firstforafrica.org

Issued by R3

About this certificate

This digital certificate with serial number 04:87:59:92:92:93:68:be:d1:ca:72:a5:88:51:dc:c8:a1:a5 was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=firstforafrica.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:87:59:92:92:93:68:be:d1:ca:72:a5:88:51:dc:c8:a1:a5
Serial Number (int): 394506325601244641901950358865110431736229
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 26:c7:b8:8c:f3:dd:fa:db:56:b2:b6:cf:7c:13:7f:b2:1a:c5:aa:89
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 56:c9:2c:3e:3a:5d:1d:2f:0a:b5:ba:40:8e:5f:8c:df:93:ca:a3:ff
Fingerprint (sha256): d7:1d:cf:69:0d:0c:65:65:d0:5f:1b:d7:14:f9:ea:83:9f:72:99:1d:84:63:1e:c3:bd:fc:1e:02:c5:a1:78:40

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate firstforafrica.org

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for firstforafrica.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

alansears.net
climacolor.com.420forum.com.marilyndgarner.net
firstforafrica.org
ggeatl.com
helicraft.net.austinhomebuildersguide.com.matthewjamesbooth.com
longfellowshydroseeding.com
ondemandrealty1.net
trishna.co.in

Other certificates including the domain name firstforafrica.org

(limited to 100 certificates)
firstforafrica.org
firstforafrica.org
firstforafrica.org
hybridkravmaga.online
firstforafrica.org
firstforafrica.org
appideas.equi.life
sex-video.co.za
firstforafrica.org
firstforafrica.org
vacations.vc
firstforafrica.org
firstforafrica.org
liveden.hilltophorizons.ca

Certificate

The complete raw certificate details for firstforafrica.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISBIdZkpKTaL7RynKliFHcyKGlMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjYxNzUyNDZaFw0yNDAzMjUxNzUyNDVaMB0xGzAZBgNVBAMT
EmZpcnN0Zm9yYWZyaWNhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjK0oqxfYe9IvMqpkEm4i0jtK0dQN8o4SXE3dT0hxadBVpoGRtc76T84KD9
qQmJVe1XGtNZC7iavfIlniODerUTSj99Mq5voPtZgJPpsKSDSYaNTycmC2XeBcFZ
BKs2HF+xuRZVN8WdmypSmsJrabpcO9+bTpUGwdf+KD4ExcG23IodD3KmnFlAbOHI
ltD0KtfzS2pRx1rLhUZDnuC4AfYFbZDJ3499s64JW4QvkcZ74EP2Nddyrkk6/1Wn
/kqcyTkEJdk+fdzXYzt3pEx3G7yln5epftgmBGZkSCW2ucFncqC4JCuNrF4fKADY
KqHdHIQdBgJrN/Q9YWeeR0wzCO0CAwEAAaOCAuQwggLgMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUJse4jPPd+ttWsrbPfBN/shrFqokwHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wgewGA1UdEQSB5DCB4YINYWxhbnNlYXJzLm5ldIIuY2xpbWFjb2xvci5j
b20uNDIwZm9ydW0uY29tLm1hcmlseW5kZ2FybmVyLm5ldIISZmlyc3Rmb3JhZnJp
Y2Eub3JnggpnZ2VhdGwuY29tgj9oZWxpY3JhZnQubmV0LmF1c3RpbmhvbWVidWls
ZGVyc2d1aWRlLmNvbS5tYXR0aGV3amFtZXNib290aC5jb22CG2xvbmdmZWxsb3dz
aHlkcm9zZWVkaW5nLmNvbYITb25kZW1hbmRyZWFsdHkxLm5ldIINdHJpc2huYS5j
by5pbjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjKd44ikAAAQD
AEcwRQIgZndFSS5fPFeC9PY5SlLXaJX7+bjE8IACl1BSbTP363wCIQCIW8zMP84J
Nki/1nDaU6UAlzjlvO/Kbt7V8YU6HWtJKwB2ACnQOhu2dKpxHNMDW2VXwU+Kp4tP
6DiUSeykU/lEvSRoAAABjKd44xwAAAQDAEcwRQIgFD2rAxMxoeSzY4WGzBvup81j
qJ6P2mu/44ahHSiuDDYCIQC0nE9gcO03Yjo8qxCFdtZ+x/TWocwjioMILnh7L1KI
3zANBgkqhkiG9w0BAQsFAAOCAQEAHbJ8P8PbsfiQoWvAtqaZDK0NouqBaZaoL2uB
RbtuJJ2a4nJ9yQazdXms/TSzdRso2B5WbUqHx//hn07PQfgMNd/oi1Jm0RoWNzZb
kRJCOGBRhR5d7wEY/K1P5OtrccAS7RxGmPuALeF3w7tEv0oCZc4wglLVhYjKP5mb
hpOAQWWZAGcQDN0VC2wrE0z4+mzYJOQBmNkSlGDnrQGHQzeo/cJB7FBMH7j/niJy
rMyAuZuLez3t1EZKAI72UKrA+QR2lnfQsmsntyUh/6rbHiKKJQAD4uLpzWyiTjvS
F3fc+PuXGC5nLMLp4Xc5PBdCWXuHJyVdBzjEPcCXmOmWvXaXHw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MrSirF9h70i8yqmQSbi
LSO0rR1A3yjhJcTd1PSHFp0FWmgZG1zvpPzgoP2pCYlV7Vca01kLuJq98iWeI4N6
tRNKP30yrm+g+1mAk+mwpINJho1PJyYLZd4FwVkEqzYcX7G5FlU3xZ2bKlKawmtp
ulw735tOlQbB1/4oPgTFwbbcih0PcqacWUBs4ciW0PQq1/NLalHHWsuFRkOe4LgB
9gVtkMnfj32zrglbhC+RxnvgQ/Y113KuSTr/Vaf+SpzJOQQl2T593NdjO3ekTHcb
vKWfl6l+2CYEZmRIJba5wWdyoLgkK42sXh8oANgqod0chB0GAms39D1hZ55HTDMI
7QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 394506325601244641901950358865110431736229
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 17:52:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-25 17:52:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firstforafrica.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27367489339933579920140126095093731816130486308386853985754090649948733763315518023175904783003909998301326343519073213734620832955599299969267621615654023861822576489504225457807389636763543114607192802536579073125330864878972969500300133015806000788364854499044676808789218690066215329481112144447212330456529076466215140365527668645970373664819579166483869212631320770610316439792631436088793847994042355905409836805353589996952407574417223672215322090339952150191795121947667262027318256216008733487269759765035592346046820674496381104856416276491815615739456970563669041219915260674294608432390614756507348306157
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							26c7b88cf3ddfadb56b2b6cf7c137fb21ac5aa89
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (228 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alansears.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'climacolor.com.420forum.com.marilyndgarner.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstforafrica.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ggeatl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helicraft.net.austinhomebuildersguide.com.matthewjamesbooth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'longfellowshydroseeding.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ondemandrealty1.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trishna.co.in'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ca778e22900000403004730450220667745492e5f3c5782f4f6394a52d76895fbf9b8c4f080029750526d33f7eb7c022100885bcccc3fce093648bfd670da53a5009738e5bcefca6eded5f1853a1d6b492b00760029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018ca778e31c00000403004730450220143dab031331a1e4b3638586cc1beea7cd63a89e8fda6bbfe386a11d28ae0c36022100b49c4f6070ed37623a3cab108576d67ec7f4d6a1cc238a83082e787b2f5288df
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001db27c3fc3dbb1f890a16bc0b6a6990cad0da2ea816996a82f6b8145bb6e249d9ae2727dc906b37579acfd34b3751b28d81e566d4a87c7ffe19f4ecf41f80c35dfe88b5266d11a1637365b911242386051851e5def0118fcad4fe4eb6b71c012ed1c4698fb802de177c3bb44bf4a0265ce308252d58588ca3f999b8693804165990067100cdd150b6c2b134cf8fa6cd824e40198d9129460e7ad01874337a8fdc241ec504c1fb8ff9e2272accc80b99b8b7b3dedd4464a008ef650aac0f904769677d0b26b27b72521ffaadb1e228a250003e2e2e9cd6ca24e3bd21777dcf8fb97182e672cc2e9e177393c1742597b8727255d0738c43dc09798e996bd76971f