DV SSL/TLS Certificate for lirta.ca

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the lirta.ca DV SSL/TLS Certificate

This certificate with serial number 05:ca:67:0e:6d:3c:a1:87:12:43:db:d0:ba:3e:8f:ac:0b:f1 for lirta.ca was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for lirta.ca provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:ca:67:0e:6d:3c:a1:87:12:43:db:d0:ba:3e:8f:ac:0b:f1
Serial Number (int): 504435453168138995601926248674163753225201
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 83:2e:a0:06:d9:ab:98:d1:c7:15:47:09:2c:92:2a:e8:47:38:6b:07
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 93:60:76:b4:2a:a4:6d:a9:01:e2:49:2b:7e:59:49:26:49:f2:e3:f1
Fingerprint (SHA-256): 35:e6:73:a2:f3:98:af:5b:cd:7b:39:81:09:8e:a0:1c:34:8f:89:2c:71:9f:ea:f2:b8:92:90:2b:17:e8:0d:b5

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/114.crl

Check the revocation status for certificate lirta.ca
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for lirta.ca

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for lirta.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgISBcpnDm08oYcSQ9vQuj6PrAvxMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNzA0MDIzMjQ0WhcNMjUxMDAyMDIzMjQzWjATMREwDwYDVQQD
EwhsaXJ0YS5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfv0zMW
23RJUauKuVLZf9FVBTP5blxZNS2vBym1p9+WotkGbdjDXcP2P1YaLPOyvgViAwXU
4jao0zGBUpoBy6wWC1Hn0FxuWIdI0DNwW254S6PQs/K7kXm0EnzSC4he4zZrHINb
1S7h1RaRA9uWaeOLXOIBQeV024A2SPZHFm9NCWLvBCn0ENR1153okz4HZPBis25s
VJyGr0Ot+LmetUD2APsRTGvbVnGnYqOwrr3eyzpFxaGdx8MQpz8hp8rjsFn4Ae2T
SoHIg+IYPXIeAjrhrQ7ReHkqvUbr7VPIwkAkVh16xXEbkY0eXqeQqvClf6Zs7muL
y+y023htpZKm9G0CAwEAAaOCAiUwggIhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
gy6gBtmrmNHHFUcJLJIq6Ec4awcwHwYDVR0jBBgwFoAUu7zDR6XkvKnGw6RyDBCN
ojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEwLmku
bGVuY3Iub3JnLzAfBgNVHREEGDAWggoqLmxpcnRhLmNhgghsaXJ0YS5jYTATBgNV
HSAEDDAKMAgGBmeBDAECATAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcjEwLmMu
bGVuY3Iub3JnLzExNC5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDM+w9q
hXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAZfTfQO2AAAEAwBHMEUCIQDF
8po+fwdy0WniIe9U6+zs8HlHL0lQUvyX0PpQhNIdIAIgK+D9TEkt9ykwudJhYQ9X
TBjOPUn9wJr5zKERbpYGoUMAdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60
fk6qNAAAAZfTfQt4AAAEAwBHMEUCICTUWe48l9l/N/7VFFfJJgBgLZePRyC1+ysR
GTOHzOR9AiEA2i0Yzok78uZIU7fqD5AO/+01pEUrydmVUk9dHbdai5swDQYJKoZI
hvcNAQELBQADggEBADZ8OXr+XQGx/ORVmsrohXSWx6QpYbEU9tytu9l80av3Svft
qSmFYOfOynUBPrcYACD96zqDgSGBo6UbCCZss48jnHwgaXDTmk3RvMBC9zoi9aWc
jw/OME92/4pRneMuDXOQ43vzhlgetUAEkf5+mP+VTyi2IE+pkSdfIzBUeRWD4MR0
HsDlKVE36lE7o15WtQX7773x5gXmHkhyD9yGgu3ihpmffbS7ggeMgu9Hxd6BSr2C
irKSQAui74dpZsB1SAHiS40jP9SvEceum+eouskZ/2ffq4ZFHFiuU9EH6qCcaC//
dnLl4313+6CpbOKjM+HsY+4S7ogR+NtbDGXURSk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+/TMxbbdElRq4q5Utl/
0VUFM/luXFk1La8HKbWn35ai2QZt2MNdw/Y/Vhos87K+BWIDBdTiNqjTMYFSmgHL
rBYLUefQXG5Yh0jQM3BbbnhLo9Cz8ruRebQSfNILiF7jNmscg1vVLuHVFpED25Zp
44tc4gFB5XTbgDZI9kcWb00JYu8EKfQQ1HXXneiTPgdk8GKzbmxUnIavQ634uZ61
QPYA+xFMa9tWcadio7Cuvd7LOkXFoZ3HwxCnPyGnyuOwWfgB7ZNKgciD4hg9ch4C
OuGtDtF4eSq9RuvtU8jCQCRWHXrFcRuRjR5ep5Cq8KV/pmzua4vL7LTbeG2lkqb0
bQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 504435453168138995601926248674163753225201
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-04 02:32:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-02 02:32:43 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lirta.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25239684802602005956170844390227776671276403994755320227016447607904198815158688964916490291578987044617352970877756765764192811143656634304178845679288549331124393436608536484533151413980711455687986690559407970714927374237469794169890789995809723899916731815130101905342207740766488732414883626604315293222246063533487740784215218957700401136878195093580622504635277560506167156510815237979687858253665764393264707262295780291012607422414698738185072610349279041668128196571537799896789854924646976204670933675668428994040073368079855884990419798846997436971731754764030969299840073678533610016426784880924943643757
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							832ea006d9ab98d1c71547092c922ae847386b07
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lirta.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lirta.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/114.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197d37d03b60000040300473045022100c5f29a3e7f0772d169e221ef54ebececf079472f495052fc97d0fa5084d21d2002202be0fd4c492df72930b9d261610f574c18ce3d49fdc09af9cca1116e9606a1430076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197d37d0b780000040300473045022024d459ee3c97d97f37fed51457c92600602d978f4720b5fb2b11193387cce47d022100da2d18ce893bf2e64853b7ea0f900effed35a4452bc9d995524f5d1db75a8b9b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00367c397afe5d01b1fce4559acae8857496c7a42961b114f6dcadbbd97cd1abf74af7eda9298560e7ceca75013eb7180020fdeb3a83812181a3a51b08266cb38f239c7c206970d39a4dd1bcc042f73a22f5a59c8f0fce304f76ff8a519de32e0d7390e37bf386581eb5400491fe7e98ff954f28b6204fa991275f233054791583e0c4741ec0e5295137ea513ba35e56b505fbefbdf1e605e61e48720fdc8682ede286999f7db4bb82078c82ef47c5de814abd828ab292400ba2ef876966c0754801e24b8d233fd4af11c7ae9be7a8bac919ff67dfab86451c58ae53d107eaa09c682fff7672e5e37d77fba0a96ce2a333e1ec63ee12ee8811f8db5b0c65d44529