048252174396936510167984061241455247599965601444359768033309092687727824591562731078890811965401530171129562138370345868948543556670142915517887125090004275051715674962099489226376126765208043386992781288935817805348511159999607427371007927253185498355198495810472103866228007098410401649808193053258084612866311806272386108867212488113087389079944733735941587552773735144598221628372533690677378022778874389757438260430029766471711361781848406971787371636162474954581102967800658480253729293132027201600698394402557855489248563315789101308087242362770941295932392239638646856024911761762170537380929942178185399163364224797649042461785222761677585616776993495339154800482703221208658273462581305829254162076475541012306391034995092669616599283236052687874001
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c4c410c2f009bf7cf38259980098338b66259d3b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bufalo.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018fa152833a000004030047304502202d0b14db033d8dcfc5037b356aff199db3af0ddad4c23cfc64022f5c9ccb3e8e022100e9546ae9cb1329f2c1cf64fd21fa10b3a47b766f2f51d849ab614d81474e7440007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018fa152843000000403004730450220240b60db08c5aafb099094d1d71caeea1c814aa835d5232fdbcb81eac636d5b7022100a20804bf854d691eea2dfe6258ad1f15d599fd8078f8fbd3da5ca7e9d7a65a82
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006144a3d33fc50db92f70a47659beef45a3b9fc7f70a481401717e4646ee469f475d4b84df7b64473270c1998d02913edec1e038f3a6931fae60d31726bd7800f1715325a2697f4596b750119419a5c97e84888b832e12ef5a6071c0f569f66079df1269a0e8eb6f85f63250601522c947a8ae380ea38ca3b66571a2f3852dd673c4545b23fc97acf48fd13906ea5ce798c595ce35663c20dbab0124c089c2e37947a2c26f6b70863d8334349da16ed0ed817e86a950b47eaaa805bcbdc010f1c6b20a098a9d1b65156a745b56da0dea3fd2979927ea088595e7ad43c7d298194b0ce46d0295c0750302d63883eb6195ae60d5ffcedca52adfd68fd3dd289f816