DV SSL/TLS Certificate for liferollson.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the liferollson.org DV SSL/TLS Certificate

This certificate with serial number 06:21:25:f6:2f:ba:f3:ad:fb:37:b5:3c:37:06:d3:5b:59:1b for liferollson.org was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for liferollson.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:21:25:f6:2f:ba:f3:ad:fb:37:b5:3c:37:06:d3:5b:59:1b
Serial Number (int): 533953493407908795416105492822095912720667
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 0c:99:ca:71:5d:4b:cf:0c:45:19:2b:c2:37:8a:de:52:78:4e:27:4f
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): e8:28:b7:06:26:92:ad:de:55:84:ce:eb:63:00:90:f9:05:ba:0e:e4
Fingerprint (SHA-256): 69:85:e1:a6:02:97:b6:e6:76:b8:cb:a3:ba:30:b0:2d:14:8a:40:90:cc:ae:2e:0b:74:d4:21:3c:11:de:e4:4d

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/28.crl

Check the revocation status for certificate liferollson.org
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for liferollson.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

liferollson.org

X.509 Certificate

The complete raw X.509 certificate details for liferollson.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgISBiEl9i+68637N7U8NwbTW1kbMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjI3MDIyNTAwWhcNMjUwOTI1MDIyNDU5WjAaMRgwFgYDVQQD
Ew9saWZlcm9sbHNvbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCe1Yq1VB4gNbZk5Dg/2R3CYlbfprCNSII2hc4l9PtgCR9QFCkBhIzW/6tQ4NtH
IdZDnr1hGsznLQLbg9+syPy3ffS58UXgWoG8jeDCgGzcPknnD8Ou3jKUnj6IWpKG
EESzqHAs2X7xwXSWJO7nVYswEBLEQwv0Zk7fd12r/ubdo1vG6BvKygXX6TyuniD+
tGmljXQS4/JWTu16XUfiqUEdApF01ZumOaAEulwfU2W/2Jm00zOBpMWtAzld7PvM
/VrrXB+/I7OGqBkqxWGObBSVg4ZaxnD1VTgSBI2ipF8fgYzeZ/ptQ739tRJ7K6ND
dOkgLhUkmqTtxAz8O8DoJUJ3AgMBAAGjggIeMIICGjAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFAyZynFdS88MRRkrwjeK3lJ4TidPMB8GA1UdIwQYMBaAFMXPRqTq9MPA
emyVxC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMS5pLmxlbmNyLm9yZy8wGgYDVR0RBBMwEYIPbGlmZXJvbGxzb24ub3JnMBMG
A1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTEu
Yy5sZW5jci5vcmcvMjguY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYA7TxL
1ugGwqSiAFfbyyTiOAHfUS/txIbFcA8g3bc+P+AAAAGXr2lpAAAABAMARzBFAiEA
12uo5suJ3qlpS8muPAvwGBpivNM0SPj0ibrsMWvpAkACIBEDOm0/nTXXYWh5bWIM
FZZhatcYV6TC5IpIjiOdDqzHAHUADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIe
tH5OqjQAAAGXr2lo5QAABAMARjBEAiBg9Eb3s98LTXFziPhuJ9HYBVVrwVTDjrgX
jzfIIzMMBgIgYe9G9oLNhFnqSxzuPxoElf39MlWAx6RcOWx8WYKGRiAwDQYJKoZI
hvcNAQELBQADggEBAFe4zqexHxEqD2hCbMGDZTErON+Kqgy20pwJWmEDevxaO+/Z
gRGEM8GWlOePyoL/l1D/Pb2JJjoyDKdcBzsSZ5DKuQroEhmbOJKg2vQfFUEycxuu
H45L6z7+/CSwQRCtJF6sdXzwYPedMwX68eHo88xZsC1OtcNXmYEXpF1I4oDOQsbd
rjgKshv7B48S3pQCKkaxaxt/UJrxc9N02tpzUYfLIrnm/7YNsPL4rm2Dhr9aiEoA
5NQy682YN2PY6uHHScE3farpPqmJb6KqNDY5zj9Y86mnaNywMxOin1Bn/gdvns5q
cmigrH3zw1G6v/2Ymx/rA9Lh4CCuv8ooNqMuzZ4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntWKtVQeIDW2ZOQ4P9kd
wmJW36awjUiCNoXOJfT7YAkfUBQpAYSM1v+rUODbRyHWQ569YRrM5y0C24PfrMj8
t330ufFF4FqBvI3gwoBs3D5J5w/Drt4ylJ4+iFqShhBEs6hwLNl+8cF0liTu51WL
MBASxEML9GZO33ddq/7m3aNbxugbysoF1+k8rp4g/rRppY10EuPyVk7tel1H4qlB
HQKRdNWbpjmgBLpcH1Nlv9iZtNMzgaTFrQM5Xez7zP1a61wfvyOzhqgZKsVhjmwU
lYOGWsZw9VU4EgSNoqRfH4GM3mf6bUO9/bUSeyujQ3TpIC4VJJqk7cQM/DvA6CVC
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 533953493407908795416105492822095912720667
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-27 02:25:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-25 02:24:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'liferollson.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20050953585328977789433008422437888911622191011578863912264495010364366780774575550650479784151656326811614601470826622795080238536312818355961048735180049249075343685933263438596607078991617446131755228854097137750164142037966831069400620048536360064506428946990705295172277899314178851585075373608700017100685006545795748865426140799040621119775117569843369905587807647195295580756227906672683905476206164030296915946294934757443850846903414849274333526091420352060170235454824516351928401163126571791210262002834733168098959926705114797941910400767190994915851503284311780464557722425483851818284225306913472332407
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0c99ca715d4bcf0c45192bc2378ade52784e274f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liferollson.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/28.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe000000197af6969000000040300473045022100d76ba8e6cb89dea9694bc9ae3c0bf0181a62bcd33448f8f489baec316be90240022011033a6d3f9d35d76168796d620c1596616ad71857a4c2e48a488e239d0eacc70075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197af6968e50000040300463044022060f446f7b3df0b4d717388f86e27d1d805556bc154c38eb8178f37c823330c06022061ef46f682cd8459ea4b1cee3f1a0495fdfd325580c7a45c396c7c5982864620
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0057b8cea7b11f112a0f68426cc18365312b38df8aaa0cb6d29c095a61037afc5a3befd981118433c19694e78fca82ff9750ff3dbd89263a320ca75c073b126790cab90ae812199b3892a0daf41f154132731bae1f8e4beb3efefc24b04110ad245eac757cf060f79d3305faf1e1e8f3cc59b02d4eb5c357998117a45d48e280ce42c6ddae380ab21bfb078f12de94022a46b16b1b7f509af173d374dada735187cb22b9e6ffb60db0f2f8ae6d8386bf5a884a00e4d432ebcd983763d8eae1c749c1377daae93ea9896fa2aa343639ce3f58f3a9a768dcb03313a29f5067fe076f9ece6a7268a0ac7df3c351babffd989b1feb03d2e1e020aebfca2836a32ecd9e