DV SSL/TLS Certificate for *.provoli.eu

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the *.provoli.eu DV SSL/TLS Certificate

This certificate with serial number 06:d4:d7:f1:f5:22:d0:8d:5e:dc:98:a3:82:fa:ab:4b:02:8f for *.provoli.eu was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.provoli.eu provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:d4:d7:f1:f5:22:d0:8d:5e:dc:98:a3:82:fa:ab:4b:02:8f
Serial Number (int): 595100617712385752148810986805262744748687
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 1d:66:38:29:9d:10:57:bc:4b:13:cc:c9:2e:2b:17:b9:c5:8b:ea:4b
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): a0:dc:e7:26:90:6f:a1:c0:1c:31:ad:ed:fc:93:61:77:2c:33:4b:77
Fingerprint (SHA-256): d4:1c:8f:f4:09:b5:ab:b7:98:f7:9c:10:8c:24:ae:c9:34:84:ad:07:64:c4:2a:44:a6:2b:bb:80:f4:80:d7:e6

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/16.crl

Check the revocation status for certificate *.provoli.eu
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.provoli.eu

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.provoli.eu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISBtTX8fUi0I1e3JijgvqrSwKPMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTEwMTMwMDEwWhcNMjUwODA4MTMwMDA5WjAXMRUwEwYDVQQD
DAwqLnByb3ZvbGkuZXUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW
PM1RL00bAYzhbe1PirEq8azVksTJ8ZVNqLMtVjFzqOEFgeHMSXck8aX1mWgX/yGR
juKYYrZC04l/BDYQqNRWIroRdXrjLBHFpLAVCBAqDHiDDVlOZIaYpaC6B49Vzh8z
mwkzVw4FgC1FyZqk4EYo7ofqmit2BWZ8Zhy5IRC7APR0kFvzW2o8U+HYAk6RebEH
2Mjt4r67OlDOOnlZyjCpNn+Fk/yJXSaMfVD6e05ZCIWQIiDhWO6Dr5SDX4Ich0SP
yG0pqUhn758IDHGX0vl8mGhK8b8Gmzu+qjkku6xQaQDRUd55OyEx8cvuB4kr1+bb
uzADMkuqUSLKiYXTdzOBAgMBAAGjggImMIICIjAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFB1mOCmdEFe8SxPMyS4rF7nFi+pLMB8GA1UdIwQYMBaAFLu8w0el5LypxsOk
cgwQjaI14cjoMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3Ix
MC5pLmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIMKi5wcm92b2xpLmV1ggpwcm92b2xp
LmV1MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6
Ly9yMTAuYy5sZW5jci5vcmcvMTYuY3JsMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADu
AHUApELFBklgYVSPD9TqnPt6LSZFTYepfy/fRVn2J086hFQAAAGWun2sXwAABAMA
RjBEAiAr2fB5/tlE1hEac96N74sOXII6h7NC0h2me6g/ApzzhAIgJQaw+FpQPFI5
hw142yaqULgF/Ulr/qmPqRIpf+68TqEAdQAaBP9J0FQdQK/2oMO/8djEZy9O7O4j
QGiYaxdALtyJfQAAAZa6fa74AAAEAwBGMEQCIG9ogrzU+nNN5ByL9FEQFJ4sPhVW
ISjJiJw82oZiTXccAiAVY4mervy3+cWE4MAdBTvel5OT58IDzUn5d21qetEsbDAN
BgkqhkiG9w0BAQsFAAOCAQEADg2vvu2EC25q/DaqaTU12edEpkk/ZNJe3zuemQiF
UaxSQ/Z+xcE8xNDFDLPgZ/Sl3mxeEz0TUrvQeb2AneP7SvJ7ac9i6r2gvchlwlIU
TDthqbLRKHjmKlEZVUhed6oXyCPvh1xQXmdxhuwX4QeAFprpjt1F3Yc2r41sBZkP
BzkutVIgXFV6Vk5TNUmQKyLw0ab4WXj9/IhBaTPiVE/pnZm+zgWQ2XEj+RpJ5ZDn
Uam/vdrpz4oy/EdlhZdUiHNJLtp7712J1lK76kD0fW2YuKWv1M/RqyFnxnRkEjS7
Axuy9KFAXFCc4DzyBOgVz4aX2shMX+tqOwtvEBO3U0m4tg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljzNUS9NGwGM4W3tT4qx
KvGs1ZLEyfGVTaizLVYxc6jhBYHhzEl3JPGl9ZloF/8hkY7imGK2QtOJfwQ2EKjU
ViK6EXV64ywRxaSwFQgQKgx4gw1ZTmSGmKWgugePVc4fM5sJM1cOBYAtRcmapOBG
KO6H6pordgVmfGYcuSEQuwD0dJBb81tqPFPh2AJOkXmxB9jI7eK+uzpQzjp5Wcow
qTZ/hZP8iV0mjH1Q+ntOWQiFkCIg4Vjug6+Ug1+CHIdEj8htKalIZ++fCAxxl9L5
fJhoSvG/Bps7vqo5JLusUGkA0VHeeTshMfHL7geJK9fm27swAzJLqlEiyomF03cz
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 595100617712385752148810986805262744748687
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-10 13:00:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-08 13:00:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.provoli.eu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18965728338452784539290561528601317814229283638224263807662236311727556204571526594542345754989130380431838450470667341149408383002116830472397186702987856158292088694291261728912554783941475979599593824066664964040770867942072466556972884837216974026148101004771343399364189640676072110931233771747075390057540013106548633395744753833477198425599634863946084874823393660376951012263419355398904821752138145925010263142199498890750204971162762273362423307190129825772057797631194017368612258315020170667215321537664558070774949440625093251247737325756934829352331215633088970845934477424921710403821347595454313345921
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1d6638299d1057bc4b13ccc92e2b17b9c58bea4b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.provoli.eu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'provoli.eu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/16.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a845400000196ba7dac5f000004030046304402202bd9f079fed944d6111a73de8def8b0e5c823a87b342d21da67ba83f029cf38402202506b0f85a503c5239870d78db26aa50b805fd496bfea98fa912297feebc4ea10075001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d00000196ba7daef8000004030046304402206f6882bcd4fa734de41c8bf45110149e2c3e15562128c9889c3cda86624d771c02201563899eaefcb7f9c584e0c01d053bde979393e7c203cd49f9776d6a7ad12c6c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000e0dafbeed840b6e6afc36aa693535d9e744a6493f64d25edf3b9e99088551ac5243f67ec5c13cc4d0c50cb3e067f4a5de6c5e133d1352bbd079bd809de3fb4af27b69cf62eabda0bdc865c252144c3b61a9b2d12878e62a511955485e77aa17c823ef875c505e677186ec17e10780169ae98edd45dd8736af8d6c05990f07392eb552205c557a564e533549902b22f0d1a6f85978fdfc88416933e2544fe99d99bece0590d97123f91a49e590e751a9bfbddae9cf8a32fc47658597548873492eda7bef5d89d652bbea40f47d6d98b8a5afd4cfd1ab2167c674641234bb031bb2f4a1405c509ce03cf204e815cf8697dac84c5feb6a3b0b6f1013b75349b8b6