askchattanooga.org
Issued by R3
About this certificate
This digital certificate with serial number 03:47:2e:7b:a7:6a:9c:8d:ab:3f:f8:91:98:7e:3f:63:92:30 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=askchattanooga.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:47:2e:7b:a7:6a:9c:8d:ab:3f:f8:91:98:7e:3f:63:92:30Serial Number (int): 285558692382596116724841580800830301508144
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 81:b3:5d:f6:bc:14:f5:fc:04:26:1a:b4:c2:9b:f7:33:e1:09:18:69
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 63:32:fa:96:bc:d5:8f:9e:ae:8f:66:7c:65:ce:9f:e8:51:2d:06:3e
Fingerprint (sha256): 9a:aa:62:e7:af:9b:0b:c4:eb:5d:64:1d:66:23:fe:9b:64:01:ae:27:10:93:c1:bc:14:39:9a:7c:0e:10:a9:ff
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate askchattanooga.org
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for askchattanooga.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
askchattanooga.org
corpuschristichristianschools.com
musicmagazine.in
rxpetsnax.com
rxsugarisfoodasmedicine.com
sledads.com
corpuschristichristianschools.com
musicmagazine.in
rxpetsnax.com
rxsugarisfoodasmedicine.com
sledads.com
Other certificates including the domain name askchattanooga.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for askchattanooga.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgISA0cue6dqnI2rP/iRmH4/Y5IwMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDMxNDQ2MjFaFw0yNDA3MDIxNDQ2MjBaMB0xGzAZBgNVBAMT EmFza2NoYXR0YW5vb2dhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwjO0OFUa+LdJTinvPYgtvYwyl5DkJrMSSxQ/HGnF0lAhGl6H+MC+YNBNM6 LnBCEG5csNDVSRYzsKD7kpBHS9sXZ1ZWbzmWV+gVQ5iIWCj2B8aMTTNiIu1LJhcq Dh8D650fnbNM/OKAsPd9IDV6Dc7CDbyTgxRbnmuOZzoHP/NDCKXZswvOVjLQRw+2 pter5Dax0fchdhvdT0nmE7zSOA/G5Lp1g1Xxorw3shygTXFsptdzqm8yCEpaUVZP h3xN7gRgeNoXM555Gp60Xj3cUZTeaOrAW9r0D436QOXOTI6OptmAn/NKwMfCdt++ rK+iJubVGKWtr46gZMWCWszkiHkCAwEAAaOCAoUwggKBMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUgbNd9rwU9fwEJhq0wpv3M+EJGGkwHwYDVR0jBBgwFoAUFC6zF7dY VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy Lm9yZy8wgY0GA1UdEQSBhTCBgoISYXNrY2hhdHRhbm9vZ2Eub3JngiFjb3JwdXNj aHJpc3RpY2hyaXN0aWFuc2Nob29scy5jb22CEG11c2ljbWFnYXppbmUuaW6CDXJ4 cGV0c25heC5jb22CG3J4c3VnYXJpc2Zvb2Rhc21lZGljaW5lLmNvbYILc2xlZGFk cy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAY6ko8yZAAAE AwBHMEUCIQCnvXehlHcKsRaGJUNuGXSCfKcKHNEZyZ6/0Zvk5ZsPbwIgYUImrZlU PGIwT88zdSmaJWTDPwrNzjfCWEkY783PVeYAdgDf4VbrqgWvtZwPhnGNqMAyTq5W 2W6n9aVqAdHBO75SXAAAAY6ko81dAAAEAwBHMEUCIEUZtE8sZX9M814G309VXKSx 6sosBJ626rvvZhcL2EPdAiEAiyKoe1lRz3rLmdvmm85Pc6mnF96BIZ/tKT5XAWaN Jn4wDQYJKoZIhvcNAQELBQADggEBAKvC1+En4xFuq0v4LDpcFETUHi6A8dETRhhb QF6wO6h+Rb2NZmDPxwc8OrSZzVoJFFPqWxQGII1z5tIF5WNpFrLr74UZxfP/wSTC Xzp3RCUqpGXbiKPqo/VGGq5BgHnMKsZ12qGsnZbWGeG23LIpOOPl652gF7PmgvIk fDFarbQokXVyASv05Euz+vJlEPYMWtpIm3yDK93Z/OFk9kdUcgABKWe31TIDbhaj Z/9REDj7rlGQ3NRKNEkogRVn7reS9dksjwqHAN0SZ3WpKpzoqPBMqyvETMKoLwBb jeqvq6A0NHtAcMydx8DLOeUiwUmBBELe3FHc1Om4XqjPqrbOjPI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCM7Q4VRr4t0lOKe89iC 29jDKXkOQmsxJLFD8cacXSUCEaXof4wL5g0E0zoucEIQblyw0NVJFjOwoPuSkEdL 2xdnVlZvOZZX6BVDmIhYKPYHxoxNM2Ii7UsmFyoOHwPrnR+ds0z84oCw930gNXoN zsINvJODFFuea45nOgc/80MIpdmzC85WMtBHD7am16vkNrHR9yF2G91PSeYTvNI4 D8bkunWDVfGivDeyHKBNcWym13OqbzIISlpRVk+HfE3uBGB42hcznnkanrRePdxR lN5o6sBb2vQPjfpA5c5Mjo6m2YCf80rAx8J2376sr6Im5tUYpa2vjqBkxYJazOSI eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 285558692382596116724841580800830301508144 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 14:46:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 14:46:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'askchattanooga.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23750174633305076031693441861380019187735111497909106372959738088370124019477121727161111506709947275765212759686097239199341068465910648135378191403202971313170121810452262446891113252354121136578417744450779690309249041665759512200675341372825690887070899780102938885590327642017355044443817690180712010172195419633977047281635257508624720413825804352843418647355525745123664437414637495118303134614667803908795401829915798530612823444306179094067789864941702883007832401311281145213500366624274749764623610761080955060630482727214856514082249646801754808402029246670068166028453361712906822483143162520124709439609 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 81b35df6bc14f5fc04261ab4c29bf733e1091869 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'askchattanooga.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpuschristichristianschools.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'musicmagazine.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rxpetsnax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rxsugarisfoodasmedicine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sledads.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ea4a3cc990000040300473045022100a7bd77a194770ab1168625436e1974827ca70a1cd119c99ebfd19be4e59b0f6f0220614226ad99543c62304fcf3375299a2564c33f0acdce37c2584918efcdcf55e6007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ea4a3cd5d000004030047304502204519b44f2c657f4cf35e06df4f555ca4b1eaca2c049eb6eabbef66170bd843dd0221008b22a87b5951cf7acb99dbe69bce4f73a9a717de81219fed293e5701668d267e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00abc2d7e127e3116eab4bf82c3a5c1444d41e2e80f1d11346185b405eb03ba87e45bd8d6660cfc7073c3ab499cd5a091453ea5b1406208d73e6d205e5636916b2ebef8519c5f3ffc124c25f3a7744252aa465db88a3eaa3f5461aae418079cc2ac675daa1ac9d96d619e1b6dcb22938e3e5eb9da017b3e682f2247c315aadb428917572012bf4e44bb3faf26510f60c5ada489b7c832bddd9fce164f647547200012967b7d532036e16a367ff511038fbae5190dcd44a344928811567eeb792f5d92c8f0a8700dd126775a92a9ce8a8f04cab2bc44cc2a82f005b8deaafaba034347b4070cc9dc7c0cb39e522c149810442dedc51dcd4e9b85ea8cfaab6ce8cf2