sasustainability.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:d0:5c:4e:09:fc:f9:e3:19:70:76:32:b6:f3:f1:06:6f:69 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=sasustainability.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d0:5c:4e:09:fc:f9:e3:19:70:76:32:b6:f3:f1:06:6f:69Serial Number (int): 332238284292187638017315721292699459284841
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 91:da:d5:c7:59:0c:7c:fe:a3:bd:0e:ce:4f:45:d0:a3:c1:e3:3c:e7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 24:9f:fd:48:a4:24:9d:8c:92:16:f7:a5:c6:86:b1:54:5a:5c:9a:e7
Fingerprint (sha256): 39:4f:c9:55:56:aa:e9:73:ab:bd:0a:65:11:97:8f:08:d6:43:e6:e1:ce:51:24:b3:3f:62:8a:87:0c:ab:75:43
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate sasustainability.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sasustainability.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api-kla-prod.2ambh.com
nbresilient.com
sasustainability.com
www.sasustainability.com
nbresilient.com
sasustainability.com
www.sasustainability.com
Other certificates including the domain name sasustainability.com
(limited to 100 certificates)
sasustainability.com
sasustainability.com
sustainabilitydashboard.cambridgema.gov
sasustainability.com
sasustainability.com
sasustainability.com
sasustainability.com
sasustainability.com
sasustainability.com
admin-kla-prod.2ambh.com
admin-kla-prod.2ambh.com
admin-kla-prod.2ambh.com
sasustainability.com
admin-kla-prod.2ambh.com
sasustainability.com
sasustainability.com
sustainabilitydashboard.cambridgema.gov
www.sasustainability.com
admin-kla-prod.2ambh.com
sasustainability.com
www.sasustainability.com
sasustainability.com
sustainabilitydashboard.cambridgema.gov
sasustainability.com
sustainabilitydashboard.cambridgema.gov
sasustainability.com
sasustainability.com
sasustainability.com
sasustainability.com
sasustainability.com
sasustainability.com
admin-kla-prod.2ambh.com
admin-kla-prod.2ambh.com
admin-kla-prod.2ambh.com
sasustainability.com
admin-kla-prod.2ambh.com
sasustainability.com
sasustainability.com
sustainabilitydashboard.cambridgema.gov
www.sasustainability.com
admin-kla-prod.2ambh.com
sasustainability.com
www.sasustainability.com
sasustainability.com
sustainabilitydashboard.cambridgema.gov
Certificate
The complete raw certificate details for sasustainability.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgISA9BcTgn8+eMZcHYytvPxBm9pMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEyMTExNDE3MTFaFw0x OTAzMTExNDE3MTFaMB8xHTAbBgNVBAMTFHNhc3VzdGFpbmFiaWxpdHkuY29tMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJvggKuSLToHqZw3NoAtPINJ xWLkerpuvBDO3/SYBkrlBH7zllGEbLVAZMVqPqr1Xf74nqTIZ+8iDxb5Mzilvu58 FNPK+oWvRTsQZ62jU6i7U9KzjxTVdrhKX7gn+Nl2r0iuL8bFLt8gwYOPdtqg74g8 CVi3KibZNttgvAKtAc1l7ED2P9ceXSIT95NmA5/ml7jzgy75EbayhsFzixId8eaf 0xZuwKDFGImv5KajXSEE+owiVPeA01UXNlHdSjk8eg8PsRNJ0T5Z+rDY6TPAiKr6 agXovIVfTCsabTJ6WcN3+oRaokkQcI/Wwwc15YhmqjWSKG+YOfo9C6vuq8TfPQID AQABo4ICqzCCAqcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSR2tXHWQx8/qO9Ds5P RdCjweM85zAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j cnlwdC5vcmcvMGIGA1UdEQRbMFmCFmFwaS1rbGEtcHJvZC4yYW1iaC5jb22CD25i cmVzaWxpZW50LmNvbYIUc2FzdXN0YWluYWJpbGl0eS5jb22CGHd3dy5zYXN1c3Rh aW5hYmlsaXR5LmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEB ATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMG CisGAQQB1nkCBAIEgfQEgfEA7wB2AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1 eeYQe8xWAAABZ53X5zoAAAQDAEcwRQIhAKud71PglMkrPueiS5LDqkh91Qyj1GVc 55p1BToUz11SAiAVrT2ZTj4y5TcvGxg5FCNKnfSqFELDyXwrZqOAttttHgB1AGPy 283oO8wszwtyhCdXazOkjWF3j711pjixx2hUS9iNAAABZ53X5UIAAAQDAEYwRAIg Y6j63ad7iWubtaPntoaxxlWV7K4k/zjvgjxWhxK290wCIAy+NxNZumgpb4+DA9wt KYKLyeUpFegc/LmyaLKPspcgMA0GCSqGSIb3DQEBCwUAA4IBAQADIOmKj/7RrgTr ch/AosZnNQ7Xrxnxa1BvE3h1NcEQ288mqoJK7rdDbrwKHg+NIB5h4fYWh2nsIYU/ v5HE79qyvcAbuLorIADCevUq5BEL8PGquRTEEzkUD9d6bhWxYAAZBJbfr5OpkXf6 ITuSkQ12KqZ1QTEBt++Mga+LWHR8wS9iCBBwJlKGtZTSE09nWT9/K+BteyDCA5k1 QocKRogzTaQttyf238UZbEdWNTWLjtZpGm4K4bD53B49gZu4YgBaoYnVnw7OprEB 9hvkGumFx1Ih2zoxiux5N4EDTNF3VM9jGm7r+wzJmqm2hGaG3UDHyetTdZmQzJeT Bqfpxbum -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJvggKuSLToHqZw3NoAt PINJxWLkerpuvBDO3/SYBkrlBH7zllGEbLVAZMVqPqr1Xf74nqTIZ+8iDxb5Mzil vu58FNPK+oWvRTsQZ62jU6i7U9KzjxTVdrhKX7gn+Nl2r0iuL8bFLt8gwYOPdtqg 74g8CVi3KibZNttgvAKtAc1l7ED2P9ceXSIT95NmA5/ml7jzgy75EbayhsFzixId 8eaf0xZuwKDFGImv5KajXSEE+owiVPeA01UXNlHdSjk8eg8PsRNJ0T5Z+rDY6TPA iKr6agXovIVfTCsabTJ6WcN3+oRaokkQcI/Wwwc15YhmqjWSKG+YOfo9C6vuq8Tf PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 332238284292187638017315721292699459284841 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-11 14:17:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-11 14:17:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sasustainability.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20779947809889632782402583994007536634388520266604621532054854998368575719427394554259018415978906950815440501703819913042709125290085108902074143721919476240814503920983511201249595007779005166694700799889639393512710641830668059817817257995767412631412895400021697027053251549325323216564834926606217306226721960513895898107148512193838733006283066809339403647655978862784354912950970941855963251315286810733068805794680771804753697581680111168267149263950810642853278828627665567031068626624324881542932521634215229551599464665829066561554187642827268354072517534850865982244533593844213643864705604756760990900029 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 91dad5c7590c7cfea3bd0ece4f45d0a3c1e33ce7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-kla-prod.2ambh.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nbresilient.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sasustainability.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sasustainability.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001679dd7e73a0000040300473045022100ab9def53e094c92b3ee7a24b92c3aa487dd50ca3d4655ce79a75053a14cf5d52022015ad3d994e3e32e5372f1b183914234a9df4aa1442c3c97c2b66a380b6db6d1e00750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001679dd7e5420000040300463044022063a8fadda77b896b9bb5a3e7b686b1c65595ecae24ff38ef823c568712b6f74c02200cbe371359ba68296f8f8303dc2d29828bc9e52915e81cfcb9b268b28fb29720 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000320e98a8ffed1ae04eb721fc0a2c667350ed7af19f16b506f13787535c110dbcf26aa824aeeb7436ebc0a1e0f8d201e61e1f6168769ec21853fbf91c4efdab2bdc01bb8ba2b2000c27af52ae4110bf0f1aab914c41339140fd77a6e15b16000190496dfaf93a99177fa213b92910d762aa675413101b7ef8c81af8b58747cc12f62081070265286b594d2134f67593f7f2be06d7b20c203993542870a4688334da42db727f6dfc5196c475635358b8ed6691a6e0ae1b0f9dc1e3d819bb862005aa189d59f0ecea6b101f61be41ae985c75221db3a318aec793781034cd17754cf631a6eebfb0cc99aa9b6846686dd40c7c9eb53759990cc979306a7e9c5bba6