alfafin.org
Issued by R3
About this certificate
This digital certificate with serial number 04:d0:5c:8a:ce:84:cc:b7:63:9b:10:06:02:94:01:bd:3a:09 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=alfafin.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:d0:5c:8a:ce:84:cc:b7:63:9b:10:06:02:94:01:bd:3a:09Serial Number (int): 419350885747872729503327629329327084878345
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: eb:52:1c:fb:23:a1:44:ca:ec:1f:7a:7a:68:83:88:e5:06:dc:16:36
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f0:ea:d7:ee:72:7d:ee:10:62:8e:5a:da:31:2e:e7:ab:a1:16:fd:d7
Fingerprint (sha256): 86:6a:ab:05:1a:01:63:e7:2d:03:c0:4d:d5:74:d2:1d:cc:e4:8e:8b:1d:dd:b8:f1:7d:47:a9:38:36:82:64:4b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate alfafin.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for alfafin.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
alfafin.org
Other certificates including the domain name alfafin.org
(limited to 100 certificates)
alfafin.org
alfafin.org
alfafin.org
mail.alfafin.org
alfafin.org
mail.alfafin.org
mail.alfafin.org
mail.alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
mail.alfafin.org
alfafin.org
mail.alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
mail.alfafin.org
alfafin.org
mail.alfafin.org
mail.alfafin.org
mail.alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
mail.alfafin.org
alfafin.org
mail.alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
alfafin.org
Certificate
The complete raw certificate details for alfafin.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4zCCBMugAwIBAgISBNBcis6EzLdjmxAGApQBvToJMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMzAyMzAxMTdaFw0yNDA0MjkyMzAxMTZaMBYxFDASBgNVBAMT C2FsZmFmaW4ub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs5Nq paJWoIfV/fNAivU+5b/88F2c8MVzlP1BdT2+a16OtFaqV+8xZLTk0B0CUFfpr7xd f2osnXYy+mqJhQNH3LB7GgSZ0Gq2QiIZnbNgem7RnvKjBa7a3hk+fVHXyM+znoId f3Re7vPcjix7nue6QKQHB6ge4BwGQE0GXWUWnY3i4UxahltUNmLpEsUZcFnyjaTi QqZD9y50ZjSvlYcLVL5pDaLUjX1EcopiCr6JvyeAn7m0Kusy6uCxDmDd0ztMUr30 lH61p0rElXjKrpHL4uOlUMrxMlmKUI/v+uD1xyiV+/wMMcfvG/TR8QhW/P875A/l NksW74TBOvIdVZ4ZM4EuJrJeQ3R7KF4i++apL7fayYJFDl4P8xPfnrYfmNtOp7V8 NoqChs0nX4i2mb3MF6IkPPzqNIKgVcrUhSDJ9xQiiy3UNcS2qUUpX+R7JpJE7dby 3lYJsj9upzS2jWgPKDvGq6hk0VCiczpoeWq10J5SiSNHD2Y0HlAiZdNvlAYdsDKt 8sfYbBfAQy6RlIxUUR8Xi9U7rRi4qJkogHfJULGNCEhQFgQ+974ueOGQ8EuvKrVU MHaQBFVVFvfXiAOqaGwBnwXLxJrGdMBocN33kd9Z14kUjCfHk4RtEnsxpNQmI5lW Wd9elp2RuN4dsXcIHz7WyHweEba7VoRLg9iop2kCAwEAAaOCAg0wggIJMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU61Ic+yOhRMrsH3p6aIOI5QbcFjYwHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wFgYDVR0RBA8wDYILYWxmYWZpbi5vcmcwEwYDVR0gBAww CjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgA7U3d1Pi25gE6L MFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY1c0esZAAAEAwBHMEUCIQCd0PRJxvqF dJd8bdNbZOMeobQXk/DavUJWhLHJFxMlkQIgZ39kGGH2lTd9GTbGwEcQpkrwY4XL +WAdbb5JVUmRO8gAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAA AY1c0es5AAAEAwBHMEUCIHT0rGJ6cFc/KC14+Dh0pCKvO5KgsMyXuFDp9c+Rj3HG AiEAujZeOEwzTwpb74skZQEQaY8jpU//HNvXI7EdTrsdCs0wDQYJKoZIhvcNAQEL BQADggEBAHclYEUb/BLbdlytQFw1NqcKu21WDEnGRxoWLR62ez7uWAtbnUChrZcO UcwHza0EN3g3Kq7+r43nxi3UuWV43Hzz215ntWIOj0oCLpiVKHnLORBFIg5CkVq4 0vnCTij+ms/aowx5FC/6CzEQlF69X5960Sj7Szywcpf7wgY5/suFfnW0XfLKBCtK qtlZzdMjHI+E9ph2AluIvPcOYxrJqbKlP8cgzEsnhUttR8QPDbrphufp0TWUf9GY rKTXH0jahsmApnDDfID520jqRbb9Py4IR1nx4b7OCntB7vqzJAtvP4DlH7+gfyRD 4RJru+Crg/YHhIjTiNrQ0K/IqMJiELs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs5NqpaJWoIfV/fNAivU+ 5b/88F2c8MVzlP1BdT2+a16OtFaqV+8xZLTk0B0CUFfpr7xdf2osnXYy+mqJhQNH 3LB7GgSZ0Gq2QiIZnbNgem7RnvKjBa7a3hk+fVHXyM+znoIdf3Re7vPcjix7nue6 QKQHB6ge4BwGQE0GXWUWnY3i4UxahltUNmLpEsUZcFnyjaTiQqZD9y50ZjSvlYcL VL5pDaLUjX1EcopiCr6JvyeAn7m0Kusy6uCxDmDd0ztMUr30lH61p0rElXjKrpHL 4uOlUMrxMlmKUI/v+uD1xyiV+/wMMcfvG/TR8QhW/P875A/lNksW74TBOvIdVZ4Z M4EuJrJeQ3R7KF4i++apL7fayYJFDl4P8xPfnrYfmNtOp7V8NoqChs0nX4i2mb3M F6IkPPzqNIKgVcrUhSDJ9xQiiy3UNcS2qUUpX+R7JpJE7dby3lYJsj9upzS2jWgP KDvGq6hk0VCiczpoeWq10J5SiSNHD2Y0HlAiZdNvlAYdsDKt8sfYbBfAQy6RlIxU UR8Xi9U7rRi4qJkogHfJULGNCEhQFgQ+974ueOGQ8EuvKrVUMHaQBFVVFvfXiAOq aGwBnwXLxJrGdMBocN33kd9Z14kUjCfHk4RtEnsxpNQmI5lWWd9elp2RuN4dsXcI Hz7WyHweEba7VoRLg9iop2kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 419350885747872729503327629329327084878345 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-30 23:01:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-29 23:01:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alfafin.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 732605535114730359688346331139986291934438873302219338938837352583474598113386774814225931556777759825504028548807021652524628608608748158325068166306870890037795986779083008709920157578606071521458083854470018677725964106515597032728429832138297565444092091616122016438912443249155589226947787809262138497381158023142839249733984075068147753784914679983163740809611238692406245110769596714624602125623596375625846291783506936621951305408175826720635271306515437970050302328786003155337323846730165110827033378111590578330455916965525568905897175993062366693221760246723116744937736362281458980551577890167982001001577467508152647005749512712822590974030013717323609401091895602361403931655724580545594386050642022938120163334937783073395168280180484834544245775171858158527445405109588231207996470151559643910574094365419358147532901489775654270970124532542304594994519449358784663635220255002335292848259634491645337011874691845897044352583156782036377829043040614654569425102150295883734656198243274586238613643178131392049396395274479997803004038741204333545375551775584705764528668909574798309355759727070841762180059163681041170212190728967674920463071349593930160575026672312214624565133606183571153744187125561126122099877737 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eb521cfb23a144caec1f7a7a688388e506dc1636 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alfafin.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d5cd1eb1900000403004730450221009dd0f449c6fa8574977c6dd35b64e31ea1b41793f0dabd425684b1c9171325910220677f641861f695377d1936c6c04710a64af06385cbf9601d6dbe495549913bc8007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d5cd1eb390000040300473045022074f4ac627a70573f282d78f83874a422af3b92a0b0cc97b850e9f5cf918f71c6022100ba365e384c334f0a5bef8b24650110698f23a54fff1cdbd723b11d4ebb1d0acd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00772560451bfc12db765cad405c3536a70abb6d560c49c6471a162d1eb67b3eee580b5b9d40a1ad970e51cc07cdad043778372aaefeaf8de7c62dd4b96578dc7cf3db5e67b5620e8f4a022e98952879cb391045220e42915ab8d2f9c24e28fe9acfdaa30c79142ffa0b3110945ebd5f9f7ad128fb4b3cb07297fbc20639fecb857e75b45df2ca042b4aaad959cdd3231c8f84f69876025b88bcf70e631ac9a9b2a53fc720cc4b27854b6d47c40f0dbae986e7e9d135947fd198aca4d71f48da86c980a670c37c80f9db48ea45b6fd3f2e084759f1e1bece0a7b41eefab3240b6f3f80e51fbfa07f2443e1126bbbe0ab83f6078488d388dad0d0afc8a8c26210bb