gisdata.worcesterma.gov
Issued by R3
About this certificate
This digital certificate with serial number 03:62:48:1e:bf:af:7c:f6:14:fe:27:ae:40:39:fb:51:9b:de was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=gisdata.worcesterma.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:62:48:1e:bf:af:7c:f6:14:fe:27:ae:40:39:fb:51:9b:deSerial Number (int): 294780393825978815720530784044781701012446
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 73:1c:0e:cb:1c:ed:99:0d:1c:3f:2b:96:78:ff:45:14:f5:5a:25:eb
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 38:a4:79:06:cd:98:15:25:8b:93:45:c7:e2:a7:58:13:cc:8b:3e:31
Fingerprint (sha256): 53:73:f7:e5:a2:e5:49:d3:b0:25:ed:e6:33:1a:82:78:65:b7:d9:a0:93:67:30:f2:85:d9:53:85:43:a5:b5:a2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate gisdata.worcesterma.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gisdata.worcesterma.gov
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gisdata.worcesterma.gov
Other certificates including the domain name worcesterma.gov
(limited to 100 certificates)
cag.worcesterma.gov
sustainabilitydashboard.cambridgema.gov
opendata.worcesterma.gov
*.worcesterma.gov
*.worcesterma.gov
now-next.worcesterma.gov
opendata.worcesterma.gov
*.worcesterma.gov
worcesterma.gov
gisdata.worcesterma.gov
worcesterma.gov
green.worcesterma.gov
opendata.worcesterma.gov
now-next.worcesterma.gov
gisdata.worcesterma.gov
remote.worcesterma.gov
opendata.worcesterma.gov
remote.worcesterma.gov
*.worcesterma.gov
*.worcesterma.gov
*.worcesterma.gov
sustainabilitydashboard.cambridgema.gov
worcesterwifi.worcesterma.gov
cowcex2.worcesterma.gov
worcesterma.gov
opendata.worcesterma.gov
sustainabilitydashboard.cambridgema.gov
*.worcesterma.gov
*.worcesterma.gov
now-next.worcesterma.gov
cowcex1.worcesterma.gov
sustainabilitydashboard.cambridgema.gov
opendata.worcesterma.gov
*.worcesterma.gov
*.worcesterma.gov
now-next.worcesterma.gov
opendata.worcesterma.gov
*.worcesterma.gov
worcesterma.gov
gisdata.worcesterma.gov
worcesterma.gov
green.worcesterma.gov
opendata.worcesterma.gov
now-next.worcesterma.gov
gisdata.worcesterma.gov
remote.worcesterma.gov
opendata.worcesterma.gov
remote.worcesterma.gov
*.worcesterma.gov
*.worcesterma.gov
*.worcesterma.gov
sustainabilitydashboard.cambridgema.gov
worcesterwifi.worcesterma.gov
cowcex2.worcesterma.gov
worcesterma.gov
opendata.worcesterma.gov
sustainabilitydashboard.cambridgema.gov
*.worcesterma.gov
*.worcesterma.gov
now-next.worcesterma.gov
cowcex1.worcesterma.gov
Certificate
The complete raw certificate details for gisdata.worcesterma.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEMTCCAxmgAwIBAgISA2JIHr+vfPYU/ieuQDn7UZveMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDMyMzA0MzRaFw0yNDA2MDEyMzA0MzNaMCIxIDAeBgNVBAMT F2dpc2RhdGEud29yY2VzdGVybWEuZ292MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD QgAEP96FlXOk5a0DwomCO+JOf6Y+KxuL8McfJOfUYt64Qc1IrE6JeSfl1pCFjDmb ZRg7zO/tQYvFn02PbFE291Xyj6OCAhowggIWMA4GA1UdDwEB/wQEAwIHgDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUcxwOyxztmQ0cPyuWeP9FFPVaJeswHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w IgYDVR0RBBswGYIXZ2lzZGF0YS53b3JjZXN0ZXJtYS5nb3YwEwYDVR0gBAwwCjAI BgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwA7U3d1Pi25gE6LMFsG /kA7Z9hPw/THvQANLXJv4frUFwAAAY4Gxso/AAAEAwBIMEYCIQDaTMD0L7c5OLPf MEiVXTyTWfv5d9zhBNCWMRHNyKDTVgIhAJoKjp87z8hl7T6l2+nT722GL05TqVhn TsREmNZ4MAMbAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGO BsbK4gAABAMARzBFAiAaaoYhWOLrR5MLNDWa+uTm4gZFz94Xx62+TkkBl/QGygIh AKzLE/8WkgN11y9RYdwvJxtc9HP7rVgWkZmz6chIrMYgMA0GCSqGSIb3DQEBCwUA A4IBAQCAVgYvu9WmnAjD2BASQa6m2/vyDOG1KXChsE3CAkZTcc/1rNn2k6sSoCuf p2InWA5TBu6pk52cJxK5Bv7yBPboM4QhqnKogoDrcZ543Ht9gtZ4Yb+fecummm9k SDpK1qQ4RyP0k6Ni2WJ7nEuSojFaNNlUVr7U3q5yU8mR9FyQw5CyFMIFklkw+b/A bI/i+p5fwpHeVXN60YGZEANDlfHiuyz/kFVdFD0O5BQb4mi6CQgOWnEdQR2ppl6P +t7VWSDLUSEjPMaP1pBpk5DsXhK0zoCRyXWi7jwb5NIpeR5dcbTCjCTdSz5iRKeC xgmPkJRpclpJJQ7tuAZ5Qm7S58oZ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEP96FlXOk5a0DwomCO+JOf6Y+KxuL 8McfJOfUYt64Qc1IrE6JeSfl1pCFjDmbZRg7zO/tQYvFn02PbFE291Xyjw== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294780393825978815720530784044781701012446 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-03 23:04:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-01 23:04:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gisdata.worcesterma.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) de859573a4e5ad03c289823be24e7fa63e2b1b8bf0c71f24e7d462deb841cd48ac4e897927e5d690858c399b65183bccefed418bc59f4d8f6c5136f755f28f . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 731c0ecb1ced990d1c3f2b9678ff4514f55a25eb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gisdata.worcesterma.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e06c6ca3f0000040300483046022100da4cc0f42fb73938b3df3048955d3c9359fbf977dce104d0963111cdc8a0d3560221009a0a8e9f3bcfc865ed3ea5dbe9d3ef6d862f4e53a958674ec44498d67830031b00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e06c6cae2000004030047304502201a6a862158e2eb47930b34359afae4e6e20645cfde17c7adbe4e490197f406ca022100accb13ff16920375d72f5161dc2f271b5cf473fbad58169199b3e9c848acc620 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008056062fbbd5a69c08c3d8101241aea6dbfbf20ce1b52970a1b04dc202465371cff5acd9f693ab12a02b9fa76227580e5306eea9939d9c2712b906fef204f6e8338421aa72a88280eb719e78dc7b7d82d67861bf9f79cba69a6f64483a4ad6a4384723f493a362d9627b9c4b92a2315a34d95456bed4deae7253c991f45c90c390b214c205925930f9bfc06c8fe2fa9e5fc291de55737ad1819910034395f1e2bb2cff90555d143d0ee4141be268ba09080e5a711d411da9a65e8ffaded55920cb5121233cc68fd690699390ec5e12b4ce8091c975a2ee3c1be4d229791e5d71b4c28c24dd4b3e6244a782c6098f909469725a49250eedb80679426ed2e7ca19