education.positivepractices.com
Issued by R3
About this certificate
This digital certificate with serial number 03:9f:1c:bb:0d:64:81:27:0e:e4:a8:b4:82:34:12:d5:e2:0a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=education.positivepractices.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:9f:1c:bb:0d:64:81:27:0e:e4:a8:b4:82:34:12:d5:e2:0aSerial Number (int): 315479943750738591171359315538257674363402
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 35:04:5a:cf:65:9c:13:48:15:5a:7a:fe:00:9d:fc:dd:52:ca:f1:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 9e:fe:46:15:10:58:29:fb:a8:3a:65:d5:6b:a3:cd:fa:ea:b3:fc:79
Fingerprint (sha256): 87:e1:44:97:c3:dc:b9:33:b5:5a:d7:22:fd:2f:c9:d4:64:48:65:42:e9:cb:4f:3b:19:08:c4:33:51:72:8d:cf
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate education.positivepractices.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for education.positivepractices.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
education.positivepractices.com
www.education.positivepractices.com
www.education.positivepractices.com
Other certificates including the domain name positivepractices.com
(limited to 100 certificates)
positivepractices.com
positivepractices.com
human-rights.positivepractices.com
education.positivepractices.com
data.positivepractices.com
civil-rights.positivepractices.com
data.positivepractices.com
education.positivepractices.com
education.positivepractices.com
positivepractices.com
www.positivepractices.com
ald4all.positivepractices.com
equity.positivepractices.com
education.positivepractices.com
positivepractices.com
ald4all.positivepractices.com
nmevaluators.positivepractices.com
education.positivepractices.com
positivepractices.com
education.positivepractices.com
data.positivepractices.com
dreamtasker.on-rev.com
www.tlc.positivepractices.com
nmcpp.com
positivepractices.com
www.ald4all.positivepractices.com
www.positivepractices.com
data.positivepractices.com
equity.positivepractices.com
positivepractices.com
data.positivepractices.com
positivepractices.com
data.positivepractices.com
nativenews.dreamtasker.on-rev.com
lwe.positivepractices.com
data.positivepractices.com
ald4all.org
equity.positivepractices.com
ald4all.positivepractices.com
civil-rights.positivepractices.com
positivepractices.com
positivepractices.com
positivepractices.com
human-rights.positivepractices.com
education.positivepractices.com
data.positivepractices.com
civil-rights.positivepractices.com
data.positivepractices.com
education.positivepractices.com
education.positivepractices.com
positivepractices.com
www.positivepractices.com
ald4all.positivepractices.com
equity.positivepractices.com
education.positivepractices.com
positivepractices.com
ald4all.positivepractices.com
nmevaluators.positivepractices.com
education.positivepractices.com
positivepractices.com
education.positivepractices.com
data.positivepractices.com
dreamtasker.on-rev.com
www.tlc.positivepractices.com
nmcpp.com
positivepractices.com
www.ald4all.positivepractices.com
www.positivepractices.com
data.positivepractices.com
equity.positivepractices.com
positivepractices.com
data.positivepractices.com
positivepractices.com
data.positivepractices.com
nativenews.dreamtasker.on-rev.com
lwe.positivepractices.com
data.positivepractices.com
ald4all.org
equity.positivepractices.com
ald4all.positivepractices.com
civil-rights.positivepractices.com
positivepractices.com
positivepractices.com
Certificate
The complete raw certificate details for education.positivepractices.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISA58cuw1kgScO5Ki0gjQS1eIKMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MjQxMTUyMjlaFw0yNDA4MjIxMTUyMjhaMCoxKDAmBgNVBAMT H2VkdWNhdGlvbi5wb3NpdGl2ZXByYWN0aWNlcy5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDErBzKTWP5RIx+PBc+hZbg/s60oUdqvJy3kvqjhRB/ x1JwlM7tauYvMNYX0MU93jQsTsyhwaYUVwKueA3B6+0nmWS895icECWxR65UQ7Cx hCndDcYQEhSauAOjhGDtFPZbJtD1mr9sMJbGOAQB0or87cwZmaKUSo97swlxdipX VCIcg/q1jkxDR5czzkDVc6SmkKz8gLshOOdc0AAg0A43Gie/Ihwa75+fA82iMklk wmawx6OnIasAvq7gUkAHzVC2Axm48kelQMnxQlrYbxYGOV1YHIovbchcqKJuDiPA wr8tFrz8ug711rzMx8rr/CElL7NiJqQhihWP/vX0aixRAgMBAAGjggJGMIICQjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFDUEWs9lnBNIFVp6/gCd/N1SyvEXMB8GA1Ud IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw Oi8vcjMuaS5sZW5jci5vcmcvME8GA1UdEQRIMEaCH2VkdWNhdGlvbi5wb3NpdGl2 ZXByYWN0aWNlcy5jb22CI3d3dy5lZHVjYXRpb24ucG9zaXRpdmVwcmFjdGljZXMu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHcAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPqqjw4wAABAMA SDBGAiEA2nW+t7Ik23DDUTWfz4/Ty3IeHTTMpnDfYOk9KOECVpECIQCJ9PtA++jF IwFzCtyROMV3XTurHX08XiNOJ1/YTHQDeAB1ABmYEHEJ8NZSLjCA0p4/ZLuDbijM +Q9Sju7fzko/FrTKAAABj6qo8OkAAAQDAEYwRAIgW5s/+iAlVswK921ZIPLHoyzb lBzS8I18dR7/WKAADgcCICW8vpkc7oc568ljAxbkDTFZxd768jBXNJP1K30QcH1V MA0GCSqGSIb3DQEBCwUAA4IBAQBvd4JKs4INZjHZYaK4fWPxMUdxTY8d8+IAV/Vu aD2k0VnWf3if+8B0DXGD08aPZwCC4lJqEjaIFx0hukMaVXztmDGA4H1z6sXbSmuD VtK0UHiOBwwuCWl5G+/KEqGMgEPg8ENDZSd5eeThrcjI7JLP48b9gHX8mj1pk53l WsLcSe07m15bEqjbEu/Y4HVx8m7ROTcfug2IOqBCOh3wDHB2ZKg37QgMVqtNTnZ/ sTMPqcNKw6R26qIfDgX2lhjbUrOFxR+YD3WmJaKi5eaVkKagQB1gFZHNU4xsoj7e y2i3VWMFMZ17A98bggiFZp9u9YK1/JZg/Xn6JPRSS3oZ9OSR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKwcyk1j+USMfjwXPoWW 4P7OtKFHaryct5L6o4UQf8dScJTO7WrmLzDWF9DFPd40LE7MocGmFFcCrngNwevt J5lkvPeYnBAlsUeuVEOwsYQp3Q3GEBIUmrgDo4Rg7RT2WybQ9Zq/bDCWxjgEAdKK /O3MGZmilEqPe7MJcXYqV1QiHIP6tY5MQ0eXM85A1XOkppCs/IC7ITjnXNAAINAO NxonvyIcGu+fnwPNojJJZMJmsMejpyGrAL6u4FJAB81QtgMZuPJHpUDJ8UJa2G8W BjldWByKL23IXKiibg4jwMK/LRa8/LoO9da8zMfK6/whJS+zYiakIYoVj/719Gos UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 315479943750738591171359315538257674363402 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-24 11:52:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-22 11:52:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'education.positivepractices.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24827579591520556044337421494269412254922438694977141804193948608052681424299788686716330100677936984007073438461222667057666003477394306605493670308458420573815950002820658832932979196898821766451982227188348856230207007221442393823252457898282767400756971204479049655982984357720456992192476928483827396629878032739330874087735941073445751684789580887797650325306190262373096626360802467816562616941175281540173569748293765446424223168767943021933644137115291143052460778793738576894530921562312873015520934514080920555390097935356515403290909240452367446590301107184922586592338361409098044057213090717175565134929 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 35045acf659c1348155a7afe009dfcdd52caf117 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'education.positivepractices.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.education.positivepractices.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018faaa8f0e30000040300483046022100da75beb7b224db70c351359fcf8fd3cb721e1d34cca670df60e93d28e102569102210089f4fb40fbe8c52301730adc9138c5775d3bab1d7d3c5e234e275fd84c7403780075001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018faaa8f0e9000004030046304402205b9b3ffa202556cc0af76d5920f2c7a32cdb941cd2f08d7c751eff58a0000e07022025bcbe991cee8739ebc9630316e40d3159c5defaf230573493f52b7d10707d55 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006f77824ab3820d6631d961a2b87d63f13147714d8f1df3e20057f56e683da4d159d67f789ffbc0740d7183d3c68f670082e2526a123688171d21ba431a557ced983180e07d73eac5db4a6b8356d2b450788e070c2e0969791befca12a18c8043e0f0434365277979e4e1adc8c8ec92cfe3c6fd8075fc9a3d69939de55ac2dc49ed3b9b5e5b12a8db12efd8e07571f26ed139371fba0d883aa0423a1df00c707664a837ed080c56ab4d4e767fb1330fa9c34ac3a476eaa21f0e05f69618db52b385c51f980f75a625a2a2e5e69590a6a0401d601591cd538c6ca23edecb68b7556305319d7b03df1b820885669f6ef582b5fc9660fd79fa24f4524b7a19f4e491