DV SSL/TLS Certificate for www.elspethhart.ca

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the www.elspethhart.ca DV SSL/TLS Certificate

This certificate with serial number 05:3b:17:f8:0b:20:84:24:8d:71:d6:da:62:26:cc:5c:92:d9 for www.elspethhart.ca was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.elspethhart.ca provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:3b:17:f8:0b:20:84:24:8d:71:d6:da:62:26:cc:5c:92:d9
Serial Number (int): 455669949466343275330991657578285831590617
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 1a:d1:ef:ca:12:fa:0c:9e:7f:46:a8:3f:69:43:d2:86:1f:19:8f:78
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 1e:aa:31:3b:67:28:11:8b:c6:0a:df:f4:d0:8e:29:26:4a:5d:09:73
Fingerprint (SHA-256): b4:90:a5:64:32:8d:be:99:5d:45:e6:58:66:3e:d1:7d:90:1e:ca:93:2d:2b:3d:65:ce:bd:24:da:d2:54:ef:64

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/90.crl

Check the revocation status for certificate www.elspethhart.ca
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.elspethhart.ca

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.elspethhart.ca

X.509 Certificate

The complete raw X.509 certificate details for www.elspethhart.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISBTsX+AsghCSNcdbaYibMXJLZMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjEyMDAwMzU2WhcNMjUwOTEwMDAwMzU1WjAdMRswGQYDVQQD
ExJ3d3cuZWxzcGV0aGhhcnQuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClCPdD1Pbzn9La6wHsXk+9J++Qfk2/2A7bOjT1V2mrrtsIbdw0q5/S8UB3
4g1gxbZMH/SBKQ1r7ldPINQUmJvlZKdPa6XS0UrSr83cQw9Couo3nxko2iwbraf8
0EtPGGjhwVYNiQUYRHOTsG6ZQYDEbVfc0oC+xp/SuaH253e1AM3rFjWj4MhsyZG2
IwsZbHZ/2hR6KOjI6PKIypjQ290YvG4ktzmqSeC2SErKW1WP1gPByC4hXrqgWLXM
f5JITLpawk6r5/RBhF8a5OyZJTLtBbs7nJRBVG3Ck7QI2kAFB5AUAP8PweaX09ou
5Y2LzU8Dmpd6nIxpwYwBniI0vekhAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFBrR78oS+gyef0aoP2lD0oYfGY94MB8GA1UdIwQYMBaAFMXPRqTq
9MPAemyVxC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0
cDovL3IxMS5pLmxlbmNyLm9yZy8wHQYDVR0RBBYwFIISd3d3LmVsc3BldGhoYXJ0
LmNhMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6
Ly9yMTEuYy5sZW5jci5vcmcvOTAuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv
AHUADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGXYajeBAAABAMA
RjBEAiBwgLmjVOY81/CUhSv7TxElO0Zd9A1LPw96xb74pNvxZwIgZPdfb8Q6m2hB
QirGgcqEe8YdZnwxFxy9iRReGRQDYBoAdgDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2X
jbapflTA/kwNsAAAAZdhqN42AAAEAwBHMEUCIQCYjy2V5Zsg0fWfS6dr52oJhF7g
FlBYk1smX6jCTzSnQgIgbDdybPuXI9CKzcwAlufiHiv9UYt55hD1kTRkqxckpuYw
DQYJKoZIhvcNAQELBQADggEBAANFOBl43KtMeIpSOYgQxA2/IhQf+zk5vjZDTBF5
KxttmEiqnotSuPfifLoTVMtvXqzoaEBP2B3iSYTd5tgw9buR3NbBymfStegfOuiI
crGqs5cIZwdTcaOmXPQC5oe5XG1noMOxiPE/ChCzq9fmAZS+wRlOY6kgyiO9ARp7
OyMrkeiobJTSR5D+jGMfdt93aHQHpmNDrTQ9UrvSOMwfQhu+X4vjZVKzyq+9sbrh
3w+oPV3+kix7LDKOQ/0m2TATYiZkW3YVLZnL5jDGv8kR/pJyP9cUCBA2PUUhaweG
SvsDLvMaVyOYuIgFgznZ0owk4vM8US1IULe/lV7SjIs3p08=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQj3Q9T285/S2usB7F5P
vSfvkH5Nv9gO2zo09Vdpq67bCG3cNKuf0vFAd+INYMW2TB/0gSkNa+5XTyDUFJib
5WSnT2ul0tFK0q/N3EMPQqLqN58ZKNosG62n/NBLTxho4cFWDYkFGERzk7BumUGA
xG1X3NKAvsaf0rmh9ud3tQDN6xY1o+DIbMmRtiMLGWx2f9oUeijoyOjyiMqY0Nvd
GLxuJLc5qkngtkhKyltVj9YDwcguIV66oFi1zH+SSEy6WsJOq+f0QYRfGuTsmSUy
7QW7O5yUQVRtwpO0CNpABQeQFAD/D8Hml9PaLuWNi81PA5qXepyMacGMAZ4iNL3p
IQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 455669949466343275330991657578285831590617
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-12 00:03:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-10 00:03:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.elspethhart.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20833741559009204843033027641329439732320757570683837324071098953217832085343927556050020976921942899477016993371854472995362798523608048330509051675275597488093943579655349167797910337105271015785368813624706397441672256523215303361276016630255053371183854630279225808251100422404081302566660111402382700728974000034873933345970943214426158622603753845638447096283082232204124764488579739163749548551386133112206673163302485569710700316922652120664592986135931045232589105264690088277932196085980904067063816599409466302939879465003347426990323624695690627882934057168676098155534943657808603426853026554744537999649
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1ad1efca12fa0c9e7f46a83f6943d2861f198f78
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.elspethhart.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/90.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa340000019761a8de04000004030046304402207080b9a354e63cd7f094852bfb4f11253b465df40d4b3f0f7ac5bef8a4dbf167022064f75f6fc43a9b6841422ac681ca847bc61d667c31171cbd89145e191403601a007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000019761a8de360000040300473045022100988f2d95e59b20d1f59f4ba76be76a09845ee0165058935b265fa8c24f34a74202206c37726cfb9723d08acdcc0096e7e21e2bfd518b79e610f5913464ab1724a6e6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000345381978dcab4c788a52398810c40dbf22141ffb3939be36434c11792b1b6d9848aa9e8b52b8f7e27cba1354cb6f5eace868404fd81de24984dde6d830f5bb91dcd6c1ca67d2b5e81f3ae88872b1aab3970867075371a3a65cf402e687b95c6d67a0c3b188f13f0a10b3abd7e60194bec1194e63a920ca23bd011a7b3b232b91e8a86c94d24790fe8c631f76df77687407a66343ad343d52bbd238cc1f421bbe5f8be36552b3caafbdb1bae1df0fa83d5dfe922c7b2c328e43fd26d930136226645b76152d99cbe630c6bfc911fe92723fd7140810363d45216b07864afb032ef31a572398b888058339d9d28c24e2f33c512d4850b7bf955ed28c8b37a74f