foodrisk.org
Issued by R3
About this certificate
This digital certificate with serial number 04:aa:1b:de:76:a3:79:c4:4f:45:e2:27:27:56:82:8c:e7:6e was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=foodrisk.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:aa:1b:de:76:a3:79:c4:4f:45:e2:27:27:56:82:8c:e7:6eSerial Number (int): 406334190355665521566298515633318262531950
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: cc:6f:e4:c6:83:d4:7b:7f:da:68:ee:b4:33:19:5e:07:f1:9b:0d:19
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 42:f2:b7:29:ff:fe:68:72:c6:de:8b:a4:bf:a5:f1:2c:32:ff:33:94
Fingerprint (sha256): e1:ff:ca:9c:26:2d:54:2f:06:30:dd:8f:98:22:0c:e4:45:8e:e6:62:28:4b:74:cb:9f:ad:0c:e0:b2:8b:e8:4c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate foodrisk.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for foodrisk.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.foodrisk.org
foodrisk.org
foodrisk.org
Other certificates including the domain name foodrisk.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for foodrisk.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgISBKob3najecRPReInJ1aCjOduMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzAxMjUxMTU3MjlaFw0yMzA0MjUxMTU3MjhaMBcxFTATBgNVBAMT DGZvb2RyaXNrLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOL9 TnF/r/+AoF8+efwsjqcdgkGpki+UN1JWzSwFTtBQnzx4rUs86zdlEni8xRb3jtXe iMDmR8NzH3w6/pAO78YjhOA6wHE4Kc0AzOO9s2J9XK1oKYOkNiBJM/m8gU9tNIGk GXjgawW+6NC4SyU7Jrni/oFe7GLDqbahyeo9wvZY6OclbBzGtFmZPRQkmZMiTsZn stQbod+t50maoXv5TjIRD0KCpPZiItZbVDuqMy5DklOSr5+KQ5t1ZOj5auzHQMTv fxAvuoDOcHU28zJx6wqR3bvlfbZbRMDFVJ2hd6vdLQkpZn1F8XeRvKJ6nuse2xci uSHD19eWWokp108E/AUCAwEAAaOCAlcwggJTMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUzG/kxoPUe3/aaO60MxleB/GbDRkwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w JwYDVR0RBCAwHoIOKi5mb29kcmlzay5vcmeCDGZvb2RyaXNrLm9yZzBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2 ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABhekBOZkAAAQDAEcw RQIgV1xeozLwrjc8Xt33remanm2yUEqjOvXIi5v8ZKh805QCIQDccUqDw0d2ivbP 3iO7xscFXliAzW7iJ+j/GKwKFa+8lAB2AHoyjFTYty22IOo44FIe6YQWcDIThU07 0ivBOlejUutSAAABhekBOasAAAQDAEcwRQIgJaNaauyhohgU4JD/jmSvJH8mXwim NGyHZRVjf7BuHNoCIQDMIk0FOI8YeIom3J01fkwFYKp2yUODax5cWd1dlFHnpTAN BgkqhkiG9w0BAQsFAAOCAQEAptXAguKhLX/h1XMnVKVatzLJPDVtzbIWRhNJAlLD DEFJvtNs0fUhS37VDhJSG0lUi7Y0QyyFPnOrcV42wO45rDYiaOxrkAW8xy3w8WHs wjWwBXmZLe/grIbnBFXTojXoe7gzWUjVlmFq0BeiOM/2hXT40dgwIV5vNfh5SfM7 Njx04PFFF9yv4+OUo2WO81g+og8gYoYFD2hVXch9cg5rtAgV0O4V9mytiYsJNUPl FxKiXSvPH5/G7m1O8NkvYuHB8VRpdbmqx8kh6ojF73ECNKUrMQgvWlTtUZF3jisb 1DN6pLZ6XZ4SLYaGydcjJNEfFH2yj9Bu/kAvYllKOkdyzA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4v1OcX+v/4CgXz55/CyO px2CQamSL5Q3UlbNLAVO0FCfPHitSzzrN2USeLzFFveO1d6IwOZHw3MffDr+kA7v xiOE4DrAcTgpzQDM472zYn1crWgpg6Q2IEkz+byBT200gaQZeOBrBb7o0LhLJTsm ueL+gV7sYsOptqHJ6j3C9ljo5yVsHMa0WZk9FCSZkyJOxmey1Buh363nSZqhe/lO MhEPQoKk9mIi1ltUO6ozLkOSU5Kvn4pDm3Vk6Plq7MdAxO9/EC+6gM5wdTbzMnHr CpHdu+V9tltEwMVUnaF3q90tCSlmfUXxd5G8onqe6x7bFyK5IcPX15ZaiSnXTwT8 BQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 406334190355665521566298515633318262531950 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-25 11:57:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-25 11:57:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'foodrisk.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28654766973174021924603467831281786994315745687057194319620554771401509337158775395274770073888214310900017096021574119940723943377520485825736905070220464957454061924377174990482425297472652341410606436353540105884557111928214219888274240684842609875790640569510631202569563463185336818288486941876817231413330428582178028587537125462730987889867229535253857186220996113132745820612189280383850876740618557106310970634962460534509066259234500124620383775902834671739042060683502230286699379275746467738354160835161342507027129598430849721405573157383479253404522073389610608616967263481797236316971809592013693975557 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cc6fe4c683d47b7fda68eeb433195e07f19b0d19 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.foodrisk.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foodrisk.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000185e901399900000403004730450220575c5ea332f0ae373c5eddf7ade99a9e6db2504aa33af5c88b9bfc64a87cd394022100dc714a83c347768af6cfde23bbc6c7055e5880cd6ee227e8ff18ac0a15afbc940076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000185e90139ab0000040300473045022025a35a6aeca1a21814e090ff8e64af247f265f08a6346c876515637fb06e1cda022100cc224d05388f18788a26dc9d357e4c0560aa76c943836b1e5c59dd5d9451e7a5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a6d5c082e2a12d7fe1d5732754a55ab732c93c356dcdb2164613490252c30c4149bed36cd1f5214b7ed50e12521b49548bb634432c853e73ab715e36c0ee39ac362268ec6b9005bcc72df0f161ecc235b00579992defe0ac86e70455d3a235e87bb8335948d596616ad017a238cff68574f8d1d830215e6f35f87949f33b363c74e0f14517dcafe3e394a3658ef3583ea20f206286050f68555dc87d720e6bb40815d0ee15f66cad898b093543e51712a25d2bcf1f9fc6ee6d4ef0d92f62e1c1f1546975b9aac7c921ea88c5ef710234a52b31082f5a54ed5191778e2b1bd4337aa4b67a5d9e122d8686c9d72324d11f147db28fd06efe402f62594a3a4772cc