bufalo.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:6f:83:e7:bc:42:b1:e5:96:e6:6b:1e:2a:f5:e8:29:eb:37 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=bufalo.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:6f:83:e7:bc:42:b1:e5:96:e6:6b:1e:2a:f5:e8:29:eb:37Serial Number (int): 299283532629904175524650867234022458256183
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: db:89:ec:20:e0:50:e3:6d:1a:c8:a9:15:9c:31:a3:67:0e:ba:05:7c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 9b:43:8a:90:0d:14:af:1d:c0:0c:ed:45:eb:6a:8d:88:c4:b8:30:79
Fingerprint (sha256): b9:96:93:d5:62:29:d6:71:9b:8f:e6:55:61:fd:34:d2:d3:d2:42:26:b0:29:98:9a:d2:24:c5:18:09:5b:e7:22
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate bufalo.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bufalo.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bufalo.org
Other certificates including the domain name bufalo.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for bufalo.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSzCCBTOgAwIBAgISA2+D57xCseWW5mseKvXoKes3MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjExNDQzNDZaFw0y MDA1MjExNDQzNDZaMBUxEzARBgNVBAMTCmJ1ZmFsby5vcmcwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQDAQdACcx9b+Dge3sNu1DgTEfQY2XmDeSjpPlTc VVh52xPsNYLOQNeOntpRHQBzSpo+VS9ZkYTfvSU0tikwLlalx+DO134tAmfUtwAi AvRCvlbV8STYSd8LEx+slZ9pvkxEGL3x+mT1rNKQewyYqUyfI3MeQkpWcHLefBya DhXgo+zoCLcO4WwEm9bRYWPsZgzw+1bOosWO0FeXq7oF9U6cB8Dd3MFwd/rof1jD FvAnUEom5vQoBK5lRfiVOE6IJK0cxSxCNcalRGhEB9ceB+t9k24V5evtVVZgUFSV 2fZZldeGKzWhxj0skQzwa1Qr1L0A43KiNN05CvoLUzA27BT2IJGsDsp4WP5FBprr EGg4T2Bw9oHePQebEgnwvGvxzxFvRUnrXcikxC3AYbZwWNpZpq1FQwjukUhTCiHs lLNpLjutyWX3GYmeWyldJEXN1efYvci8p2eQmCB7tzwEP97pkGd9Bz4r76qb0N2v z3l11BPnKDBcmTj5/s35xyjSIf2yrHv0wYYNTalFjw1kINxGoKDVU66pp2yx6HrI 1Q0qBwLrmNsALGeNVmDkJiKXpmATfHFBzCXb/NDazw5Fnk/MpCaO2BLYLaC/o4nl jVrNUhoPLhEv9+B9XJhd24Y48ZihlQO80v4rsDq+DNDvBD+c+bV9IdtK5VanxZsB p5IiKwIDAQABo4ICXjCCAlowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTbiewg4FDj bRrIqRWcMaNnDroFfDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMBUGA1UdEQQOMAyCCmJ1ZmFsby5vcmcwTAYDVR0gBEUw QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgBv U3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXBoa0qLAAAEAwBHMEUC IEeC+TlJ+jPUsAt2hBA+vdsEHZc7BolURRlzagY7jcjgAiEAjwkSadKL/J75dJNe K5sPRpoAO8dRIKszboz4FFAb6DIAdQAHt1wb5X1o//Gwxh0jFce65ld8V5S3au68 YToaadOiHAAAAXBoa0qyAAAEAwBGMEQCICyX6QtFwD5F6wtLziA5A3TEkPxOSFMz EWCqhuunYHLpAiAOqYk9ZJlGOMX0B+ij9KdUIMa5PYWqCEo5/zzLeAsPFjANBgkq hkiG9w0BAQsFAAOCAQEAdzsCaP/ppqxV13eCMni1P3YXtHlpEQ1VNOnM3tq2k+aG QDKp+e54p497b5FG5chVo9fXiEF3jyeuQSGxnZCjPFPzf4wQNv8SvexhV0hxFUSC YCk0qO6wylwFs26m2k4e0Cf8TvWNKnjkY0iVu8qLAeiP35m5gscczedJEID+wo5x 1pomDzSfa2Pcg0lAJvE/W02xsq88tcG/AueUGWWtvhj5W6ZOyD87A4EmSnzoOoqT nUy69kGEOGzhbqD5Dlx6gGBUyfW/Er8HOFEMy0yPIXHx9rfNhjjvCcX7HXO50HRL 6MBGtl1vhccAAu6M+hQ3bVP9J+/NmbtXsgA2QfhGvQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwEHQAnMfW/g4Ht7DbtQ4 ExH0GNl5g3ko6T5U3FVYedsT7DWCzkDXjp7aUR0Ac0qaPlUvWZGE370lNLYpMC5W pcfgztd+LQJn1LcAIgL0Qr5W1fEk2EnfCxMfrJWfab5MRBi98fpk9azSkHsMmKlM nyNzHkJKVnBy3nwcmg4V4KPs6Ai3DuFsBJvW0WFj7GYM8PtWzqLFjtBXl6u6BfVO nAfA3dzBcHf66H9YwxbwJ1BKJub0KASuZUX4lThOiCStHMUsQjXGpURoRAfXHgfr fZNuFeXr7VVWYFBUldn2WZXXhis1ocY9LJEM8GtUK9S9AONyojTdOQr6C1MwNuwU 9iCRrA7KeFj+RQaa6xBoOE9gcPaB3j0HmxIJ8Lxr8c8Rb0VJ613IpMQtwGG2cFja WaatRUMI7pFIUwoh7JSzaS47rcll9xmJnlspXSRFzdXn2L3IvKdnkJgge7c8BD/e 6ZBnfQc+K++qm9Ddr895ddQT5ygwXJk4+f7N+cco0iH9sqx79MGGDU2pRY8NZCDc RqCg1VOuqadsseh6yNUNKgcC65jbACxnjVZg5CYil6ZgE3xxQcwl2/zQ2s8ORZ5P zKQmjtgS2C2gv6OJ5Y1azVIaDy4RL/fgfVyYXduGOPGYoZUDvNL+K7A6vgzQ7wQ/ nPm1fSHbSuVWp8WbAaeSIisCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 299283532629904175524650867234022458256183 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-21 14:43:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-21 14:43:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bufalo.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 784340456871275621626938488429242159200801002861458799311717121998774161487013026011885013475369117436099167908131643442533462687852164950294413583131036962963993286736696124268169366072180041494904449189680827764090374485759531828388933181032101450880510942815060546274029116803593883672152232955529481083779880177313143220859952033802563846160335527788463903133718387399865792694145937266206969433241028728024111269546602319951938524018260441753507253271916133043583792847032391338622895737448427640000773572807348790262094865366186318474083463886736955506350352036070527868959152952506866258056853153118146302028952658851850343132843331722448228802853173632053181374880669265417316772200675753642354369698807764823813142005834524646824842860673298569425928255695661699158786672795113939653978494468072702057029038825863395486942558353150012842903521995558581321178982199440879243103623572574029123483963159384905091833328202621957907400288660704378389541159935485806378355904653885527267502963236399120188004540759121358742854357397579129334961600842470160727016830758576537969448861498263792227579227159081785116313107005207763575399237390017225235569471801477084637069384177470802882413957358244481028615994796587659318436962859 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) db89ec20e050e36d1ac8a9159c31a3670eba057c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bufalo.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000170686b4a8b000004030047304502204782f93949fa33d4b00b7684103ebddb041d973b0689544519736a063b8dc8e00221008f091269d28bfc9ef974935e2b9b0f469a003bc75120ab336e8cf814501be83200750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000170686b4ab2000004030046304402202c97e90b45c03e45eb0b4bce20390374c490fc4e4853331160aa86eba76072e902200ea9893d64994638c5f407e8a3f4a75420c6b93d85aa084a39ff3ccb780b0f16 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00773b0268ffe9a6ac55d777823278b53f7617b47969110d5534e9ccdedab693e6864032a9f9ee78a78f7b6f9146e5c855a3d7d78841778f27ae4121b19d90a33c53f37f8c1036ff12bdec61574871154482602934a8eeb0ca5c05b36ea6da4e1ed027fc4ef58d2a78e4634895bbca8b01e88fdf99b982c71ccde7491080fec28e71d69a260f349f6b63dc83494026f13f5b4db1b2af3cb5c1bf02e7941965adbe18f95ba64ec83f3b0381264a7ce83a8a939d4cbaf64184386ce16ea0f90e5c7a806054c9f5bf12bf0738510ccb4c8f2171f1f6b7cd8638ef09c5fb1d73b9d0744be8c046b65d6f85c70002ee8cfa14376d53fd27efcd99bb57b2003641f846bd