DV SSL/TLS Certificate for aleksa.by

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the aleksa.by DV SSL/TLS Certificate

This certificate with serial number 06:3d:33:0b:2f:e3:6c:83:c7:4d:e5:89:ee:97:10:24:51:ed for aleksa.by was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for aleksa.by provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:3d:33:0b:2f:e3:6c:83:c7:4d:e5:89:ee:97:10:24:51:ed
Serial Number (int): 543498788687080828697528714805341308867053
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 11:be:48:b3:de:81:ec:37:64:3f:1a:13:ba:b5:3f:40:10:07:cb:3e
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): b1:e2:1a:71:24:3d:95:29:64:fd:f3:ba:dc:ef:70:46:8f:e8:d1:de
Fingerprint (SHA-256): 8c:51:fd:45:db:e6:2d:6c:bc:a7:c8:ed:4a:36:95:f9:76:29:44:b1:b1:73:13:17:01:fd:8a:94:ff:17:db:b4

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/110.crl

Check the revocation status for certificate aleksa.by
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for aleksa.by

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for aleksa.by in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISBj0zCy/jbIPHTeWJ7pcQJFHtMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjAzMjIxMDUyWhcNMjUwOTAxMjIxMDUxWjAUMRIwEAYDVQQD
EwlhbGVrc2EuYnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtXVD3
zXP3ldS8/FJ6+Ix6aPzanH/E/CblxF+lkVJeZFa1Yb/J1TIfp4al85R7GzVsQhM8
DUwlRVBU5HzFJgy8vuTchMWwNSTOKZHnxKOR069EtXq5/P5ojwcx+EsM03coVcIo
82A9C1sqjKhgAOGsc1r6CmDLu61Yn4YBODpXLFeqwPDllaMj7cFvDiA09pymhOaO
sz1DS7rNbRnhCNQInSkXjAJgQfPvtvsUl+EJGRMOWln++cSaem+KOZCzAd+CxpDM
LVHMWSmE5aFOufweo9VgAbTwlE8KEGu0ogLqK06v5NlAPh9OJjRPXUZHKqG5fS8+
ubHMpi1khZ0d3jQPAgMBAAGjggInMIICIzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FBG+SLPegew3ZD8aE7q1P0AQB8s+MB8GA1UdIwQYMBaAFMXPRqTq9MPAemyVxC2w
XpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3IxMS5p
LmxlbmNyLm9yZy8wIQYDVR0RBBowGIILKi5hbGVrc2EuYnmCCWFsZWtzYS5ieTAT
BgNVHSAEDDAKMAgGBmeBDAECATAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcjEx
LmMubGVuY3Iub3JnLzExMC5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwAS
8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZc4DnpfAAAEAwBIMEYC
IQCRWp1KJWrsc892eGK1QXLH+WY6Tsgdj7lVvR4ddXX0RgIhAPYN7mNYE8n0MpvE
fQXYdh7BfmY5FUwQXGR99tQd3+h3AHUAGgT/SdBUHUCv9qDDv/HYxGcvTuzuI0Bo
mGsXQC7ciX0AAAGXOA57fAAABAMARjBEAiAG9xeGvrm0f4byzWhTdbgWltqMUYu2
+pQophCGbcv4kwIgOaoaXIZ1SMMwVCxCy4Y0DjJaZ1imOf9ULqZwF4HhxdswDQYJ
KoZIhvcNAQELBQADggEBAG8omeH1Yrk2JAoDzrBt/2eR/JwgT4Zjp5zeYujEd6uI
3WImGUKMBa80XYg/DyT4rSBvpwWjeX6B4T2bDeQM1KF168oY15j7Y4+bAu8XmMen
hOqHPzIze3Nh0D6IWfORDrmodi/ea5dVvJ3KjxpjgcaKGWnmhpv8Kr7UZdnbb0nP
86n73rUFIX+IG6rbCeF0kaVkHUnAbPORpJVk05HgmcHZPfNJgRYCrk+j0bdEru4R
i/D9hXGdGmdeRP4leV97PKUfaQGggoYbewrvj3L6+HfyYanIYhrLELxr7htTJJeD
FTc+S117kADkIbCu97sUFmBZp1RdtdSh7rZpq1B27s0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V1Q981z95XUvPxSeviM
emj82px/xPwm5cRfpZFSXmRWtWG/ydUyH6eGpfOUexs1bEITPA1MJUVQVOR8xSYM
vL7k3ITFsDUkzimR58SjkdOvRLV6ufz+aI8HMfhLDNN3KFXCKPNgPQtbKoyoYADh
rHNa+gpgy7utWJ+GATg6VyxXqsDw5ZWjI+3Bbw4gNPacpoTmjrM9Q0u6zW0Z4QjU
CJ0pF4wCYEHz77b7FJfhCRkTDlpZ/vnEmnpvijmQswHfgsaQzC1RzFkphOWhTrn8
HqPVYAG08JRPChBrtKIC6itOr+TZQD4fTiY0T11GRyqhuX0vPrmxzKYtZIWdHd40
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 543498788687080828697528714805341308867053
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-03 22:10:52 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-01 22:10:51 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aleksa.by'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29964494250238078826913276038414369228753592447940596256191205474163355641388451803014040539941667061581500708619443900541246814943914123922594902977684897811303586040379430181989301518701005249124594271288643078293378763629500302541997308826420028909647108433720816833347972082336877415035176512437140272433910361638370447965324617603489575732094449889327714941231527908618953682900088681987989132692961880628046947546204243225755659693087072355181107793826238277968374882474705402936848500126098295060117793736480641259980235025188056040931374405794961001290581166259992543761632447445448726894591459466918601045007
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							11be48b3de81ec37643f1a13bab53f401007cb3e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aleksa.by'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aleksa.by'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/110.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000770012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000197380e7a5f0000040300483046022100915a9d4a256aec73cf767862b54172c7f9663a4ec81d8fb955bd1e1d7575f446022100f60dee635813c9f4329bc47d05d8761ec17e6639154c105c647df6d41ddfe8770075001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d00000197380e7b7c0000040300463044022006f71786beb9b47f86f2cd685375b81696da8c518bb6fa9428a610866dcbf893022039aa1a5c867548c330542c42cb86340e325a6758a639ff542ea6701781e1c5db
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006f2899e1f562b936240a03ceb06dff6791fc9c204f8663a79cde62e8c477ab88dd622619428c05af345d883f0f24f8ad206fa705a3797e81e13d9b0de40cd4a175ebca18d798fb638f9b02ef1798c7a784ea873f32337b7361d03e8859f3910eb9a8762fde6b9755bc9dca8f1a6381c68a1969e6869bfc2abed465d9db6f49cff3a9fbdeb505217f881baadb09e17491a5641d49c06cf391a49564d391e099c1d93df349811602ae4fa3d1b744aeee118bf0fd85719d1a675e44fe25795f7b3ca51f6901a082861b7b0aef8f72faf877f261a9c8621acb10bc6bee1b5324978315373e4b5d7b9000e421b0aef7bb14166059a7545db5d4a1eeb669ab5076eecd