DV SSL/TLS Certificate for www.mvdheijdentechniek.nl

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the www.mvdheijdentechniek.nl DV SSL/TLS Certificate

This certificate with serial number 06:bb:a6:5d:4f:27:dd:bb:95:ca:f0:db:60:3e:e8:f3:51:b4 for www.mvdheijdentechniek.nl was issued on by Let's Encrypt.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.mvdheijdentechniek.nl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:bb:a6:5d:4f:27:dd:bb:95:ca:f0:db:60:3e:e8:f3:51:b4
Serial Number (int): 586527654541153992311479195588805476438452
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 01:ea:11:1e:ce:52:c9:14:a2:4b:0d:56:c0:41:b9:9f:76:ed:b2:a8
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): ea:d6:12:87:40:d4:47:13:f5:36:b8:0e:9a:1a:b2:3c:38:bc:5f:86
Fingerprint (SHA-256): f9:b0:a9:b9:83:2a:c4:67:df:c0:b6:77:a9:f4:f0:39:aa:ac:a3:20:69:0a:ec:e3:c1:23:6e:94:9b:20:94:72

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/53.crl

Check the revocation status for certificate www.mvdheijdentechniek.nl
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.mvdheijdentechniek.nl

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for www.mvdheijdentechniek.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISBrumXU8n3buVyvDbYD7o81G0MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjIyMDE0MTQ0WhcNMjUwOTIwMDE0MTQzWjAkMSIwIAYDVQQD
Exl3d3cubXZkaGVpamRlbnRlY2huaWVrLm5sMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAt9AtUJDPbcQeYjLfpiwA78uVwV/oaFeBAAcLF3qeysPFNc7+
LTY5JturyE6sKNvjJ79RoSavoGD9e+TlmW8m9k9sf8Y5TRuv8yK1SSByTQPSeiXN
segIUlHsANjtW8jagYvdc+hRPWDSWYEvKS8JM3xebSujtV0KA488HmjcrFoz6W8Z
i4Ysrl4k7Kuvd7uIuqxdCNeFiBF9xauqdvCsBv57blbwcl/l9/tLwQGj7c0IYTfx
2Nj3qf53wjXeENQa5yYYfnxo6p9o3rQLbaJNDQZxWyuFpEGMrzpfJay8tIlB4T1q
13dLyeqcJrx9BiQgRypGC/aDDxZ0AEQ/qOTrzMcjCIMaMvLWbPBBLO/M3NO6mYht
s0kqstSLrzpEThCVmE5qOYx4doxzx0OlLL2ptIKSVwEXJV08EKKCaY7ZFkhpbWDA
BhMBuRkw4SrEfO6JLuLudWHvDyfY9aavHa1uCH2xmeB7rRW18XG5vjVahtInvHaz
CzdNJnMMjzWU/hUojSIdT53JHqFp1D87EGj8Jhbgh4rb/mDuDn8KEqbuVTWRbr/a
DUdzIMTvavomb/iwZl7n/N7ZpwyX7hT6RkTM9of+E6wxpCSqy7nynDORKxlaCODv
1m8Oa/Uxf1nFQlRmh1kzXN0G8W8ulMlOU/H3z3eVLZcQWv9WQn/ssG6ujekCAwEA
AaOCAnswggJ3MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUAeoRHs5SyRSiSw1WwEG5
n3btsqgwHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXELbBeki8m47kwMwYIKwYBBQUH
AQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVuY3Iub3JnLzB3BgNV
HREEcDBughVtdmRoZWlqZGVudGVjaG5pZWsubmyCGnRlc3QubXZkaGVpamRlbnRl
Y2huaWVrLm5sghl3d3cubXZkaGVpamRlbnRlY2huaWVrLm5sgh53d3cudGVzdC5t
dmRoZWlqZGVudGVjaG5pZWsubmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwLgYDVR0f
BCcwJTAjoCGgH4YdaHR0cDovL3IxMS5jLmxlbmNyLm9yZy81My5jcmwwggEDBgor
BgEEAdZ5AgQCBIH0BIHxAO8AdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kO
jC55uAAAAZeVggqeAAAEAwBHMEUCIQDoENtulBZIZscbTkKNDTMJRA2gRuFwK0bf
+BTr1leEFwIgL0HZQ7tYxV6kZV5IL3RA6Ddzb2R+esgvMLnvwrMnbYEAdQAN4fIw
K9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZeVghJOAAAEAwBGMEQCIHHb
I0IV3flt/hFvDgr5ssh1TQ6mD43b73BYM0kkjbiHAiBY9FzYfwLetjlKWdrqteDA
oOII1piYgi+0OULFnFZsoTANBgkqhkiG9w0BAQsFAAOCAQEAbW/ya1v/R1bVcnel
uUX0BypRLV88r8QbHJx0huMtdjRJWda0F50YuzwZpSIVJb0oEHw/xdpQad2A2YDw
GT/RXb1T4zatCE2BKTJEekz08gJYaBVXI/0kxvLFmwwbovU5G2pqC+rC1p2PfOk2
tXWohL7ksZkNuxTLFl2cIjz+KqGMjC2dRZ9EasbxbOShFPMQ/ItLaPfCSqfU0zJC
zlq5malugQO6FQFvI0YaKeNQcrsB7EXXXV97CshjhK5c+FcqqTkSm5yLf5T4hxfG
hwyVy5lPrMNZKbUFgZ5m/qSQIt+qlKwvIwhNb2JMkdW97nXhIU4Yo5UiwQLCQlQ+
l2bA1w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt9AtUJDPbcQeYjLfpiwA
78uVwV/oaFeBAAcLF3qeysPFNc7+LTY5JturyE6sKNvjJ79RoSavoGD9e+TlmW8m
9k9sf8Y5TRuv8yK1SSByTQPSeiXNsegIUlHsANjtW8jagYvdc+hRPWDSWYEvKS8J
M3xebSujtV0KA488HmjcrFoz6W8Zi4Ysrl4k7Kuvd7uIuqxdCNeFiBF9xauqdvCs
Bv57blbwcl/l9/tLwQGj7c0IYTfx2Nj3qf53wjXeENQa5yYYfnxo6p9o3rQLbaJN
DQZxWyuFpEGMrzpfJay8tIlB4T1q13dLyeqcJrx9BiQgRypGC/aDDxZ0AEQ/qOTr
zMcjCIMaMvLWbPBBLO/M3NO6mYhts0kqstSLrzpEThCVmE5qOYx4doxzx0OlLL2p
tIKSVwEXJV08EKKCaY7ZFkhpbWDABhMBuRkw4SrEfO6JLuLudWHvDyfY9aavHa1u
CH2xmeB7rRW18XG5vjVahtInvHazCzdNJnMMjzWU/hUojSIdT53JHqFp1D87EGj8
Jhbgh4rb/mDuDn8KEqbuVTWRbr/aDUdzIMTvavomb/iwZl7n/N7ZpwyX7hT6RkTM
9of+E6wxpCSqy7nynDORKxlaCODv1m8Oa/Uxf1nFQlRmh1kzXN0G8W8ulMlOU/H3
z3eVLZcQWv9WQn/ssG6ujekCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 586527654541153992311479195588805476438452
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-22 01:41:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-20 01:41:43 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.mvdheijdentechniek.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 749892396113031582033147806611622754449451287532550608375585068826218697491355156314096920469850864414902268543180553969684885721007961082837538544842500371985492125421374463224665473030079048175195617913241053882193319180374645162051019224343253304524129217775508876434451885446808794570129292325054534816516483133244840181218228527344272749484654094410831462232481011863127881085036040019268260017098262811678084681586036446583577464802119883999684397338260267502594630131853935985273091815879570653295056029981912341004650915373991479486702340826204728648802014909670393155503981694978757662031052593503116056194875946865647736911207617176706621005564178548290937390103485000970387517169270202358697894514721141727003328112922307912491449212504895871251753430502511875091394500995408528617372874941637666329513643064942526232535433474598691509538318924203509402934113427420017817042124297100240392959036861214589587812739712849542660827650796472890151421144640509080072129724075432617017491588298107995499913276020993427295883150514499056031851445445757368913149283082924063966219612981653834156141981816100003808317628528869360386809088321010695337217849993822010844305924454005511267257549154422123198357614109871460789341031913
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							01ea111ece52c914a24b0d56c041b99f76edb2a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mvdheijdentechniek.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.mvdheijdentechniek.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mvdheijdentechniek.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.test.mvdheijdentechniek.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/53.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000019795820a9e0000040300473045022100e810db6e94164866c71b4e428d0d3309440da046e1702b46dff814ebd657841702202f41d943bb58c55ea4655e482f7440e837736f647e7ac82f30b9efc2b3276d810075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34000001979582124e0000040300463044022071db234215ddf96dfe116f0e0af9b2c8754d0ea60f8ddbef70583349248db887022058f45cd87f02deb6394a59daeab5e0c0a0e208d69898822fb43942c59c566ca1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006d6ff26b5bff4756d57277a5b945f4072a512d5f3cafc41b1c9c7486e32d76344959d6b4179d18bb3c19a5221525bd28107c3fc5da5069dd80d980f0193fd15dbd53e336ad084d812932447a4cf4f2025868155723fd24c6f2c59b0c1ba2f5391b6a6a0beac2d69d8f7ce936b575a884bee4b1990dbb14cb165d9c223cfe2aa18c8c2d9d459f446ac6f16ce4a114f310fc8b4b68f7c24aa7d4d33242ce5ab999a96e8103ba15016f23461a29e35072bb01ec45d75d5f7b0ac86384ae5cf8572aa939129b9c8b7f94f88717c6870c95cb994facc35929b505819e66fea49022dfaa94ac2f23084d6f624c91d5bdee75e1214e18a39522c102c242543e9766c0d7