alliancedefendingfreedom.org

Issued by R3

About this certificate

This digital certificate with serial number 03:47:e9:84:2a:96:cc:32:01:d4:cc:cd:88:f6:f8:4e:3e:1d was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=alliancedefendingfreedom.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:47:e9:84:2a:96:cc:32:01:d4:cc:cd:88:f6:f8:4e:3e:1d
Serial Number (int): 285807302216679205968857026104753386307101
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 1f:83:e8:61:7e:97:0b:3b:c4:48:78:e6:eb:12:5e:fc:5b:99:11:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 8a:c5:e4:9e:00:25:27:c4:8b:59:b1:bd:a2:43:03:2e:97:19:31:15
Fingerprint (sha256): 43:66:f4:4a:b7:67:17:7a:32:5f:8d:48:83:d7:64:b3:04:57:1b:81:8b:18:e0:4a:e6:c5:ac:3a:0b:d9:a1:8d

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate alliancedefendingfreedom.org

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for alliancedefendingfreedom.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

alliancedefendingfreedom.org
bigcountryconservatives.com.nannygifts.com
gobuffalos.com
landbug.click
lawntv.com
minneapolischillers.com.fatemastery.com
sukanyayojna.com
xykast.org.fortworthnewhomestore.com.malechannel.com

Other certificates including the domain name alliancedefendingfreedom.org

(limited to 100 certificates)
*.alliancedefendingfreedom.org
alliancedefendingfreedom.org
mail.alliancedefendingfreedom.org
alliancedefendingfreedom.org
alliancedefendingfreedom.org
alliancedefendingfreedom.org
*.alliancedefendingfreedom.org
secure.alliancedefendingfreedom.org
alliancedefendingfreedom.org
alliancedefendingfreedom.org
alliancedefendingfreedom.org
*.alliancedefendingfreedom.org
alliancedefendingfreedom.org
alliancedefendingfreedom.org
mail.alliancedefendingfreedom.org
secure.alliancedefendingfreedom.org
*.alliancedefendingfreedom.org
*.alliancedefendingfreedom.org
secure.alliancedefendingfreedom.org
alliancedefendingfreedom.org
www.alliancedefendingfreedom.org
*.alliancedefendingfreedom.org
alliancedefendingfreedom.org
NLA.alliancedefendingfreedom.org
secure.alliancedefendingfreedom.org
*.alliancedefendingfreedom.org
sv-trc-app02.alliancedefensefund.org
*.alliancedefendingfreedom.org
mail.alliancedefendingfreedom.org
marquee.lighting

Certificate

The complete raw certificate details for alliancedefendingfreedom.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISA0fphCqWzDIB1MzNiPb4Tj4dMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMTIxNzM2MDZaFw0yNDAxMTAxNzM2MDVaMCcxJTAjBgNVBAMT
HGFsbGlhbmNlZGVmZW5kaW5nZnJlZWRvbS5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSRt/QkZ4HMijr9XwOi9KbyGWP++dg+ke8+vMqpdlatNHY
plFz2bXBSc31E9b21pQMtG3qYwQqLrT+IZKy5kvx3h8TManSu4qPaWfPaIa4WbPW
yC87nAipfbZqwIbplaV2pnWOsLKpUWngSxZdpmYNYO+SVBmGH6WO84UtrfTfoKc3
Dt/BLRi5lWCt93F3ne8xVMAxJj+VxolwtN08R8S4wAVU91Q5VqqkvNI5pRsV2a5d
g12HJyNz0WIWXT4ox6fl1DT2zJ9Vcq8odrElTi+a0dlnlNay9C61b/QNqKl9i6Cl
YOjRSCsXebp0bVwONi8T7Uzn8fzfn517B76mj45xAgMBAAGjggLpMIIC5TAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHQYDVR0OBBYEFB+D6GF+lws7xEh45usSXvxbmREXMB8GA1UdIwQY
MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF
BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v
cjMuaS5sZW5jci5vcmcvMIHxBgNVHREEgekwgeaCHGFsbGlhbmNlZGVmZW5kaW5n
ZnJlZWRvbS5vcmeCKmJpZ2NvdW50cnljb25zZXJ2YXRpdmVzLmNvbS5uYW5ueWdp
ZnRzLmNvbYIOZ29idWZmYWxvcy5jb22CDWxhbmRidWcuY2xpY2uCCmxhd250di5j
b22CJ21pbm5lYXBvbGlzY2hpbGxlcnMuY29tLmZhdGVtYXN0ZXJ5LmNvbYIQc3Vr
YW55YXlvam5hLmNvbYI0eHlrYXN0Lm9yZy5mb3J0d29ydGhuZXdob21lc3RvcmUu
Y29tLm1hbGVjaGFubmVsLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisG
AQQB1nkCBAIEgfUEgfIA8AB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h
+tQXAAABiyUsq3QAAAQDAEcwRQIgXW+Stq/0CQEk5NscjupjEyL970H4ZiH+lUmj
GMpBF1ACIQCZZX6b2jD8f8Q6GJeZxAtfZghqPxDKBg5EK680kxlRawB2AO7N0GTV
2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiyUsq20AAAQDAEcwRQIhAPDp
QJncyA3duoa3vxchCV5uX6KnNNWuTPYI0+i87eG2AiAmz21psO/aJ1qlaGoPA9gJ
7htie4qDkIgCEo1fRO3MszANBgkqhkiG9w0BAQsFAAOCAQEAoiIS8wyR9M0C5wKh
tDTQgULYlysidYiFN7akIKCogOaCfDzbepUintqR74DBRqBR/18/iGJQh7BQtTgH
igjjlMMK1oMjXs+KbcTt+X8U0/pSucWAr09EiJGMqvEnlLkWmbQ3w8blelUzgvqQ
618eoCJTWZcjrxaozlWTvXkwFK8EgKInPmmpG5HVxCUAFeGipfFmredawzR1FMCN
Iek7MKAezy19V0DHOtb/UM5Fn6BPB+gwyRLjA1gmDcETmum2wE29ynwbEuwpgt4l
NkA1WoNjsNmCHjtwR8qOqOfrS7tHM7+3QhFhgQcgDzr/YmgKutMHLpH75VF7AO01
Okzv6A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kbf0JGeBzIo6/V8DovS
m8hlj/vnYPpHvPrzKqXZWrTR2KZRc9m1wUnN9RPW9taUDLRt6mMEKi60/iGSsuZL
8d4fEzGp0ruKj2lnz2iGuFmz1sgvO5wIqX22asCG6ZWldqZ1jrCyqVFp4EsWXaZm
DWDvklQZhh+ljvOFLa3036CnNw7fwS0YuZVgrfdxd53vMVTAMSY/lcaJcLTdPEfE
uMAFVPdUOVaqpLzSOaUbFdmuXYNdhycjc9FiFl0+KMen5dQ09syfVXKvKHaxJU4v
mtHZZ5TWsvQutW/0DaipfYugpWDo0UgrF3m6dG1cDjYvE+1M5/H835+dewe+po+O
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 285807302216679205968857026104753386307101
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-12 17:36:06 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 17:36:05 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alliancedefendingfreedom.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26544993451077211543845460320777169240407467398197093303576518161817631005457146209176781607838360170979577509269486563807290183261336211298638086311836757835763099832196016473588856635101887355574313167495998655934249759044377938656967405404927214244849549651756197933726245228744019341116334881494326638357375628627607344616318679304084766313382300209360751981271215330690696631460091666771846275222099048676920381807080526282546621640305941009694400908925480597906004645299928335218241403158227090244700678546524533772635359843813616126582545712031781493836294229016933562691584630141304045802049561620360901660273
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1f83e8617e970b3bc44878e6eb125efc5b991117
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (233 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alliancedefendingfreedom.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bigcountryconservatives.com.nannygifts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gobuffalos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'landbug.click'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lawntv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'minneapolischillers.com.fatemastery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sukanyayojna.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xykast.org.fortworthnewhomestore.com.malechannel.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b252cab74000004030047304502205d6f92b6aff4090124e4db1c8eea631322fdef41f86621fe9549a318ca41175002210099657e9bda30fc7fc43a189799c40b5f66086a3f10ca060e442baf349319516b007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b252cab6d0000040300473045022100f0e94099dcc80dddba86b7bf1721095e6e5fa2a734d5ae4cf608d3e8bcede1b6022026cf6d69b0efda275aa5686a0f03d809ee1b627b8a83908802128d5f44edccb3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a22212f30c91f4cd02e702a1b434d08142d8972b2275888537b6a420a0a880e6827c3cdb7a95229eda91ef80c146a051ff5f3f88625087b050b538078a08e394c30ad683235ecf8a6dc4edf97f14d3fa52b9c580af4f4488918caaf12794b91699b437c3c6e57a553382fa90eb5f1ea02253599723af16a8ce5593bd793014af0480a2273e69a91b91d5c4250015e1a2a5f166ade75ac3347514c08d21e93b30a01ecf2d7d5740c73ad6ff50ce459fa04f07e830c912e30358260dc1139ae9b6c04dbdca7c1b12ec2982de253640355a8363b0d9821e3b7047ca8ea8e7eb4bbb4733bfb74211618107200f3aff62680abad3072e91fbe5517b00ed353a4cefe8