thepni.org

Issued by R3

About this certificate

This digital certificate with serial number 04:13:d1:b9:f4:e4:b7:4f:14:be:db:39:b9:1c:57:e9:44:de was issued on by Let's Encrypt.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=thepni.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:13:d1:b9:f4:e4:b7:4f:14:be:db:39:b9:1c:57:e9:44:de
Serial Number (int): 355193282891605389457012805378589596402910
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 84:f1:18:fa:8d:bc:1e:4b:5e:1b:10:63:64:b3:92:40:a3:c4:fc:94
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 25:c1:cd:52:99:c3:c9:6f:2a:8f:dd:b2:64:33:b1:92:d9:9d:75:7d
Fingerprint (sha256): a7:a6:90:2e:bf:26:87:2f:a3:38:49:40:86:67:f1:8e:d2:be:61:70:ea:38:e0:56:bf:eb:ab:db:1c:62:ad:4e

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate thepni.org

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for thepni.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

abletocook.com
advantagebasketballcamps.com
africancoin.com
ca.cosfacts.org
consolidatingdebtloan.com
etechnologymall.com
gatorwrestler.com
homesatavemaria.com
kitchens.cool
realandchic.com
republicanvideoproduction.com
thepni.org

Other certificates including the domain name thepni.org

(limited to 100 certificates)
thepni.org
thepni.org
thepni.org
scriptureuntangled.ca
ypp.co.za
programming.vc
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org

Certificate

The complete raw certificate details for thepni.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISBBPRufTkt08Uvts5uRxX6UTeMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTcwOTA4MzZaFw0yNDA1MTcwOTA4MzVaMBUxEzARBgNVBAMT
CnRoZXBuaS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0EP1
FyY2sXys14dtMzeBk1IOZ8yU23B+5DAzeXqjMhrpApfDn5UKIWog/x+R4V8A+238
bpea+x4aU09G7p0nOxm0TfzHnSm1sEMf6yYdOTbGWTSOJZevQLs6uBd/dj5O0xMz
P5hQC5CsuFtpPkmDcKAwrRgYyOdLU1DfmvxbDPjnzI9Xkp0K7qCtrSHCGzWiXnOt
FhWEOvr6aJwGNzOa1AqG5lHA2BI4Ba4tHO5yTXePC3W6yAAwDB64+DesMET7JQWA
YOKm4dpEld4aO35B7td8/O4r6JR2rifGovqNTohI1S7Ty1wmJ9YWzPYSX+SNCoR2
NzAJDcrWIYAeutMpAgMBAAGjggL2MIIC8jAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FITxGPqNvB5LXhsQY2SzkkCjxPyUMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf
r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u
bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIH+
BgNVHREEgfYwgfOCDmFibGV0b2Nvb2suY29tghxhZHZhbnRhZ2ViYXNrZXRiYWxs
Y2FtcHMuY29tgg9hZnJpY2FuY29pbi5jb22CD2NhLmNvc2ZhY3RzLm9yZ4IZY29u
c29saWRhdGluZ2RlYnRsb2FuLmNvbYITZXRlY2hub2xvZ3ltYWxsLmNvbYIRZ2F0
b3J3cmVzdGxlci5jb22CE2hvbWVzYXRhdmVtYXJpYS5jb22CDWtpdGNoZW5zLmNv
b2yCD3JlYWxhbmRjaGljLmNvbYIdcmVwdWJsaWNhbnZpZGVvcHJvZHVjdGlvbi5j
b22CCnRoZXBuaS5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5
AgQCBIH1BIHyAPAAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAA
AY22igxoAAAEAwBHMEUCIHW8VRQ5qwZtHML80Va2aS3l6p1N2bY0ztzS2X8n6ttH
AiEA63tmPPkXR+xSdMboS0MpkGxWxzUMgHUI+HSTmBVoZDAAdgCi4r/WHt4vLweg
1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY22igypAAAEAwBHMEUCIQDXtFMcwiF9
o38Iwkkt9SNmy31yJxgtJXSA72aZRJyalQIgTxHKTvQyoyCXaNQAW8iQg/reBdrd
Oregko9KKc1jZUQwDQYJKoZIhvcNAQELBQADggEBAH2b1s62hjE9hmRZFcfvKhFf
zAaGM4AFsx0ihyLL6v4UHcVMRVxADm6YQECsi+se320ypYJrFSJjrpmz9iT8VM2n
h+JCqIsbc5NmAFrMvotlBCpVHmJ0ed+X2pBRZd7dg/hj9B65xCO6i5F2wx1r+iYb
OVtfRf8QIC4lZofMpQeVxQA2QoLNINtFfaCp8f1KHTHMLvSezAso6/5CLx2kDl9+
gIrG9I9X0JAi7Q8QtvLIko6c94idFwUT8NrCwhOuO2G31/mtkbP0XAsDxly2abyU
Ugi3D752Y1nQoXOXBh5aLno6MLetDKiJuKIa+pHqfN2XRNqhEQxeghmkQQxtaBo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9BD9RcmNrF8rNeHbTM3
gZNSDmfMlNtwfuQwM3l6ozIa6QKXw5+VCiFqIP8fkeFfAPtt/G6XmvseGlNPRu6d
JzsZtE38x50ptbBDH+smHTk2xlk0jiWXr0C7OrgXf3Y+TtMTMz+YUAuQrLhbaT5J
g3CgMK0YGMjnS1NQ35r8Wwz458yPV5KdCu6gra0hwhs1ol5zrRYVhDr6+micBjcz
mtQKhuZRwNgSOAWuLRzuck13jwt1usgAMAweuPg3rDBE+yUFgGDipuHaRJXeGjt+
Qe7XfPzuK+iUdq4nxqL6jU6ISNUu08tcJifWFsz2El/kjQqEdjcwCQ3K1iGAHrrT
KQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 355193282891605389457012805378589596402910
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-17 09:08:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-17 09:08:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thepni.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22194402894326667492027882514947271390182927571298264317423296975966480189958345038088266019271735850037023462526376711905513376620938277316904029897726809093681266181524755226750340323994013565101267644696285507498358028118149332476231302677955337355822665641102359644406580382618180211693850414474247987294089886627344732694529565248381561050835616642598258260113318713530951846801187861931760010908392186633309080727603647026032913536936487337345043020288806264273647253980068942489218039147703126829012402747407558047224961857595083478205670141851776404747135897183304645393722888637684650843676608225909917012777
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							84f118fa8dbc1e4b5e1b106364b39240a3c4fc94
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abletocook.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advantagebasketballcamps.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'africancoin.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ca.cosfacts.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'consolidatingdebtloan.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etechnologymall.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gatorwrestler.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homesatavemaria.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kitchens.cool'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'realandchic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'republicanvideoproduction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thepni.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018db68a0c680000040300473045022075bc551439ab066d1cc2fcd156b6692de5ea9d4dd9b634cedcd2d97f27eadb47022100eb7b663cf91747ec5274c6e84b4329906c56c7350c807508f874939815686430007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018db68a0ca90000040300473045022100d7b4531cc2217da37f08c2492df52366cb7d7227182d257480ef6699449c9a9502204f11ca4ef432a3209768d4005bc89083fade05dadd3ab7a0928f4a29cd636544
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007d9bd6ceb686313d86645915c7ef2a115fcc0686338005b31d228722cbeafe141dc54c455c400e6e984040ac8beb1edf6d32a5826b152263ae99b3f624fc54cda787e242a88b1b739366005accbe8b65042a551e627479df97da905165dedd83f863f41eb9c423ba8b9176c31d6bfa261b395b5f45ff10202e256687cca50795c500364282cd20db457da0a9f1fd4a1d31cc2ef49ecc0b28ebfe422f1da40e5f7e808ac6f48f57d09022ed0f10b6f2c8928e9cf7889d170513f0dac2c213ae3b61b7d7f9ad91b3f45c0b03c65cb669bc945208b70fbe766359d0a17397061e5a2e7a3a30b7ad0ca889b8a21afa91ea7cdd9744daa1110c5e8219a4410c6d681a