agefa.org
Issued by R3
About this certificate
This digital certificate with serial number 04:ed:55:59:2c:15:0d:e3:fe:d5:de:47:81:33:05:30:aa:aa was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=agefa.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:ed:55:59:2c:15:0d:e3:fe:d5:de:47:81:33:05:30:aa:aaSerial Number (int): 429209512075459642784359182584862320143018
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 11:6b:4a:50:a5:a8:d0:62:59:c4:29:7e:8c:cc:8f:71:5d:ef:e8:c0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 75:23:8a:32:ea:8e:a0:76:6f:bd:f2:c6:3b:4b:4b:56:b5:5e:ab:4c
Fingerprint (sha256): f4:aa:fd:eb:bf:67:ca:3b:f3:7d:c2:21:8c:a7:20:fb:45:7a:8c:73:71:91:48:67:0d:4d:ea:b6:82:cd:f6:34
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate agefa.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for agefa.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
agefa.org
www.agefa.org
www.agefa.org
Other certificates including the domain name agefa.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for agefa.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7jCCBNagAwIBAgISBO1VWSwVDeP+1d5HgTMFMKqqMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDgwMTA4MTRaFw0yNDA2MDYwMTA4MTNaMBQxEjAQBgNVBAMT CWFnZWZhLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMD4Qtge 8F70f9v/eIZ9BW/Auq8e78QFCKRaqmjWyvN4ammwsVh5pXZNtsA2ZMGFYqK5+yKf yBU4zM9dDTT29MasBQ2Z/8NWwAJ1zE1iNhIeJF+pDf2cz1HEk6j9VOqjNS1ABGvg lfj9NHgYkeHeJl6eqoTCW0ePPIIDy1+ayCgei5BJ/Y8vKSnEhxqnl7jSRBu+NueU RPDCvqrEkrI7LUJ5w2vD+zASStkP0e3WV90BD5sIckXUxlMVDo+T8ZuiI4oBCfvd PO97/zvmmpnJKeDE3qdaBUhpq3RozLAe6Uq4A57E0H/STu4Flj4O6RZMakrKDsaF 920JhAK47sYzUB1F2A8hAwpbBDgNWojqIU0YVgMiqo90AF6+Wrtt/zU0LwYubTHo 2w2WZDMmHt0JRH8Et/fbz8UBqnHI+tCvfRrSHUAlra2wWvcZSH/7ZpgHoRd9QZt/ EzB8KOjT5vKSLqxC3qQRWVboM39wKDPgB3uPbg7YwIIJrSt7Cxdcw4UOkhAjaDGF BC1dI6xX/0Iv1FCBDzOLCcvz+342UrOKOABcF8oTd2rxrGXE8Gvzuj8q4KeBmkad nFjv07yMfjDxVkfczjVX9QhlBs+XDvIXZQt8vxLM1ifzX4f37js225BBuzWDP1cZ hbWMoj2ylQAAzPbHAcoTANCLrzOvJI2tf9qzAgMBAAGjggIaMIICFjAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFBFrSlClqNBiWcQpfozMj3Fd7+jAMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCWFnZWZhLm9yZ4INd3d3LmFnZWZhLm9y ZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2 AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAABjhvRcBoAAAQDAEcw RQIgLX4XGw4L40n7uzAfE6oatB4XrBvL9nzx6+gHfb2oYe8CIQCmcriKhtq10K1x vQO3/y6lDnjJ8e+RgHZNcrT6pR5TpQB2AHb/iD8KtvuVUcJhzPWHujS0pM27Kdxo Qgqf5mdMWjp0AAABjhvRcEwAAAQDAEcwRQIgQWKcPBvTeVYHIC0u/88AG7BBQ/oS AmwajT+s+M1+vgUCIQDzUxjj3vAq+Q0V2/oyDEmItSM9PetQDRDHWp5pUsVOLjAN BgkqhkiG9w0BAQsFAAOCAQEAqanaqK0r6j3qDkdobriUWMVLJsjIxrJHbQs14PQs clunzHHeGFDkV6zZWTE9j3gJcyEcMtcYMalsQgCTmFjreT8HGcAaOY+wsNo0Ul2Q T9AXoK8yNdGPfFvmQpcxSpOK0ih1EcJpcWs0qOIfisBhUOQBecXHAYKaX/AcEWkP SgoxKii0oYzA5g2GXdGOM8dubHvWk1emkJjCr+05GHelMyvQCXvL2Yo5A72kimtC ER5fxr+QeTizeeuCcd2qNn4FtPGKhmmuOZ7YiU1h6rwKQAePf6WhIjYMQmxBQGBp 5sQdKuQE62/cViO5KMA2loYFbnrceo77MV+FB1GaFgCAlQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwPhC2B7wXvR/2/94hn0F b8C6rx7vxAUIpFqqaNbK83hqabCxWHmldk22wDZkwYViorn7Ip/IFTjMz10NNPb0 xqwFDZn/w1bAAnXMTWI2Eh4kX6kN/ZzPUcSTqP1U6qM1LUAEa+CV+P00eBiR4d4m Xp6qhMJbR488ggPLX5rIKB6LkEn9jy8pKcSHGqeXuNJEG74255RE8MK+qsSSsjst QnnDa8P7MBJK2Q/R7dZX3QEPmwhyRdTGUxUOj5Pxm6IjigEJ+90873v/O+aamckp 4MTep1oFSGmrdGjMsB7pSrgDnsTQf9JO7gWWPg7pFkxqSsoOxoX3bQmEArjuxjNQ HUXYDyEDClsEOA1aiOohTRhWAyKqj3QAXr5au23/NTQvBi5tMejbDZZkMyYe3QlE fwS399vPxQGqccj60K99GtIdQCWtrbBa9xlIf/tmmAehF31Bm38TMHwo6NPm8pIu rELepBFZVugzf3AoM+AHe49uDtjAggmtK3sLF1zDhQ6SECNoMYUELV0jrFf/Qi/U UIEPM4sJy/P7fjZSs4o4AFwXyhN3avGsZcTwa/O6Pyrgp4GaRp2cWO/TvIx+MPFW R9zONVf1CGUGz5cO8hdlC3y/EszWJ/Nfh/fuOzbbkEG7NYM/VxmFtYyiPbKVAADM 9scByhMA0IuvM68kja1/2rMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 429209512075459642784359182584862320143018 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-08 01:08:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 01:08:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'agefa.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 787247977332212346963262997095237712846713609944915080108138631108015026946006931278039437313143241979094040817048452714936360060511693074657275345351927013303921427485128143405185277505388862482006600119773723623595397902406947229440620525899044496328724582759397435857958622042949206257383467572772280955649588879506048927960423195251046319830073218140561698885941262263917797898753936202033974095720667134279351263103406704772031551587516450540857857720307673659644681375955706514035320820554147987649810258600438023042213538764764461973594771644764719194409785026630948652304173356904640649204885369201140547213428925627768353819371805393570942042760080776543518869886221579213190885137257614391463555300024468194139357532738222821357323111463450681188895668888648095459217982714622313709443045849524532171402363366936279516212606089926638464226764466609510610081496335276998123305844815386957110669466694694450411060486344719168483032704940372428802826041812698351763895503405900463429680579751830294504236958156428345128552040419990706994332461706472210087906431874895025615620024050280286756229762229484484518874468621777522529844085276726790596162235759082718562494155037945307791383548358620655646897657386418480270003919539 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 116b4a50a5a8d06259c4297e8ccc8f715defe8c0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agefa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agefa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e1bd1701a000004030047304502202d7e171b0e0be349fbbb301f13aa1ab41e17ac1bcbf67cf1ebe8077dbda861ef022100a672b88a86dab5d0ad71bd03b7ff2ea50e78c9f1ef9180764d72b4faa51e53a500760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e1bd1704c0000040300473045022041629c3c1bd3795607202d2effcf001bb04143fa12026c1a8d3facf8cd7ebe05022100f35318e3def02af90d15dbfa320c4988b5233d3deb500d10c75a9e6952c54e2e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a9a9daa8ad2bea3dea0e47686eb89458c54b26c8c8c6b2476d0b35e0f42c725ba7cc71de1850e457acd959313d8f780973211c32d71831a96c4200939858eb793f0719c01a398fb0b0da34525d904fd017a0af3235d18f7c5be64297314a938ad2287511c269716b34a8e21f8ac06150e40179c5c701829a5ff01c11690f4a0a312a28b4a18cc0e60d865dd18e33c76e6c7bd69357a69098c2afed391877a5332bd0097bcbd98a3903bda48a6b42111e5fc6bf907938b379eb8271ddaa367e05b4f18a8669ae399ed8894d61eabc0a40078f7fa5a122360c426c41406069e6c41d2ae404eb6fdc5623b928c0369686056e7adc7a8efb315f8507519a16008095