DV SSL/TLS Certificate for verygood.mx

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the verygood.mx DV SSL/TLS Certificate

This certificate with serial number 06:2d:04:ad:e0:14:be:c9:2b:28:1f:97:68:37:f8:bf:30:da for verygood.mx was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for verygood.mx provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:2d:04:ad:e0:14:be:c9:2b:28:1f:97:68:37:f8:bf:30:da
Serial Number (int): 537992641826246736742283770102378001281242
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 62:e2:af:c0:2f:63:45:1e:26:6e:d3:9e:f6:dc:6e:b7:7d:2f:8a:f6
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): aa:58:90:7d:6f:96:ed:f3:4e:d0:6a:49:9e:38:49:2d:7b:25:bb:5f
Fingerprint (SHA-256): 77:77:47:db:22:ff:25:b2:62:fb:9d:b9:d2:98:a0:23:38:ad:74:de:62:23:40:1d:86:a5:71:78:fb:af:eb:99

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/91.crl

Check the revocation status for certificate verygood.mx
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for verygood.mx

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for verygood.mx in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISBi0EreAUvskrKB+XaDf4vzDaMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjA5MDMyNzEzWhcNMjUwOTA3MDMyNzEyWjAWMRQwEgYDVQQD
Ewt2ZXJ5Z29vZC5teDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANWy
1uZqYhrF9ylqpBiJaNOVwPbQsz0uei60wEiBmlsdiU6NztQHtXr/ys8zujqzmYga
zgr1NP8g6x+p51fEMiiaqOwojDzQfIrfeGHccaczFXCNnSDF9vCMu2yACoA55lyW
CvGdaJ3ACSTF2emFenqDtQtAwDLUrLYC0PFwKJ39fUrg6JMhGSo8JOTffLPvuoFD
0UlQ9+LmGdNVh5X4TZwthyEjMvQdnpAvX4+kkAxWHFEY0ADYvU98xF2eevPJ7A6w
qP6Ihsv26ASV9ZNRJVyNr8tcqtUTeChR09jw79RgZPX8hkqe8AdYhbPTnayv6P1y
qRiXUTJ+eB95/tm8gS0CAwEAAaOCAiwwggIoMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUYuKvwC9jRR4mbtOe9txut30vivYwHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXE
LbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEx
LmkubGVuY3Iub3JnLzAnBgNVHREEIDAeggt2ZXJ5Z29vZC5teIIPd3d3LnZlcnln
b29kLm14MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0
dHA6Ly9yMTEuYy5sZW5jci5vcmcvOTEuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB
8gDwAHYApELFBklgYVSPD9TqnPt6LSZFTYepfy/fRVn2J086hFQAAAGXUu/pdwAA
BAMARzBFAiAMzwtRM3mTPtfRliMJUmq6JkxF9syVQUNaVacygJuz6AIhANgRWcNF
ZRoXxiAp9Ju71XNPvFxO3jG9GLC8F/KQiVIzAHYA3dzKNJXX4RYF55Uy+sef+D0c
UN/bADoUEnYKLKy7yCoAAAGXUu/ptwAABAMARzBFAiBsTJNG2ERrTklq09eeER7I
U8hpTflxnC/4UjgKagwSeQIhAIw3xLmMqM9qn+gPl0qoA2guIy+WPZ0PIbQVKSnb
CIhNMA0GCSqGSIb3DQEBCwUAA4IBAQCMjITbG2ui5DDlTev8vq+xVHRZ4wtXZU00
boXpZv9Lu6zEvLBj++7YNhVmtW3DR1HES4sleGd/tvYfVHFMDML4XRYpb+2CUC7P
63EYhUoP9DqChXdmogT4FYrgPR/ZsVEUl+f+zCXH0iTHhCCfjUDFu0wyuObV8UAK
JGMeTl8GZBMHs32A9mqk2nRrHXQKxYZxl5Cs8ZQeZaew4hdNfguDTv61vJJ0i+ow
fR6ILou80lxt/L7lGSVyqbLQUjImSoKuIw5R0LuQBzWr2YPiXbrmkCahDpqzULG+
UJe6r7Bgdts2HDs4jNhNGpXCQ6pbxoxLZYdlziDDbVOs7ttBkZ2Y
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bLW5mpiGsX3KWqkGIlo
05XA9tCzPS56LrTASIGaWx2JTo3O1Ae1ev/KzzO6OrOZiBrOCvU0/yDrH6nnV8Qy
KJqo7CiMPNB8it94YdxxpzMVcI2dIMX28Iy7bIAKgDnmXJYK8Z1oncAJJMXZ6YV6
eoO1C0DAMtSstgLQ8XAonf19SuDokyEZKjwk5N98s++6gUPRSVD34uYZ01WHlfhN
nC2HISMy9B2ekC9fj6SQDFYcURjQANi9T3zEXZ5688nsDrCo/oiGy/boBJX1k1El
XI2vy1yq1RN4KFHT2PDv1GBk9fyGSp7wB1iFs9OdrK/o/XKpGJdRMn54H3n+2byB
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 537992641826246736742283770102378001281242
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-09 03:27:13 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-07 03:27:12 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'verygood.mx'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26976947979073331080184307111740657727802360408444515973343655696973113135483722636713417593108215885698949321623514476931934254345221121692785966720895598650687651658966047794388205610845737138787309913060027140613917247175424889148988106243268299378299970226925554076041736927266996208613040460028532851882079827323301037886614186463642198645050067659590806086954670039894834236764776333060942127763003730875244523776919702081930639060808314638779308909547197994088064496443573622242771005298227065082239937098870106670594511111850538565342487452087727106643586584703406729355575353397438806484826862749797945475373
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							62e2afc02f63451e266ed39ef6dc6eb77d2f8af6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'verygood.mx'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.verygood.mx'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/91.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a84540000019752efe977000004030047304502200ccf0b513379933ed7d1962309526aba264c45f6cc9541435a55a732809bb3e8022100d81159c345651a17c62029f49bbbd5734fbc5c4ede31bd18b0bc17f290895233007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019752efe9b7000004030047304502206c4c9346d8446b4e496ad3d79e111ec853c8694df9719c2ff852380a6a0c12790221008c37c4b98ca8cf6a9fe80f974aa803682e232f963d9d0f21b4152929db08884d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008c8c84db1b6ba2e430e54debfcbeafb1547459e30b57654d346e85e966ff4bbbacc4bcb063fbeed8361566b56dc34751c44b8b2578677fb6f61f54714c0cc2f85d16296fed82502ecfeb7118854a0ff43a82857766a204f8158ae03d1fd9b1511497e7fecc25c7d224c784209f8d40c5bb4c32b8e6d5f1400a24631e4e5f06641307b37d80f66aa4da746b1d740ac586719790acf1941e65a7b0e2174d7e0b834efeb5bc92748bea307d1e882e8bbcd25c6dfcbee5192572a9b2d05232264a82ae230e51d0bb900735abd983e25dbae69026a10e9ab350b1be5097baafb06076db361c3b388cd84d1a95c243aa5bc68c4b658765ce20c36d53aceedb41919d98