genefreedom.org

Issued by R3

About this certificate

This digital certificate with serial number 04:d8:9d:a9:04:0f:27:56:47:d6:54:67:18:95:0f:74:d5:d3 was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=genefreedom.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d8:9d:a9:04:0f:27:56:47:d6:54:67:18:95:0f:74:d5:d3
Serial Number (int): 422159701357801253947065504025586619962835
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 8f:02:da:85:38:cc:d8:18:1e:1b:7d:f4:56:66:00:30:72:1e:43:32
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): b1:5f:99:e7:33:7f:fb:c4:89:07:d4:59:35:6e:c1:59:21:1e:cb:5c
Fingerprint (sha256): 51:6d:2a:0f:57:9d:6d:4b:31:f3:9d:07:d3:65:66:f2:b5:f5:de:06:01:e2:ad:ad:13:12:40:76:4e:42:03:8b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate genefreedom.org

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for genefreedom.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

genefreedom.org
ingodwetrustlicense.org.soulpurposeblueprint.com
mdtemplates.statenationals.us.run50statesclub.com
nitroxcorp.com.theoriordans.com
sanantonioendocrinology.com
srebroinwestycyjne.com
tokenbackgroundcheck.com
valencevectorlabs.com

Other certificates including the domain name genefreedom.org

(limited to 100 certificates)
firefanged.com.sann.co.za
genefreedom.org
genefreedom.org
genefreedom.org
singapore4vip.com.avephilomena.org
genefreedom.org
genefreedom.org
modalhomes.ca

Certificate

The complete raw certificate details for genefreedom.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISBNidqQQPJ1ZH1lRnGJUPdNXTMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMzAwMzExNDZaFw0yNDAxMjgwMzExNDVaMBoxGDAWBgNVBAMT
D2dlbmVmcmVlZG9tLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMp4kiUOVmu7A9rfuIxsq2Fq41/MIAwFl8cHE3oj5+KR1j+HU3Y7WMcK94yMJNg6
dl0aIxSTPiDaCAlAfyHvZB1iJCX8fhsRBcF0Uib0h0ZMhTraXI7b0a4ZIoJYvWwY
nk3Gc3S1PJAfchchegqyRoTR+UVO0LObuoSYIVJjzT1SgI+SCpMyYE+ZLAVqKscd
Rqpk26MOihfBS941HcvSeg0yTLdHIVfzqTVXbvDuqkA/YLAJciQGqEZNBrTGTtW2
eX4bbYUUO636CGgBxbtkRuQX21bUCM++q1Jik2wCRDgQJnIZYyG3RWBicWGOxfXX
rDirWJOn08sctDHTzvBtxqUCAwEAAaOCAwIwggL+MA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUjwLahTjM2BgeG330VmYAMHIeQzIwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wggEJBgNVHREEggEAMIH9gg9nZW5lZnJlZWRvbS5vcmeCMGluZ29kd2V0cnVz
dGxpY2Vuc2Uub3JnLnNvdWxwdXJwb3NlYmx1ZXByaW50LmNvbYIxbWR0ZW1wbGF0
ZXMuc3RhdGVuYXRpb25hbHMudXMucnVuNTBzdGF0ZXNjbHViLmNvbYIfbml0cm94
Y29ycC5jb20udGhlb3Jpb3JkYW5zLmNvbYIbc2FuYW50b25pb2VuZG9jcmlub2xv
Z3kuY29tghZzcmVicm9pbndlc3R5Y3lqbmUuY29tghh0b2tlbmJhY2tncm91bmRj
aGVjay5jb22CFXZhbGVuY2V2ZWN0b3JsYWJzLmNvbTATBgNVHSAEDDAKMAgGBmeB
DAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtTd3U+LbmAToswWwb+QDtn
2E/D9Me9AA0tcm/h+tQXAAABi37H010AAAQDAEcwRQIhAKlQzT+cXe2yc9FvxnAe
XdXxLtfFdvYuDdsXZJpP6z0uAiBk4n30L2dOxKWs1KDsaZtQ47APXj+B8xdhv9pJ
u6soTQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi37H02kA
AAQDAEcwRQIgIBonI7I3LcXH2iPsxwqFWIl5nTLFmPT3iM9UkNS7q0ACIQC93IwJ
tenJPQdSZwXd3t4eeet96m3EUvUZcW9bit9mTTANBgkqhkiG9w0BAQsFAAOCAQEA
gipo/G0/W8pJNEOVasmun1b6gm8B/ZKXjeCfnOZ/n0RrZ0tNXo69rgHilU6o7b8e
w1HZzSiKX2Ne02t2JK+EHBHA3FhNih/nBKmU7fsBS7yEgiQjP/w3iZtSk+8JkUqE
QDmA5oJJ2kzmdQPj2DeFy6Rh6rSpKQcolFDNFy5NYpvmRNVvS3M1CnSyxJZxOBST
SGPpM0Q3E8JJIKm+FbVEEehnWc4ggDGBCUsQfDPbdJvIW3lcZc1g6Dvg7lCdtb7p
AjY+86WEpJdrKljsRpubE/QbNPnoPulFYU2yUP1KbdbibrYleF7/oSsXC7GAUqo4
NhWNtA39G3Fvnl0wWH3atg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyniSJQ5Wa7sD2t+4jGyr
YWrjX8wgDAWXxwcTeiPn4pHWP4dTdjtYxwr3jIwk2Dp2XRojFJM+INoICUB/Ie9k
HWIkJfx+GxEFwXRSJvSHRkyFOtpcjtvRrhkigli9bBieTcZzdLU8kB9yFyF6CrJG
hNH5RU7Qs5u6hJghUmPNPVKAj5IKkzJgT5ksBWoqxx1GqmTbow6KF8FL3jUdy9J6
DTJMt0chV/OpNVdu8O6qQD9gsAlyJAaoRk0GtMZO1bZ5fhtthRQ7rfoIaAHFu2RG
5BfbVtQIz76rUmKTbAJEOBAmchljIbdFYGJxYY7F9desOKtYk6fTyxy0MdPO8G3G
pQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 422159701357801253947065504025586619962835
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-30 03:11:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-28 03:11:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'genefreedom.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25559593318995893323480750543398836880622589576696312252431015101968527325900514240544717365562792980056439082675855514210711683970637270646310937456537586341870565997463277386012243329761476006764103972246683828172771452303466265042076191631098945863524007337715080274468510045022586073742563732015569282333047284492825483737422413525303412132401835291524543757169375646064695284190491101251541752802161880503172063421570152448714739354710523478821465859608987863442743906132967783594615178859252219349458404553291784207038090921213578697640600374901815992876297134619908956129532441189344897031140513113718345549477
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8f02da8538ccd8181e1b7df456660030721e4332
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (256 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genefreedom.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingodwetrustlicense.org.soulpurposeblueprint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mdtemplates.statenationals.us.run50statesclub.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nitroxcorp.com.theoriordans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sanantonioendocrinology.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'srebroinwestycyjne.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenbackgroundcheck.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valencevectorlabs.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b7ec7d35d0000040300473045022100a950cd3f9c5dedb273d16fc6701e5dd5f12ed7c576f62e0ddb17649a4feb3d2e022064e27df42f674ec4a5acd4a0ec699b50e3b00f5e3f81f31761bfda49bbab284d007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b7ec7d36900000403004730450220201a2723b2372dc5c7da23ecc70a855889799d32c598f4f788cf5490d4bbab40022100bddc8c09b5e9c93d07526705dddede1e79eb7dea6dc452f519716f5b8adf664d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00822a68fc6d3f5bca493443956ac9ae9f56fa826f01fd92978de09f9ce67f9f446b674b4d5e8ebdae01e2954ea8edbf1ec351d9cd288a5f635ed36b7624af841c11c0dc584d8a1fe704a994edfb014bbc848224233ffc37899b5293ef09914a84403980e68249da4ce67503e3d83785cba461eab4a92907289450cd172e4d629be644d56f4b73350a74b2c496713814934863e933443713c24920a9be15b54411e86759ce20803181094b107c33db749bc85b795c65cd60e83be0ee509db5bee902363ef3a584a4976b2a58ec469b9b13f41b34f9e83ee945614db250fd4a6dd6e26eb625785effa12b170bb18052aa3836158db40dfd1b716f9e5d30587ddab6