DV SSL/TLS Certificate for sidekick.studio

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the sidekick.studio DV SSL/TLS Certificate

This certificate with serial number 06:da:fd:5e:92:d8:cd:04:10:e0:7d:ae:a7:16:b6:3a:40:ae for sidekick.studio was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for sidekick.studio provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:da:fd:5e:92:d8:cd:04:10:e0:7d:ae:a7:16:b6:3a:40:ae
Serial Number (int): 597192057316572885483041430260378716749998
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 39:48:97:c4:a9:b4:18:d4:79:d2:ea:36:fc:5d:8c:1c:51:c6:8a:3c
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 7d:90:a5:90:5a:6e:31:ca:01:26:2b:48:c4:66:6e:84:d9:82:3f:30
Fingerprint (SHA-256): d9:9f:fe:5d:97:63:6c:5f:15:2e:ce:44:32:24:9e:ec:bf:d1:51:2d:6d:fc:ff:3e:ba:8e:b6:a1:1a:96:a0:ed

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/47.crl

Check the revocation status for certificate sidekick.studio
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for sidekick.studio

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for sidekick.studio in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISBtr9XpLYzQQQ4H2upxa2OkCuMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNzA5MTkyNzIxWhcNMjUxMDA3MTkyNzIwWjAaMRgwFgYDVQQD
Ew9zaWRla2ljay5zdHVkaW8wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQC5t1u8SKSY4LKj8dq7ixpn/ZO8o87Scvdbl3jhg209mVpuxAZuLdbSJh8R0cLd
KqEETB67IUY064qutpWtkB/SViKHfXOCNYDOuIkLS1C55Hi8F9z0gFE91GlJsrbX
5OQZXMu3XF5f4REnEPcghv42e12gIExjiQc6jrHbfJq/H3tiDNS5c766p189oekU
Dm3MvwFIHhThCnbNdeKfzE8PifmKO+AgFwiNdwnMWcUCNgbv38ols7HjOExshRqX
rq/FYeM8xjIRT3RSCk3IxeWfCI8zgR05SFN3+PmmxqRf9h9Qfz9Wsq1KxQLfalhs
7BUT6dF2s5YsG9Iz0Am+5MOpHZJtCagS+NbDQ3W/BLJGkz2Qt2EqQ5iZTTpy7L/2
yX0Ea7+foAqMra1tKlYuT+Zb/aWMXogEuG6HDylXFk+JYt2YhGkUF3BMNTclNA7/
3D80wyjTUzzKaPNQUx3tV/2d7Fgx/bxUzs3r2akFeVsMYfbhoJrhC1/Ky+mAoRzO
zjw4Dysr/7KE3tnP2WpBKxWNth3PvuZmSc9dxkalgvW1Qyuxfxa0aLPvvaDzeK9I
q+yxawMfiA1E8s2GB+clE6iLp0TtvWsNsSU8h70pRmbL3ol20cEO8KafIRtAhNX/
0Oat3+hlR1PfhNtJNcqWxuL73DIlmopfm2vHUyFoLxGuCQIDAQABo4ICTDCCAkgw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ5SJfEqbQY1HnS6jb8XYwcUcaKPDAfBgNV
HSMEGDAWgBTFz0ak6vTDwHpslcQtsF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYI
KwYBBQUHMAKGF2h0dHA6Ly9yMTEuaS5sZW5jci5vcmcvMEcGA1UdEQRAMD6CD3Np
ZGVraWNrLnN0dWRpb4IWc2lkZWtsLnNpdGUudHJhbnNpcC5tZYITd3d3LnNpZGVr
aWNrLnN0dWRpbzATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAf
hh1odHRwOi8vcjExLmMubGVuY3Iub3JnLzQ3LmNybDCCAQQGCisGAQQB1nkCBAIE
gfUEgfIA8AB2ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABl/Dd
t/oAAAQDAEcwRQIgd4iUISi3TSILgUvhbTCCmsYRhzyWikvo3plCBN1aD5sCIQDe
isAnwnxjCvDcWB/lM4RLVXHfJXh8ysdlYWc0SzwLqgB2ABoE/0nQVB1Ar/agw7/x
2MRnL07s7iNAaJhrF0Au3Il9AAABl/Dd0AAAAAQDAEcwRQIhAJ+1mcCVWiNW/hMb
kWH5k0AZsez/OibRp1/njpRsVCdGAiAm35wXl2+oC9jrpT4NonPpFwN78asDOivU
oLJOHPx33jANBgkqhkiG9w0BAQsFAAOCAQEAKuUzfip3sPCahyBkTUQ7ou9DMvmj
gSlRe6RudUGs6KsAtN0J+mhtDw4zCq2ATum2qJQN8VVCZWwZ8IkZpftJ1s7vcu8C
y32S7NhGzHmLjg15OzcIDglJP+oCQpg5wqMOx0qA5uR+CNMU+79k8ojiCc9wKHID
TbHqM6Nnd7azvxAMP26LJialUiQDuJdQ1NxpjhQo1XcWlWYgbuCW5xcdDdImJ+nO
46K7hmADg9CerrrksJs46EvEi8GZxcGywztZ5sM6LIn+5IcLA9eQmbF/YhfQtjn1
ETSMdHK48fDPcgvT+Ak6eq0olt7JwU5SFlDdOlryzegvtZPDADLZ3BYQrw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAubdbvEikmOCyo/Hau4sa
Z/2TvKPO0nL3W5d44YNtPZlabsQGbi3W0iYfEdHC3SqhBEweuyFGNOuKrraVrZAf
0lYih31zgjWAzriJC0tQueR4vBfc9IBRPdRpSbK21+TkGVzLt1xeX+ERJxD3IIb+
NntdoCBMY4kHOo6x23yavx97YgzUuXO+uqdfPaHpFA5tzL8BSB4U4Qp2zXXin8xP
D4n5ijvgIBcIjXcJzFnFAjYG79/KJbOx4zhMbIUal66vxWHjPMYyEU90UgpNyMXl
nwiPM4EdOUhTd/j5psakX/YfUH8/VrKtSsUC32pYbOwVE+nRdrOWLBvSM9AJvuTD
qR2SbQmoEvjWw0N1vwSyRpM9kLdhKkOYmU06cuy/9sl9BGu/n6AKjK2tbSpWLk/m
W/2ljF6IBLhuhw8pVxZPiWLdmIRpFBdwTDU3JTQO/9w/NMMo01M8ymjzUFMd7Vf9
nexYMf28VM7N69mpBXlbDGH24aCa4QtfysvpgKEczs48OA8rK/+yhN7Zz9lqQSsV
jbYdz77mZknPXcZGpYL1tUMrsX8WtGiz772g83ivSKvssWsDH4gNRPLNhgfnJROo
i6dE7b1rDbElPIe9KUZmy96JdtHBDvCmnyEbQITV/9Dmrd/oZUdT34TbSTXKlsbi
+9wyJZqKX5trx1MhaC8RrgkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 597192057316572885483041430260378716749998
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-09 19:27:21 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-07 19:27:20 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sidekick.studio'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 757656171221105455626322952769375845148413571899101237560733313232500822503017738331838330219090676506785152005433424416671497896502477009064110559804935352304716143481174892527456812198390588016584830596505130966244474210345488413292375536404566657982044466743377489889790393616253186791668955391001617347930953573287758194188883146117641696777080786486042814615136991941401389441950367970498695687286662422089168298820137376963716759429684097539796096762827557673406646748413378297902060944448399180588709555395591949138652718595463326994341503406622209507490343388126779307337608163386490131985784579611167165565256354066402264732375702160449929863187012902404726955688662875824036771566601685350108549632329105493377672355376196014374237712292654443527061723857452716659209769784842629465377108923369553177675414468105711062487384043142037720392022211572324194352887418918939303289398191751697000704422500373448604477647460860306882301585442843255010717029454635956886208423800886424166375032353522342255160132057500765891559211509220839282836138373610273076329358410237002328378986902001367483866679959931303310877715940892449380382009169117601516480413121087235510325962458994289613420065635834888594718573296676401606774861321
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							394897c4a9b418d479d2ea36fc5d8c1c51c68a3c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sidekick.studio'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sidekl.site.transip.me'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sidekick.studio'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/47.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000197f0ddb7fa000004030047304502207788942128b74d220b814be16d30829ac611873c968a4be8de994204dd5a0f9b022100de8ac027c27c630af0dc581fe533844b5571df25787ccac7656167344b3c0baa0076001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d00000197f0ddd00000000403004730450221009fb599c0955a2356fe131b9161f9934019b1ecff3a26d1a75fe78e946c542746022026df9c17976fa80bd8eba53e0da273e917037bf1ab033a2bd4a0b24e1cfc77de
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002ae5337e2a77b0f09a8720644d443ba2ef4332f9a38129517ba46e7541ace8ab00b4dd09fa686d0f0e330aad804ee9b6a8940df15542656c19f08919a5fb49d6ceef72ef02cb7d92ecd846cc798b8e0d793b37080e09493fea02429839c2a30ec74a80e6e47e08d314fbbf64f288e209cf702872034db1ea33a36777b6b3bf100c3f6e8b2626a5522403b89750d4dc698e1428d577169566206ee096e7171d0dd22627e9cee3a2bb86600383d09eaebae4b09b38e84bc48bc199c5c1b2c33b59e6c33a2c89fee4870b03d79099b17f6217d0b639f511348c7472b8f1f0cf720bd3f8093a7aad2896dec9c14e521650dd3a5af2cde82fb593c30032d9dc1610af