fresnostonewall.org
Issued by R3
About this certificate
This digital certificate with serial number 04:02:a6:57:eb:6c:56:65:0f:0b:9b:6a:13:a1:f9:29:18:d9 was issued on by Let's Encrypt.
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=fresnostonewall.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:02:a6:57:eb:6c:56:65:0f:0b:9b:6a:13:a1:f9:29:18:d9Serial Number (int): 349350816812959488371413186404210423961817
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 24:d4:b6:83:c1:be:c6:4a:ab:96:13:a1:42:51:52:b3:b6:86:a7:4b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 4c:f9:30:67:40:4c:9c:4a:cf:71:ee:bc:2b:67:d0:3b:c6:64:c7:2f
Fingerprint (sha256): 8f:52:8c:6a:0e:da:b5:a5:ff:c2:db:ea:76:b6:f2:fa:82:1d:ad:26:6c:79:db:cc:3e:cd:d8:46:34:3a:cb:a0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate fresnostonewall.org
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fresnostonewall.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
empirestateroofing.com
endangerpoaching.com
fresnostonewall.org
in12seconds.com
kdtest.com
maleresorts.com
miamiorlandotours.com
michigancitywaste.com
oceanviewlots.com
stoptherevolution.org
sweetketotreat.com
taxshop.com
topshelfhemp.com
viccouncilelections.com
wabaunseecounty.com
wyomingmortgagelender.com
endangerpoaching.com
fresnostonewall.org
in12seconds.com
kdtest.com
maleresorts.com
miamiorlandotours.com
michigancitywaste.com
oceanviewlots.com
stoptherevolution.org
sweetketotreat.com
taxshop.com
topshelfhemp.com
viccouncilelections.com
wabaunseecounty.com
wyomingmortgagelender.com
Other certificates including the domain name fresnostonewall.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for fresnostonewall.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGKDCCBRCgAwIBAgISBAKmV+tsVmUPC5tqE6H5KRjZMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjYxOTE0MTFaFw0yNDA3MjUxOTE0MTBaMB4xHDAaBgNVBAMT E2ZyZXNub3N0b25ld2FsbC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC6gJn1uQFzm+1QHO7yIDQbjsXSXkZ327Vdk5+Y6P/gDa6hrQdQcRz5GH2f zQ4YI9G3ON3/0ufeDJwpM5nJrv1hIWHJSbk0QjtDiyxLfs/mK4T73dv5wRy2/f5Y 9BCKNVrPP64d4XeIdBtQwFKCoZRg3unAhYVM7dv9mF2lelU0RsDoaeWkTGnr63WR F/OTq1JAe+lh4n24tnEbRCvOO5lFqNpW8u8VQWMV0xe7U484Ue6g/+2BS613ARoI OveUqAU4smfLsD57ti6Nq5fJtr8gaPMoWKAUUHyyaWw1azNPh/0twBDnza4OPAl3 bBM9S+tTX4Zi/CKl3p5YG+ckejvdAgMBAAGjggNKMIIDRjAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFCTUtoPBvsZKq5YToUJRUrO2hqdLMB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMIIBUgYDVR0RBIIBSTCCAUWCFmVtcGlyZXN0YXRlcm9vZmluZy5jb22C FGVuZGFuZ2VycG9hY2hpbmcuY29tghNmcmVzbm9zdG9uZXdhbGwub3Jngg9pbjEy c2Vjb25kcy5jb22CCmtkdGVzdC5jb22CD21hbGVyZXNvcnRzLmNvbYIVbWlhbWlv cmxhbmRvdG91cnMuY29tghVtaWNoaWdhbmNpdHl3YXN0ZS5jb22CEW9jZWFudmll d2xvdHMuY29tghVzdG9wdGhlcmV2b2x1dGlvbi5vcmeCEnN3ZWV0a2V0b3RyZWF0 LmNvbYILdGF4c2hvcC5jb22CEHRvcHNoZWxmaGVtcC5jb22CF3ZpY2NvdW5jaWxl bGVjdGlvbnMuY29tghN3YWJhdW5zZWVjb3VudHkuY29tghl3eW9taW5nbW9ydGdh Z2VsZW5kZXIuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIE AgSB9ASB8QDvAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGP HAtFWwAABAMARzBFAiBZbqPRjmw/B3XaVHeBEGqlYwwWZeRdfVX5BJXAQ5T5dgIh AKOINJJsJqz25zK52o4XKgmesOLZa4um6kEzjjQ4APvrAHUA3+FW66oFr7WcD4Zx jajAMk6uVtlup/WlagHRwTu+UlwAAAGPHAtGMQAABAMARjBEAiBTG1Bhgu7cg5on QiVsYoIdBTlxiZgHVPtfE88/pnxXMwIgQdFZw1SQjsF/9+s2B6MEk5fLCqgG/4F+ Q7gQTfc8CM0wDQYJKoZIhvcNAQELBQADggEBACw1MGrYJyWVyPvfYhYqV5XDtiqk RhvYPgjVEwnnQRkgVlw/eo/LGcf40B036CSM4k/X2TwKKq5p9AuML5JpeWxw5Uid FGPz8H89e/R09bTwS3DROMya3FCIu2ZgImafyGmmhEX8hjX5DaQi6EhVNqQR4KLq YPm8Hlhop1HViPCNAQpIN1nGnEMORiv1BpR0FIa6oL64Mp1kr/CKpatveL3lEqtk A1JtODudKLNkVrQbhTWELInhxzFVczZkegBSmoQTykXnWrJz/77+jWSz1j6BfzSE tJTjqWIeH2FDS2ZbG9FA8DIuQ7yu2JhlXaxwKiualJE46q9zLzonrm/hwV4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoCZ9bkBc5vtUBzu8iA0 G47F0l5Gd9u1XZOfmOj/4A2uoa0HUHEc+Rh9n80OGCPRtzjd/9Ln3gycKTOZya79 YSFhyUm5NEI7Q4ssS37P5iuE+93b+cEctv3+WPQQijVazz+uHeF3iHQbUMBSgqGU YN7pwIWFTO3b/ZhdpXpVNEbA6GnlpExp6+t1kRfzk6tSQHvpYeJ9uLZxG0QrzjuZ RajaVvLvFUFjFdMXu1OPOFHuoP/tgUutdwEaCDr3lKgFOLJny7A+e7YujauXyba/ IGjzKFigFFB8smlsNWszT4f9LcAQ582uDjwJd2wTPUvrU1+GYvwipd6eWBvnJHo7 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 349350816812959488371413186404210423961817 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 19:14:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-25 19:14:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fresnostonewall.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23543740440364095152008602314495554608443947826905894536967071907419763999666438112457708621606529500057463599438844640984343490088590512839299725246359244247007449803375654910149716900487513357471081556920310797659205079406529318408974529309689079559427256408130021450124639291923772008120948910803996382144733541753802122217364389565262566917716946367292374889229188087706159660516219549824611109890926221378517971588727348326255366090349703850870231725716386913356512086855181311807563689628707981085576724854383664335274977284858444844548019087373903133997098730322971220862901915997748891763986757644701107108829 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 24d4b683c1bec64aab9613a1425152b3b686a74b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (329 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'empirestateroofing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'endangerpoaching.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fresnostonewall.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'in12seconds.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kdtest.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maleresorts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'miamiorlandotours.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'michigancitywaste.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oceanviewlots.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stoptherevolution.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sweetketotreat.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'taxshop.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'topshelfhemp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'viccouncilelections.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wabaunseecounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wyomingmortgagelender.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f1c0b455b00000403004730450220596ea3d18e6c3f0775da547781106aa5630c1665e45d7d55f90495c04394f976022100a38834926c26acf6e732b9da8e172a099eb0e2d96b8ba6ea41338e343800fbeb007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f1c0b463100000403004630440220531b506182eedc839a2742256c62821d05397189980754fb5f13cf3fa67c5733022041d159c354908ec17ff7eb3607a3049397cb0aa806ff817e43b8104df73c08cd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002c35306ad8272595c8fbdf62162a5795c3b62aa4461bd83e08d51309e7411920565c3f7a8fcb19c7f8d01d37e8248ce24fd7d93c0a2aae69f40b8c2f9269796c70e5489d1463f3f07f3d7bf474f5b4f04b70d138cc9adc5088bb666022669fc869a68445fc8635f90da422e8485536a411e0a2ea60f9bc1e5868a751d588f08d010a483759c69c430e462bf50694741486baa0beb8329d64aff08aa5ab6f78bde512ab6403526d383b9d28b36456b41b8535842c89e1c731557336647a00529a8413ca45e75ab273ffbefe8d64b3d63e817f3484b494e3a9621e1f61434b665b1bd140f0322e43bcaed898655dac702a2b9a949138eaaf732f3a27ae6fe1c15e