dufy.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:d3:b7:c0:73:69:54:af:20:48:e3:f5:20:29:f8:2e:86:40 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=dufy.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d3:b7:c0:73:69:54:af:20:48:e3:f5:20:29:f8:2e:86:40
Serial Number (int): 420492971132406750608157313568410990184000
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: b0:93:45:b6:15:04:69:d7:86:16:c2:63:06:11:d4:2e:9c:b0:1b:cd
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 0b:b7:f6:ed:3c:ed:f1:e5:31:86:8c:d6:70:5d:ec:3d:04:21:59:2d
Fingerprint (sha256): 70:39:c0:78:5c:11:29:16:75:09:09:ad:03:a9:86:9e:24:75:6b:52:83:dd:52:78:5e:1f:45:44:2e:97:71:f5

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate dufy.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dufy.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dufy.org

Other certificates including the domain name dufy.org

(limited to 100 certificates)
musicguide.org
www.ocnb.com
www.dufy.org
dufy.org
www.workwelfareandfamilies.org
dufy.org
www.dufy.org
dufy.org

Certificate

The complete raw certificate details for dufy.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISBNO3wHNpVK8gSOP1ICn4LoZAMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMDIxOTE1MjRaFw0x
OTEyMzExOTE1MjRaMBMxETAPBgNVBAMTCGR1Znkub3JnMIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEAoA/ylKCo5o2aUKl0fb0F70rXxfSYKdSv5ZAOCRRL
+LlPIsyPV9gbsICxbhnLuGWMRgPUgKionnMhv+KYfIhszXfM8qpyRv82Ppy81yBz
0B4iBBJlaZpk3r2dJC2+8KHKF5ayTv6wWrfrFSEUxTOrwnLJUTR33zbcf6BCcR+z
iYYGJWH1kGsKxxzzd51zlCY1xrKVlZBJQKmgDKfq66tbgH5CFt6v+BH+haJ5E6cH
iJGMunP4yGU/fDm+P3pViDzp+9NZL/0tO/HNAQ57dF5H4iPe5ODSWks5Nvw/Zw2E
xtcv/PY1mR7ZW9dlkhmGobjsOP5/i3Rm9H/lwXLrqYr4WyF8ug6bY2UchIO7HNc9
PEXMaSRJjbVAfa+h7asuxAL4qG8iseiOOwYEf+rzzEFVGTBdshlbIBmFMt+MmKMp
e7ZBRM4R/Yj25LxwmPw2y12/VId+2TcLmw1iZyc0JIaVHwO/FGDR5tHmAouPdcrN
fdEF8MMMNJ5ErcF/L2i2YKrte6ncwlZWs23U2Hq/SWydSEZ0z9UwPKAMrtlKfbi9
HgBH8RZ1UDnLl7NoWBgbnHc4AyHYaAXwozY8wAIZld2s3yOCpC48SY32Kjsd+1o8
+yGbRFxYLw5tPr3u0PTrmRwemm0DYfr5H2QbqBFmCxfSMIBQbzn4S59amauEFub6
L/UCAwEAAaOCAlswggJXMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsJNFthUEadeG
FsJjBhHULpywG80wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYI
KwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0
c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0
c2VuY3J5cHQub3JnLzATBgNVHREEDDAKgghkdWZ5Lm9yZzBMBgNVHSAERTBDMAgG
BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz
LmxldHNlbmNyeXB0Lm9yZzCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AHR+2oMx
rTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABbY4c8CAAAAQDAEYwRAIgCkxC
wtmoMuEizizrKKJlJqcU9io7IT1pUUvwO63x14ACIG9qAPpS06MlrBrd+Np2wvS7
IvofVsBPBLVUgWZDDuyXAHUAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH
9HgAAAFtjhzwDwAABAMARjBEAiBK4IZz/ybSfGT4XITJGI3kkepVI07e0Ihe29Sb
iOs3RQIgWvUCe/ljn0KAOLD6Wq+WiPAxN9RekxrNQrxcZUYVhykwDQYJKoZIhvcN
AQELBQADggEBAGsluBRt7hVa4wHShfguRj4dwOfKcoH8pYioC0q8Vx/ypVkSAFjg
AnR2nnYMLhLbQ46f7HFKy0UKnou3UBahPVj2Pm2vg8sAPOMcjrXHqdLuJVCNx+qg
6r/Ea75fRWMTNeN8CIpEnhhoX/mEqHGmsHbIqgv7mq96cpBNUQee+RKskMwtOPo0
0P3thhy2rGv2n4dGyx+JB6K6z2MCaax6lC5Sma54VeYfM+h78wnR1hv9NeIhKm4R
9vbYv3LT/L/mlY6ii2vvd3vcc4gc78Fy8/n7Dg7ExS7ildUhhRTV1FAuIMpehrFk
ELgiETi2aK6I6ZJEcX1TwBQLaQNBgiI0NqQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoA/ylKCo5o2aUKl0fb0F
70rXxfSYKdSv5ZAOCRRL+LlPIsyPV9gbsICxbhnLuGWMRgPUgKionnMhv+KYfIhs
zXfM8qpyRv82Ppy81yBz0B4iBBJlaZpk3r2dJC2+8KHKF5ayTv6wWrfrFSEUxTOr
wnLJUTR33zbcf6BCcR+ziYYGJWH1kGsKxxzzd51zlCY1xrKVlZBJQKmgDKfq66tb
gH5CFt6v+BH+haJ5E6cHiJGMunP4yGU/fDm+P3pViDzp+9NZL/0tO/HNAQ57dF5H
4iPe5ODSWks5Nvw/Zw2Extcv/PY1mR7ZW9dlkhmGobjsOP5/i3Rm9H/lwXLrqYr4
WyF8ug6bY2UchIO7HNc9PEXMaSRJjbVAfa+h7asuxAL4qG8iseiOOwYEf+rzzEFV
GTBdshlbIBmFMt+MmKMpe7ZBRM4R/Yj25LxwmPw2y12/VId+2TcLmw1iZyc0JIaV
HwO/FGDR5tHmAouPdcrNfdEF8MMMNJ5ErcF/L2i2YKrte6ncwlZWs23U2Hq/SWyd
SEZ0z9UwPKAMrtlKfbi9HgBH8RZ1UDnLl7NoWBgbnHc4AyHYaAXwozY8wAIZld2s
3yOCpC48SY32Kjsd+1o8+yGbRFxYLw5tPr3u0PTrmRwemm0DYfr5H2QbqBFmCxfS
MIBQbzn4S59amauEFub6L/UCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 420492971132406750608157313568410990184000
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-02 19:15:24 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-31 19:15:24 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dufy.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 652997193272609726260088371759029392529905038579683741609984650206634059191058219384267995743747606873104973655134757811567930802082415019919439907246312027586997029091602934164663613108133751172806574501149554674122424278721771772550168353512704707373626618421355445116969251770547010596333916671083885840076558929303386710572361029268740916365084486810461045067689573361674861336674481331284457488142659336966263038254728166724083735061955012597739707264565763322319934079443341165759974012932788613474260322021234403124277024184228415767777030573107557253707083941910189521083982016813784984979056297592751207949515348315664823032730980244975924601451407189849982675977377015089353000001880518033703016061023861022716385896530706423149380464296380650763345318842514577892932339583077617457549034065870345717398024069347808112196686171734016653540271403815444859216387909781613001555155136599299815417320858207641441728043967503370740667152698972315947633048300734016980245590595226655926591977613777268241000307476466008627733825762320894735805130167153041401717152295156632940694768679300038504227731877035153385161613742442604908849787831409654639213205290755299537886823024839606368413160828823691383065899507813837375087980533
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b09345b6150469d78616c2630611d42e9cb01bcd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dufy.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d8e1cf020000004030046304402200a4c42c2d9a832e122ce2ceb28a26526a714f62a3b213d69514bf03badf1d78002206f6a00fa52d3a325ac1addf8da76c2f4bb22fa1f56c04f04b5548166430eec97007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d8e1cf00f000004030046304402204ae08673ff26d27c64f85c84c9188de491ea55234eded0885edbd49b88eb374502205af5027bf9639f428038b0fa5aaf9688f03137d45e931acd42bc5c6546158729
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006b25b8146dee155ae301d285f82e463e1dc0e7ca7281fca588a80b4abc571ff2a559120058e00274769e760c2e12db438e9fec714acb450a9e8bb75016a13d58f63e6daf83cb003ce31c8eb5c7a9d2ee25508dc7eaa0eabfc46bbe5f45631335e37c088a449e18685ff984a871a6b076c8aa0bfb9aaf7a72904d51079ef912ac90cc2d38fa34d0fded861cb6ac6bf69f8746cb1f8907a2bacf630269ac7a942e5299ae7855e61f33e87bf309d1d61bfd35e2212a6e11f6f6d8bf72d3fcbfe6958ea28b6bef777bdc73881cefc172f3f9fb0e0ec4c52ee295d5218514d5d4502e20ca5e86b16410b8221138b668ae88e99244717d53c0140b69034182223436a4