bids.orcity.org
Issued by R3
About this certificate
This digital certificate with serial number 03:ee:da:ff:16:15:31:52:1f:eb:b6:c1:e6:66:ad:c7:0e:5f was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=bids.orcity.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ee:da:ff:16:15:31:52:1f:eb:b6:c1:e6:66:ad:c7:0e:5fSerial Number (int): 342615157309136199026769429902722509246047
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a7:44:06:17:06:d2:6f:63:c0:b7:78:5b:aa:54:92:56:7d:cd:5f:67
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 0c:75:2e:e6:ba:d9:55:ec:6c:76:8a:7b:17:08:da:c6:80:c7:fa:69
Fingerprint (sha256): dd:5f:bc:3d:e1:79:f4:e3:87:c7:c6:08:5b:98:40:ae:46:bf:47:83:6c:79:ee:d7:6c:2c:55:57:83:43:41:28
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate bids.orcity.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bids.orcity.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bids.orcity.org
Other certificates including the domain name orcity.org
(limited to 100 certificates)
*.orcity.org
CORC-FW.orcity.org
bids.orcity.org
exchange.orcity.org
bids.orcity.org
webmaps.orcity.org
bids.orcity.org
www.orcity.org
maps.orcity.org
*.orcity.org
www.orcity.org
orcity.org
CORC-FW.orcity.org
CORC-FW.orcity.org
*.orcity.org
bids.orcity.org
*.orcity.org
online.orcity.org
orcity.org
www.orcity.org
*.orcity.org
orcity.org
edenweb.orcity.org
maps.orcity.org
edenweb.orcity.org
bids.orcity.org
maps.orcity.org
lucity.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
webmaps.orcity.org
www.orcity.org
edenweb.orcity.org
www.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
exchange.orcity.org
exchange.orcity.org
*.orcity.org
bids.orcity.org
www.orcity.org
parking.orcity.org
edenweb.orcity.org
orcity.org
CORC-FW.orcity.org
maps.orcity.org
maps.orcity.org
bids.orcity.org
permits.orcity.org
*.orcity.org
www.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
*.orcity.org
bids.orcity.org
maps.orcity.org
bids.orcity.org
*.orcity.org
www.orcity.org
*.time.orcity.org
www.orcity.org
www.orcity.org
edenweb.orcity.org
bids.orcity.org
orcity.org
bids.orcity.org
*.orcity.org
bids.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
*.orcity.org
edenweb.orcity.org
www.orcity.org
www.orcity.org
online.orcity.org
CORC-FW.orcity.org
bids.orcity.org
exchange.orcity.org
bids.orcity.org
webmaps.orcity.org
bids.orcity.org
www.orcity.org
maps.orcity.org
*.orcity.org
www.orcity.org
orcity.org
CORC-FW.orcity.org
CORC-FW.orcity.org
*.orcity.org
bids.orcity.org
*.orcity.org
online.orcity.org
orcity.org
www.orcity.org
*.orcity.org
orcity.org
edenweb.orcity.org
maps.orcity.org
edenweb.orcity.org
bids.orcity.org
maps.orcity.org
lucity.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
webmaps.orcity.org
www.orcity.org
edenweb.orcity.org
www.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
exchange.orcity.org
exchange.orcity.org
*.orcity.org
bids.orcity.org
www.orcity.org
parking.orcity.org
edenweb.orcity.org
orcity.org
CORC-FW.orcity.org
maps.orcity.org
maps.orcity.org
bids.orcity.org
permits.orcity.org
*.orcity.org
www.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
*.orcity.org
bids.orcity.org
maps.orcity.org
bids.orcity.org
*.orcity.org
www.orcity.org
*.time.orcity.org
www.orcity.org
www.orcity.org
edenweb.orcity.org
bids.orcity.org
orcity.org
bids.orcity.org
*.orcity.org
bids.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
*.orcity.org
edenweb.orcity.org
www.orcity.org
www.orcity.org
online.orcity.org
Certificate
The complete raw certificate details for bids.orcity.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgISA+7a/xYVMVIf67bB5matxw5fMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTAyMTQ0MjBaFw0yNDAyMDgyMTQ0MTlaMBoxGDAWBgNVBAMT D2JpZHMub3JjaXR5Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMXMe4QB7Z8a8Y55bKlD7kBPF6l92Kpxg9mZNv8PU952t6/OfwplFVs//lYMzE5h 0QOVbPrz9GrrcHbtJ7D98oqC3ERn/gf/gdsK6o1V9C7AwJl7IDnYjdCRU477v4L5 Tx1o+BGiZ8wx8Sxcv65HPlutJ48xbBETrYyps/OY39FcusKfU2vGKLeRBgyfEwkO qvvj+UCdPoqNVsaUdKbFkvlCu+mSvuehuvX4XJKdWeUKRDmMceaFXRt1KzVMwqsF B9BYwuvYCe6hQyi7I3fzZ4azzvrPvu68Shv913EwBuONuV+1LIbIRwvTGiViKAw/ OmkjW7Q3sHENttgwcbsY+nsCAwEAAaOCAhAwggIMMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUp0QGFwbSb2PAt3hbqlSSVn3NX2cwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wGgYDVR0RBBMwEYIPYmlkcy5vcmNpdHkub3JnMBMGA1UdIAQMMAowCAYGZ4EM AQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYASLDja9qmRzQP5WoC+p0w6xxS ActW3SyB2bu/qznYhHMAAAGLu2haKwAABAMARzBFAiBBfVxZwMiJzqGxfciQUpP2 EhtiIhszEO+uio7dteAfOgIhAKu98EdN3HHo23HRlnAOrm/nUnBs56S9XLEb45ID NL8wAHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLu2haMAAA BAMARjBEAiAcpjwNtEJz8sQxt0/osl3aQZ2Ux1InL5k2B6aKPzFCLQIgci+Urfy+ zprYmVxnzTjoMIAEkzfG8bbswYJGyTJ5klwwDQYJKoZIhvcNAQELBQADggEBALHF DN+PE782cCBPmrih2cdvsSukpd2fzfpX/fjIjQ6Pj5BLx4FbWezXcN/njSadaDvs vmMey7yzrBT+VC276K0Tc8EmeeAAcan4yqqH0Knxn4vG4bHsLLb68DtM5YIwmYpO 1mnPGfavVhLHp1qruZLFSOlWjhz8il6ja7wuLYGzSRfP3uaG+keetT3j9HQ+4MsW xCOxVxJmIN32cc1HWySPZU9HkGSDIJT5Q7AOu/gN4KADoGBnP8g8tBzHHfekdxwm J2dMtqd4n9WOYygwTyOGZtUDXtQLNcuY+zoc7+Kp9DvT8yde6zmobZtgp8DC2HK5 TXLbjwXk6StRZpCRLV4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcx7hAHtnxrxjnlsqUPu QE8XqX3YqnGD2Zk2/w9T3na3r85/CmUVWz/+VgzMTmHRA5Vs+vP0autwdu0nsP3y ioLcRGf+B/+B2wrqjVX0LsDAmXsgOdiN0JFTjvu/gvlPHWj4EaJnzDHxLFy/rkc+ W60njzFsEROtjKmz85jf0Vy6wp9Ta8Yot5EGDJ8TCQ6q++P5QJ0+io1WxpR0psWS +UK76ZK+56G69fhckp1Z5QpEOYxx5oVdG3UrNUzCqwUH0FjC69gJ7qFDKLsjd/Nn hrPO+s++7rxKG/3XcTAG4425X7UshshHC9MaJWIoDD86aSNbtDewcQ222DBxuxj6 ewIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342615157309136199026769429902722509246047 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-10 21:44:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-08 21:44:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bids.orcity.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24969780148830493002245706870694704639316935159565013327222051265358311478749886267038544558985160501446952423326578273760696433779412167901291726779964345127378654394692066670776123676816859805439710925594337955448120200776744523085515165346647992042947423275846458530509294666077794640728437457524544177964223257918076554096046531310429308804396065996020139073171312776431213380715233129240647932546279055508511700922410325509732808775345369098486884081802770150617993676265557472861817033905778621490119993406865069300137126345055772570652047187901146052924815779333265466117696979072202954323097366800370587204219 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a744061706d26f63c0b7785baa5492567dcd5f67 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bids.orcity.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bbb685a2b00000403004730450220417d5c59c0c889cea1b17dc8905293f6121b62221b3310efae8a8eddb5e01f3a022100abbdf0474ddc71e8db71d196700eae6fe752706ce7a4bd5cb11be3920334bf30007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bbb685a30000004030046304402201ca63c0db44273f2c431b74fe8b25dda419d94c752272f993607a68a3f31422d0220722f94adfcbece9ad8995c67cd38e83080049337c6f1b6ecc18246c93279925c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b1c50cdf8f13bf3670204f9ab8a1d9c76fb12ba4a5dd9fcdfa57fdf8c88d0e8f8f904bc7815b59ecd770dfe78d269d683becbe631ecbbcb3ac14fe542dbbe8ad1373c12679e00071a9f8caaa87d0a9f19f8bc6e1b1ec2cb6faf03b4ce58230998a4ed669cf19f6af5612c7a75aabb992c548e9568e1cfc8a5ea36bbc2e2d81b34917cfdee686fa479eb53de3f4743ee0cb16c423b157126620ddf671cd475b248f654f479064832094f943b00ebbf80de0a003a060673fc83cb41cc71df7a4771c2627674cb6a7789fd58e6328304f238666d5035ed40b35cb98fb3a1cefe2a9f43bd3f3275eeb39a86d9b60a7c0c2d872b94d72db8f05e4e92b516690912d5e