sfi.fr
Issued by R3
About this certificate
This digital certificate with serial number 04:b3:da:79:58:db:cc:00:9e:57:ca:cc:5b:3b:72:16:d5:85 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=sfi.fr
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:b3:da:79:58:db:cc:00:9e:57:ca:cc:5b:3b:72:16:d5:85Serial Number (int): 409650089179156114322603560686996663227781
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: f5:a6:cc:bc:14:f5:56:5e:65:dd:19:47:65:a1:38:fb:88:6c:91:1f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 65:cc:d7:3b:7d:fc:54:28:02:39:e9:15:3a:db:04:06:22:c5:e4:08
Fingerprint (sha256): 8d:f3:ea:c3:5d:cc:00:d1:f7:99:bb:1e:6c:1a:2f:8b:24:4d:77:38:79:71:7d:56:72:eb:ca:7d:16:32:bc:93
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate sfi.fr
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sfi.fr
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sfi.fr
www.sfi.fr
www.sfi.fr
Other certificates including the domain name sfi.fr
(limited to 100 certificates)
sfi.fr
crm.sfi.fr
crm.sfi.fr
jobs.sfi.fr
cdn.sfi.fr
sfi.fr
jobs.sfi.fr
sfi.fr
sfi.fr
sfi.fr
sfi.fr
crm.sfi.fr
sfi.fr
sfi.fr
cdn.sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
jobs.sfi.fr
sfi.fr
cdn.sfi.fr
sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
sfi.fr
sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
sfi.fr
cdn.sfi.fr
jobs.sfi.fr
jobs.sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
jobs.sfi.fr
cdn.sfi.fr
sfi.fr
jobs.sfi.fr
sfi.fr
sfi.fr
sfi.fr
sfi.fr
crm.sfi.fr
sfi.fr
sfi.fr
cdn.sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
jobs.sfi.fr
sfi.fr
cdn.sfi.fr
sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
sfi.fr
sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
sfi.fr
cdn.sfi.fr
jobs.sfi.fr
jobs.sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
jobs.sfi.fr
sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
crm.sfi.fr
Certificate
The complete raw certificate details for sfi.fr in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgISBLPaeVjbzACeV8rMWztyFtWFMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDgxMjMwMTRaFw0yNDA3MDcxMjMwMTNaMBExDzANBgNVBAMT BnNmaS5mcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQEYs/R/t/b o1qgLEff8KcTKEHT07F4Sw2axAyQSaV/9CoAG49ox9a/Ao8kVUf+aoOcRvLkJJPH Rv7Sf/Ta5XMHxjq5UoQ/2M6+PjcH2kyjQ017et3/xUeVpQSZDNRMFc+bmA0D5QUr NJl/dn23873JzF6juw20AKVl8KhcR6y5mqiECJ97xy0eL/S9nb+14ck6HTMPWqOu CH52kgQImEdoYqSbzkxWdFBoB17B1iJBiWSVcLwPCJ+xYtWBGz1Zo9YhC+Ycm+5e 3LgPzXS8Ie3CKfHPv9C+5TCUkE9obv66nPbECgc3kMeBMWKvdxYfGlVZKeeBMEGE 0BRPPgpiZd0CAwEAAaOCAhQwggIQMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU9abM vBT1Vl5l3RlHZaE4+4hskR8wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHQYDVR0R BBYwFIIGc2ZpLmZyggp3d3cuc2ZpLmZyMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrr wb8ohez4ZG4AAAGOveb3pwAABAMARjBEAiAE/TWwBH7WEicJRccYw5hH+jRhUiGQ AEsA2/4yY3H60gIgbl9g8Qse775Umj5PWQd58z/uZIFGkxpImtDKE/t4avcAdwDf 4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAY695vhkAAAEAwBIMEYC IQDiYVS/KbBrRsl02VgsrJbEyQIGzCZ35gygT/n8FSosBwIhAMgA0iRi/RgVZqM1 jfBsPLK7iZJM4cROsaVifPQlTUL2MA0GCSqGSIb3DQEBCwUAA4IBAQCPs23PBV34 S0hsz6kHfNqNEThm0mc9hX8mqdIQVupnj2Z/VNqZ/zRicASW0yhy016szccLMEp9 ieWMhE/gISw7n3e7auHriZc9f2aEcz6Jr2luw4+egFqhUgAV2e+p46d+OtE6T4ym NSWYNkB+qo2zlNhJ+cwBp8Jo3LMgZT8hzhTmZKro8tnzTTINRG/29ujzrvD85l8j h0x/5ynxAbBelbj9D28wRKlHdt+enUf3cQBRI+oqbTBR7pOrgLkY5eg2Ca5euLVi M79zeDrvO4Fc2hFslTKQSkd5Hq/fwbFepSOXJKMK47cyI4yJD5tvj5jj7iRMzIvc 9pNdTMjzoi3g -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ARiz9H+39ujWqAsR9/w pxMoQdPTsXhLDZrEDJBJpX/0KgAbj2jH1r8CjyRVR/5qg5xG8uQkk8dG/tJ/9Nrl cwfGOrlShD/Yzr4+NwfaTKNDTXt63f/FR5WlBJkM1EwVz5uYDQPlBSs0mX92fbfz vcnMXqO7DbQApWXwqFxHrLmaqIQIn3vHLR4v9L2dv7XhyTodMw9ao64IfnaSBAiY R2hipJvOTFZ0UGgHXsHWIkGJZJVwvA8In7Fi1YEbPVmj1iEL5hyb7l7cuA/NdLwh 7cIp8c+/0L7lMJSQT2hu/rqc9sQKBzeQx4ExYq93Fh8aVVkp54EwQYTQFE8+CmJl 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 409650089179156114322603560686996663227781 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-08 12:30:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-07 12:30:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sfi.fr' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26764683461919708452186722696103533954251805474346898811110279550323188196037117214767791338644884308554127296817134498880495744276087846436310011154065418064715316174316510248998658153377029703636590073034034919788928201168958817118234684989216360035668463934296462615772242643772142984981782815208180143222350996348869236211696159400433696552349672909188968639169247936960587138468654597798413838863043205639892829512116234604730785238899305139623374725786613989552335549617093072936320203655258055423925419261401511485475130988046563046650664411626334711604247000615394617360494123989805711254648992144336709903837 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f5a6ccbc14f5565e65dd194765a138fb886c911f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sfi.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sfi.fr' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ebde6f7a70000040300463044022004fd35b0047ed612270945c718c39847fa3461522190004b00dbfe326371fad202206e5f60f10b1eefbe549a3e4f590779f33fee648146931a489ad0ca13fb786af7007700dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ebde6f8640000040300483046022100e26154bf29b06b46c974d9582cac96c4c90206cc2677e60ca04ff9fc152a2c07022100c800d22462fd181566a3358df06c3cb2bb89924ce1c44eb1a5627cf4254d42f6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008fb36dcf055df84b486ccfa9077cda8d113866d2673d857f26a9d21056ea678f667f54da99ff3462700496d32872d35eaccdc70b304a7d89e58c844fe0212c3b9f77bb6ae1eb89973d7f6684733e89af696ec38f9e805aa1520015d9efa9e3a77e3ad13a4f8ca635259836407eaa8db394d849f9cc01a7c268dcb320653f21ce14e664aae8f2d9f34d320d446ff6f6e8f3aef0fce65f23874c7fe729f101b05e95b8fd0f6f3044a94776df9e9d47f771005123ea2a6d3051ee93ab80b918e5e83609ae5eb8b56233bf73783aef3b815cda116c9532904a47791eafdfc1b15ea5239724a30ae3b732238c890f9b6f8f98e3ee244ccc8bdcf6935d4cc8f3a22de0