agefa.org

Issued by R3

About this certificate

This digital certificate with serial number 03:97:12:c1:63:7f:3c:e3:15:86:be:22:54:36:d9:8e:da:fc was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=agefa.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:97:12:c1:63:7f:3c:e3:15:86:be:22:54:36:d9:8e:da:fc
Serial Number (int): 312744425435599644659518375664526275042044
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: f0:9f:55:d3:a7:76:72:32:0d:96:7e:9c:ea:7c:d9:f7:e8:92:19:65
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): a5:f1:73:9b:66:7b:42:e3:b6:40:e7:42:79:a4:f4:30:82:be:b4:17
Fingerprint (sha256): a7:4b:dd:f7:4c:68:33:de:b5:8a:2c:76:46:66:a6:b5:5c:ea:c9:3a:8d:3d:1f:5d:5b:65:26:10:57:14:cc:ea

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate agefa.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for agefa.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

agefa.org
www.agefa.org

Other certificates including the domain name agefa.org

(limited to 100 certificates)
agefa.org
www.agefa.org
www.agefa.org
www.agefa.org
www.agefa.org
*.agefa.org
www.agefa.org
agefa.org
www.agefa.org
*.agefa.org
*.agefa.org
agefa.org

Certificate

The complete raw certificate details for agefa.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISA5cSwWN/POMVhr4iVDbZjtr8MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMDgxNTQ1MTBaFw0yNDAyMDYxNTQ1MDlaMBQxEjAQBgNVBAMT
CWFnZWZhLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMHSmcC7
YgZU/JrXV1YVVL1VbnZTUtXQdQsaxI37a2bhV5y0SLQpCpch2MDa8JW8z8KIhH8I
m/CHG6yYRXRxjev1TKehwCjhwfufPw99+QeEgKJk/lCpN2BJ3TaF5Yvwqfrv2JCg
JTx4t+oE6WvtMqh99vQJtQihih1dNZgdoNF4Qa1MOGlCwK3KHb+KFvNUl84PvnjQ
CMmosRJ9Q7PGc0ZufYsQkmqa7rP/VfKs5R7gDp8j0cwBp6r8zjDcYS7EigXLM5nQ
vUVqwcKW4U5EMwUu9lZsMgy+gEpiCHRt3r20fqs2QRZ3po6mDJDYdOybpk60PT1K
rnmdz94/KBemYsETtnICsJWNeqSXcHg+dt4D21SauYbsqK2oMbTpsGvEQFA0PnfJ
7lmG+zByTlz2LMes9wdPRNtEGptFHUYnGtqqKRYiGIxbhKL7cCihASuKGt5AwVcj
WCKqwfzPuALFDaeCyWVr7xcJxMKy7Ckr8tz1bZE1WfObzWuiYmHMpqPiU0b7ALfw
XxhYhZOxsz1eHAhzjZepu1x6GH3QOD7ncH7xTysXInrAA3Ep5V8CSzCnM7A1iYYi
jnruw7rXXRV/QjYGkJX8M994ko7BToIuBTHEU2zYkI5iNsmfkzTlp+mTLSA/GQ+d
l3u1v+W3cuuhetb6zGWguZVVXcrseyOPB+DdAgMBAAGjggIZMIICFTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFPCfVdOndnIyDZZ+nOp82ffokhllMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCWFnZWZhLm9yZ4INd3d3LmFnZWZhLm9y
ZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2
AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi6/S0UAAAAQDAEcw
RQIgKffNcCbYYRpiiPZysD0W0TTP8T6x/lvMdMUc+XXRCiICIQCF1KO3W1GN80G9
tS2J6AqaTZ4BpFD4aOZiIJ4msVA32QB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9
AA0tcm/h+tQXAAABi6/S0TgAAAQDAEYwRAIgXYXs7S7FlJOUNpVgEEYWCqPdSGRz
C+xUWexMe8fPnWECIB6yZXYxRInDSPetFtTcBNiTjxH9vzOAaig/X9HdcbAVMA0G
CSqGSIb3DQEBCwUAA4IBAQCJm/sd4GiBWLuZIuef0yu4qgVUoTVNsoWj1lDcsIZZ
apAJdAtMgeApyklz1Hv97QxI5WmPp8r3Rt6JQJyV4RTkTNw7Y5DXzticp9iuhEcW
V5xd0RTVZ5JsFTB584RXj5bIXAnadrpw7rYG7yqu7SlbHE+az0SDioD7DKzUoZ3r
3fK4tNHlgptKrbyGbRoxQtdDwGyk7hUN/HiptHmHZGgXOiC74Vy+Vk+sAO01lawa
8EfusSy2VlnJ4sjRx8L/SeIw5gWHkupRs/I4ynH5ZtiFxiiQu9yej+LIcQfyZRf9
GhWN4sGFRAJbt7nLfmwS5ZvaWlxsApj9FDNBpyqXo5mq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwdKZwLtiBlT8mtdXVhVU
vVVudlNS1dB1CxrEjftrZuFXnLRItCkKlyHYwNrwlbzPwoiEfwib8IcbrJhFdHGN
6/VMp6HAKOHB+58/D335B4SAomT+UKk3YEndNoXli/Cp+u/YkKAlPHi36gTpa+0y
qH329Am1CKGKHV01mB2g0XhBrUw4aULArcodv4oW81SXzg++eNAIyaixEn1Ds8Zz
Rm59ixCSaprus/9V8qzlHuAOnyPRzAGnqvzOMNxhLsSKBcszmdC9RWrBwpbhTkQz
BS72VmwyDL6ASmIIdG3evbR+qzZBFnemjqYMkNh07JumTrQ9PUqueZ3P3j8oF6Zi
wRO2cgKwlY16pJdweD523gPbVJq5huyoragxtOmwa8RAUDQ+d8nuWYb7MHJOXPYs
x6z3B09E20Qam0UdRica2qopFiIYjFuEovtwKKEBK4oa3kDBVyNYIqrB/M+4AsUN
p4LJZWvvFwnEwrLsKSvy3PVtkTVZ85vNa6JiYcymo+JTRvsAt/BfGFiFk7GzPV4c
CHONl6m7XHoYfdA4PudwfvFPKxciesADcSnlXwJLMKczsDWJhiKOeu7DutddFX9C
NgaQlfwz33iSjsFOgi4FMcRTbNiQjmI2yZ+TNOWn6ZMtID8ZD52Xe7W/5bdy66F6
1vrMZaC5lVVdyux7I48H4N0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 312744425435599644659518375664526275042044
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-08 15:45:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-06 15:45:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'agefa.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 790727459333769615436898842641094331927978553103438203442236963569563294698790078657993473162039861067930704971310147065259982727328530352612616077033225000731841770246828785705954681879149698441786331788911138806800344273430100194748404702138800243734255968826460773646298387316120559390660489884737696856486313000782101048330629772181431480711926229712054650067167228448290214025618059476267924794876819462291949712914776420405549987883577293885683575444111425974786190720269964503443555301477740629548895927724254922789967137717057225956414667303402065011943029314482003999354048694980542589297579297336431063887986674656025055649510566971759292734504969177733787131404071849807130349333512217336706642251656482097936146410967431991134015543888938301697866364927954788332450234520458674607044174677644637265772108966080041719555135439340834807242659737505256923467183441839008322431954729018636294617955980898046827129933779441350254188745942128738112969495663359096458598022932028961242695860681916907528252297499878224273731893020374020045650116233764324397955652247021846848775455598395332481834140485001450748144257772908047773046763892463384546775069989152322530803813366521487866816150085594211598387132970672846473219530973
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f09f55d3a77672320d967e9cea7cd9f7e8921965
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agefa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agefa.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bafd2d1400000040300473045022029f7cd7026d8611a6288f672b03d16d134cff13eb1fe5bcc74c51cf975d10a2202210085d4a3b75b518df341bdb52d89e80a9a4d9e01a450f868e662209e26b15037d90075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bafd2d138000004030046304402205d85eced2ec59493943695601046160aa3dd4864730bec5459ec4c7bc7cf9d6102201eb26576314489c348f7ad16d4dc04d8938f11fdbf33806a283f5fd1dd71b015
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00899bfb1de0688158bb9922e79fd32bb8aa0554a1354db285a3d650dcb086596a9009740b4c81e029ca4973d47bfded0c48e5698fa7caf746de89409c95e114e44cdc3b6390d7ced89ca7d8ae844716579c5dd114d567926c153079f384578f96c85c09da76ba70eeb606ef2aaeed295b1c4f9acf44838a80fb0cacd4a19debddf2b8b4d1e5829b4aadbc866d1a3142d743c06ca4ee150dfc78a9b479876468173a20bbe15cbe564fac00ed3595ac1af047eeb12cb65659c9e2c8d1c7c2ff49e230e6058792ea51b3f238ca71f966d885c62890bbdc9e8fe2c87107f26517fd1a158de2c18544025bb7b9cb7e6c12e59bda5a5c6c0298fd143341a72a97a399aa