DV SSL/TLS Certificate for nafta.college

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the nafta.college DV SSL/TLS Certificate

This certificate with serial number 06:b5:fb:d2:55:c8:5d:af:c3:66:b9:0b:8a:a8:88:86:96:00 for nafta.college was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for nafta.college provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:b5:fb:d2:55:c8:5d:af:c3:66:b9:0b:8a:a8:88:86:96:00
Serial Number (int): 584599552352413091368448085101105050457600
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 65:0e:f8:9e:78:ce:91:6c:75:ca:d7:22:88:68:34:a5:96:d0:56:14
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 67:95:f8:eb:5c:ff:7e:cc:b5:4a:22:78:c7:a3:d3:c6:da:71:4c:9a
Fingerprint (SHA-256): e4:5c:a0:aa:71:7e:42:51:05:4f:95:00:ed:df:de:10:94:a3:0d:67:d1:bf:b1:c3:a2:ff:3f:d4:c2:57:86:17

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/1.crl

Check the revocation status for certificate nafta.college
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for nafta.college

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for nafta.college in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISBrX70lXIXa/DZrkLiqiIhpYAMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNzA5MjEwMzQ1WhcNMjUxMDA3MjEwMzQ0WjAYMRYwFAYDVQQD
Ew1uYWZ0YS5jb2xsZWdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
r1qbTsNaXiLc5gi+yXBLe0a1v/THhj3rUnOdzgA/BuBFdOT4CPGtlhS6gOqvx87C
t4zXAaC2dI/v+4YzdZdTDZi3jQ1yIhgrXrTmxoN9kcv9DSlz3uoMHlr9ZpEoh3AF
P/VpLLN3VP7BLfIzFf/ryd4dht2vXFzXx2pC8jM7/nQC7n/u/YQyLx2jFG8aw4sp
D3sXk06rh6HYIkBsofRLJR5nFQzoQ6gUI8uPGBYdfxd1u+15D6Dwc7Wy5rf+dwxM
6w1J01kT9efh4glgZD20f0za7Ymt/cFhafC4JKA3sgN/+tJY+h3frXnOjqP+/+4s
IODIo8Z7q9Z0itb0QZl4tQIDAQABo4ICLjCCAiowDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBRlDvieeM6RbHXK1yKIaDSlltBWFDAfBgNVHSMEGDAWgBTFz0ak6vTDwHps
lcQtsF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9y
MTEuaS5sZW5jci5vcmcvMCsGA1UdEQQkMCKCDW5hZnRhLmNvbGxlZ2WCEXd3dy5u
YWZ0YS5jb2xsZWdlMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC0GA1UdHwQmMCQwIqAg
oB6GHGh0dHA6Ly9yMTEuYy5sZW5jci5vcmcvMS5jcmwwggEDBgorBgEEAdZ5AgQC
BIH0BIHxAO8AdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZfx
NfdoAAAEAwBHMEUCIQCCIApTE0k2fJfrKMQkXMdZnRYX3X76I7MPmtdgQrA7zwIg
WS268p5n1oabx/JJPeK9VxFvG8UM46cavy109wiVLHEAdQAS8U40vVNyTIQGGcOP
P3oT+Oe1YoeInG0wBYTr5YYmOgAAAZfxNfd8AAAEAwBGMEQCIA6hTfHqoyfpALad
j5bDP1G0RFVUWvCCQsRUpcvTclrzAiAOdkNTwfxUJIw8vXFrf2XbP+BzZQBNYS2n
YVIZ739BxDANBgkqhkiG9w0BAQsFAAOCAQEASF/TIkZul91ybQwfgj30TJ8xHmu/
9Dc7W96Oq/Ir0uKfKwARUZrXLGbDBQDrnlzuK4I+GYmakwRLtnPk22fXDxYSWX7B
GXhRcrKbxuZho0QHRhFVux2ZjpYb9lJuuDbWhOdIc+CVwsQLBke+PnL1rzcFK0Ik
Sob4f5PCkGIHoCmBVCbE1uKez3/6ibTsO+0H2YzQr8qBSmM0on9ftzNND51SjIQC
fiNwo7spm6C14TusTLRINTHMIigcM6wXiYFngza6fT6q9nHqx4raVRA4/9fYn9fR
vjIuFbfwIE4rHA1059mQN++OJFAMYIhFlK8crBb0HTHnsN54X8vp1epzRQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1qbTsNaXiLc5gi+yXBL
e0a1v/THhj3rUnOdzgA/BuBFdOT4CPGtlhS6gOqvx87Ct4zXAaC2dI/v+4YzdZdT
DZi3jQ1yIhgrXrTmxoN9kcv9DSlz3uoMHlr9ZpEoh3AFP/VpLLN3VP7BLfIzFf/r
yd4dht2vXFzXx2pC8jM7/nQC7n/u/YQyLx2jFG8aw4spD3sXk06rh6HYIkBsofRL
JR5nFQzoQ6gUI8uPGBYdfxd1u+15D6Dwc7Wy5rf+dwxM6w1J01kT9efh4glgZD20
f0za7Ymt/cFhafC4JKA3sgN/+tJY+h3frXnOjqP+/+4sIODIo8Z7q9Z0itb0QZl4
tQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 584599552352413091368448085101105050457600
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-09 21:03:45 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-07 21:03:44 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nafta.college'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22136383183562498140665619812371629105713531496906437840056430608819098908082857536907491213488440569606413843623547548204966956778854838241719744244582315715300361896745564758535334579403096461807212397380084455487363756830217692264971611481684028884383334166244563480012131751062117487653192035118913653439706680020324304695159382920137715563339664001542316577554527754216224715086952191027627976212854617775971307559177529047536645179003677108459415690714887328558944500586411180616021227821211274641457971818083228264839270061058049255033005996459004292524101759441610856061333294132311284008227235004420204361909
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							650ef89e78ce916c75cad722886834a596d05614
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nafta.college'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nafta.college'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197f135f768000004030047304502210082200a531349367c97eb28c4245cc7599d1617dd7efa23b30f9ad76042b03bcf0220592dbaf29e67d6869bc7f2493de2bd57116f1bc50ce3a71abf2d74f708952c7100750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000197f135f77c000004030046304402200ea14df1eaa327e900b69d8f96c33f51b44455545af08242c454a5cbd3725af302200e764353c1fc54248c3cbd716b7f65db3fe07365004d612da7615219ef7f41c4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00485fd322466e97dd726d0c1f823df44c9f311e6bbff4373b5bde8eabf22bd2e29f2b0011519ad72c66c30500eb9e5cee2b823e19899a93044bb673e4db67d70f1612597ec119785172b29bc6e661a34407461155bb1d998e961bf6526eb836d684e74873e095c2c40b0647be3e72f5af37052b42244a86f87f93c2906207a029815426c4d6e29ecf7ffa89b4ec3bed07d98cd0afca814a6334a27f5fb7334d0f9d528c84027e2370a3bb299ba0b5e13bac4cb4483531cc22281c33ac178981678336ba7d3eaaf671eac78ada551038ffd7d89fd7d1be322e15b7f0204e2b1c0d74e7d99037ef8e24500c60884594af1cac16f41d31e7b0de785fcbe9d5ea7345