firstforafrica.org
Issued by R3
About this certificate
This digital certificate with serial number 04:87:59:92:92:93:68:be:d1:ca:72:a5:88:51:dc:c8:a1:a5 was issued on by Let's Encrypt.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=firstforafrica.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:87:59:92:92:93:68:be:d1:ca:72:a5:88:51:dc:c8:a1:a5Serial Number (int): 394506325601244641901950358865110431736229
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 26:c7:b8:8c:f3:dd:fa:db:56:b2:b6:cf:7c:13:7f:b2:1a:c5:aa:89
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 56:c9:2c:3e:3a:5d:1d:2f:0a:b5:ba:40:8e:5f:8c:df:93:ca:a3:ff
Fingerprint (sha256): d7:1d:cf:69:0d:0c:65:65:d0:5f:1b:d7:14:f9:ea:83:9f:72:99:1d:84:63:1e:c3:bd:fc:1e:02:c5:a1:78:40
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate firstforafrica.org
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for firstforafrica.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
alansears.net
climacolor.com.420forum.com.marilyndgarner.net
firstforafrica.org
ggeatl.com
helicraft.net.austinhomebuildersguide.com.matthewjamesbooth.com
longfellowshydroseeding.com
ondemandrealty1.net
trishna.co.in
climacolor.com.420forum.com.marilyndgarner.net
firstforafrica.org
ggeatl.com
helicraft.net.austinhomebuildersguide.com.matthewjamesbooth.com
longfellowshydroseeding.com
ondemandrealty1.net
trishna.co.in
Other certificates including the domain name firstforafrica.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for firstforafrica.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgISBIdZkpKTaL7RynKliFHcyKGlMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjYxNzUyNDZaFw0yNDAzMjUxNzUyNDVaMB0xGzAZBgNVBAMT EmZpcnN0Zm9yYWZyaWNhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANjK0oqxfYe9IvMqpkEm4i0jtK0dQN8o4SXE3dT0hxadBVpoGRtc76T84KD9 qQmJVe1XGtNZC7iavfIlniODerUTSj99Mq5voPtZgJPpsKSDSYaNTycmC2XeBcFZ BKs2HF+xuRZVN8WdmypSmsJrabpcO9+bTpUGwdf+KD4ExcG23IodD3KmnFlAbOHI ltD0KtfzS2pRx1rLhUZDnuC4AfYFbZDJ3499s64JW4QvkcZ74EP2Nddyrkk6/1Wn /kqcyTkEJdk+fdzXYzt3pEx3G7yln5epftgmBGZkSCW2ucFncqC4JCuNrF4fKADY KqHdHIQdBgJrN/Q9YWeeR0wzCO0CAwEAAaOCAuQwggLgMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUJse4jPPd+ttWsrbPfBN/shrFqokwHwYDVR0jBBgwFoAUFC6zF7dY VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy Lm9yZy8wgewGA1UdEQSB5DCB4YINYWxhbnNlYXJzLm5ldIIuY2xpbWFjb2xvci5j b20uNDIwZm9ydW0uY29tLm1hcmlseW5kZ2FybmVyLm5ldIISZmlyc3Rmb3JhZnJp Y2Eub3JnggpnZ2VhdGwuY29tgj9oZWxpY3JhZnQubmV0LmF1c3RpbmhvbWVidWls ZGVyc2d1aWRlLmNvbS5tYXR0aGV3amFtZXNib290aC5jb22CG2xvbmdmZWxsb3dz aHlkcm9zZWVkaW5nLmNvbYITb25kZW1hbmRyZWFsdHkxLm5ldIINdHJpc2huYS5j by5pbjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA 8AB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjKd44ikAAAQD AEcwRQIgZndFSS5fPFeC9PY5SlLXaJX7+bjE8IACl1BSbTP363wCIQCIW8zMP84J Nki/1nDaU6UAlzjlvO/Kbt7V8YU6HWtJKwB2ACnQOhu2dKpxHNMDW2VXwU+Kp4tP 6DiUSeykU/lEvSRoAAABjKd44xwAAAQDAEcwRQIgFD2rAxMxoeSzY4WGzBvup81j qJ6P2mu/44ahHSiuDDYCIQC0nE9gcO03Yjo8qxCFdtZ+x/TWocwjioMILnh7L1KI 3zANBgkqhkiG9w0BAQsFAAOCAQEAHbJ8P8PbsfiQoWvAtqaZDK0NouqBaZaoL2uB RbtuJJ2a4nJ9yQazdXms/TSzdRso2B5WbUqHx//hn07PQfgMNd/oi1Jm0RoWNzZb kRJCOGBRhR5d7wEY/K1P5OtrccAS7RxGmPuALeF3w7tEv0oCZc4wglLVhYjKP5mb hpOAQWWZAGcQDN0VC2wrE0z4+mzYJOQBmNkSlGDnrQGHQzeo/cJB7FBMH7j/niJy rMyAuZuLez3t1EZKAI72UKrA+QR2lnfQsmsntyUh/6rbHiKKJQAD4uLpzWyiTjvS F3fc+PuXGC5nLMLp4Xc5PBdCWXuHJyVdBzjEPcCXmOmWvXaXHw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MrSirF9h70i8yqmQSbi LSO0rR1A3yjhJcTd1PSHFp0FWmgZG1zvpPzgoP2pCYlV7Vca01kLuJq98iWeI4N6 tRNKP30yrm+g+1mAk+mwpINJho1PJyYLZd4FwVkEqzYcX7G5FlU3xZ2bKlKawmtp ulw735tOlQbB1/4oPgTFwbbcih0PcqacWUBs4ciW0PQq1/NLalHHWsuFRkOe4LgB 9gVtkMnfj32zrglbhC+RxnvgQ/Y113KuSTr/Vaf+SpzJOQQl2T593NdjO3ekTHcb vKWfl6l+2CYEZmRIJba5wWdyoLgkK42sXh8oANgqod0chB0GAms39D1hZ55HTDMI 7QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 394506325601244641901950358865110431736229 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 17:52:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-25 17:52:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firstforafrica.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27367489339933579920140126095093731816130486308386853985754090649948733763315518023175904783003909998301326343519073213734620832955599299969267621615654023861822576489504225457807389636763543114607192802536579073125330864878972969500300133015806000788364854499044676808789218690066215329481112144447212330456529076466215140365527668645970373664819579166483869212631320770610316439792631436088793847994042355905409836805353589996952407574417223672215322090339952150191795121947667262027318256216008733487269759765035592346046820674496381104856416276491815615739456970563669041219915260674294608432390614756507348306157 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 26c7b88cf3ddfadb56b2b6cf7c137fb21ac5aa89 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (228 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alansears.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'climacolor.com.420forum.com.marilyndgarner.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstforafrica.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ggeatl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helicraft.net.austinhomebuildersguide.com.matthewjamesbooth.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'longfellowshydroseeding.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ondemandrealty1.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trishna.co.in' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ca778e22900000403004730450220667745492e5f3c5782f4f6394a52d76895fbf9b8c4f080029750526d33f7eb7c022100885bcccc3fce093648bfd670da53a5009738e5bcefca6eded5f1853a1d6b492b00760029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018ca778e31c00000403004730450220143dab031331a1e4b3638586cc1beea7cd63a89e8fda6bbfe386a11d28ae0c36022100b49c4f6070ed37623a3cab108576d67ec7f4d6a1cc238a83082e787b2f5288df . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001db27c3fc3dbb1f890a16bc0b6a6990cad0da2ea816996a82f6b8145bb6e249d9ae2727dc906b37579acfd34b3751b28d81e566d4a87c7ffe19f4ecf41f80c35dfe88b5266d11a1637365b911242386051851e5def0118fcad4fe4eb6b71c012ed1c4698fb802de177c3bb44bf4a0265ce308252d58588ca3f999b8693804165990067100cdd150b6c2b134cf8fa6cd824e40198d9129460e7ad01874337a8fdc241ec504c1fb8ff9e2272accc80b99b8b7b3dedd4464a008ef650aac0f904769677d0b26b27b72521ffaadb1e228a250003e2e2e9cd6ca24e3bd21777dcf8fb97182e672cc2e9e177393c1742597b8727255d0738c43dc09798e996bd76971f