www.agefa.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:e2:3e:f7:e3:aa:f2:7b:40:af:b8:d3:d4:7e:11:62:80:62 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.agefa.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e2:3e:f7:e3:aa:f2:7b:40:af:b8:d3:d4:7e:11:62:80:62Serial Number (int): 338324371970126367601218297929174152806498
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 1d:5f:36:e5:89:1a:f3:40:a1:27:4b:25:50:c2:ce:75:0b:d3:5f:5c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 92:19:76:83:e0:c3:c7:1a:50:aa:51:99:51:63:41:da:1b:a4:d0:db
Fingerprint (sha256): 56:39:8b:01:a6:3f:93:52:0b:59:96:9d:92:c4:58:a9:a3:6e:83:df:f6:b8:8c:6c:bd:0e:a9:53:88:08:0c:60
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.agefa.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.agefa.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.agefa.org
Other certificates including the domain name agefa.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.agefa.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgISA+I+9+Oq8ntAr7jT1H4RYoBiMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MjkxMzA3MTRaFw0x OTA3MjgxMzA3MTRaMBgxFjAUBgNVBAMTDXd3dy5hZ2VmYS5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDH5JGDKS80tz3kxFsGuITsd+vT5eUAvYXC bfdAxLuloPS94XS+BhFRGRv61WCtdIXzEZWDw9awYwc/XAKjRhjhmLXUTM+0epKs Y+I16tG4H4GbCBPMOp5bKjHi++Za5tU8sNWDPbtmrTquzi86CUMTU0GPjm0O3SUo 8xrolkLqD6zEeOSovnzB/I06ziO6njAS7K5nW/4p7U9hd7zWL+sCBRu2/IM9IHJU CRaltze7oRt4S4u3ulc9qKeueySbaW7vBV4eq4DBU4lajnxRVIZATyIoIPar5TLp K79BsaoEF1crrwQAuLI+ArG5SmHto5an0LmHVbnU/r+R+A1WQJadRcGeEI8B3tBN 2Te6Jr+N/1WxIHXVzZzR6yYJbJEg52f0dIdATw9Rcr6N6sMrPLFi8RU9rBBJk2Qn O1J8WvpciCv1NcdJGJxya41DmA28uW4ovFSVphSR5xzrRbjQAmUe0LsR9P4HC68L e6EpNOSiUqurJiFVfkpHPqJTFFQqSNy0Umh7+4fHJ2QhhKzkUhDi9kU+/m+1SY7D PASEnoGGSQc2LEnFMtC5FVGMHf+eTEGYJLErvNx4MkJoMrMVhmDIhryd4r9ZTEVq QEcwaoJB93GO4vlq2kbepmN4NTRDQGdqI+Kt1eU+ohyPrs8XK3jIyp/gSiBfyPbP 14Wq4S4aRwIDAQABo4ICYzCCAl8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQdXzbl iRrzQKEnSyVQws51C9NfXDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5hZ2VmYS5vcmcwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHz APEAdwDiaUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWppa9EQAAAE AwBIMEYCIQCI1yniVOllcciUVlGewWEMqzNlD1ytp+VdZg/JRXSa4QIhAN0EjUQ5 y6H+u7xRciCaUV9ZZJ8EzHGHAdg5tN/uxo+dAHYAKTxRllTIOWW6qlD8WAfUt2+/ WHopctykwwz05UVH9HgAAAFqaWvRMwAABAMARzBFAiEAz3Y+Sm3iUW+VhfogfF0F 024sjn6V13/7WlpGwf5UcqMCIH0t8zpwWd9x8klx48telOTtuXKD/EOBdEtGWPLT ebUHMA0GCSqGSIb3DQEBCwUAA4IBAQAoTXuLBzOdzTPSKfanpq9cy2ZQRNP7HQoQ KLZhuZvZ8vjHTclATwgbgaB2ckETU00JF+jCazRmOqUjic4jTKswPDctVbrWNp1j shwy6HjsSv3q4Z7JhzPsbA/8e3UooFbmMu0pcT2iCOQfCXSzg9VGzmHIVhjgqV+z qRuS7LqP0TE+n55KOz2AhlflfLDHnzZkI+uzRvBtVHVePVPI0TUJmvFD90eW9/cR 84Qds5pXIiU0d6/9kaphA0pzB+lRzH2JxKqZ0AVemh/EAwoQ6NJYYHyPMUMi+ap/ yW1O+WOUOpRrzOLJmd7cDHrEjtEpHmIGjHJPLgvAS//+3+9xUNBI -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx+SRgykvNLc95MRbBriE 7Hfr0+XlAL2Fwm33QMS7paD0veF0vgYRURkb+tVgrXSF8xGVg8PWsGMHP1wCo0YY 4Zi11EzPtHqSrGPiNerRuB+BmwgTzDqeWyox4vvmWubVPLDVgz27Zq06rs4vOglD E1NBj45tDt0lKPMa6JZC6g+sxHjkqL58wfyNOs4jup4wEuyuZ1v+Ke1PYXe81i/r AgUbtvyDPSByVAkWpbc3u6EbeEuLt7pXPainrnskm2lu7wVeHquAwVOJWo58UVSG QE8iKCD2q+Uy6Su/QbGqBBdXK68EALiyPgKxuUph7aOWp9C5h1W51P6/kfgNVkCW nUXBnhCPAd7QTdk3uia/jf9VsSB11c2c0esmCWyRIOdn9HSHQE8PUXK+jerDKzyx YvEVPawQSZNkJztSfFr6XIgr9TXHSRiccmuNQ5gNvLluKLxUlaYUkecc60W40AJl HtC7EfT+BwuvC3uhKTTkolKrqyYhVX5KRz6iUxRUKkjctFJoe/uHxydkIYSs5FIQ 4vZFPv5vtUmOwzwEhJ6BhkkHNixJxTLQuRVRjB3/nkxBmCSxK7zceDJCaDKzFYZg yIa8neK/WUxFakBHMGqCQfdxjuL5atpG3qZjeDU0Q0BnaiPirdXlPqIcj67PFyt4 yMqf4EogX8j2z9eFquEuGkcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338324371970126367601218297929174152806498 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-29 13:07:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-28 13:07:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.agefa.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 815491660740017888567678811440605409552402821198697687491365557637108686462656745418656843521612324555338585888374041355699237282281203135101376051096194693927157239378560532451656818196014254319360299554623782401340934583593218814412118973943244657512697103026579886066001989065138037375090136982804033012159374159058326780923956381743938676045962661751821460321144257500184510855317586764470635050850894738568795382640331982719588304499489374669899967023957135857756128152257245753368014914856213382023239159285840234309033192361766138865202765108135470513719533778031176900391900392851433324970760433171981154691056362311473175411739697428075836021015761170204407653575637271381608112130130326321232073022315598428883583110987121259424535586199299353190380558100972136193930139322223805571354644025749768550394641053891249096443802361097108662171131115946465246259678046119205400608015070836384533604480890984551188725996775035846032834512218720124864936403816106855780571125697347386396123271444207762258354513852908362739472761973241180897436561734179217100023114666122167874576561970447087916510281573463901613983254485213104496111642775759897119467005415770511378884732700217182766496482705616722133714817227800878436651506247 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1d5f36e5891af340a1274b2550c2ce750bd35f5c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agefa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016a696bd110000004030048304602210088d729e254e96571c89456519ec1610cab33650f5cada7e55d660fc945749ae1022100dd048d4439cba1febbbc5172209a515f59649f04cc718701d839b4dfeec68f9d007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016a696bd1330000040300473045022100cf763e4a6de2516f9585fa207c5d05d36e2c8e7e95d77ffb5a5a46c1fe5472a302207d2df33a7059df71f24971e3cb5e94e4edb97283fc4381744b4658f2d379b507 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00284d7b8b07339dcd33d229f6a7a6af5ccb665044d3fb1d0a1028b661b99bd9f2f8c74dc9404f081b81a076724113534d0917e8c26b34663aa52389ce234cab303c372d55bad6369d63b21c32e878ec4afdeae19ec98733ec6c0ffc7b7528a056e632ed29713da208e41f0974b383d546ce61c85618e0a95fb3a91b92ecba8fd1313e9f9e4a3b3d808657e57cb0c79f366423ebb346f06d54755e3d53c8d135099af143f74796f7f711f3841db39a5722253477affd91aa61034a7307e951cc7d89c4aa99d0055e9a1fc4030a10e8d258607c8f314322f9aa7fc96d4ef963943a946bcce2c999dedc0c7ac48ed1291e62068c724f2e0bc04bfffedfef7150d048