DV SSL/TLS Certificate for default-ssl.default-host.net

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the default-ssl.default-host.net DV SSL/TLS Certificate

This certificate with serial number 06:b2:85:3e:b4:18:d4:64:33:d2:e6:41:47:04:d7:d7:78:31 for default-ssl.default-host.net was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for default-ssl.default-host.net provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:b2:85:3e:b4:18:d4:64:33:d2:e6:41:47:04:d7:d7:78:31
Serial Number (int): 583421089801134085863671457900497070422065
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 59:a2:f9:72:1c:38:d5:65:ac:01:47:be:02:e0:49:c4:2a:48:7c:6d
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 0b:31:d3:20:ad:c2:dd:0c:bf:b0:44:c8:d1:8a:9a:eb:db:b9:ba:8d
Fingerprint (SHA-256): ef:40:40:4f:e7:d9:54:ec:dc:49:bb:cc:64:65:47:94:12:81:50:59:34:d0:ef:cd:f7:4a:63:48:57:c1:94:9a

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/50.crl

Check the revocation status for certificate default-ssl.default-host.net
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for default-ssl.default-host.net

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

default-ssl.default-host.net

X.509 Certificate

The complete raw X.509 certificate details for default-ssl.default-host.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISBrKFPrQY1GQz0uZBRwTX13gxMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjEwMTYxNDEyWhcNMjUwOTA4MTYxNDExWjAnMSUwIwYDVQQD
ExxkZWZhdWx0LXNzbC5kZWZhdWx0LWhvc3QubmV0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwG3w2WpqIuSk+EN8aMePi0cqTvPU/O3uXazNSHkObsSU
QY3xeLv56BmyUAGqpbd49c07kPSob+5Ss9kTFQs4f0Ep6v+vL2Y7t2Nl4DlOJE/R
aq/48hQ8G9/0lkgDrqYHbTussM34/stNI3jezwIUJzVgWF4R8+5UQC2uPpvoI4ux
8slU1KmWE/1BErUMm3/FDvYMZPmO9eBpp4WJ/1PM9uMH2e2ryDeKYzfJmL8W1RYH
8/8boPoojIZMvC3HQiO2kX7JJx7yLBCOhZWcy1pRfCm9rMYN0TDp/1EoYW7gLfK2
jyVup1V49erZCBIk95mRfELUNMF36JGN4/ilW7M9WQIDAQABo4ICKzCCAicwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBRZovlyHDjVZawBR74C4EnEKkh8bTAfBgNVHSME
GDAWgBTFz0ak6vTDwHpslcQtsF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
BQUHMAKGF2h0dHA6Ly9yMTEuaS5sZW5jci5vcmcvMCcGA1UdEQQgMB6CHGRlZmF1
bHQtc3NsLmRlZmF1bHQtaG9zdC5uZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwLgYD
VR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMS5jLmxlbmNyLm9yZy81MC5jcmwwggED
BgorBgEEAdZ5AgQCBIH0BIHxAO8AdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8O
Qh60fk6qNAAAAZda1HYSAAAEAwBHMEUCIQCnuC1dagotPBCLTZggOC5NZuoiP0sn
+OdTY1pLjxO7hQIgffI6wAtU5cRWGunYN6Avn378w+HSA3SxHdK1iTLpyroAdQDd
3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZda1HZTAAAEAwBGMEQC
IGIkwseooASDkRpBNJyeIne5YFmG2abL3uqa6tSo/ZKxAiB3qZglu0CaBW0IbWtD
cefW+B/SYtfN1fIXsWPfJk0VyDANBgkqhkiG9w0BAQsFAAOCAQEARr21VMBFl9O+
yIwBXIKHnS27tpepNvWiROcXTJvUwtTQNoA9jzwwMox4nqqi2HXGtNL/iggCrL2E
WSr5/iodSfhARWp5QjNUqkgErbgTusUO2p1MYvq0Uax7UKYK9GsYNPsKTkympjwU
7reUhoFyojh1/TQo15zziLarZyPY0xURtOaFG7mDU30waw5py4j44rkohgd08NQz
m6bhVU9WcJ0AKVqVIcV/Oi9pnkugNn/LmBwusl4hKhcI+rWTitFo0BzUB4TLd2rJ
mVja87167xEiqMMrJ+MRpU/ARQmxNoScdki1fJt1abIogJ0Jkuwuv/rPG/VF9Ljr
hNrN2MHKeg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG3w2WpqIuSk+EN8aMeP
i0cqTvPU/O3uXazNSHkObsSUQY3xeLv56BmyUAGqpbd49c07kPSob+5Ss9kTFQs4
f0Ep6v+vL2Y7t2Nl4DlOJE/Raq/48hQ8G9/0lkgDrqYHbTussM34/stNI3jezwIU
JzVgWF4R8+5UQC2uPpvoI4ux8slU1KmWE/1BErUMm3/FDvYMZPmO9eBpp4WJ/1PM
9uMH2e2ryDeKYzfJmL8W1RYH8/8boPoojIZMvC3HQiO2kX7JJx7yLBCOhZWcy1pR
fCm9rMYN0TDp/1EoYW7gLfK2jyVup1V49erZCBIk95mRfELUNMF36JGN4/ilW7M9
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 583421089801134085863671457900497070422065
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-10 16:14:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-08 16:14:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'default-ssl.default-host.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24291968391169922152087197626444446368962229018854669344954586052102042963863895337743987312902638504394928406966286524740289120701908510030448562700560329138847442818702658566649404594228113483453069593915312772319430156023288267839403612907526357761287020591602618199491464613493119494892107411126894678082916568221467866524486448495357004945034568595749319227274704293444432604422356922843188172827200362050554079682850683758232027953116319913748071930942249548524277185578889547447457875197336718041878047730906411589832643616574485228945157358228146664155477377753747783412489862238769946327043946829747416415577
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							59a2f9721c38d565ac0147be02e049c42a487c6d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'default-ssl.default-host.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/50.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34000001975ad476120000040300473045022100a7b82d5d6a0a2d3c108b4d9820382e4d66ea223f4b27f8e753635a4b8f13bb8502207df23ac00b54e5c4561ae9d837a02f9f7efcc3e1d20374b11dd2b58932e9caba007500dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a000001975ad47653000004030046304402206224c2c7a8a00483911a41349c9e2277b9605986d9a6cbdeea9aead4a8fd92b1022077a99825bb409a056d086d6b4371e7d6f81fd262d7cdd5f217b163df264d15c8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0046bdb554c04597d3bec88c015c82879d2dbbb697a936f5a244e7174c9bd4c2d4d036803d8f3c30328c789eaaa2d875c6b4d2ff8a0802acbd84592af9fe2a1d49f840456a79423354aa4804adb813bac50eda9d4c62fab451ac7b50a60af46b1834fb0a4e4ca6a63c14eeb794868172a23875fd3428d79cf388b6ab6723d8d31511b4e6851bb983537d306b0e69cb88f8e2b928860774f0d4339ba6e1554f56709d00295a9521c57f3a2f699e4ba0367fcb981c2eb25e212a1708fab5938ad168d01cd40784cb776ac99958daf3bd7aef1122a8c32b27e311a54fc04509b136849c7648b57c9b7569b228809d0992ec2ebffacf1bf545f4b8eb84dacdd8c1ca7a