DV SSL/TLS Certificate for ontimeconstruction.net

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the ontimeconstruction.net DV SSL/TLS Certificate

This certificate with serial number 05:20:93:5d:b6:9e:8e:0e:50:44:f4:d9:8a:a2:1d:fb:ac:32 for ontimeconstruction.net was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for ontimeconstruction.net provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:20:93:5d:b6:9e:8e:0e:50:44:f4:d9:8a:a2:1d:fb:ac:32
Serial Number (int): 446646348503220052153509026539274724158514
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 79:a8:f5:de:e8:89:0e:6a:a1:58:ca:b7:44:18:73:3e:30:8e:0b:70
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 6b:c9:c1:89:dd:47:18:88:01:f6:12:4b:c4:e2:76:1b:2a:5a:f6:82
Fingerprint (SHA-256): 06:ff:7a:6f:83:eb:74:e4:39:93:f2:dc:4e:c8:cd:e0:1d:f9:14:c7:0d:b0:e7:b6:a5:94:90:1f:32:09:6e:d5

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/51.crl

Check the revocation status for certificate ontimeconstruction.net
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ontimeconstruction.net

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for ontimeconstruction.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISBSCTXbaejg5QRPTZiqId+6wyMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTI1MTI0NjI4WhcNMjUwODIzMTI0NjI3WjAhMR8wHQYDVQQD
ExZvbnRpbWVjb25zdHJ1Y3Rpb24ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAruNE/1Ko8CBuPQ+2c5GvBBzMNsU1aOXTGeGcVGSU1u32ab6wqoCJ
bPEN+T/oOwNhT+cNM/FYHZKWHJ9LapHA4LKmIH/mxTmAx2x/UZr758fQQvPXMVBY
+9KboWhyUvQX9E2lhq9XZx7X57sk/TLP5n2DrVu91Bv2Tv/TMTBtgxyEE3LKIWV7
FG9jkTMmcYoIhr1IUgC2MqvsMlR4RPaiQbjkMx3a2F1w05PE3P8VZrgTM/1Cd0an
9iBmsm6iGEa/m3eugLsa1jVTGwyKlWxL8ZVRbQGy8o/rMTt5qo3DsJwyQCKx84F+
1KSECHbgivoRRZDBzavs5fPirsAc3MyzqQIDAQABo4ICRDCCAkAwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBR5qPXe6IkOaqFYyrdEGHM+MI4LcDAfBgNVHSMEGDAWgBS7
vMNHpeS8qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKG
F2h0dHA6Ly9yMTAuaS5sZW5jci5vcmcvMD0GA1UdEQQ2MDSCFm9udGltZWNvbnN0
cnVjdGlvbi5uZXSCGnd3dy5vbnRpbWVjb25zdHJ1Y3Rpb24ubmV0MBMGA1UdIAQM
MAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTAuYy5sZW5j
ci5vcmcvNTEuY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcA3dzKNJXX4RYF
55Uy+sef+D0cUN/bADoUEnYKLKy7yCoAAAGXB7CErwAABAMASDBGAiEA5Xr2ry/i
Rwr6nw3JzmniliBUUDv0wPRyhZ1JnkkWsHACIQDpuzJDEerGAA2FRClvdOtr99a8
Omu4DGxdoC5AIwEufQB3AKRCxQZJYGFUjw/U6pz7ei0mRU2HqX8v30VZ9idPOoRU
AAABlwewlA4AAAQDAEgwRgIhAJu71NuhiEFmg0r8yGUUBNbTVsR9alNRFYsI+qBT
j5QRAiEAshJowdJyKUpWOi9ehXyD5wstEiOnsw7WEpx72seW/UswDQYJKoZIhvcN
AQELBQADggEBAASvy5zUSFbYKD7SMIWCq3zBIIllewzYlgWfSgcAZ4OoMVAfUP+I
G/Cd+nZ1Nb96z1qJU+F5NE8IlxvXC0FULwmmbkwejN/WFk7XEc0c1PhjQ7iWOfL9
Kh/6D1axNxiBlo60yivWNFtxEbrAUYEcJjg5e2obfQERp+v3UsLO3NPBr+q+BQGk
H8Shmnur7ojSiufCpfjS/Hp0tAstTGRU2e9mun41L1KllInGYvow2qoYFJY8xUEm
2RIFeKEciNgbYUo4vSz583KFXibjdbyId9gmuSPvXf8Ylers1q6I3JPFwIQcielZ
ubom6uoNHVtcjG6TRGXcSIroVQ1TXtI69dQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruNE/1Ko8CBuPQ+2c5Gv
BBzMNsU1aOXTGeGcVGSU1u32ab6wqoCJbPEN+T/oOwNhT+cNM/FYHZKWHJ9LapHA
4LKmIH/mxTmAx2x/UZr758fQQvPXMVBY+9KboWhyUvQX9E2lhq9XZx7X57sk/TLP
5n2DrVu91Bv2Tv/TMTBtgxyEE3LKIWV7FG9jkTMmcYoIhr1IUgC2MqvsMlR4RPai
QbjkMx3a2F1w05PE3P8VZrgTM/1Cd0an9iBmsm6iGEa/m3eugLsa1jVTGwyKlWxL
8ZVRbQGy8o/rMTt5qo3DsJwyQCKx84F+1KSECHbgivoRRZDBzavs5fPirsAc3Myz
qQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 446646348503220052153509026539274724158514
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-25 12:46:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-23 12:46:27 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ontimeconstruction.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22077535841794014329185345712470069948387766122636186088246474653817907570804212700613229399156453116366395227119102282334586355505695844719044347537118501437528280303274078935498372274158948405365407167516514976011303943510796408762927927731575772264416123795073294035282574460162125239278126166863573147084679506815004642326129556601782274907375634343414393613143090452606602868347169814299768257275649484906727843387209224544908196528737696257653851367828497926860236136032394546246457426599833980084045922197381735893252404469810612025582927766445929064649338522919002220161590734387550022496772790133827870438313
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							79a8f5dee8890e6aa158cab74418733e308e0b70
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ontimeconstruction.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ontimeconstruction.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/51.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019707b084af0000040300483046022100e57af6af2fe2470afa9f0dc9ce69e2962054503bf4c0f472859d499e4916b070022100e9bb324311eac6000d8544296f74eb6bf7d6bc3a6bb80c6c5da02e4023012e7d007700a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a84540000019707b0940e00000403004830460221009bbbd4dba1884166834afcc8651404d6d356c47d6a5351158b08faa0538f9411022100b21268c1d272294a563a2f5e857c83e70b2d1223a7b30ed6129c7bdac796fd4b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0004afcb9cd44856d8283ed2308582ab7cc12089657b0cd896059f4a07006783a831501f50ff881bf09dfa767535bf7acf5a8953e179344f08971bd70b41542f09a66e4c1e8cdfd6164ed711cd1cd4f86343b89639f2fd2a1ffa0f56b1371881968eb4ca2bd6345b7111bac051811c2638397b6a1b7d0111a7ebf752c2cedcd3c1afeabe0501a41fc4a19a7babee88d28ae7c2a5f8d2fc7a74b40b2d4c6454d9ef66ba7e352f52a59489c662fa30daaa1814963cc54126d9120578a11c88d81b614a38bd2cf9f372855e26e375bc8877d826b923ef5dff1895eaecd6ae88dc93c5c0841c89e959b9ba26eaea0d1d5b5c8c6e934465dc488ae8550d535ed23af5d4