DV SSL/TLS Certificate for ristomattila.fi

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the ristomattila.fi DV SSL/TLS Certificate

This certificate with serial number 05:2b:63:19:1d:e5:54:57:31:2d:74:c1:ea:ba:f7:b7:b4:9c for ristomattila.fi was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for ristomattila.fi provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:2b:63:19:1d:e5:54:57:31:2d:74:c1:ea:ba:f7:b7:b4:9c
Serial Number (int): 450325295421764987075423545263105452258460
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: b5:50:47:78:2b:84:a7:7f:ef:ba:81:6f:c9:bb:5c:65:d3:41:f3:f9
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 8f:f6:05:06:23:5a:0a:98:84:09:71:51:6f:4d:26:9d:4c:59:90:c9
Fingerprint (SHA-256): 0b:dd:1e:49:3d:c0:14:7e:ea:79:54:b3:b6:63:32:70:0f:81:8f:d7:6a:bd:a4:6e:4a:9f:34:c3:27:df:81:b6

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/29.crl

Check the revocation status for certificate ristomattila.fi
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ristomattila.fi

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for ristomattila.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISBStjGR3lVFcxLXTB6rr3t7ScMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjI3MDgyOTE0WhcNMjUwOTI1MDgyOTEzWjAaMRgwFgYDVQQD
Ew9yaXN0b21hdHRpbGEuZmkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClyVYZEgGS7XfXZau/TLwMyvqIeIpxqftCQe9lTW+kr+UOHviyuTx6cTd0CcpU
x4UWgu6VOfGFLmnDjoqWxRianlDLSEkfZ5EVJjhevsDlH1iCYY+3I3sacDoKwqes
AAx2shmCl09cbiKeN6O+GHAH9cDVyqyMUZtmjU+N8y1QA4OXv+7d/9//j/rTE/cm
8Zvv0P/B3diGJVcG0sGyJZ45wKfnnlN/89jMgO82MY0aIRLMFJjxabRZmnaFLBeR
om2zRPH99wQ2FxHq8ePFYabtt9XqqZD2DoYYVPm7uCydVhoNw0NA6cneChTnNQoH
w4u/x64hDpKOgB/oPCf5sqENAgMBAAGjggI1MIICMTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFLVQR3grhKd/77qBb8m7XGXTQfP5MB8GA1UdIwQYMBaAFLu8w0el5Lyp
xsOkcgwQjaI14cjoMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMC5pLmxlbmNyLm9yZy8wLwYDVR0RBCgwJoIPcmlzdG9tYXR0aWxhLmZpghN3
d3cucmlzdG9tYXR0aWxhLmZpMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQn
MCUwI6AhoB+GHWh0dHA6Ly9yMTAuYy5sZW5jci5vcmcvMjkuY3JsMIIBBQYKKwYB
BAHWeQIEAgSB9gSB8wDxAHcApELFBklgYVSPD9TqnPt6LSZFTYepfy/fRVn2J086
hFQAAAGXsLbiDwAABAMASDBGAiEAvXZiQBB37GT7QgxaqbzJYzkQaexIsJgeQWc9
nR4iBPkCIQDh5Vyg74yqXBKWQySataxKFtKxV7q184Qf0tyxu1sFdAB2AMz7D2qF
cQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAABl7C24iAAAAQDAEcwRQIgD8A+
s+848Hg/6Romzrwc5UpMebcUjhhIw4HWPTIhFfMCIQCCgk6zbhc5gHVsdSFYTHPT
8YI/NXzVDr9BlziIpuIhnjANBgkqhkiG9w0BAQsFAAOCAQEAkA7UcMFpkORfoVAV
4HlBCI4Q0yhOgmaiMz6pmlADJ0zDcGTw5ZvPdN/HmkfSrlU7Vv/w/UJsV6RhTFuS
eM0hntiwpKLyX1mR8sv1qweUjmru8pNf+u/TT5scSSdIT0s/feixzK9YymuOkPrt
KKxVvlKYdKah0y1p7x9ixUFPIClK6UPLAN2foVJpmEjlJ7uSOcLMuXNgZ5iHiiaw
uWGfDzndYJEa2OJxg+N/9mLhjL3iy1zSXCVVnHMMagH7DD+Hs/dN5goFB/AFNxwD
NCit7xl5w2ji1CdNTTmscy8a3/CrMiOQCpDb+Gx0DdSr1wURxZKUYQdmv0dkFDWs
pG52sg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApclWGRIBku1312Wrv0y8
DMr6iHiKcan7QkHvZU1vpK/lDh74srk8enE3dAnKVMeFFoLulTnxhS5pw46KlsUY
mp5Qy0hJH2eRFSY4Xr7A5R9YgmGPtyN7GnA6CsKnrAAMdrIZgpdPXG4injejvhhw
B/XA1cqsjFGbZo1PjfMtUAODl7/u3f/f/4/60xP3JvGb79D/wd3YhiVXBtLBsiWe
OcCn555Tf/PYzIDvNjGNGiESzBSY8Wm0WZp2hSwXkaJts0Tx/fcENhcR6vHjxWGm
7bfV6qmQ9g6GGFT5u7gsnVYaDcNDQOnJ3goU5zUKB8OLv8euIQ6SjoAf6Dwn+bKh
DQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 450325295421764987075423545263105452258460
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-27 08:29:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-25 08:29:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ristomattila.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20928602959127521364553788756278614921790612668792237065712086796098837493612834903682772716006033636371076117896058541515361573692747217285277173450898259163965483368123844818223094328266076877135117138355886557792280130489709199806940232116085361250135543652179558118089776361233589289419486877702101783026258164950840017919441959873943585179103471367964148737372264604636361796382466373207692639593785732248461112918360986168960468438175751247182649983552685190810611462219364252166067829064142550245491946845147431256756232079931874972852775455608126433501224513821055467812686062124866552686744240866301282787597
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b55047782b84a77fefba816fc9bb5c65d341f3f9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ristomattila.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ristomattila.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/29.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a845400000197b0b6e20f0000040300483046022100bd7662401077ec64fb420c5aa9bcc963391069ec48b0981e41673d9d1e2204f9022100e1e55ca0ef8caa5c129643249ab5ac4a16d2b157bab5f3841fd2dcb1bb5b0574007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197b0b6e220000004030047304502200fc03eb3ef38f0783fe91a26cebc1ce54a4c79b7148e1848c381d63d322115f302210082824eb36e173980756c7521584c73d3f1823f357cd50ebf41973888a6e2219e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00900ed470c16990e45fa15015e07941088e10d3284e8266a2333ea99a5003274cc37064f0e59bcf74dfc79a47d2ae553b56fff0fd426c57a4614c5b9278cd219ed8b0a4a2f25f5991f2cbf5ab07948e6aeef2935ffaefd34f9b1c4927484f4b3f7de8b1ccaf58ca6b8e90faed28ac55be529874a6a1d32d69ef1f62c5414f20294ae943cb00dd9fa152699848e527bb9239c2ccb973606798878a26b0b9619f0f39dd60911ad8e27183e37ff662e18cbde2cb5cd25c25559c730c6a01fb0c3f87b3f74de60a0507f005371c033428adef1979c368e2d4274d4d39ac732f1adff0ab3223900a90dbf86c740dd4abd70511c59294610766bf47641435aca46e76b2