DV SSL/TLS Certificate for mail.poptbindonesia.org

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the mail.poptbindonesia.org DV SSL/TLS Certificate

This certificate with serial number 06:da:8b:4a:c1:11:5a:6e:c5:46:e2:1b:c9:39:01:d6:43:52 for mail.poptbindonesia.org was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for mail.poptbindonesia.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:da:8b:4a:c1:11:5a:6e:c5:46:e2:1b:c9:39:01:d6:43:52
Serial Number (int): 597040422416587619630189928147536366158674
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: bc:0b:55:19:9f:78:0f:b4:59:ba:7b:5d:4e:55:6e:43:b0:d0:65:9d
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 5b:ba:3f:ea:b5:8d:b7:71:af:42:c8:e8:97:2a:c8:9c:23:e3:6a:96
Fingerprint (SHA-256): ec:14:f9:39:d8:e1:39:9c:ac:80:e2:56:ec:bc:14:5c:66:eb:93:32:0c:12:d2:04:2d:81:50:76:66:ad:ac:d6

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/83.crl

Check the revocation status for certificate mail.poptbindonesia.org
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for mail.poptbindonesia.org

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for mail.poptbindonesia.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISBtqLSsERWm7FRuIbyTkB1kNSMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjA0MDAxMDM0WhcNMjUwOTAyMDAxMDMzWjAiMSAwHgYDVQQD
ExdtYWlsLnBvcHRiaW5kb25lc2lhLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBANURDfoDf35s4zf9W13e4mku0vBb4Ju8raM8JgL1QcfphVxqWYwo
aO447QIoEXNFFUNNxushlnKTL3Cvmr6OXo6TsJUAb2lP25v0A3VfMGOV8zkcet6G
uNeRc0nqjfjxserm6XT6Pahmpb3CbPhTrPLD9bDRRfgPlNsVg0K5uUON/n9vm/Ga
blRaNielYwjgi2/DG/4uOZSFK/0bgP1uAkyba1v7fJq2RW9Qh4qg/J+pXMTsUo3b
fiQHzdN2qQ8bmQArTPpJZmheeKAhZVysz//kK5cz6sUCOhBQj1fS76ZjuBAUebvM
JrrSTdCzkv9Vckg5PAcAQ89mGvJcj7RVW+DSurMaRAlPXJfv2D6S8lsdiHXW4Cb+
MCmi89Z5RD4CCWcnCln/L8GmQM96asIa8eenU3fP7ab13mdW0MgowX18CBI8VWrU
vlLjDepsBetaDp9J8nveinXDORijuRGrjzt3o2IxJaW0rRrbX1FFqdYe7RkfN9oS
hSW6hMhrjKUiZ4Q+ZQTCjxvj1pee+FY8XWPv3/nSz3Qx4wn3wo4RJmfekMScE4OH
o29CU4Gve9quWlUJaPkdIjW84G1dtejPssH4lDAERD2yuXluFWfZUj/tujQltL6O
MweGyoNn8JYvGz4glV+muPWDKFQE44CCb248Q0c+6v7OeBfFrAB8Z8dPAgMBAAGj
ggJTMIICTzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLwLVRmfeA+0Wbp7XU5VbkOw
0GWdMB8GA1UdIwQYMBaAFLu8w0el5LypxsOkcgwQjaI14cjoMDMGCCsGAQUFBwEB
BCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3IxMC5pLmxlbmNyLm9yZy8wTgYDVR0R
BEcwRYIXbWFpbC5wb3B0YmluZG9uZXNpYS5vcmeCEnBvcHRiaW5kb25lc2lhLm9y
Z4IWd3d3LnBvcHRiaW5kb25lc2lhLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATAu
BgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEwLmMubGVuY3Iub3JnLzgzLmNybDCC
AQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6
FBJ2Ciysu8gqAAABlzh8E0kAAAQDAEgwRgIhAKxJvETbuOPS4XEE0GOch4wNLnJ7
OnAfzr6n0cUTSsj6AiEA+EfShPETr6mKVc3Hu4Z6TDNXcI/HTAeoMe168uiduZAA
dQAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZc4fBrYAAAEAwBG
MEQCIG1cAnDWhqFMFYzxXAiiiL3V/vk1OqJiMrXpb0F5E/MVAiBWJ8ZWE5lZ12gP
aPEig1GIcCAo5vImf3dKFuVWfytEmzANBgkqhkiG9w0BAQsFAAOCAQEAPDe7ZBEY
hv83Mu34zxgMTmuMTLqeI0+sfJ4v+YOrLc4LXiTzE3Riex9vVCh3zqVSCH909RTe
AgH/WFSVcW3XEWEVS8O14507RffUCe6IeAHy1iDTMrVtKUdToDlVV5LrQt/xsG4y
uMNIKLTNwlznqccOze+C1O3hkHkjXYcfTebkywWUfuT7BXKinom8RrnMs5EOKa9/
/0HwOdSBsWIeQJ3g2uEN9ep3fe0uK0lukX9fJmcbBDTo2W0WP3w+oXsHLtLBwIgp
ItLE0PpiaFPkg+J12h4PTW4vH9+TzHtz+ZwbP6rtWefICq0KI50wbKQvb7jokyW4
7kB+RmIFVsly5w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1REN+gN/fmzjN/1bXd7i
aS7S8Fvgm7ytozwmAvVBx+mFXGpZjCho7jjtAigRc0UVQ03G6yGWcpMvcK+avo5e
jpOwlQBvaU/bm/QDdV8wY5XzORx63oa415FzSeqN+PGx6ubpdPo9qGalvcJs+FOs
8sP1sNFF+A+U2xWDQrm5Q43+f2+b8ZpuVFo2J6VjCOCLb8Mb/i45lIUr/RuA/W4C
TJtrW/t8mrZFb1CHiqD8n6lcxOxSjdt+JAfN03apDxuZACtM+klmaF54oCFlXKzP
/+QrlzPqxQI6EFCPV9LvpmO4EBR5u8wmutJN0LOS/1VySDk8BwBDz2Ya8lyPtFVb
4NK6sxpECU9cl+/YPpLyWx2IddbgJv4wKaLz1nlEPgIJZycKWf8vwaZAz3pqwhrx
56dTd8/tpvXeZ1bQyCjBfXwIEjxVatS+UuMN6mwF61oOn0nye96KdcM5GKO5EauP
O3ejYjElpbStGttfUUWp1h7tGR832hKFJbqEyGuMpSJnhD5lBMKPG+PWl574Vjxd
Y+/f+dLPdDHjCffCjhEmZ96QxJwTg4ejb0JTga972q5aVQlo+R0iNbzgbV216M+y
wfiUMAREPbK5eW4VZ9lSP+26NCW0vo4zB4bKg2fwli8bPiCVX6a49YMoVATjgIJv
bjxDRz7q/s54F8WsAHxnx08CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 597040422416587619630189928147536366158674
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-04 00:10:34 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-02 00:10:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.poptbindonesia.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 869235970402503224723352468945198511251840221150814524150764673182719899388289567671414882965641052916568874644185494935312359014048190443116666034811784305665099803346865271680570795159893710360725543151647976843907295688399587825801885476614875045999739309879683411687856617339765944462225894298193375539739814963982038999452174734396165108016789937127273572649310678609656455237929328860215394987508343302751490861728438890021338983941092358265966835131939290268721189675465777744349701537673007788909285405489313529742355585764514142819257044411690171784695410002407552432091410872608742072796864683856620880714388772142530947343040848001176763227856253578057132373333653226566371748508659856924286353796486362565184893961073828244818965137588478099543321940671411862120757168362966192291953098997501791890074889332223560358978246436869186888487155712036606396736178522659422766792180596034155231436512991822988801833895336717379614043029115722509236202835827933831094404701599390407488790464927892728688548257105740188507841992153543254267853313059686279412321343147754977137385865299274966977549340489953667051968782891669884272830670855123146205965534224908330868337529968108407335552876799441209109726475122615276815692318543
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bc0b55199f780fb459ba7b5d4e556e43b0d0659d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.poptbindonesia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'poptbindonesia.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.poptbindonesia.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/83.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000197387c13490000040300483046022100ac49bc44dbb8e3d2e17104d0639c878c0d2e727b3a701fcebea7d1c5134ac8fa022100f847d284f113afa98a55cdc7bb867a4c3357708fc74c07a831ed7af2e89db9900075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197387c1ad8000004030046304402206d5c0270d686a14c158cf15c08a288bdd5fef9353aa26232b5e96f417913f31502205627c656139959d7680f68f122835188702028e6f2267f774a16e5567f2b449b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003c37bb64111886ff3732edf8cf180c4e6b8c4cba9e234fac7c9e2ff983ab2dce0b5e24f31374627b1f6f542877cea552087f74f514de0201ff585495716dd71161154bc3b5e39d3b45f7d409ee887801f2d620d332b56d294753a039555792eb42dff1b06e32b8c34828b4cdc25ce7a9c70ecdef82d4ede19079235d871f4de6e4cb05947ee4fb0572a29e89bc46b9ccb3910e29af7fff41f039d481b1621e409de0dae10df5ea777ded2e2b496e917f5f26671b0434e8d96d163f7c3ea17b072ed2c1c0882922d2c4d0fa626853e483e275da1e0f4d6e2f1fdf93cc7b73f99c1b3faaed59e7c80aad0a239d306ca42f6fb8e89325b8ee407e46620556c972e7