DV SSL/TLS Certificate for spocan.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the spocan.org DV SSL/TLS Certificate

This certificate with serial number 06:e7:c8:17:a9:be:a3:4f:5b:50:51:e9:4b:db:d6:17:2c:ad for spocan.org was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for spocan.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:e7:c8:17:a9:be:a3:4f:5b:50:51:e9:4b:db:d6:17:2c:ad
Serial Number (int): 601544910814114110303199295336400515706029
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 73:45:81:b5:53:8e:03:17:ba:df:4a:9f:a2:67:3c:e7:7b:f5:3c:fb
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 02:af:8c:3c:07:a7:90:f4:7f:0f:8a:d4:34:65:86:16:17:de:69:d3
Fingerprint (SHA-256): 99:91:b9:2b:b0:8e:90:c4:15:bc:1b:8f:3e:9d:b3:d3:18:ea:d8:1f:29:75:49:19:cc:45:c1:3c:11:3f:64:77

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/46.crl

Check the revocation status for certificate spocan.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for spocan.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for spocan.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISBufIF6m+o09bUFHpS9vWFyytMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTIyMjIzMTAwWhcNMjUwODIwMjIzMDU5WjAVMRMwEQYDVQQD
EwpzcG9jYW4ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs68J
yXRaVyqf8oqPXDHluVa+Jmg26PrjUMNhwiVQKIGB815td4Wv8I7FJZgorkmHYFz8
tvynYiUCd4sQOgXXocPcxF7cAOnoBqp29DJR4j9gvlh8B1Rhz4XtbnI4TXrJB9TI
9Hg2oOxLlnl4KgoHZdpd2exfGad8d5ZBkhpYJDODy2DiHQG6n6lK4EY1b6AOm9Ih
1b1nvFhi9HlZ4t63akXzD24Jjf60ihdGUxwMFOnHk7eioQvn7iOhnrU1GIgah1Cp
qsZqZfV1daa/f8RWoc2/odgy7IX8cZJK2xIr/+f9QkNKgYIcYOosKeXe7v1ZuMSM
jBs4T43uYckvFTHReQIDAQABo4ICKjCCAiYwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBRzRYG1U44DF7rfSp+iZzzne/U8+zAfBgNVHSMEGDAWgBTFz0ak6vTDwHpslcQt
sF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTEu
aS5sZW5jci5vcmcvMCUGA1UdEQQeMByCCnNwb2Nhbi5vcmeCDnd3dy5zcG9jYW4u
b3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6
Ly9yMTEuYy5sZW5jci5vcmcvNDYuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
AHYA7TxL1ugGwqSiAFfbyyTiOAHfUS/txIbFcA8g3bc+P+AAAAGW+lShHAAABAMA
RzBFAiEAtg1j10SupC2p7fn5V7Ex4WOaQaZvA8VYaZkQtwMYvJACIFPopnLgZJf1
9pUInOuPt6r+s208i6WlLgrvnQbaaVaDAHYADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX
6TDvDkIetH5OqjQAAAGW+lSwxQAABAMARzBFAiEAqzMjBz1B17Ls6bloSkrZterr
YTRD+88tO9LTQ+1voKwCIClW+hsGzyUK1iu/eQZXuCOSeCKYL3akvwLPlRiOfHf2
MA0GCSqGSIb3DQEBCwUAA4IBAQBWV1UiT65BQU0U6DvPfFPt+DVgEAmyPWW6pz6t
JYiYFSTJJECKkkcPnVxnsBxoGQN/uErMR7mRk2DdvllxrDOiG23Qz37GrvdNGX41
bOhLC96QnnYELAgcXXmyNhcetL2wqcTLEtln92t7a4QztPggljhxufLf8UQhnKTS
6SN9W4BhjPHgRsteBPNCj84i2tioLAKABpFyqGOc9mAUdLGnzOeCexuhuk/ypu3i
ZY5AA0gZaOprB3IV0Usa07wEkxN3ap7WlxzNILJ6skbJG+/xIprMuFeTN6r/rCVM
PTqlPkdEYEjAPF13n8epTKGKtpwrJA+mCbvvJmtqBxVVEWqp
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs68JyXRaVyqf8oqPXDHl
uVa+Jmg26PrjUMNhwiVQKIGB815td4Wv8I7FJZgorkmHYFz8tvynYiUCd4sQOgXX
ocPcxF7cAOnoBqp29DJR4j9gvlh8B1Rhz4XtbnI4TXrJB9TI9Hg2oOxLlnl4KgoH
Zdpd2exfGad8d5ZBkhpYJDODy2DiHQG6n6lK4EY1b6AOm9Ih1b1nvFhi9HlZ4t63
akXzD24Jjf60ihdGUxwMFOnHk7eioQvn7iOhnrU1GIgah1CpqsZqZfV1daa/f8RW
oc2/odgy7IX8cZJK2xIr/+f9QkNKgYIcYOosKeXe7v1ZuMSMjBs4T43uYckvFTHR
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 601544910814114110303199295336400515706029
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-22 22:31:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-20 22:30:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'spocan.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22682971157225004200618656396081994507853969868738249676160434278469597855142010151631095304392729858253838671075353216466724871040357100282691306545873363904403286974492643646429440010867604247337122803561372878175861489326043852819870839677749397737284289248031919929787574919960114006832235692542762649928349379479057735911992315396961671640836004840940958469965911746207308960273137063325202975696875127771423935478761969226837196216052897689051962912893345814926328973702619293062632754269751111294163909417408769369444328896968260141303843674798183021086151831484420183865135090050252630972264239793238638186873
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							734581b5538e0317badf4a9fa2673ce77bf53cfb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spocan.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.spocan.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/46.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe000000196fa54a11c0000040300473045022100b60d63d744aea42da9edf9f957b131e1639a41a66f03c558699910b70318bc90022053e8a672e06497f5f695089ceb8fb7aafeb36d3c8ba5a52e0aef9d06da6956830076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000196fa54b0c50000040300473045022100ab3323073d41d7b2ece9b9684a4ad9b5eaeb613443fbcf2d3bd2d343ed6fa0ac02202956fa1b06cf250ad62bbf790657b823927822982f76a4bf02cf95188e7c77f6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00565755224fae41414d14e83bcf7c53edf835601009b23d65baa73ead2588981524c924408a92470f9d5c67b01c6819037fb84acc47b9919360ddbe5971ac33a21b6dd0cf7ec6aef74d197e356ce84b0bde909e76042c081c5d79b236171eb4bdb0a9c4cb12d967f76b7b6b8433b4f820963871b9f2dff144219ca4d2e9237d5b80618cf1e046cb5e04f3428fce22dad8a82c0280069172a8639cf6601474b1a7cce7827b1ba1ba4ff2a6ede2658e4003481968ea6b077215d14b1ad3bc049313776a9ed6971ccd20b27ab246c91beff1229accb8579337aaffac254c3d3aa53e47446048c03c5d779fc7a94ca18ab69c2b240fa609bbef266b6a071555116aa9