www.aidajerusalem.org
Issued by R3
About this certificate
This digital certificate with serial number 03:42:16:2f:05:80:15:5b:42:1d:26:9a:bf:0b:67:9d:c0:3a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.aidajerusalem.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:42:16:2f:05:80:15:5b:42:1d:26:9a:bf:0b:67:9d:c0:3aSerial Number (int): 283824981177482160144310792989466049757242
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c5:5b:b5:db:f9:2c:e9:5a:85:bf:e4:e9:67:e6:1a:f2:0c:bc:0f:ab
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 48:d3:d5:08:f5:66:87:f8:87:6c:b0:37:31:b1:37:4a:6f:6a:be:69
Fingerprint (sha256): b8:89:64:66:de:09:e9:24:8c:f5:1e:a5:59:56:a8:d7:df:88:0d:e1:31:ef:e1:ea:94:52:87:65:f7:b6:00:36
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.aidajerusalem.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.aidajerusalem.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
Other certificates including the domain name aidajerusalem.org
(limited to 100 certificates)
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
Certificate
The complete raw certificate details for www.aidajerusalem.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISA0IWLwWAFVtCHSaavwtnncA6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTcwODEzMDlaFw0yNDA0MTYwODEzMDhaMCAxHjAcBgNVBAMT FXd3dy5haWRhamVydXNhbGVtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOIz/Sgh0Impm5DA/SZ5y9wVKKtwNX+M1rd0CgLq8qKxkf93qXc4tURN SNB4wwov+fVBJyKOBGlPYzVv65HzXi2eXbbZLiFTx+HCH6IORuonSxAEm3meXkrX gc5cgYkz5sYNtScjE08t5Geo0d3wgNbQqduDaFFrOuXF/vsWisAqgQz6+oicm5Tv wbP9UZYNY9TG5o91yQSK9CuZs6G+lOKhM1GmzNLlhk2qk6LjKkdCPr3eNcAlqaCO dFrjfTuc4WkQOlYCfgPEAkJnNVKeBfrdKahn/kZsbgwJ/ion/Vm7TOhdepAk7FN0 yv3q/17jU9GBEkNYl1dcrHDVxBSRSc8CAwEAAaOCAiswggInMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUxVu12/ks6VqFv+TpZ+Ya8gy8D6swHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wMwYDVR0RBCwwKoIRYWlkYWplcnVzYWxlbS5vcmeCFXd3dy5haWRh amVydXNhbGVtLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkC BAIEgfYEgfMA8QB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB jRayIysAAAQDAEcwRQIgY+MV3BvtFPqP0G5LwpxykD05wWCvuWJyO/gCf1A/Ri0C IQCy3mkulX9nBIqOxKK/YjF1NUY2SXyOcriTdTXPXia8sgB3ADtTd3U+LbmATosw Wwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjRayI2UAAAQDAEgwRgIhALY1i5tVDGKu uU7GJdyMJZpHvSs5p3mwvR3oIOxJ4KUyAiEA0OKZGzyy+uWVDYj4Bcy0p+Dg/iko x/rjrweXh5UHb/IwDQYJKoZIhvcNAQELBQADggEBAAp58s0plVT8dJ5dEC9SnIKL zNtnxzqPaPleHP6ZuczAJHLwYOfTQh59+84ZFNWO1GdYX04EatNMbC3ID30bpbuA iCY7GxcvuvaveqHbMXMj5/ayzmVxcZ7Nir2ZcjKqZxHPzElOgPNwXgMBI+ayq8DK y9MuLgRjGzCNNXAgDIHiw9QMMP7nHUaYM7ziIbXQuYkuyKF6auk3Bfua6TNf65cH NXlWDJulhqFiIme2r9kS3htrJrb3p1i6sVqA2UkBe52TXoFarBrb+UN2X2YNnfV6 gk2AjMG0YAel73C9G6GXnqv8kkBJ6YqFHROwn+BqcVdgEh+W3uF2nkwdU0KvF9E= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jP9KCHQiambkMD9JnnL 3BUoq3A1f4zWt3QKAuryorGR/3epdzi1RE1I0HjDCi/59UEnIo4EaU9jNW/rkfNe LZ5dttkuIVPH4cIfog5G6idLEASbeZ5eSteBzlyBiTPmxg21JyMTTy3kZ6jR3fCA 1tCp24NoUWs65cX++xaKwCqBDPr6iJyblO/Bs/1Rlg1j1Mbmj3XJBIr0K5mzob6U 4qEzUabM0uWGTaqTouMqR0I+vd41wCWpoI50WuN9O5zhaRA6VgJ+A8QCQmc1Up4F +t0pqGf+RmxuDAn+Kif9WbtM6F16kCTsU3TK/er/XuNT0YESQ1iXV1yscNXEFJFJ zwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 283824981177482160144310792989466049757242 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-17 08:13:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-16 08:13:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aidajerusalem.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28555493601263934688278835339277249604545019566502159021499606632389893124682087528579342974516118053281770649161800126181738982847227459975478859254783691302718440512248357879360435010891157210873692469820591370857593735505625650140210988533027579116767954542520362099146779134562452610967947554999569303327126459724671825753485656904257216612137988893598824922787250889249127081229496755418467472788855964805322105899018262792914408260945442805434659190053609092582502125330676815764996834739710157472479031559409839171599662340751319145718296835911459632971498223548256409484246166976282647255297404156992327600591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c55bb5dbf92ce95a85bfe4e967e61af20cbc0fab . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aidajerusalem.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aidajerusalem.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d16b2232b0000040300473045022063e315dc1bed14fa8fd06e4bc29c72903d39c160afb962723bf8027f503f462d022100b2de692e957f67048a8ec4a2bf623175354636497c8e72b8937535cf5e26bcb20077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d16b223650000040300483046022100b6358b9b550c62aeb94ec625dc8c259a47bd2b39a779b0bd1de820ec49e0a532022100d0e2991b3cb2fae5950d88f805ccb4a7e0e0fe2928c7fae3af07978795076ff2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000a79f2cd299554fc749e5d102f529c828bccdb67c73a8f68f95e1cfe99b9ccc02472f060e7d3421e7dfbce1914d58ed467585f4e046ad34c6c2dc80f7d1ba5bb8088263b1b172fbaf6af7aa1db317323e7f6b2ce6571719ecd8abd997232aa6711cfcc494e80f3705e030123e6b2abc0cacbd32e2e04631b308d3570200c81e2c3d40c30fee71d469833bce221b5d0b9892ec8a17a6ae93705fb9ae9335feb97073579560c9ba586a1622267b6afd912de1b6b26b6f7a758bab15a80d949017b9d935e815aac1adbf943765f660d9df57a824d808cc1b46007a5ef70bd1ba1979eabfc924049e98a851d13b09fe06a715760121f96dee1769e4c1d5342af17d1