www.startfunding.org

Issued by R3

About this certificate

This digital certificate with serial number 03:24:ea:4d:e7:18:b6:a3:e8:0d:aa:7b:9e:88:7b:2c:52:77 was issued on by Let's Encrypt.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.startfunding.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:24:ea:4d:e7:18:b6:a3:e8:0d:aa:7b:9e:88:7b:2c:52:77
Serial Number (int): 273898466849500920886955482382021597876855
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 86:8c:46:46:30:f7:75:0b:a9:a5:ca:f7:ff:b5:d6:49:ff:9b:54:bd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3a:72:86:15:89:0c:86:ea:31:88:42:47:74:a8:79:fb:4c:59:07:d9
Fingerprint (sha256): 56:5b:39:ad:7c:95:26:ab:1c:66:43:0c:cc:4c:83:87:a2:73:0e:9b:bd:eb:99:3a:d8:e3:53:21:3c:6e:6e:b4

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.startfunding.org

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.startfunding.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

birthdaypal.com
example316.bible.aalien.com.boatwakesurfing.com
figure-out-able.com.personalstays.com
tampataxservice.com
theaffiliatecenter.com
uslegalkits.com
www.startfunding.org

Other certificates including the domain name startfunding.org

(limited to 100 certificates)
pleasureflightsuk.co.uk.startfunding.org
3868.org
gtin.tv.sa-rugby.co.za
startfunding.org
www.startfunding.org
www.startfunding.org
hunterscorecard.org
originale-bestellen.de

Certificate

The complete raw certificate details for www.startfunding.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAyTqTecYtqPoDap7noh7LFJ3MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTEwNDIxNTBaFw0yNDA0MTAwNDIxNDlaMB8xHTAbBgNVBAMT
FHd3dy5zdGFydGZ1bmRpbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsYSKqrNBIihhyFd2NU6J3N367g77GdXi/5ZwpLkvJlB5LqsYVpzN1yKQ
02vX9IIOZfMLd9FZOvtNnd+bQJVfxJ77zskGnaZvrS42fo9gxHWrfCfeBX8dN7Ad
3v0eY62QWogxhs3F0j6xFDmCEmIYtDPfygyLjQsjMEKaupeaMc97dYdAJhrqsZHU
4e3RMhd9xWNePMoOVTPJCPPsAh3JS6x0lXPOdd+b2joYgYzJZaANxLj+fCcyKLuD
fQCjVRCtn/E8hZxD+Y2QbybmAqx3tepxL5DmNtd2BSoItKaC312Zm/OE5WmV/UYG
QoA2Mk+PPL2X38tw5AkqzmwfDnjimQIDAQABo4ICwDCCArwwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBSGjEZGMPd1C6mlyvf/tdZJ/5tUvTAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzCByAYDVR0RBIHAMIG9gg9iaXJ0aGRheXBhbC5jb22CL2V4YW1wbGUz
MTYuYmlibGUuYWFsaWVuLmNvbS5ib2F0d2FrZXN1cmZpbmcuY29tgiVmaWd1cmUt
b3V0LWFibGUuY29tLnBlcnNvbmFsc3RheXMuY29tghN0YW1wYXRheHNlcnZpY2Uu
Y29tghZ0aGVhZmZpbGlhdGVjZW50ZXIuY29tgg91c2xlZ2Fsa2l0cy5jb22CFHd3
dy5zdGFydGZ1bmRpbmcub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYB
BAHWeQIEAgSB9QSB8gDwAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznY
hHMAAAGM9vgy8wAABAMASDBGAiEAxJ0WYIVZHcOmdTWG3GQNsPnP88VJWZmuC9Dp
EbaJwXACIQD6KkVBL7QcEMKf3Y9HRfAXc5v0LAhRKXty9DI6farvKgB1ADtTd3U+
LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjPb4NQIAAAQDAEYwRAIgEkQb
MlKueQwI6UGHs1o2OcgqftQhvi8TwKI4lsnXG5cCICZCSdahe0qUPH/HvuZR4Pky
DFwd7FfLAQedqTbtJJj6MA0GCSqGSIb3DQEBCwUAA4IBAQAd2u9ZRtWNVDDGM/4N
IJgWf3ePtfHhN/RHy9eUknnTMovsG3p1+3utbgSMKg/3hbh7Bc/srC6FmmjqSHRT
EKlBOkCmc9poxmRN3MWfiAG3KobpdtlD9M8aTtvsp7/YkHR+WjhlQd1zOBTYa62/
6GdarE/r41yzjX2pFH2dkEZASsTnpgRPH7rSafN1oodvA3plHbV+4G01IXaS4Unu
6ODKfDNsh5ZeMPhKhdFF6lkBoBC8sBi9iHSacY7T1QZ5L0zeyI5TX3xN2gmdKVAt
DpSenUWJdpx0ydQZ9U8ilFAPM9ZFGpyARBlNWDjADDq6yQYPaMSZoqpJJz9ujQ83
+2eP
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYSKqrNBIihhyFd2NU6J
3N367g77GdXi/5ZwpLkvJlB5LqsYVpzN1yKQ02vX9IIOZfMLd9FZOvtNnd+bQJVf
xJ77zskGnaZvrS42fo9gxHWrfCfeBX8dN7Ad3v0eY62QWogxhs3F0j6xFDmCEmIY
tDPfygyLjQsjMEKaupeaMc97dYdAJhrqsZHU4e3RMhd9xWNePMoOVTPJCPPsAh3J
S6x0lXPOdd+b2joYgYzJZaANxLj+fCcyKLuDfQCjVRCtn/E8hZxD+Y2QbybmAqx3
tepxL5DmNtd2BSoItKaC312Zm/OE5WmV/UYGQoA2Mk+PPL2X38tw5AkqzmwfDnji
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 273898466849500920886955482382021597876855
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-11 04:21:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-10 04:21:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.startfunding.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22409538711031415238501638671592552816964117656966026364181214816576688504015974064287372818166853324144007078097353805163482819258472191272314592526114663033266038785679806840333121452567108214479541474040411090499031514314377217026630256058416960466089091352829218758885723901114533224583748656932104859447038168282310947965499107172706661275326779365236164165297852417521028442148699766714739082917745784045259067926593729958224096179030695429961263986876065831168679997842305133501711522326645909260465950206957463044136341699360021033264134029275956470802354960762013959483640588581188233389544921065919589442201
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							868c464630f7750ba9a5caf7ffb5d649ff9b54bd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (192 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'birthdaypal.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'example316.bible.aalien.com.boatwakesurfing.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'figure-out-able.com.personalstays.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tampataxservice.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theaffiliatecenter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uslegalkits.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.startfunding.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cf6f832f30000040300483046022100c49d166085591dc3a6753586dc640db0f9cff3c5495999ae0bd0e911b689c170022100fa2a45412fb41c10c29fdd8f4745f017739bf42c0851297b72f4323a7daaef2a0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cf6f835020000040300463044022012441b3252ae790c08e94187b35a3639c82a7ed421be2f13c0a23896c9d71b970220264249d6a17b4a943c7fc7bee651e0f9320c5c1dec57cb01079da936ed2498fa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001ddaef5946d58d5430c633fe0d2098167f778fb5f1e137f447cbd7949279d3328bec1b7a75fb7bad6e048c2a0ff785b87b05cfecac2e859a68ea48745310a9413a40a673da68c6644ddcc59f8801b72a86e976d943f4cf1a4edbeca7bfd890747e5a386541dd733814d86badbfe8675aac4febe35cb38d7da9147d9d9046404ac4e7a6044f1fbad269f375a2876f037a651db57ee06d35217692e149eee8e0ca7c336c87965e30f84a85d145ea5901a010bcb018bd88749a718ed3d506792f4cdec88e535f7c4dda099d29502d0e949e9d4589769c74c9d419f54f2294500f33d6451a9c8044194d5838c00c3abac9060f68c499a2aa49273f6e8d0f37fb678f