DV SSL/TLS Certificate for *.sarahwray.me

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the *.sarahwray.me DV SSL/TLS Certificate

This certificate with serial number 06:e9:3b:15:c2:78:c3:3a:f8:8e:ed:9b:61:e8:01:ce:55:e6 for *.sarahwray.me was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.sarahwray.me provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:e9:3b:15:c2:78:c3:3a:f8:8e:ed:9b:61:e8:01:ce:55:e6
Serial Number (int): 602038044517480744613123133793859147814374
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 99:10:77:29:e0:44:b5:b4:d6:bf:92:76:4b:3c:57:73:69:e2:d4:91
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 9d:50:26:b6:f0:54:94:3a:ec:11:5a:b8:9d:2e:e0:ce:4e:43:09:14
Fingerprint (SHA-256): 98:e3:c7:cb:7b:5b:c9:54:3c:6c:ac:4b:51:10:aa:de:8b:fd:44:47:48:a6:72:82:41:27:db:af:81:04:10:f7

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/103.crl

Check the revocation status for certificate *.sarahwray.me
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.sarahwray.me

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.sarahwray.me in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISBuk7FcJ4wzr4ju2bYegBzlXmMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTI2MDcxOTUxWhcNMjUwODI0MDcxOTUwWjAZMRcwFQYDVQQD
DA4qLnNhcmFod3JheS5tZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANkegGYTM1AtjN25B+so/r1pURK4rEqFd125a2Ww4oPnPEe+8p/ySvAZ8zeLeZeV
RjnVTFshUCSj3t2sgvjJfjunp2WvvTFskd3o1CvDvF5A64c44bb29Dqy0T3XhLIz
TiDluJN3pB0v88LoKjb+Upy4FthcevBn5rS84Nm/SRaxys34O3GHzkSmaUlFFEvw
o4e9xqIkaEXbsaabM2t2LybdiU8VOaO6IbQvo8is4JnTWoCYR+Irj5WRf4dpGpIP
i90Dh3NSVwVRxC686Eg418vzMRe/O4ULSb01uGTLgv+m9mZizn+2NPytAjBkzl9+
yG/hPhupFsv8KGiD3nT4tjUCAwEAAaOCAi0wggIpMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUmRB3KeBEtbTWv5J2SzxXc2ni1JEwHwYDVR0jBBgwFoAUxc9GpOr0w8B6
bJXELbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8v
cjExLmkubGVuY3Iub3JnLzAnBgNVHREEIDAegg4qLnNhcmFod3JheS5tZYIMc2Fy
YWh3cmF5Lm1lMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAioCCG
Hmh0dHA6Ly9yMTEuYy5sZW5jci5vcmcvMTAzLmNybDCCAQQGCisGAQQB1nkCBAIE
gfUEgfIA8AB2AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABlwur
3MYAAAQDAEcwRQIgGVyLoex1bsfJNrW9qYTX4N7lSxvadUX+1c90JMAggQICIQCz
NKWZRcEyzPlZkN4arg/XxlPyKCIF+43zYWZAhfRsqwB2AMz7D2qFcQll/pWbU87p
snwi6YVcDZeNtql+VMD+TA2wAAABlwur7DQAAAQDAEcwRQIhAKGR9IyCD0+qgMFw
W3vvLfv41mKlbnPPxxIVL6oU9mhKAiAGKqGtNPr6XmdGmtJFERsD5FRn+W4LqEL6
XLyuqireGzANBgkqhkiG9w0BAQsFAAOCAQEANt9vHjiH2KI0reEaG2DsgJKFq6wy
EVr2AD9Z5fddljx6aqUruW35H7wh4jLftR6i9rgp32cWsvsSGoKmy9Dx0avvFBI+
Z20iIUwGQ1TxgPp7LehB4DVX9xipTQvQhkQ5iJckFokKM/nyC7eJJ20R7QT3mrPP
a/m4q+h96+4fpYgqpkI9E8jEJbaI8dgNtRMsfgPlCNmlH4iteHQLI3iW9U7eKC3b
WVFTiZa9l95fjcU7VNhiml/4flyMq7UicOTSsosh5n9wgwX2lshkNX+piyC4qCZr
ko63FWc4UlACmFq4Vx1V7GTVNeWToC7BaDFau82jC85c81THby1x8nLppg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2R6AZhMzUC2M3bkH6yj+
vWlRErisSoV3XblrZbDig+c8R77yn/JK8BnzN4t5l5VGOdVMWyFQJKPe3ayC+Ml+
O6enZa+9MWyR3ejUK8O8XkDrhzjhtvb0OrLRPdeEsjNOIOW4k3ekHS/zwugqNv5S
nLgW2Fx68GfmtLzg2b9JFrHKzfg7cYfORKZpSUUUS/Cjh73GoiRoRduxppsza3Yv
Jt2JTxU5o7ohtC+jyKzgmdNagJhH4iuPlZF/h2kakg+L3QOHc1JXBVHELrzoSDjX
y/MxF787hQtJvTW4ZMuC/6b2ZmLOf7Y0/K0CMGTOX37Ib+E+G6kWy/woaIPedPi2
NQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 602038044517480744613123133793859147814374
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-26 07:19:51 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-24 07:19:50 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sarahwray.me'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27408753056239371159935850624776786464846856690449969038329584984462217511893602302334454912207610124228675238528175399012675102798634557232769130686530819410087734725274174530131159671163485499853716828338475438289070702191304481184389673407634565188128207447094536004273273097089563401684484737958338895085456355376546845395434657222267165467963750417104379331237906926173970076728280558748954154757864169277134480650239370918458710269015843112816992272350978200589068567346236951836407105536167556245584784369974305754830350872329370475659074766510902809488987236450780586908348940562691539576824366149423997695541
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							99107729e044b5b4d6bf92764b3c577369e2d491
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sarahwray.me'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sarahwray.me'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/103.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a000001970babdcc600000403004730450220195c8ba1ec756ec7c936b5bda984d7e0dee54b1bda7545fed5cf7424c0208102022100b334a59945c132ccf95990de1aae0fd7c653f2282205fb8df361664085f46cab007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001970babec340000040300473045022100a191f48c820f4faa80c1705b7bef2dfbf8d662a56e73cfc712152faa14f6684a0220062aa1ad34fafa5e67469ad245111b03e45467f96e0ba842fa5cbcaeaa2ade1b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0036df6f1e3887d8a234ade11a1b60ec809285abac32115af6003f59e5f75d963c7a6aa52bb96df91fbc21e232dfb51ea2f6b829df6716b2fb121a82a6cbd0f1d1abef14123e676d22214c064354f180fa7b2de841e03557f718a94d0bd086443988972416890a33f9f20bb789276d11ed04f79ab3cf6bf9b8abe87debee1fa5882aa6423d13c8c425b688f1d80db5132c7e03e508d9a51f88ad78740b237896f54ede282ddb5951538996bd97de5f8dc53b54d8629a5ff87e5c8cabb52270e4d2b28b21e67f708305f696c864357fa98b20b8a8266b928eb7156738525002985ab8571d55ec64d535e593a02ec168315abbcda30bce5cf354c76f2d71f272e9a6