genefreedom.org
Issued by R3
About this certificate
This digital certificate with serial number 04:d8:9d:a9:04:0f:27:56:47:d6:54:67:18:95:0f:74:d5:d3 was issued on by Let's Encrypt.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=genefreedom.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:d8:9d:a9:04:0f:27:56:47:d6:54:67:18:95:0f:74:d5:d3Serial Number (int): 422159701357801253947065504025586619962835
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 8f:02:da:85:38:cc:d8:18:1e:1b:7d:f4:56:66:00:30:72:1e:43:32
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b1:5f:99:e7:33:7f:fb:c4:89:07:d4:59:35:6e:c1:59:21:1e:cb:5c
Fingerprint (sha256): 51:6d:2a:0f:57:9d:6d:4b:31:f3:9d:07:d3:65:66:f2:b5:f5:de:06:01:e2:ad:ad:13:12:40:76:4e:42:03:8b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate genefreedom.org
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for genefreedom.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
genefreedom.org
ingodwetrustlicense.org.soulpurposeblueprint.com
mdtemplates.statenationals.us.run50statesclub.com
nitroxcorp.com.theoriordans.com
sanantonioendocrinology.com
srebroinwestycyjne.com
tokenbackgroundcheck.com
valencevectorlabs.com
ingodwetrustlicense.org.soulpurposeblueprint.com
mdtemplates.statenationals.us.run50statesclub.com
nitroxcorp.com.theoriordans.com
sanantonioendocrinology.com
srebroinwestycyjne.com
tokenbackgroundcheck.com
valencevectorlabs.com
Other certificates including the domain name genefreedom.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for genefreedom.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3DCCBMSgAwIBAgISBNidqQQPJ1ZH1lRnGJUPdNXTMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMzAwMzExNDZaFw0yNDAxMjgwMzExNDVaMBoxGDAWBgNVBAMT D2dlbmVmcmVlZG9tLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMp4kiUOVmu7A9rfuIxsq2Fq41/MIAwFl8cHE3oj5+KR1j+HU3Y7WMcK94yMJNg6 dl0aIxSTPiDaCAlAfyHvZB1iJCX8fhsRBcF0Uib0h0ZMhTraXI7b0a4ZIoJYvWwY nk3Gc3S1PJAfchchegqyRoTR+UVO0LObuoSYIVJjzT1SgI+SCpMyYE+ZLAVqKscd Rqpk26MOihfBS941HcvSeg0yTLdHIVfzqTVXbvDuqkA/YLAJciQGqEZNBrTGTtW2 eX4bbYUUO636CGgBxbtkRuQX21bUCM++q1Jik2wCRDgQJnIZYyG3RWBicWGOxfXX rDirWJOn08sctDHTzvBtxqUCAwEAAaOCAwIwggL+MA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUjwLahTjM2BgeG330VmYAMHIeQzIwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wggEJBgNVHREEggEAMIH9gg9nZW5lZnJlZWRvbS5vcmeCMGluZ29kd2V0cnVz dGxpY2Vuc2Uub3JnLnNvdWxwdXJwb3NlYmx1ZXByaW50LmNvbYIxbWR0ZW1wbGF0 ZXMuc3RhdGVuYXRpb25hbHMudXMucnVuNTBzdGF0ZXNjbHViLmNvbYIfbml0cm94 Y29ycC5jb20udGhlb3Jpb3JkYW5zLmNvbYIbc2FuYW50b25pb2VuZG9jcmlub2xv Z3kuY29tghZzcmVicm9pbndlc3R5Y3lqbmUuY29tghh0b2tlbmJhY2tncm91bmRj aGVjay5jb22CFXZhbGVuY2V2ZWN0b3JsYWJzLmNvbTATBgNVHSAEDDAKMAgGBmeB DAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtTd3U+LbmAToswWwb+QDtn 2E/D9Me9AA0tcm/h+tQXAAABi37H010AAAQDAEcwRQIhAKlQzT+cXe2yc9FvxnAe XdXxLtfFdvYuDdsXZJpP6z0uAiBk4n30L2dOxKWs1KDsaZtQ47APXj+B8xdhv9pJ u6soTQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi37H02kA AAQDAEcwRQIgIBonI7I3LcXH2iPsxwqFWIl5nTLFmPT3iM9UkNS7q0ACIQC93IwJ tenJPQdSZwXd3t4eeet96m3EUvUZcW9bit9mTTANBgkqhkiG9w0BAQsFAAOCAQEA gipo/G0/W8pJNEOVasmun1b6gm8B/ZKXjeCfnOZ/n0RrZ0tNXo69rgHilU6o7b8e w1HZzSiKX2Ne02t2JK+EHBHA3FhNih/nBKmU7fsBS7yEgiQjP/w3iZtSk+8JkUqE QDmA5oJJ2kzmdQPj2DeFy6Rh6rSpKQcolFDNFy5NYpvmRNVvS3M1CnSyxJZxOBST SGPpM0Q3E8JJIKm+FbVEEehnWc4ggDGBCUsQfDPbdJvIW3lcZc1g6Dvg7lCdtb7p AjY+86WEpJdrKljsRpubE/QbNPnoPulFYU2yUP1KbdbibrYleF7/oSsXC7GAUqo4 NhWNtA39G3Fvnl0wWH3atg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyniSJQ5Wa7sD2t+4jGyr YWrjX8wgDAWXxwcTeiPn4pHWP4dTdjtYxwr3jIwk2Dp2XRojFJM+INoICUB/Ie9k HWIkJfx+GxEFwXRSJvSHRkyFOtpcjtvRrhkigli9bBieTcZzdLU8kB9yFyF6CrJG hNH5RU7Qs5u6hJghUmPNPVKAj5IKkzJgT5ksBWoqxx1GqmTbow6KF8FL3jUdy9J6 DTJMt0chV/OpNVdu8O6qQD9gsAlyJAaoRk0GtMZO1bZ5fhtthRQ7rfoIaAHFu2RG 5BfbVtQIz76rUmKTbAJEOBAmchljIbdFYGJxYY7F9desOKtYk6fTyxy0MdPO8G3G pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 422159701357801253947065504025586619962835 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-30 03:11:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-28 03:11:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'genefreedom.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25559593318995893323480750543398836880622589576696312252431015101968527325900514240544717365562792980056439082675855514210711683970637270646310937456537586341870565997463277386012243329761476006764103972246683828172771452303466265042076191631098945863524007337715080274468510045022586073742563732015569282333047284492825483737422413525303412132401835291524543757169375646064695284190491101251541752802161880503172063421570152448714739354710523478821465859608987863442743906132967783594615178859252219349458404553291784207038090921213578697640600374901815992876297134619908956129532441189344897031140513113718345549477 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8f02da8538ccd8181e1b7df456660030721e4332 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (256 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genefreedom.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingodwetrustlicense.org.soulpurposeblueprint.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mdtemplates.statenationals.us.run50statesclub.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nitroxcorp.com.theoriordans.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sanantonioendocrinology.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'srebroinwestycyjne.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenbackgroundcheck.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valencevectorlabs.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b7ec7d35d0000040300473045022100a950cd3f9c5dedb273d16fc6701e5dd5f12ed7c576f62e0ddb17649a4feb3d2e022064e27df42f674ec4a5acd4a0ec699b50e3b00f5e3f81f31761bfda49bbab284d007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b7ec7d36900000403004730450220201a2723b2372dc5c7da23ecc70a855889799d32c598f4f788cf5490d4bbab40022100bddc8c09b5e9c93d07526705dddede1e79eb7dea6dc452f519716f5b8adf664d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00822a68fc6d3f5bca493443956ac9ae9f56fa826f01fd92978de09f9ce67f9f446b674b4d5e8ebdae01e2954ea8edbf1ec351d9cd288a5f635ed36b7624af841c11c0dc584d8a1fe704a994edfb014bbc848224233ffc37899b5293ef09914a84403980e68249da4ce67503e3d83785cba461eab4a92907289450cd172e4d629be644d56f4b73350a74b2c496713814934863e933443713c24920a9be15b54411e86759ce20803181094b107c33db749bc85b795c65cd60e83be0ee509db5bee902363ef3a584a4976b2a58ec469b9b13f41b34f9e83ee945614db250fd4a6dd6e26eb625785effa12b170bb18052aa3836158db40dfd1b716f9e5d30587ddab6