DV SSL/TLS Certificate for operaomaha.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the operaomaha.org DV SSL/TLS Certificate

This certificate with serial number 05:f8:22:40:70:f1:c5:be:23:24:e1:58:75:ca:bd:b4:a8:45 for operaomaha.org was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for operaomaha.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:f8:22:40:70:f1:c5:be:23:24:e1:58:75:ca:bd:b4:a8:45
Serial Number (int): 519996985004834666724411827692835878250565
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: d9:da:cc:01:0a:ba:1e:ba:06:ca:20:49:0f:9c:2a:4e:d2:88:4c:39
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 4a:73:71:31:39:0e:11:89:b7:4f:51:ee:ff:27:75:4f:59:f5:f6:4b
Fingerprint (SHA-256): fa:3a:00:80:2d:82:f1:48:da:40:c4:ca:7e:1b:5a:aa:12:97:46:7e:c8:90:57:6d:6e:af:07:53:5c:04:8a:0d

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/70.crl

Check the revocation status for certificate operaomaha.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for operaomaha.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for operaomaha.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISBfgiQHDxxb4jJOFYdcq9tKhFMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTIzMDc1NDU2WhcNMjUwODIxMDc1NDU1WjAZMRcwFQYDVQQD
Ew5vcGVyYW9tYWhhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJjSE+r9Yz+xdwvj+5kLT1C03vBu+TKTRoc7iHBhRyu4kSp8lERlJKrjjRdfz3rt
RAmWYFnOYt2jywU0rTEB2wGvemwwK0cSRKbOsiGeklGcGJhtgn7p9XpNNV5/Ab6r
6UW2O02Dvr+hAx5mfaWTIXAnwi0k/p4+2CVZZ/i3p/C2syDY1x1FCYxSROJ5qW64
cUYAr7pWn01tX37D1LJQAzFvi1wypjMyIZfPNe8uL12E74sPUweF/kq9Ya07XtET
91OfaLfHUl3ugx6uJzt9+3yxeqLYL1sXiECYYJp4DMlK2Rbec14Paldst3zKDRlt
HUFavjySxxEKRZsY+O/PtL8CAwEAAaOCAjEwggItMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQU2drMAQq6HroGyiBJD5wqTtKITDkwHwYDVR0jBBgwFoAUxc9GpOr0w8B6
bJXELbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8v
cjExLmkubGVuY3Iub3JnLzAtBgNVHREEJjAkgg5vcGVyYW9tYWhhLm9yZ4ISd3d3
Lm9wZXJhb21haGEub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUw
I6AhoB+GHWh0dHA6Ly9yMTEuYy5sZW5jci5vcmcvNzAuY3JsMIIBAwYKKwYBBAHW
eQIEAgSB9ASB8QDvAHYAEvFONL1TckyEBhnDjz96E/jntWKHiJxtMAWE6+WGJjoA
AAGW/FjnewAABAMARzBFAiAe5ul/0nTOgeLdSytKoVgI1/pbp3ZM1kf9CyNvVyXW
CwIhAMxnBJCGXLikXPNCGchCAsP7KGIyPvVWblCh6Zpmp8jQAHUAzPsPaoVxCWX+
lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGW/Fj3FQAABAMARjBEAiBKDE6brzL0
NM1+ekMEzjI8Y5nQIFczWiQ5TP1CSpjQ2AIgTHZqE8WynnRMJw3z5c3rptD/9/8o
GFFSgAetPq1TahAwDQYJKoZIhvcNAQELBQADggEBAHVD7aIwn/8b9uPtEm6RRh0F
GA8nqpcvjpnWORTMB1e7bDA1SUF09nbqLPuJYLtRw69QSslY4MxcCx7WxmwR2IjE
23HoO5i/9hfTGk1nQUa7ONlDDoznKeSonlHmP3XjirO43yHk7nLtuKQvq/ke+N7S
Bajo3xolJ1HXNk4FmI0qeRtZVumDE4u1Dk541gFFbwofLP8OuE02DNuQJKQDKiHU
cpaBJ6CVDjdOw9CGvjbzWjz8cIpK47WaHhJUOZghR5SLGJ1g5kluLyh/PAFfUReV
vKkrFotUNmRC5cQplkGTS7jSZq0LxWwFztTb8kdm7n1K5tfrsjOyKoIfIFLvQDk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNIT6v1jP7F3C+P7mQtP
ULTe8G75MpNGhzuIcGFHK7iRKnyURGUkquONF1/Peu1ECZZgWc5i3aPLBTStMQHb
Aa96bDArRxJEps6yIZ6SUZwYmG2Cfun1ek01Xn8BvqvpRbY7TYO+v6EDHmZ9pZMh
cCfCLST+nj7YJVln+Len8LazINjXHUUJjFJE4nmpbrhxRgCvulafTW1ffsPUslAD
MW+LXDKmMzIhl8817y4vXYTviw9TB4X+Sr1hrTte0RP3U59ot8dSXe6DHq4nO337
fLF6otgvWxeIQJhgmngMyUrZFt5zXg9qV2y3fMoNGW0dQVq+PJLHEQpFmxj478+0
vwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 519996985004834666724411827692835878250565
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-23 07:54:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-21 07:54:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'operaomaha.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19291815581167765047704811274858111523872085186233602927348969328259361056483697321008582700098375791232290609550821013689284590928307564526290291688829106778102186461185335347609632618563631519731324948517755770629689759269883370178862531880932815063851873908339948839742053211266866621856664636364352228333996843631887469439123595735827895959201182237643105567224969984790778024067502072689185300786514028890238834299454110633334423339132986836173537439638249372465978092865798123444896776126391444235744916628337818492090862436615261460982209496955234193941444796844586024090882980951150009422175072908986171765951
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d9dacc010aba1eba06ca20490f9c2a4ed2884c39
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'operaomaha.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.operaomaha.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/70.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196fc58e77b000004030047304502201ee6e97fd274ce81e2dd4b2b4aa15808d7fa5ba7764cd647fd0b236f5725d60b022100cc670490865cb8a45cf34219c84202c3fb2862323ef5566e50a1e99a66a7c8d0007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000196fc58f715000004030046304402204a0c4e9baf32f434cd7e7a4304ce323c6399d02057335a24394cfd424a98d0d802204c766a13c5b29e744c270df3e5cdeba6d0fff7ff281851528007ad3ead536a10
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007543eda2309fff1bf6e3ed126e91461d05180f27aa972f8e99d63914cc0757bb6c3035494174f676ea2cfb8960bb51c3af504ac958e0cc5c0b1ed6c66c11d888c4db71e83b98bff617d31a4d674146bb38d9430e8ce729e4a89e51e63f75e38ab3b8df21e4ee72edb8a42fabf91ef8ded205a8e8df1a252751d7364e05988d2a791b5956e983138bb50e4e78d601456f0a1f2cff0eb84d360cdb9024a4032a21d472968127a0950e374ec3d086be36f35a3cfc708a4ae3b59a1e125439982147948b189d60e6496e2f287f3c015f511795bca92b168b54366442e5c4299641934bb8d266ad0bc56c05ced4dbf24766ee7d4ae6d7ebb233b22a821f2052ef4039