DV SSL/TLS Certificate for discoveryca.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the discoveryca.org DV SSL/TLS Certificate

This certificate with serial number 05:57:42:0d:41:a5:da:b7:73:34:51:27:15:ef:88:01:ba:b0 for discoveryca.org was issued on by Let's Encrypt.

With 5 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for discoveryca.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:57:42:0d:41:a5:da:b7:73:34:51:27:15:ef:88:01:ba:b0
Serial Number (int): 465253793460000805516619370371886769879728
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 81:90:9a:ee:18:0e:1e:8a:66:de:2d:39:20:f9:9f:5c:57:e4:ba:bc
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 3f:01:9f:fd:1a:57:6f:7f:ee:00:e1:5b:d0:33:6a:53:82:1d:8b:a1
Fingerprint (SHA-256): e9:73:9f:ee:b6:1f:dd:57:5c:7d:39:70:9f:a4:a1:3a:57:81:06:9b:e4:de:35:a8:57:20:d9:b4:13:5c:ac:bd

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/49.crl

Check the revocation status for certificate discoveryca.org
5
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for discoveryca.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for discoveryca.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISBVdCDUGl2rdzNFEnFe+IAbqwMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTE5MjExODE3WhcNMjUwODE3MjExODE2WjAaMRgwFgYDVQQD
Ew9kaXNjb3ZlcnljYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAtVyZTJTkGdEafgbkAus1UEKfryuKxUT+kIF6q1c2199+YfzLolGuFiHtLuk4
2KoS2T9LclMSQpntDAKXOudJ3bWQaPXtxWDTfPnxEbkoWwkhS3XPWIQYWy35tAfG
i9qGRcbu1Z3vzAH6HnwziBXoynVydmvyyV0h0jXCulizxzFcFSJaUxOt4C0BRJs/
+QwhnwLY7j/29Li4/AaS/Q/zYTVW84tlAUobFZah4GBisZYBAgBxxNHnvrz2zZGr
YVhgXkl8RVHooXNRDHI5h2YkKGPLzuTDaTw9v9Qvc3ohzzR8SuFa1qb3oFgNGlbP
qfEOXK8sxb+MetfDYArcVxfHAgMBAAGjggJ7MIICdzAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFIGQmu4YDh6KZt4tOSD5n1xX5Lq8MB8GA1UdIwQYMBaAFMXPRqTq9MPA
emyVxC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMS5pLmxlbmNyLm9yZy8wdgYDVR0RBG8wbYIWY3BhbmVsLmRpc2NvdmVyeWNh
Lm9yZ4IPZGlzY292ZXJ5Y2Eub3JnghRtYWlsLmRpc2NvdmVyeWNhLm9yZ4IXd2Vi
ZGlzay5kaXNjb3ZlcnljYS5vcmeCE3d3dy5kaXNjb3ZlcnljYS5vcmcwEwYDVR0g
BAwwCjAIBgZngQwBAgEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMS5jLmxl
bmNyLm9yZy80OS5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgAN4fIwK9MN
wUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZbqnvLfAAAEAwBHMEUCIQCOuRom
aRp2l+PLeOktGpEfDk8qIIwa8+TKRP4DsqMMWwIgJJp3hTCcZZQmO+ahkxY0kAfM
H3miKJ4rB5gV4FsSYi0AdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYm
OgAAAZbqnvLfAAAEAwBHMEUCIG7DEFHAOJeCmFQCWjSl5cUTW3D0DsmGOumaITRq
Qy4LAiEA4FETkeu+cGFKdPHGM9gjqShFk/4/WadewlTPQNz8Ua0wDQYJKoZIhvcN
AQELBQADggEBAHjdf4YZD5lDWGx8VV/i3B1gwcsbLK4ftyDWoHp1VpUi3erJICa3
zt/K6X9BNv3eM/8GfV6IjxmJ1PrIRbICEv7iT9UW2UPbdiYG9t6ceY3y8POXh/qt
QEutoQYmA095W6BGZ7qIbwzymF679kqoC5mzLO1q1C9rWkXvkKSwZ4c29Njum6d+
8k7C69bPfMhegnJKJTxJ26EDXsslqaVQy+wrpQ6LQGz5XbjrjIi6XBkPyo5ksNMF
q8tk7Ev1Sqy5MNbaLltwdUkrgI6kYgVRk5fpioT1XVCA9WxVd553OKXBKT6qF8EP
kz0M7TJPkwQAge5O83dKzWklrb7/SxpWw4s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLVcmUyU5BnRGn4G5ALr
NVBCn68risVE/pCBeqtXNtfffmH8y6JRrhYh7S7pONiqEtk/S3JTEkKZ7QwClzrn
Sd21kGj17cVg03z58RG5KFsJIUt1z1iEGFst+bQHxovahkXG7tWd78wB+h58M4gV
6Mp1cnZr8sldIdI1wrpYs8cxXBUiWlMTreAtAUSbP/kMIZ8C2O4/9vS4uPwGkv0P
82E1VvOLZQFKGxWWoeBgYrGWAQIAccTR57689s2Rq2FYYF5JfEVR6KFzUQxyOYdm
JChjy87kw2k8Pb/UL3N6Ic80fErhWtam96BYDRpWz6nxDlyvLMW/jHrXw2AK3FcX
xwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 465253793460000805516619370371886769879728
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-19 21:18:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-17 21:18:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'discoveryca.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24327187347941125268893495947364536071664912325610527980554153212244317497235273624825580393574173015625956945831103596641473471940748562921088491374708835416632470873449680804331613761231005524998337379314623290696113906173003097933741884570112893165691639173399605256311777702658746206623954522934259018899846925316134986775131139339801865665014931185588802165651319083462102478194762543572725763772517993270442609791449423058281232324203766128086963235995107355896084671097399435872496607797436710634495203366991262502372605076507896058892816440440330918218506705462910540016319751280698658316620538017832662144967
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							81909aee180e1e8a66de2d3920f99f5c57e4babc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (111 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.discoveryca.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'discoveryca.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.discoveryca.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.discoveryca.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.discoveryca.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/49.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000196ea9ef2df00000403004730450221008eb91a26691a7697e3cb78e92d1a911f0e4f2a208c1af3e4ca44fe03b2a30c5b0220249a7785309c6594263be6a19316349007cc1f79a2289e2b079815e05b12622d00760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196ea9ef2df000004030047304502206ec31051c03897829854025a34a5e5c5135b70f40ec9863ae99a21346a432e0b022100e0511391ebbe70614a74f1c633d823a9284593fe3f59a75ec254cf40dcfc51ad
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0078dd7f86190f9943586c7c555fe2dc1d60c1cb1b2cae1fb720d6a07a75569522ddeac92026b7cedfcae97f4136fdde33ff067d5e888f1989d4fac845b20212fee24fd516d943db762606f6de9c798df2f0f39787faad404bada10626034f795ba04667ba886f0cf2985ebbf64aa80b99b32ced6ad42f6b5a45ef90a4b0678736f4d8ee9ba77ef24ec2ebd6cf7cc85e82724a253c49dba1035ecb25a9a550cbec2ba50e8b406cf95db8eb8c88ba5c190fca8e64b0d305abcb64ec4bf54aacb930d6da2e5b7075492b808ea46205519397e98a84f55d5080f56c55779e7738a5c1293eaa17c10f933d0ced324f93040081ee4ef3774acd6925adbeff4b1a56c38b