DV SSL/TLS Certificate for niemen.co.uk

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the niemen.co.uk DV SSL/TLS Certificate

This certificate with serial number 05:d9:56:54:82:ca:2b:02:4b:49:95:6f:c2:e8:e7:a4:ad:ea for niemen.co.uk was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for niemen.co.uk provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:d9:56:54:82:ca:2b:02:4b:49:95:6f:c2:e8:e7:a4:ad:ea
Serial Number (int): 509517455693949147426669686240628665789930
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 89:e7:81:28:ed:ce:9a:f6:63:ad:f9:ee:f4:b7:eb:a4:8d:10:57:e5
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 3b:a0:37:13:45:7c:08:f7:4e:14:0a:c9:3a:49:d2:d6:ed:69:4a:3b
Fingerprint (SHA-256): 27:73:2c:a6:b7:93:b0:af:b0:1f:49:82:62:dd:35:08:2b:8a:02:01:23:92:eb:c9:a0:e8:25:db:ac:d2:eb:ae

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/107.crl

Check the revocation status for certificate niemen.co.uk
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for niemen.co.uk

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for niemen.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISBdlWVILKKwJLSZVvwujnpK3qMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjI5MTkzNDM5WhcNMjUwOTI3MTkzNDM4WjAXMRUwEwYDVQQD
EwxuaWVtZW4uY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCF
/oOCMCjvA4GDe6fzppYcNDHWfvHgViKlumIaKX2VsmemcJumimU0PZBIMCdIlApp
JtPa7I3Gm7gQVfc8gwCHbsJ/zTYe2CI3RJjuth/9ADP8aGtb14Artpj6WCFTGFNg
5CqCZAz/vLvZ5TNwcf8t7kB672+bcyQT1keK3gtw1zrZhp7eqXnquejPsPnmNX0q
ilalBTdR9zE0xResbKYz+MyvguF76dJZMtgv98uE0Xg6+HJC8N4V6JRkBgk3DdT4
ce4HYzQ5QBLN8JmBIcBo7bSrrqA0pN/PO/Ganb9DDx/xBCsYY5cQB9YoWO1/1Gvk
hnLdTIB8pECjIZqApr+3AgMBAAGjggItMIICKTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFInngSjtzpr2Y6357vS366SNEFflMB8GA1UdIwQYMBaAFMXPRqTq9MPAemyV
xC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3Ix
MS5pLmxlbmNyLm9yZy8wKQYDVR0RBCIwIIIMbmllbWVuLmNvLnVrghB3d3cubmll
bWVuLmNvLnVrMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAioCCG
Hmh0dHA6Ly9yMTEuYy5sZW5jci5vcmcvMTA3LmNybDCCAQIGCisGAQQB1nkCBAIE
gfMEgfAA7gB1AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABl71k
zpgAAAQDAEYwRAIgTG4yqJUivhIRScdLiLlhZ+jI2HamYdALRpeV7zX9H6cCIE9F
wNvsIyGuJSM5EWpuxXE4tU+TQqs4TFR+DBO9sWQAAHUAEvFONL1TckyEBhnDjz96
E/jntWKHiJxtMAWE6+WGJjoAAAGXvWTWZAAABAMARjBEAiBSlOpnCgChmJKX8HBC
7ml6KI6cu3+qw8ihJ2jQ695ufAIgZdqTitFXAzNm5fRZuJekavitL/BHNUgKSrBb
RNZ3GkIwDQYJKoZIhvcNAQELBQADggEBAFVwz+ec7zJSomxABpZZU6ZfTi7A4z2N
tiyjJLaa6/jKq1d+QRt5DIycbj7duj77ftjliATqZTfcctWs2hh5F5C0hA/4z6kT
YxdJQTb3EtBizI2Lg3KybwUZPgWU3q1YbOjvsRF1B4WJVYoQ4dHRwg8VwinAboT9
COaAOAt3ziizMasGiBJZm9veTxa2Ev5RVcI/wtOC1IEblrej9VcRbit5AebJlQtH
Je9iIcA7nfOMdjEJo3LHsLHNdYmN3lu5I4FjqFOOrYWPYnzW9ziEEObaOAmj238Q
OPTrb1COO6hHF3cox9v2NOPNNZa5+Kp9DvxbS0+D9H1BAZ2LMsekaeg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf6DgjAo7wOBg3un86aW
HDQx1n7x4FYipbpiGil9lbJnpnCbpoplND2QSDAnSJQKaSbT2uyNxpu4EFX3PIMA
h27Cf802HtgiN0SY7rYf/QAz/GhrW9eAK7aY+lghUxhTYOQqgmQM/7y72eUzcHH/
Le5Aeu9vm3MkE9ZHit4LcNc62Yae3ql56rnoz7D55jV9KopWpQU3UfcxNMUXrGym
M/jMr4Lhe+nSWTLYL/fLhNF4OvhyQvDeFeiUZAYJNw3U+HHuB2M0OUASzfCZgSHA
aO20q66gNKTfzzvxmp2/Qw8f8QQrGGOXEAfWKFjtf9Rr5IZy3UyAfKRAoyGagKa/
twIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 509517455693949147426669686240628665789930
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-29 19:34:39 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-27 19:34:38 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'niemen.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16915199946200831045588653096502078725842990774173329109213726874478489259570063623764486385267009761632919487440900490841430363961508098911291406331876456000053258822674712778291575486559971494904174304175108364534093913775478806190161923256398345242858396934516095320247748845829751231215966661422636213912174416371266116134274362047265875440117655257648226648403450040098714083020313483299663188128804614076818498721567943553780332927124559609679694421449864818821309556437074409446903773226002700083411467895178233195128561226570699179447718913272178575088475142599597266863669393237924895760906942383980215189431
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							89e78128edce9af663adf9eef4b7eba48d1057e5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'niemen.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.niemen.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/107.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000197bd64ce98000004030046304402204c6e32a89522be121149c74b88b96167e8c8d876a661d00b469795ef35fd1fa702204f45c0dbec2321ae252339116a6ec57138b54f9342ab384c547e0c13bdb1640000750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000197bd64d664000004030046304402205294ea670a00a1989297f07042ee697a288e9cbb7faac3c8a12768d0ebde6e7c022065da938ad157033366e5f459b897a46af8ad2ff04735480a4ab05b44d6771a42
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005570cfe79cef3252a26c4006965953a65f4e2ec0e33d8db62ca324b69aebf8caab577e411b790c8c9c6e3eddba3efb7ed8e58804ea6537dc72d5acda18791790b4840ff8cfa9136317494136f712d062cc8d8b8372b26f05193e0594dead586ce8efb11175078589558a10e1d1d1c20f15c229c06e84fd08e680380b77ce28b331ab068812599bdbde4f16b612fe5155c23fc2d382d4811b96b7a3f557116e2b7901e6c9950b4725ef6221c03b9df38c763109a372c7b0b1cd75898dde5bb9238163a8538ead858f627cd6f7388410e6da3809a3db7f1038f4eb6f508e3ba847177728c7dbf634e3cd3596b9f8aa7d0efc5b4b4f83f47d41019d8b32c7a469e8