churchauthority.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:09:26:2e:b0:07:18:a9:0d:21:cc:64:16:25:b9:31:dc:5d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=churchauthority.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:09:26:2e:b0:07:18:a9:0d:21:cc:64:16:25:b9:31:dc:5dSerial Number (int): 264450152177330824907290633930227139599453
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a7:4a:6f:10:12:01:22:95:b7:ba:0b:36:27:56:0c:a0:c8:f7:2d:b1
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e8:26:d8:b3:37:05:c8:72:ba:5c:3a:64:29:f4:70:c8:70:1f:b6:63
Fingerprint (sha256): 49:41:9c:18:36:ad:98:2f:18:bc:5b:a3:60:f3:83:6c:28:8c:7b:94:b9:70:41:73:9d:96:4a:05:d9:5a:2e:aa
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate churchauthority.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for churchauthority.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
churchauthority.com
www.churchauthority.com
www.churchauthority.com
Other certificates including the domain name churchauthority.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for churchauthority.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGeTCCBWGgAwIBAgISAwkmLrAHGKkNIcxkFiW5MdxdMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTcyMjU0MTNaFw0y MDAxMTUyMjU0MTNaMB4xHDAaBgNVBAMTE2NodXJjaGF1dGhvcml0eS5jb20wggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFvLEGNp13SQfeq0TDzWyHl1Rt BY9veuT1XqvXsKSsW+o46GQsccMfNZtc/ZNBVsJOhvZ+A408EPrJqEPYhVefgmBy 3BPBab58qqqv3HHsgj+919U5JoTxq/Po2l5vwavF/u5pCx/V72LEuksqh4Vad6Tr qrKao+1O8e8sYusLfwua/6xoS7JLUWbVsizTcBV1BtR7SibmnRhK//lRjjIzQwr+ 6YjhU9TIy4yVeY531uAxu3THE4bH2+haGDV06s135XIBoAKW6ulLN9FiyPjBI9xZ 8tsZJQB/FfBPy6qFWJ+4XI5meI0Y/a+6V2j3Zd1TmnwxdI6+KicZkYo1k70adIEK 6r76OuilYTsLOulh+h4Xi7L7Y19JIpDQQq4+jaRNk2PQFF4H59/fXoA9+zz6Dd5j uuUprHqR6EGJRa2LXlSbxPQtTn9oANtJ69kTabjrDQ/cQ9mPy1OuUL/m4z6Z9eW8 YdKuLqJbCJH/efWcYpQyxzshVFbUaHOueHYv1ketLa24eBMHjQcsO8GvjOfLlN2m 7x70rLmBjv+lZICuzXoihVEiAjPOJoTG7jzay2r3XLeMj1jzRlVs5U7MTEGxv/Q9 MskSgwDcTpdLm9tdIbsexVx5ALAiTDn8kf679TmiboxmgSMljCbQyzP6xDhwcqFE DIqsJLT1TDfGw+a2EQIDAQABo4ICgzCCAn8wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBSnSm8QEgEilbe6CzYnVgygyPctsTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMDcGA1UdEQQwMC6CE2NodXJjaGF1dGhv cml0eS5jb22CF3d3dy5jaHVyY2hhdXRob3JpdHkuY29tMEwGA1UdIARFMEMwCAYG Z4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMu bGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAsh4FzIui zYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFt3CSprQAABAMASDBGAiEA2ofT VpPHnlfM4/fHjOC9VdqQJHudoeKVRgacYxnwVJICIQDBpMYLUAfaXBBhFAGO7f8h alnN7dnhIIwA1Bp/PD5JGAB3AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaB cUVYAAABbdwkq64AAAQDAEgwRgIhAOwwMEZ3s3y7s5eIWQTO/UyRdNRZjNeVtJ4A tHLixKlhAiEA6Fpfv53XAPJbtwwumQWlYjPp5HhYAjpGUY+y3NMk9YcwDQYJKoZI hvcNAQELBQADggEBAFSgXyBhmZ8cGvZ3DZY0poV/PBNLPS+9dFATwwiX6hVRQz8k lLSG10zAyX79pskEbn6p/uT+k0Y8nZy4A3bd0PZuw39ixVxrVax7KvM9fqOIlTUZ X9ulIZ9GdXTmxnUHAdxjmpTvy2TSGR+OFGffn1ll+OmG8xD+okQouCw2/zu8Y77Q q6XZLuDyujIZ27T5ZynviJN0dX1e0zzG0YHB1q4lzOAsCkA5G5iBvZqWAhRoLU7m aaycUW0C0VBsbhB64BWX5rtMVcxZObs7zH3KGF1FQiEap7W4dhMVaPr7HTJl1FBv b2fivR4u9SE6xYsXCdge8i3AB1Fy7v900isEFVc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxbyxBjadd0kH3qtEw81s h5dUbQWPb3rk9V6r17CkrFvqOOhkLHHDHzWbXP2TQVbCTob2fgONPBD6yahD2IVX n4JgctwTwWm+fKqqr9xx7II/vdfVOSaE8avz6Npeb8Grxf7uaQsf1e9ixLpLKoeF Wnek66qymqPtTvHvLGLrC38Lmv+saEuyS1Fm1bIs03AVdQbUe0om5p0YSv/5UY4y M0MK/umI4VPUyMuMlXmOd9bgMbt0xxOGx9voWhg1dOrNd+VyAaAClurpSzfRYsj4 wSPcWfLbGSUAfxXwT8uqhVifuFyOZniNGP2vuldo92XdU5p8MXSOvionGZGKNZO9 GnSBCuq++jropWE7CzrpYfoeF4uy+2NfSSKQ0EKuPo2kTZNj0BReB+ff316APfs8 +g3eY7rlKax6kehBiUWti15Um8T0LU5/aADbSevZE2m46w0P3EPZj8tTrlC/5uM+ mfXlvGHSri6iWwiR/3n1nGKUMsc7IVRW1Ghzrnh2L9ZHrS2tuHgTB40HLDvBr4zn y5Tdpu8e9Ky5gY7/pWSArs16IoVRIgIzziaExu482stq91y3jI9Y80ZVbOVOzExB sb/0PTLJEoMA3E6XS5vbXSG7HsVceQCwIkw5/JH+u/U5om6MZoEjJYwm0Msz+sQ4 cHKhRAyKrCS09Uw3xsPmthECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 264450152177330824907290633930227139599453 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-17 22:54:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-15 22:54:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'churchauthority.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 806696889849095012638660158463731583057175604340114488224074831510394190277049529618348880562814703423994738760772582526056161562284590693624755133243208147879096803413743713274482542529572030066901912282176144571251534145189294948205821555276325591681621413342621752711307843593809442623016622966157453677299211467448482788510270349500774565250680642379902156565615902932772149442786210397174177072726643499538813851092345528628391300252646599953128962721026377843113997634871626592708681177168534952164227166854244891028189301739978208727220056102778695189955283310306080275616080929474847200918012039067300235525713384048095701954144662539938240443180020796917661991733821021316905307518543731307769319706935727534397737679571264814494469873219933610549400521332852723325439059422618214756347634514944463442062046117584393308037993931159007747429780936368711877571315160691365050726314767517372886073279084168285447813549894062386802881030207813023786727098531771657488799575705731079875498912348731614882501017773818399401806976578485322497679056057733515297933350226385667769583944364468083821363037345275062200875194150172232015847248044758117695693568611140451015475345647951089075932657231268285793663544981120817178222179857 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a74a6f1012012295b7ba0b3627560ca0c8f72db1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'churchauthority.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.churchauthority.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016ddc24a9ad0000040300483046022100da87d35693c79e57cce3f7c78ce0bd55da90247b9da1e29546069c6319f05492022100c1a4c60b5007da5c106114018eedff216a59cdedd9e1208c00d41a7f3c3e49180077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016ddc24abae0000040300483046022100ec30304677b37cbbb397885904cefd4c9174d4598cd795b49e00b472e2c4a961022100e85a5fbf9dd700f25bb70c2e9905a56233e9e47858023a46518fb2dcd324f587 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0054a05f2061999f1c1af6770d9634a6857f3c134b3d2fbd745013c30897ea1551433f2494b486d74cc0c97efda6c9046e7ea9fee4fe93463c9d9cb80376ddd0f66ec37f62c55c6b55ac7b2af33d7ea3889535195fdba5219f467574e6c6750701dc639a94efcb64d2191f8e1467df9f5965f8e986f310fea24428b82c36ff3bbc63bed0aba5d92ee0f2ba3219dbb4f96729ef889374757d5ed33cc6d181c1d6ae25cce02c0a40391b9881bd9a960214682d4ee669ac9c516d02d1506c6e107ae01597e6bb4c55cc5939bb3bcc7dca185d4542211aa7b5b876131568fafb1d3265d4506f6f67e2bd1e2ef5213ac58b1709d81ef22dc0075172eeff74d22b041557