upstreamcollaborative.org
Issued by R3
About this certificate
This digital certificate with serial number 03:36:91:48:45:22:1e:01:f5:bb:5d:e4:5c:4b:a6:10:75:29 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=upstreamcollaborative.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:36:91:48:45:22:1e:01:f5:bb:5d:e4:5c:4b:a6:10:75:29Serial Number (int): 279905218915963351373161035304488534045993
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 43:16:f9:71:c7:8b:67:b6:94:94:3d:9e:52:f3:8c:bf:10:17:fc:ec
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 86:fd:b2:6a:d3:6d:50:7e:be:31:93:d3:96:a4:9a:04:32:41:cc:a4
Fingerprint (sha256): 87:69:73:02:84:08:33:d2:30:68:21:c8:8f:30:a6:41:04:8e:24:0c:9d:56:c6:6c:d1:d4:6a:e2:19:29:c6:f0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate upstreamcollaborative.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for upstreamcollaborative.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.upstreamcollaborative.org
upstreamcollaborative.org
upstreamcollaborative.org
Other certificates including the domain name upstreamcollaborative.org
(limited to 100 certificates)
admin.canoncityschools.org
www.newtownhighschool.org
aceroschools.org
admin.comptoncreekmad.org
admin.kimmel.aasdcat.com
admin.rvs.monroe.k12.tn.us
admin.gordonsville.smithcoedu.com
aceroschools.org
145innovators.com
acrma8.org
www.kingcollegeprep.org
admin.avant.k12.ok.us
admin.gordonsvillehigh.smithcoedu.com
upstreamcollaborative.org
spectrum.canoncityschools.org
www.upstreamcollaborative.org
admin.veritasca.org
aceroschools.org
admin.newmiddleton.smithcoedu.com
aceroschools.org
www.canoncityschools.org
145innovators.com
www.okolona.k12.ms.us
admin.upstreamcollaborative.org
acrma8.org
www.ivyhigh.org
sac.gcsd.ms
www.grovetonisd.net
ewcc.taylorisd.org
admin.portrichmondhs.org
upstreamcollaborative.org
admin.eaton-academy.com
145innovators.com
acrma8.org
www.cri.edu.mx
www.dormanhigh.org
www.upstreamcollaborative.org
acrma8.org
145innovators.com
145lions.com
admin.mnths.manorisd.net
wms.csisd.org
aahs.aasdcat.com
acrma8.org
admin.shs.monroe.k12.tn.us
acrma8.org
www.grandville.k12.mi.us
www.newtownhighschool.org
aceroschools.org
admin.comptoncreekmad.org
admin.kimmel.aasdcat.com
admin.rvs.monroe.k12.tn.us
admin.gordonsville.smithcoedu.com
aceroschools.org
145innovators.com
acrma8.org
www.kingcollegeprep.org
admin.avant.k12.ok.us
admin.gordonsvillehigh.smithcoedu.com
upstreamcollaborative.org
spectrum.canoncityschools.org
www.upstreamcollaborative.org
admin.veritasca.org
aceroschools.org
admin.newmiddleton.smithcoedu.com
aceroschools.org
www.canoncityschools.org
145innovators.com
www.okolona.k12.ms.us
admin.upstreamcollaborative.org
acrma8.org
www.ivyhigh.org
sac.gcsd.ms
www.grovetonisd.net
ewcc.taylorisd.org
admin.portrichmondhs.org
upstreamcollaborative.org
admin.eaton-academy.com
145innovators.com
acrma8.org
www.cri.edu.mx
www.dormanhigh.org
www.upstreamcollaborative.org
acrma8.org
145innovators.com
145lions.com
admin.mnths.manorisd.net
wms.csisd.org
aahs.aasdcat.com
acrma8.org
admin.shs.monroe.k12.tn.us
acrma8.org
www.grandville.k12.mi.us
Certificate
The complete raw certificate details for upstreamcollaborative.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAzaRSEUiHgH1u13kXEumEHUpMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjgxMzQ1MDJaFw0yNDAzMjcxMzQ1MDFaMCQxIjAgBgNVBAMT GXVwc3RyZWFtY29sbGFib3JhdGl2ZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOb49SXaZe9RscSLV8JNE1zi3+IaOIL/WOnTParblt93nMnRsW DzqQmcDJdUUb81XfRmr8YK1K3Y0FRWk7sTcMuMvDG78eVBVZM50+wz/ssRBrCZ4a 1sjwhUWO83eCYDQ3ZHq4q4iNioc9GPG5I9ZCC9u4V5ZggdPVxIWoOXHkqojYfHEx 70f4LL9iSoN4Fgvow9jN6OeMxZ3Mj1Z/IDEhnh3nhPqvJf1kd93iPdI6cRlecgP2 acYyHDUxfps3xdMsTx/iIQW8OCqaCb5zA8sRO0y40wUh0CbeyAy7cCQ0bQ1lXvei uJr+2yQRWTyAPsqkW5NYaQr3TtsvHXQ15DntAgMBAAGjggI5MIICNTAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFEMW+XHHi2e2lJQ9nlLzjL8QF/zsMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMEEGA1UdEQQ6MDiCGyoudXBzdHJlYW1jb2xsYWJvcmF0aXZl Lm9yZ4IZdXBzdHJlYW1jb2xsYWJvcmF0aXZlLm9yZzATBgNVHSAEDDAKMAgGBmeB DAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ADtTd3U+LbmAToswWwb+QDtn 2E/D9Me9AA0tcm/h+tQXAAABjLDiygsAAAQDAEcwRQIhAJxNQZtjlAtB70iJT+zs mgVsDgCQOAUAAVa2D+YtTfreAiAj+9qJmLl7BhkykC1zgaFdWHKkB/h8gQzattER /CH9ZwB3AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjLDiytwA AAQDAEgwRgIhALsY3Y7ZotShxnQRsG4W+Y+i3C5bVoQ9fPOhJCu9/0sbAiEAkrVb C4J30OEdFToNEqLhFT+AWdBHkkun/qYhhTxxgL0wDQYJKoZIhvcNAQELBQADggEB AK2e7Z31B3o0IrJuBEn9vLCRQlb6DiPDhQEt2fT1WIgveS7uCQ/9xu8SFZ5HVEge BtYhXc/XQ48UvONeTXsWFM8DK6+EZXWagnwTISn5JdgLEJCPvhMGOu1AGuGVLqMO HsSr4lVp5vicUcoCRLFKfgC29/3S9emHGVpoKfAPJZ+Vrx6Z9ug9/K+MugqJioBB cNkfsJuoGF7yCotuAGHJ5NcFTEDSAff1mHywOI6gO2COhYPXJJIWjiltkbFNmf0T lUBZA9iZdK1kpcvQSmMMnxRd/154cSKNfnIu1rTcp6sEU0BtTdi/uiqT4INLMvzj EaoTuAOuu8U5jPXZKtx+gE0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm+PUl2mXvUbHEi1fCTR Nc4t/iGjiC/1jp0z2q25bfd5zJ0bFg86kJnAyXVFG/NV30Zq/GCtSt2NBUVpO7E3 DLjLwxu/HlQVWTOdPsM/7LEQawmeGtbI8IVFjvN3gmA0N2R6uKuIjYqHPRjxuSPW QgvbuFeWYIHT1cSFqDlx5KqI2HxxMe9H+Cy/YkqDeBYL6MPYzejnjMWdzI9WfyAx IZ4d54T6ryX9ZHfd4j3SOnEZXnID9mnGMhw1MX6bN8XTLE8f4iEFvDgqmgm+cwPL ETtMuNMFIdAm3sgMu3AkNG0NZV73oria/tskEVk8gD7KpFuTWGkK907bLx10NeQ5 7QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 279905218915963351373161035304488534045993 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-28 13:45:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 13:45:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'upstreamcollaborative.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26060103035648842000035522844346140856058442866512639208894176366511829227348300594717650998103295861843200628993492468574987742211882930245622118438003075915487667992721936323725115454439206361774134945859199100664947183176384658294462895499038468218005199374466126044203547679711250118694413058589446312499980447079063654693654543723514929261485448125620158772236520722264746269430986949685459465413244589075968487117773522165323923527922461327046939280173845970098916363361852907871581252142085304992860032103316168840812101530655302169939166406495453801413077046797401517075540377909721613102506110924477419502061 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4316f971c78b67b694943d9e52f38cbf1017fcec . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.upstreamcollaborative.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'upstreamcollaborative.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cb0e2ca0b00000403004730450221009c4d419b63940b41ef48894fecec9a056c0e00903805000156b60fe62d4dfade022023fbda8998b97b061932902d7381a15d5872a407f87c810cdab6d111fc21fd6700770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cb0e2cadc0000040300483046022100bb18dd8ed9a2d4a1c67411b06e16f98fa2dc2e5b56843d7cf3a1242bbdff4b1b02210092b55b0b8277d0e11d153a0d12a2e1153f8059d047924ba7fea621853c7180bd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ad9eed9df5077a3422b26e0449fdbcb0914256fa0e23c385012dd9f4f558882f792eee090ffdc6ef12159e4754481e06d6215dcfd7438f14bce35e4d7b1614cf032baf8465759a827c132129f925d80b10908fbe13063aed401ae1952ea30e1ec4abe25569e6f89c51ca0244b14a7e00b6f7fdd2f5e987195a6829f00f259f95af1e99f6e83dfcaf8cba0a898a804170d91fb09ba8185ef20a8b6e0061c9e4d7054c40d201f7f5987cb0388ea03b608e8583d72492168e296d91b14d99fd1395405903d89974ad64a5cbd04a630c9f145dff5e7871228d7e722ed6b4dca7ab0453406d4dd8bfba2a93e0834b32fce311aa13b803aebbc5398cf5d92adc7e804d