exchangedbyfaith.church
Issued by R3
About this certificate
This digital certificate with serial number 03:63:74:db:da:d7:12:55:1e:c3:06:12:cf:29:cb:bc:71:5d was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=exchangedbyfaith.church
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:63:74:db:da:d7:12:55:1e:c3:06:12:cf:29:cb:bc:71:5dSerial Number (int): 295180144119581739362024258119216230330717
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7f:7c:90:82:09:93:68:da:cf:13:87:e2:97:65:e8:f9:e2:1a:e9:8c
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 78:35:01:52:91:b9:ad:7f:e8:c8:8f:94:0b:6c:d7:0d:e9:e2:db:f2
Fingerprint (sha256): bf:73:33:4a:29:69:3c:e0:50:ba:15:e0:a3:68:23:a5:74:48:50:68:d8:4d:85:ba:37:8d:98:7e:94:69:2b:8a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate exchangedbyfaith.church
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for exchangedbyfaith.church
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dreaminsure.com
exchangedbyfaith.church
grantandrachel.com
heavy.lol
www.aftershaves.in
exchangedbyfaith.church
grantandrachel.com
heavy.lol
www.aftershaves.in
Other certificates including the domain name exchangedbyfaith.church
(limited to 100 certificates)
Certificate
The complete raw certificate details for exchangedbyfaith.church in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgISA2N029rXElUewwYSzynLvHFdMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MjIyMDE4NTlaFw0yNDA4MjAyMDE4NThaMCIxIDAeBgNVBAMT F2V4Y2hhbmdlZGJ5ZmFpdGguY2h1cmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA38McmzUP2mU17SZEE3tX31xJmTuy83hM2h/E/c3ExW0Wfcr00vOw SELrhvFip56rgX6+KTyjgJa7h27NuggN/fuExlVaTv2w7CNIjPBWI8aRgpPCna6B YdMA3290AyuDfbrwtBOnCVS/bWYNCF8xPvBegsTpmQxHP71FDWuD2V9C5rS55ftS fbnQIvTenw/OzqLNYzBbXbgkLTVE14aYd2MznSlb7Zrv/EF+kqGHHxHaHlGccbhV +w8aC2DsroyfYx6TOZPN5fhT8xowl0+NMXQLaSDsEurHhpxLHKmYMTduR7rdRjzL uvLNKy3rRS6VtqgxjO3J3zyVeKEibyWXRQIDAQABo4ICXDCCAlgwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBR/fJCCCZNo2s8Th+KXZej54hrpjDAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzBmBgNVHREEXzBdgg9kcmVhbWluc3VyZS5jb22CF2V4Y2hhbmdl ZGJ5ZmFpdGguY2h1cmNoghJncmFudGFuZHJhY2hlbC5jb22CCWhlYXZ5LmxvbIIS d3d3LmFmdGVyc2hhdmVzLmluMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYB BAHWeQIEAgSB9ASB8QDvAHUAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4 ZG4AAAGPoivuzQAABAMARjBEAiApp+DF6qJ6lqaIaGYPtSCECUX/A0dkgWHcZT23 G2/IsQIgVO4DBY1vK1OszYyUV6/kim1oinSqN7VodnqivMguUUUAdgDf4VbrqgWv tZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAY+iK++IAAAEAwBHMEUCIQCySObg XNgR/LOSsOPu/nyrDiTRfDnbkVW+ljOmS56xdwIgNM0Bibq49NFAWPKOrKS/oFPl SkQzrGtmL44JJ6lXP+YwDQYJKoZIhvcNAQELBQADggEBAF7OynOJAx7/oUyq9kme nG191lP2iV1prQEcDUTyEVUWj+mv87otxKfAnsUTSD3qfeQQaRCAvILBPcs4eiTe DqEelc4kExVnQS/i+pn3Bla8XqmR3JqojCbcRn3sHHaebFaTXC73KRvL7n/07I9J 6XodspsKvrgkn20QESr14sfrvkondoaDCnJq5edLacy4SpEY+33IjcHsWiVKqjLN XF0RTb8WF88FNcNil+akF67yx9pnsZfajBCCAT7lDAmesOzrBBpIbxKrX6wwNmO8 xn0TSkjRsplRalKX4Eqwdhz93EiLeluwv0HBuctpY89Jp5h02/QDDpHCAyu6tBqz bwE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38McmzUP2mU17SZEE3tX 31xJmTuy83hM2h/E/c3ExW0Wfcr00vOwSELrhvFip56rgX6+KTyjgJa7h27NuggN /fuExlVaTv2w7CNIjPBWI8aRgpPCna6BYdMA3290AyuDfbrwtBOnCVS/bWYNCF8x PvBegsTpmQxHP71FDWuD2V9C5rS55ftSfbnQIvTenw/OzqLNYzBbXbgkLTVE14aY d2MznSlb7Zrv/EF+kqGHHxHaHlGccbhV+w8aC2DsroyfYx6TOZPN5fhT8xowl0+N MXQLaSDsEurHhpxLHKmYMTduR7rdRjzLuvLNKy3rRS6VtqgxjO3J3zyVeKEibyWX RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 295180144119581739362024258119216230330717 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-22 20:18:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-20 20:18:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'exchangedbyfaith.church' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28247355193954565278168086187959756876677466581153443647581102978330564448082023877737264915709954392277616888781566055277253361317502253726936555430616017291348769122172578223665997313640654019430504804046883689393319321500092236231430225277265939791685345402468974107200858989495328119003604818105392155334218190956137353571338818721599981873491431577122314266550990086895184660725574077825472839427158130255633410630212298550512524925590623906118578334843967089540721112035384743659100323737298815359481547182158364963932973836979625944021401830148599733878706641856601632306575084800875641078485868236019994040133 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7f7c9082099368dacf1387e29765e8f9e21ae98c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dreaminsure.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exchangedbyfaith.church' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'grantandrachel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heavy.lol' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aftershaves.in' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018fa22beecd0000040300463044022029a7e0c5eaa27a96a68868660fb520840945ff0347648161dc653db71b6fc8b1022054ee03058d6f2b53accd8c9457afe48a6d688a74aa37b568767aa2bcc82e5145007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018fa22bef880000040300473045022100b248e6e05cd811fcb392b0e3eefe7cab0e24d17c39db9155be9633a64b9eb177022034cd0189bab8f4d14058f28eaca4bfa053e54a4433ac6b662f8e0927a9573fe6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005ececa7389031effa14caaf6499e9c6d7dd653f6895d69ad011c0d44f21155168fe9aff3ba2dc4a7c09ec513483dea7de410691080bc82c13dcb387a24de0ea11e95ce24131567412fe2fa99f70656bc5ea991dc9aa88c26dc467dec1c769e6c56935c2ef7291bcbee7ff4ec8f49e97a1db29b0abeb8249f6d10112af5e2c7ebbe4a277686830a726ae5e74b69ccb84a9118fb7dc88dc1ec5a254aaa32cd5c5d114dbf1617cf0535c36297e6a417aef2c7da67b197da8c1082013ee50c099eb0eceb041a486f12ab5fac303663bcc67d134a48d1b299516a5297e04ab0761cfddc488b7a5bb0bf41c1b9cb6963cf49a79874dbf4030e91c2032bbab41ab36f01