www.bufalo.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:60:0a:5f:8a:09:57:e2:d0:91:49:4e:24:d2:ca:1c:22:19 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.bufalo.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:60:0a:5f:8a:09:57:e2:d0:91:49:4e:24:d2:ca:1c:22:19Serial Number (int): 381130039299323267210914184789044382933529
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: e0:e9:63:57:d9:b8:62:89:da:70:c9:f2:00:6f:81:3c:75:8e:2f:72
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): bd:f6:ef:f4:72:ef:ea:a9:1a:99:18:07:5b:d4:a1:cf:ce:34:b5:ce
Fingerprint (sha256): 3e:0f:74:5b:e8:51:c3:6c:e8:1d:ee:f5:57:39:bf:c8:e1:75:25:47:b5:21:27:a8:ef:18:09:01:86:39:cb:64
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.bufalo.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bufalo.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.bufalo.org
Other certificates including the domain name bufalo.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.bufalo.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVDCCBTygAwIBAgISBGAKX4oJV+LQkUlOJNLKHCIZMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDkxMzE1NDJaFw0y MDAzMDgxMzE1NDJaMBkxFzAVBgNVBAMTDnd3dy5idWZhbG8ub3JnMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnvW1IEO6L55JMV0HCeUa+DVks/beRCek iBRGa78uDbTROyKhWt7U4cZRHKSKntBMcvVL4cM/BW7M4k3TzP4vfuNNaq5YHnxc Fwf/xxEraKMeRqnvI0GByUdkckPQDOOSadeJMzoioVzwlvyOJ8ZgWFfVG14ER/3K SLXuHpd0YSdzdG2xlp1EPEcYpBLS8HeAwpE4eu7gpxwAk1m7VppXitMxdrWN/9fg CoaoYk08aAblhE/lYPDarUzrEfum6orGDN78UFtm9wFSGeC2BCqmykwItEpIvM4y fFGuKpsoOBF1M8TSVQwXZbFq+IeGDMZX+ejTNaymn/NRxzXxw+EV1vR16u3WZiEb daWCdb06vYauQjqXpZ9R/My6DgVzq7Unk3EmPN9La4iZK5hVCnU3llfYg0fVtnsd 9MaIjtza9YYB2/2QO2SqAlpW6ONI95dOCpBW9QfMRYlWg8AMp8vuSh5q7ogfT5cE 6BhezY8XbjGpg88v7bjtWnCZKqtkb5S395RZLtVbJm++WjqYUj37vtm4maRpo6YW neU9wQXfdwFyJSkfi7vtb4qYjW3KwjQ5bn4mPGPBE24G1nvAyBfbhY8KZSlClkh9 5WfLRg+hYageg5W3BQUXmFu0+Atg8TR2+dv3IMizN9VC2feg7l/YXT3q1aOuvtk4 nkj2D0yF048CAwEAAaOCAmMwggJfMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU4Olj V9m4YonacMnyAG+BPHWOL3IwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAZBgNVHREEEjAQgg53d3cuYnVmYWxvLm9yZzBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUE gfIA8AB1ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABbusEEFYA AAQDAEYwRAIgK1BiEPe5e+FaVXkVzWv9HAv4XS8xfpQ/NLWtzJhnicACIGUpV6Jb 2VvVKWvCa+l5p7uur2D7dnn14FuHku4sb4AsAHcAb1N2rDHwMRnYmQCkURX/dxUc EdkCwQApBo2yCJo32RMAAAFu6wQQigAABAMASDBGAiEAoh0P+tMocrQXtRn92Nq+ 9VRMse61TSzxxmEPfqBCKwUCIQCjEEaEud8+B0uheRvy6EWepkOYUdsHviYoizyA 3ubNPzANBgkqhkiG9w0BAQsFAAOCAQEAZJKmle9qJ2EB8DAQzpAsWKVg1kPpXTv8 8prO3lZFNTLcDMA8cQfSW1UMeAGPNeZPzjUWkzG9v15g9vKIidMxT2VrociRBXMC pUbo0GUaCk+sz3SgUnmv7hYg4UCXcuFpibG3VmjLEfcJi8oHL2J+jOFUAkAUn5zi uvqvjwHXwdutKxrUfoA12gMfwK4TF8I71mn3VG+KyT+wvEaMRYXlirXO1l6bEPlm SZiPjFG4pEGeR3Tu7OR+yNs7+w0YiKM9984ECEpmm1J0tPFqNPRGMuwJvxF73m6T 6BWMKxR3JE42Nij15/53gVwvpJTU/20IfQlYO6PmwEA43I9rCaU9Vw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnvW1IEO6L55JMV0HCeUa +DVks/beRCekiBRGa78uDbTROyKhWt7U4cZRHKSKntBMcvVL4cM/BW7M4k3TzP4v fuNNaq5YHnxcFwf/xxEraKMeRqnvI0GByUdkckPQDOOSadeJMzoioVzwlvyOJ8Zg WFfVG14ER/3KSLXuHpd0YSdzdG2xlp1EPEcYpBLS8HeAwpE4eu7gpxwAk1m7VppX itMxdrWN/9fgCoaoYk08aAblhE/lYPDarUzrEfum6orGDN78UFtm9wFSGeC2BCqm ykwItEpIvM4yfFGuKpsoOBF1M8TSVQwXZbFq+IeGDMZX+ejTNaymn/NRxzXxw+EV 1vR16u3WZiEbdaWCdb06vYauQjqXpZ9R/My6DgVzq7Unk3EmPN9La4iZK5hVCnU3 llfYg0fVtnsd9MaIjtza9YYB2/2QO2SqAlpW6ONI95dOCpBW9QfMRYlWg8AMp8vu Sh5q7ogfT5cE6BhezY8XbjGpg88v7bjtWnCZKqtkb5S395RZLtVbJm++WjqYUj37 vtm4maRpo6YWneU9wQXfdwFyJSkfi7vtb4qYjW3KwjQ5bn4mPGPBE24G1nvAyBfb hY8KZSlClkh95WfLRg+hYageg5W3BQUXmFu0+Atg8TR2+dv3IMizN9VC2feg7l/Y XT3q1aOuvtk4nkj2D0yF048CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 381130039299323267210914184789044382933529 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-09 13:15:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-08 13:15:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bufalo.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 648499384782307248735812602486936247961356753690442697998618673474789742931450930120870833500459904564959359337257915729290478473987278976313030229703240661405009337903490150422270723121173040960519657281689054711013233432378681204644955448465328569730956425482147983883399636453780547262235449523325995173158870019698040352151600832238080508051805588899373999283584389948252052988893826868086305326995881113502917896162715775222782849392145349053491376747421765734428138599461232040756839280087532629788116287649991572788743087519714352229857103774100469598788134964925196862695316212825851875682782231565086711192546979626141823475636398363058197171857881820077108688370425003345123525219969168090287778550499036316153677339475110992589212363794070500116893756874944909136183936610799622863553021321650293744186085937221486632689293206256459402278275967844282811340705840385664544578919876069982173652159269138304558255703472757800454297973763260606619582882322985490379591180162958439524609130980751503176019070327005174042082665192447045511116000836650833819811997757355860623256460030292612589682187667200001094021941623211546488714025897400194644613406848886036322536402281152366807613876997186996205811208980617806812463616911 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e0e96357d9b86289da70c9f2006f813c758e2f72 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bufalo.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016eeb041056000004030046304402202b506210f7b97be15a557915cd6bfd1c0bf85d2f317e943f34b5adcc986789c00220652957a25bd95bd5296bc26be979a7bbaeaf60fb7679f5e05b8792ee2c6f802c0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016eeb04108a0000040300483046022100a21d0ffad32872b417b519fdd8dabef5544cb1eeb54d2cf1c6610f7ea0422b05022100a3104684b9df3e074ba1791bf2e8459ea6439851db07be26288b3c80dee6cd3f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006492a695ef6a276101f03010ce902c58a560d643e95d3bfcf29acede56453532dc0cc03c7107d25b550c78018f35e64fce35169331bdbf5e60f6f28889d3314f656ba1c891057302a546e8d0651a0a4faccf74a05279afee1620e1409772e16989b1b75668cb11f7098bca072f627e8ce1540240149f9ce2bafaaf8f01d7c1dbad2b1ad47e8035da031fc0ae1317c23bd669f7546f8ac93fb0bc468c4585e58ab5ced65e9b10f96649988f8c51b8a4419e4774eeece47ec8db3bfb0d1888a33df7ce04084a669b5274b4f16a34f44632ec09bf117bde6e93e8158c2b1477244e363628f5e7fe77815c2fa494d4ff6d087d09583ba3e6c04038dc8f6b09a53d57