www.advocacyinitiative.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:e6:2e:e1:e1:74:91:b5:c8:65:c5:56:7e:f7:b0:06:83:62 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.advocacyinitiative.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e6:2e:e1:e1:74:91:b5:c8:65:c5:56:7e:f7:b0:06:83:62Serial Number (int): 339664119514473585764446443953029449679714
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 68:a1:3d:c7:40:20:43:ad:78:83:ba:ab:cf:ba:40:af:78:c2:f9:f5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): cc:4e:69:02:2e:d1:04:a8:11:e1:b4:64:5e:8f:9b:2e:32:6a:02:9a
Fingerprint (sha256): 72:66:94:03:48:f9:7b:25:ed:7f:d3:72:59:f7:22:51:33:4c:97:31:8e:24:d8:e3:81:6c:a6:a9:80:e9:0a:7e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate www.advocacyinitiative.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.advocacyinitiative.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
Other certificates including the domain name advocacyinitiative.org
(limited to 100 certificates)
www.advocacyinitiative.org
www.advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
www.twotruth.superbhostinghub.com
advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
www.advocacyinitiative.org
advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
*.exploresierraleone.com
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
thewordoftruthsl.org
thewordoftruthsl.org
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
www.advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
www.twotruth.superbhostinghub.com
advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
www.advocacyinitiative.org
advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
www.advocacyinitiative.org
*.exploresierraleone.com
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
thewordoftruthsl.org
thewordoftruthsl.org
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
advocacyinitiative.org
Certificate
The complete raw certificate details for www.advocacyinitiative.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISA+Yu4eF0kbXIZcVWfvewBoNiMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MjAxNzQ0MDBaFw0x NzA4MTgxNzQ0MDBaMCUxIzAhBgNVBAMTGnd3dy5hZHZvY2FjeWluaXRpYXRpdmUu b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAormKcl2ApKQwhL9E 5VSmz0nxEliULIoew3u9MnKIY8zJx74TmohIIN8dBwigl77x6O0LdoTVhyl6POSu FFfJVtvgoqz2ajNHLJiNjpySNPzByf00X8Rhch1xyX/L1/RpFZpZBZyT0UALxPKW sVaSk/PyVWyKVDNGfhi2mMxge/rnt6pHcnlq2HxRAN6EPW1qV9swVoElL+lAe7oM 6iCtOiWrPmRf4L9tSfNkaOOiT/DRhotzmUuXnGY7khn3N7ALT8wO1ctNUKjLfEeb cmTBPYzgXOHRvrdLMMsFyIIPXiHOr5hPiNpctGmEx+H82XT9ws1mM0Bs1olWt38/ /iElJwIDAQABo4ICMzCCAi8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRooT3HQCBD rXiDuqvPukCveML59TAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBw BggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzA9BgNVHREENjA0ghZhZHZvY2FjeWluaXRpYXRpdmUu b3Jnghp3d3cuYWR2b2NhY3lpbml0aWF0aXZlLm9yZzCB/gYDVR0gBIH2MIHzMAgG BmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlm aWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVz IGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9s aWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkv MA0GCSqGSIb3DQEBCwUAA4IBAQAnekGVW1sQYtZY7ZX6HTIobyoqX/bxVpX9QAHP SPb78TmlbQPjgZjsBUjLwfCff6fT47wfnfO5X6VXPlI0Zk32RdIngbI0D84WvFBx if4kuM/gF7p4lAB+pwW+RUWA6KM7O934qv4AXSQJG18TcatcMaRWMcmb917f6v+c PntMrLArYzoTj8w3sqoDeDqZLDoT3xky6ztyS223LtH807IsTsf7rmFf5szIKpn0 0R9y7U8aibpsbLJv4XGBEyn5FHEml07NLOHn+3nGyF6rC2OK8wc4axOokElKenv2 BnI6Esc9phAJrHBsuR2LlPXi64yGG5k7bLVRQcETV8G2zVBy -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAormKcl2ApKQwhL9E5VSm z0nxEliULIoew3u9MnKIY8zJx74TmohIIN8dBwigl77x6O0LdoTVhyl6POSuFFfJ Vtvgoqz2ajNHLJiNjpySNPzByf00X8Rhch1xyX/L1/RpFZpZBZyT0UALxPKWsVaS k/PyVWyKVDNGfhi2mMxge/rnt6pHcnlq2HxRAN6EPW1qV9swVoElL+lAe7oM6iCt OiWrPmRf4L9tSfNkaOOiT/DRhotzmUuXnGY7khn3N7ALT8wO1ctNUKjLfEebcmTB PYzgXOHRvrdLMMsFyIIPXiHOr5hPiNpctGmEx+H82XT9ws1mM0Bs1olWt38//iEl JwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 339664119514473585764446443953029449679714 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-20 17:44:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-18 17:44:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.advocacyinitiative.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20542098986729305258928843538777980501497207887503471527588801607178986534011822586335912194768937228679606432148596508817445983782204512042461995482987623233182985704266951005921721925943480660184475401549238079229860197585937183267740370623698609832312674691979872521338395081970067844900116339273131163279684142905368091648574578176084831114778736809254455568183270890097437982453661817382268758971003941216524557480847906779717058079545699035450691413972612704913208309042580564175535367344668471993923510309163202190695834835401116197143016174290011200998430081811459176072191921029915728865326813308739425215783 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 68a13dc7402043ad7883baabcfba40af78c2f9f5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advocacyinitiative.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.advocacyinitiative.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00277a41955b5b1062d658ed95fa1d32286f2a2a5ff6f15695fd4001cf48f6fbf139a56d03e38198ec0548cbc1f09f7fa7d3e3bc1f9df3b95fa5573e5234664df645d22781b2340fce16bc507189fe24b8cfe017ba7894007ea705be454580e8a33b3bddf8aafe005d24091b5f1371ab5c31a45631c99bf75edfeaff9c3e7b4cacb02b633a138fcc37b2aa03783a992c3a13df1932eb3b724b6db72ed1fcd3b22c4ec7fbae615fe6ccc82a99f4d11f72ed4f1a89ba6c6cb26fe171811329f9147126974ecd2ce1e7fb79c6c85eab0b638af307386b13a890494a7a7bf606723a12c73da61009ac706cb91d8b94f5e2eb8c861b993b6cb55141c11357c1b6cd5072