DV SSL/TLS Certificate for kraakgroepleiden.squat.net

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the kraakgroepleiden.squat.net DV SSL/TLS Certificate

This certificate with serial number 06:d9:1a:92:6e:a0:66:61:1b:68:6f:70:39:72:da:f0:12:60 for kraakgroepleiden.squat.net was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for kraakgroepleiden.squat.net provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:d9:1a:92:6e:a0:66:61:1b:68:6f:70:39:72:da:f0:12:60
Serial Number (int): 596550309459410127619027658131572855411296
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 09:9e:95:bd:5f:8f:1b:61:dc:d9:24:85:88:c3:ed:ed:39:de:2b:c1
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 45:f8:61:67:3e:d6:33:05:95:83:b7:48:4c:7e:15:ea:a2:86:6b:6e
Fingerprint (SHA-256): 6e:81:2f:8f:8f:8c:b8:91:c3:98:d3:7a:03:bc:78:1a:c0:3e:45:bc:40:ad:04:7d:64:21:e4:13:ef:57:69:dd

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/97.crl

Check the revocation status for certificate kraakgroepleiden.squat.net
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for kraakgroepleiden.squat.net

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for kraakgroepleiden.squat.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISBtkakm6gZmEbaG9wOXLa8BJgMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNzAyMDkzNzEyWhcNMjUwOTMwMDkzNzExWjAlMSMwIQYDVQQD
ExprcmFha2dyb2VwbGVpZGVuLnNxdWF0Lm5ldDCCAiIwDQYJKoZIhvcNAQEBBQAD
ggIPADCCAgoCggIBAMj6bZHAeuBLGHmeGN+TL/JoES4lQx/eMNfVGszkenTKMMWC
8xQWW26kQ6kUbDf4Fj5r5qs7z58hqhbDm7tocanKsFy3jGkmcZBM5LHXEH2w2mHh
0eLNVcR6NEC3xX0yeRDlUYp6lp3N6O85Nh+czxQ0UcDqvhvhNDdYQRVE2W1r9I85
X9pxYdxfDuIqUa/hO7jJgD3fEczhbPD3AX+VLquO8GQYIRShI+2Q2UN7Zp4qIPSt
D2jy4bTBG2TvRa6NDis/Ot5bv0fxH7tPnlDCyMYk4iwKgRwEvzJOYh+5GDjpVzwV
yvjH41+g+JZQE8F5NyTD4hNu1f3lUgBRJc9RpchOAFM9NVHfkbRrETpv4rLp0BTy
Ks43gj3BgmR0GATuWZBgCH8FWS+UD2vnwK5PU6cChEBKsSlLV0WBOIK7cP6U/ztu
6MKe3BYW0TNmiukM9qQHqnhhCm9X2JKkgDr4eEjOu/g0uoCktL4SvHHufgLUXJxy
IE8L1kCX+ztR/Rola3qUzxyB69T5acgH6zlIKA4KBlUJfa0WXgZnX2VmFtQM6x7O
2otWIz7wqhT/P/6OmUv9ohyYBl7HgeLAFcwMuhtrL+3MQBbjJoOazxCMxz7v8MdC
CDUAZVhrEZnJrrucNyeue5Mh21bGRs+F0iABlC9/imtSDLj2rZnab8TDa7l1AgMB
AAGjggJJMIICRTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAmelb1fjxth3NkkhYjD
7e053ivBMB8GA1UdIwQYMBaAFMXPRqTq9MPAemyVxC2wXpIvJuO5MDMGCCsGAQUF
BwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3IxMS5pLmxlbmNyLm9yZy8wRQYD
VR0RBD4wPIIaa3JhYWtncm9lcGxlaWRlbi5zcXVhdC5uZXSCHnd3dy5rcmFha2dy
b2VwbGVpZGVuLnNxdWF0Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8E
JzAlMCOgIaAfhh1odHRwOi8vcjExLmMubGVuY3Iub3JnLzk3LmNybDCCAQMGCisG
AQQB1nkCBAIEgfQEgfEA7wB2AMz7D2qFcQll/pWbU87psnwi6YVcDZeNtql+VMD+
TA2wAAABl8q05PoAAAQDAEcwRQIgC7r1qhoV+lPdy+f2J7g5Opg95+e8ht0SYKJe
erNKUL4CIQCZZMRpuMqvLV7emSdQ2JSAuFWxux7TajkSeOu06MH8zwB1AH1ZHhLh
eCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABl8q05Q0AAAQDAEYwRAIgdlIa
aIZDdziaaH9S0/LgXqGc1M8fu16RY2h88431R28CICLkAq5rqDZMvHAGOKXn9ghf
KdtT5gIeogRtVRHFWaRkMA0GCSqGSIb3DQEBCwUAA4IBAQA080npQfAZ93j0j7oj
Fd2RTu31XH2kf7H+Q/cwPHdFeEnS6n6LqPd11eVBTy3S96Ds2jv2WJIpK4eqvFFP
FbB56hZEKeonlM4lZYIB++0Chj9I6KRfwFUnH+/VucPdLNwYzb3VGkCMFaNvpsjP
h/vDOZXQ0jrhkdC5dLRAkPSxtIdmCI11U4dAiVKo+q4QHcdX3qssmTEWZt0DwyeD
UUajGBdIl963TcgiDG7ydIrcau2pSuhdDoojj56xlgOavzuMMeuZvPraL8kjJj4+
UIytO9bdQBK9/tnFHrE4pqLS5XnMWRUlwmGz5n5gn09cMen+IvJCWrOv6WKXJJE9
Pjrd
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyPptkcB64EsYeZ4Y35Mv
8mgRLiVDH94w19UazOR6dMowxYLzFBZbbqRDqRRsN/gWPmvmqzvPnyGqFsObu2hx
qcqwXLeMaSZxkEzksdcQfbDaYeHR4s1VxHo0QLfFfTJ5EOVRinqWnc3o7zk2H5zP
FDRRwOq+G+E0N1hBFUTZbWv0jzlf2nFh3F8O4ipRr+E7uMmAPd8RzOFs8PcBf5Uu
q47wZBghFKEj7ZDZQ3tmniog9K0PaPLhtMEbZO9Fro0OKz863lu/R/Efu0+eUMLI
xiTiLAqBHAS/Mk5iH7kYOOlXPBXK+MfjX6D4llATwXk3JMPiE27V/eVSAFElz1Gl
yE4AUz01Ud+RtGsROm/isunQFPIqzjeCPcGCZHQYBO5ZkGAIfwVZL5QPa+fArk9T
pwKEQEqxKUtXRYE4grtw/pT/O27owp7cFhbRM2aK6Qz2pAeqeGEKb1fYkqSAOvh4
SM67+DS6gKS0vhK8ce5+AtRcnHIgTwvWQJf7O1H9GiVrepTPHIHr1PlpyAfrOUgo
DgoGVQl9rRZeBmdfZWYW1AzrHs7ai1YjPvCqFP8//o6ZS/2iHJgGXseB4sAVzAy6
G2sv7cxAFuMmg5rPEIzHPu/wx0IINQBlWGsRmcmuu5w3J657kyHbVsZGz4XSIAGU
L3+Ka1IMuPatmdpvxMNruXUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 596550309459410127619027658131572855411296
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-02 09:37:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-30 09:37:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kraakgroepleiden.squat.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 819919661752746125245173005555800571346959954680426380887834017655311934808182963919162476262341536089408287750680542643882695472994911355040561633138447748901288939735112105390557436513516466953181263852439739655062593766078136711138261997416612382992044132261011878539707808558005680603653364938414790414632262634966566268893182043028124581577381461743862243878495272915508853071934327079403745121160646717862861047370400777173987157969563078271459556191504706375900966434049095363770534912706731977570238460751743435244019461393363206749805513419665361702813899290465313659425023968870007901018789851808963972185808160596731267167869708547443832649464685476219351862416660711406850164522034938248962516562752492949776994881092768903094770398895511688412396750490679535957239641778302004213192656928278659723680688133380651645134399626171413316266154189066688315967052222631915926003017002848793212113234074263855109048330074645241425831868672474030232665737073828921567069352501210864335412918357331525948286302224181051320199569453141798452240998143298060457546234522355196593423320042046238280864309231359059140239883186194311437878564776249878549960374678054637400717791409881436806673301645825800140964143468810105445291899253
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							099e95bd5f8f1b61dcd9248588c3eded39de2bc1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kraakgroepleiden.squat.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kraakgroepleiden.squat.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/97.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197cab4e4fa000004030047304502200bbaf5aa1a15fa53ddcbe7f627b8393a983de7e7bc86dd1260a25e7ab34a50be0221009964c469b8caaf2d5ede992750d89480b855b1bb1ed36a391278ebb4e8c1fccf0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000197cab4e50d0000040300463044022076521a68864377389a687f52d3f2e05ea19cd4cf1fbb5e9163687cf38df5476f022022e402ae6ba8364cbc700638a5e7f6085f29db53e6021ea2046d5511c559a464
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0034f349e941f019f778f48fba2315dd914eedf55c7da47fb1fe43f7303c77457849d2ea7e8ba8f775d5e5414f2dd2f7a0ecda3bf65892292b87aabc514f15b079ea164429ea2794ce25658201fbed02863f48e8a45fc055271fefd5b9c3dd2cdc18cdbdd51a408c15a36fa6c8cf87fbc33995d0d23ae191d0b974b44090f4b1b48766088d755387408952a8faae101dc757deab2c99311666dd03c327835146a318174897deb74dc8220c6ef2748adc6aeda94ae85d0e8a238f9eb196039abf3b8c31eb99bcfada2fc923263e3e508cad3bd6dd4012bdfed9c51eb138a6a2d2e579cc591525c261b3e67e609f4f5c31e9fe22f2425ab3afe9629724913d3e3add