DV SSL/TLS Certificate for fail.pl

Certificate has expired

Issued by Let's Encrypt (R11)

About the fail.pl DV SSL/TLS Certificate

This certificate with serial number 05:a4:a4:62:2d:2a:77:c6:34:ff:4f:52:42:ed:bc:3e:ce:fd for fail.pl was issued on by Let's Encrypt.

With 5 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for fail.pl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 05:a4:a4:62:2d:2a:77:c6:34:ff:4f:52:42:ed:bc:3e:ce:fd
Serial Number (int): 491586240986309087181054741046792938245885
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 79:18:1c:f2:84:ac:c7:e4:57:f4:bb:23:0f:20:76:42:19:3c:94:c9
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 8b:ce:8f:26:ea:a0:44:d9:45:4f:73:c5:14:a5:e3:d3:3b:e1:7f:fb
Fingerprint (SHA-256): b3:8b:91:0c:4f:fb:0f:fb:df:cf:ad:ac:1a:93:de:b5:2d:ca:7c:f5:9d:60:dc:de:c6:03:7a:81:37:98:c8:d9

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

OCSP Server: http://r11.o.lencr.org
CRL Distribution Point: http://r11.c.lencr.org/126.crl

Check the revocation status for certificate fail.pl
5
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for fail.pl

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for fail.pl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISBaSkYi0qd8Y0/09SQu28Ps79MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwMzMwMTkxMDU3WhcNMjUwNjI4MTkxMDU2WjASMRAwDgYDVQQD
EwdmYWlsLnBsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r4T2jC1
dXUky7Jc9/uZWLlS/SsLgo5jjm+e01Xe0fF/bJIQAKMz9bZw1lfv/sPWF3Vjltws
lL9HxAtmX9yQaoZvBQwIjr854ff/W1Ka2DkevzpiWDlEvmbnjhutLgUNKtavVyHt
SXX2Z19ouvD9UVmuodUN86juvkGaLLOwaKEdwBXUhy6vsJhXwzUjEHmHhqQSC1Vj
oz2nYaW/Qn0R0JeQgkyfgJVpSQ9Qhc2msclgQb4g1tlxeyVcJp8ozegKqiUv+1ej
as27BpDwo/ebcdGTg97I71w/17Jeag1ZyQjSuvmEmXciVHX5g8G/0RAaRTuc5Zes
n4PVCQP80jcbEwIDAQABo4ICfjCCAnowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR5
GBzyhKzH5Ff0uyMPIHZCGTyUyTAfBgNVHSMEGDAWgBTFz0ak6vTDwHpslcQtsF6S
LybjuTBXBggrBgEFBQcBAQRLMEkwIgYIKwYBBQUHMAGGFmh0dHA6Ly9yMTEuby5s
ZW5jci5vcmcwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTEuaS5sZW5jci5vcmcvMFMG
A1UdEQRMMEqCEyouYXZhbGFuY2hlLmZhaWwucGyCCSouZmFpbC5wbIINKi5naXQu
ZmFpbC5wbIIQKi50dXJyaXMuZmFpbC5wbIIHZmFpbC5wbDATBgNVHSAEDDAKMAgG
BmeBDAECATAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcjExLmMubGVuY3Iub3Jn
LzEyNi5jcmwwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwAN4fIwK9MNwUBiEgnq
VS78R3R8sdfpMO8OQh60fk6qNAAAAZXorGZgAAAEAwBIMEYCIQCAxEVJCjX9UH7C
/8RAiUNYbhpcE5PSfhSM/o/jAn3Z6wIhAII/2cH91ftArC2wYkfENomH1BkbRUSX
0+fcOxQyV+OBAHYAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGV
6KxmcQAABAMARzBFAiB/msS9con8gb3Nnhj3cjam/m8pxLHFP9qLqgwOowJTcgIh
AMuJEldUYNuQ/wq2WEXnmi33wJHfA8JggfDLWpigJ/BnMA0GCSqGSIb3DQEBCwUA
A4IBAQCHuyG/neNmBXql0rot9zeuaE+A/PEZUpEukMB1vNJL7wGWekUc8qUiMk8t
1WDJM/IGgUVTy+gmscPyGkiBMGxBbAE2t4a+a58h5gK1L2gSGHXP5LtKeVpWfzeH
ya00ISM3I5tkbh0g/0GMCUtjxgDRTooIwLm0Q+4xwu6G0L8/v1haROHTg5REBj6v
3dGyCSd0bK2uJClSDzGocF/9RXhibmuvh/FxfZkp9LXsBK38eCekMfUrj6UuClcj
bO9+r7yjNc4NgudV/V1AvtvuhwKG31GwuE0TrDT4syrQby/A5vh2I3wQZChYzM46
90a4ubI4caGlLP3SC9XXeov8MmZd
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r4T2jC1dXUky7Jc9/uZ
WLlS/SsLgo5jjm+e01Xe0fF/bJIQAKMz9bZw1lfv/sPWF3VjltwslL9HxAtmX9yQ
aoZvBQwIjr854ff/W1Ka2DkevzpiWDlEvmbnjhutLgUNKtavVyHtSXX2Z19ouvD9
UVmuodUN86juvkGaLLOwaKEdwBXUhy6vsJhXwzUjEHmHhqQSC1Vjoz2nYaW/Qn0R
0JeQgkyfgJVpSQ9Qhc2msclgQb4g1tlxeyVcJp8ozegKqiUv+1ejas27BpDwo/eb
cdGTg97I71w/17Jeag1ZyQjSuvmEmXciVHX5g8G/0RAaRTuc5Zesn4PVCQP80jcb
EwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 491586240986309087181054741046792938245885
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-30 19:10:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-28 19:10:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fail.pl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27108727995081746001298739977662351917552901907739827405225267298207820102601445978882694415297276372324030238560195092807886254884268582647697426406479363430809385216144133137177302265947698351996901807054657904250878778625145457617314617828201801885701309155057051509543363501814847290253025423056144229679033037447034507841636082783241217925670645208218838205064312000481303707997284090369909129730871318612375834553803141457165634888566057153489874852349016365494194976611701078745048757908555859355727329953321559553889178674996388488540833373921926091811515950775158088388193404204332900313212452073410374605587
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							79181cf284acc7e457f4bb230f207642193c94c9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avalanche.fail.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fail.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.git.fail.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.turris.fail.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fail.pl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/126.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000195e8ac6660000004030048304602210080c445490a35fd507ec2ffc4408943586e1a5c1393d27e148cfe8fe3027dd9eb022100823fd9c1fdd5fb40ac2db06247c4368987d4191b454497d3e7dc3b143257e381007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000195e8ac6671000004030047304502207f9ac4bd7289fc81bdcd9e18f77236a6fe6f29c4b1c53fda8baa0c0ea3025372022100cb8912575460db90ff0ab65845e79a2df7c091df03c26081f0cb5a98a027f067
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0087bb21bf9de366057aa5d2ba2df737ae684f80fcf11952912e90c075bcd24bef01967a451cf2a522324f2dd560c933f206814553cbe826b1c3f21a4881306c416c0136b786be6b9f21e602b52f68121875cfe4bb4a795a567f3787c9ad34212337239b646e1d20ff418c094b63c600d14e8a08c0b9b443ee31c2ee86d0bf3fbf585a44e1d3839444063eafddd1b20927746cadae2429520f31a8705ffd4578626e6baf87f1717d9929f4b5ec04adfc7827a431f52b8fa52e0a57236cef7eafbca335ce0d82e755fd5d40bedbee870286df51b0b84d13ac34f8b32ad06f2fc0e6f876237c10642858ccce3af746b8b9b23871a1a52cfdd20bd5d77a8bfc32665d