agefa.org

Issued by R3

About this certificate

This digital certificate with serial number 04:ed:55:59:2c:15:0d:e3:fe:d5:de:47:81:33:05:30:aa:aa was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=agefa.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:ed:55:59:2c:15:0d:e3:fe:d5:de:47:81:33:05:30:aa:aa
Serial Number (int): 429209512075459642784359182584862320143018
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 11:6b:4a:50:a5:a8:d0:62:59:c4:29:7e:8c:cc:8f:71:5d:ef:e8:c0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 75:23:8a:32:ea:8e:a0:76:6f:bd:f2:c6:3b:4b:4b:56:b5:5e:ab:4c
Fingerprint (sha256): f4:aa:fd:eb:bf:67:ca:3b:f3:7d:c2:21:8c:a7:20:fb:45:7a:8c:73:71:91:48:67:0d:4d:ea:b6:82:cd:f6:34

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate agefa.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for agefa.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

agefa.org
www.agefa.org

Other certificates including the domain name agefa.org

(limited to 100 certificates)
agefa.org
www.agefa.org
www.agefa.org
www.agefa.org
www.agefa.org
*.agefa.org
www.agefa.org
agefa.org
www.agefa.org
*.agefa.org
*.agefa.org
agefa.org

Certificate

The complete raw certificate details for agefa.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISBO1VWSwVDeP+1d5HgTMFMKqqMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMDgwMTA4MTRaFw0yNDA2MDYwMTA4MTNaMBQxEjAQBgNVBAMT
CWFnZWZhLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMD4Qtge
8F70f9v/eIZ9BW/Auq8e78QFCKRaqmjWyvN4ammwsVh5pXZNtsA2ZMGFYqK5+yKf
yBU4zM9dDTT29MasBQ2Z/8NWwAJ1zE1iNhIeJF+pDf2cz1HEk6j9VOqjNS1ABGvg
lfj9NHgYkeHeJl6eqoTCW0ePPIIDy1+ayCgei5BJ/Y8vKSnEhxqnl7jSRBu+NueU
RPDCvqrEkrI7LUJ5w2vD+zASStkP0e3WV90BD5sIckXUxlMVDo+T8ZuiI4oBCfvd
PO97/zvmmpnJKeDE3qdaBUhpq3RozLAe6Uq4A57E0H/STu4Flj4O6RZMakrKDsaF
920JhAK47sYzUB1F2A8hAwpbBDgNWojqIU0YVgMiqo90AF6+Wrtt/zU0LwYubTHo
2w2WZDMmHt0JRH8Et/fbz8UBqnHI+tCvfRrSHUAlra2wWvcZSH/7ZpgHoRd9QZt/
EzB8KOjT5vKSLqxC3qQRWVboM39wKDPgB3uPbg7YwIIJrSt7Cxdcw4UOkhAjaDGF
BC1dI6xX/0Iv1FCBDzOLCcvz+342UrOKOABcF8oTd2rxrGXE8Gvzuj8q4KeBmkad
nFjv07yMfjDxVkfczjVX9QhlBs+XDvIXZQt8vxLM1ifzX4f37js225BBuzWDP1cZ
hbWMoj2ylQAAzPbHAcoTANCLrzOvJI2tf9qzAgMBAAGjggIaMIICFjAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFBFrSlClqNBiWcQpfozMj3Fd7+jAMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCWFnZWZhLm9yZ4INd3d3LmFnZWZhLm9y
ZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2
AKLiv9Ye3i8vB6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAABjhvRcBoAAAQDAEcw
RQIgLX4XGw4L40n7uzAfE6oatB4XrBvL9nzx6+gHfb2oYe8CIQCmcriKhtq10K1x
vQO3/y6lDnjJ8e+RgHZNcrT6pR5TpQB2AHb/iD8KtvuVUcJhzPWHujS0pM27Kdxo
Qgqf5mdMWjp0AAABjhvRcEwAAAQDAEcwRQIgQWKcPBvTeVYHIC0u/88AG7BBQ/oS
AmwajT+s+M1+vgUCIQDzUxjj3vAq+Q0V2/oyDEmItSM9PetQDRDHWp5pUsVOLjAN
BgkqhkiG9w0BAQsFAAOCAQEAqanaqK0r6j3qDkdobriUWMVLJsjIxrJHbQs14PQs
clunzHHeGFDkV6zZWTE9j3gJcyEcMtcYMalsQgCTmFjreT8HGcAaOY+wsNo0Ul2Q
T9AXoK8yNdGPfFvmQpcxSpOK0ih1EcJpcWs0qOIfisBhUOQBecXHAYKaX/AcEWkP
SgoxKii0oYzA5g2GXdGOM8dubHvWk1emkJjCr+05GHelMyvQCXvL2Yo5A72kimtC
ER5fxr+QeTizeeuCcd2qNn4FtPGKhmmuOZ7YiU1h6rwKQAePf6WhIjYMQmxBQGBp
5sQdKuQE62/cViO5KMA2loYFbnrceo77MV+FB1GaFgCAlQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwPhC2B7wXvR/2/94hn0F
b8C6rx7vxAUIpFqqaNbK83hqabCxWHmldk22wDZkwYViorn7Ip/IFTjMz10NNPb0
xqwFDZn/w1bAAnXMTWI2Eh4kX6kN/ZzPUcSTqP1U6qM1LUAEa+CV+P00eBiR4d4m
Xp6qhMJbR488ggPLX5rIKB6LkEn9jy8pKcSHGqeXuNJEG74255RE8MK+qsSSsjst
QnnDa8P7MBJK2Q/R7dZX3QEPmwhyRdTGUxUOj5Pxm6IjigEJ+90873v/O+aamckp
4MTep1oFSGmrdGjMsB7pSrgDnsTQf9JO7gWWPg7pFkxqSsoOxoX3bQmEArjuxjNQ
HUXYDyEDClsEOA1aiOohTRhWAyKqj3QAXr5au23/NTQvBi5tMejbDZZkMyYe3QlE
fwS399vPxQGqccj60K99GtIdQCWtrbBa9xlIf/tmmAehF31Bm38TMHwo6NPm8pIu
rELepBFZVugzf3AoM+AHe49uDtjAggmtK3sLF1zDhQ6SECNoMYUELV0jrFf/Qi/U
UIEPM4sJy/P7fjZSs4o4AFwXyhN3avGsZcTwa/O6Pyrgp4GaRp2cWO/TvIx+MPFW
R9zONVf1CGUGz5cO8hdlC3y/EszWJ/Nfh/fuOzbbkEG7NYM/VxmFtYyiPbKVAADM
9scByhMA0IuvM68kja1/2rMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 429209512075459642784359182584862320143018
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-08 01:08:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 01:08:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'agefa.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 787247977332212346963262997095237712846713609944915080108138631108015026946006931278039437313143241979094040817048452714936360060511693074657275345351927013303921427485128143405185277505388862482006600119773723623595397902406947229440620525899044496328724582759397435857958622042949206257383467572772280955649588879506048927960423195251046319830073218140561698885941262263917797898753936202033974095720667134279351263103406704772031551587516450540857857720307673659644681375955706514035320820554147987649810258600438023042213538764764461973594771644764719194409785026630948652304173356904640649204885369201140547213428925627768353819371805393570942042760080776543518869886221579213190885137257614391463555300024468194139357532738222821357323111463450681188895668888648095459217982714622313709443045849524532171402363366936279516212606089926638464226764466609510610081496335276998123305844815386957110669466694694450411060486344719168483032704940372428802826041812698351763895503405900463429680579751830294504236958156428345128552040419990706994332461706472210087906431874895025615620024050280286756229762229484484518874468621777522529844085276726790596162235759082718562494155037945307791383548358620655646897657386418480270003919539
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							116b4a50a5a8d06259c4297e8ccc8f715defe8c0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agefa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agefa.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e1bd1701a000004030047304502202d7e171b0e0be349fbbb301f13aa1ab41e17ac1bcbf67cf1ebe8077dbda861ef022100a672b88a86dab5d0ad71bd03b7ff2ea50e78c9f1ef9180764d72b4faa51e53a500760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e1bd1704c0000040300473045022041629c3c1bd3795607202d2effcf001bb04143fa12026c1a8d3facf8cd7ebe05022100f35318e3def02af90d15dbfa320c4988b5233d3deb500d10c75a9e6952c54e2e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a9a9daa8ad2bea3dea0e47686eb89458c54b26c8c8c6b2476d0b35e0f42c725ba7cc71de1850e457acd959313d8f780973211c32d71831a96c4200939858eb793f0719c01a398fb0b0da34525d904fd017a0af3235d18f7c5be64297314a938ad2287511c269716b34a8e21f8ac06150e40179c5c701829a5ff01c11690f4a0a312a28b4a18cc0e60d865dd18e33c76e6c7bd69357a69098c2afed391877a5332bd0097bcbd98a3903bda48a6b42111e5fc6bf907938b379eb8271ddaa367e05b4f18a8669ae399ed8894d61eabc0a40078f7fa5a122360c426c41406069e6c41d2ae404eb6fdc5623b928c0369686056e7adc7a8efb315f8507519a16008095