DV SSL/TLS Certificate for momd.gov.iq

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the momd.gov.iq DV SSL/TLS Certificate

This certificate with serial number 05:8c:03:9d:61:b9:f1:ec:13:71:b5:69:d4:38:16:23:80:2c for momd.gov.iq was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for momd.gov.iq provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:8c:03:9d:61:b9:f1:ec:13:71:b5:69:d4:38:16:23:80:2c
Serial Number (int): 483205765884452575738582157521535509954604
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 55:d9:fe:4a:1d:73:f9:7c:aa:97:a7:d9:d1:c3:d1:c9:e7:b9:9c:1a
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 07:4a:c1:f5:e1:c0:bd:30:ca:5a:41:88:50:18:21:02:46:73:05:2e
Fingerprint (SHA-256): 59:02:48:45:22:e2:de:17:45:16:ad:5d:93:ea:a7:16:e4:b5:3d:cb:53:f5:5b:eb:dc:e0:d0:a0:50:c8:1f:f9

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/45.crl

Check the revocation status for certificate momd.gov.iq
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for momd.gov.iq

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for momd.gov.iq in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISBYwDnWG58ewTcbVp1DgWI4AsMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjAzMjA0NTQ4WhcNMjUwOTAxMjA0NTQ3WjAWMRQwEgYDVQQD
Ewttb21kLmdvdi5pcTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALeJ
32OwkOGWfPYkmF/kdspSd+nv/FnGl1Jql+Mh5hRUdqjRzJBbAFbaHgJTebrglmQH
XeEQ9vb8EGg9yJRtOTKsP1jZoWz99wZqlXESp3S33mnxXsvaFcfaMN2pqN6pPpt5
+P+yTbnTriXQvF1nQwOMOLEL+9OJ4a8I2tNlw+1G6r951D8247vDi1tMs4rNUrw6
iPvOgw6UDW0BbhRD49nY+ifLLb3C1j51PfhXMbLL8n0hZqdIoYevBMeep1HCEpFE
vi7S9rAqq/GFlT8z/pHGeXJmogReZWbl/ZnM8lFWlPg52DggYMSjylFscJ61ZBPf
Vkz1e8tCnbSE9C7wZOMCAwEAAaOCAiswggInMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUVdn+Sh1z+Xyql6fZ0cPRyee5nBowHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXE
LbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEx
LmkubGVuY3Iub3JnLzAnBgNVHREEIDAeggttb21kLmdvdi5pcYIPd3d3Lm1vbWQu
Z292LmlxMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0
dHA6Ly9yMTEuYy5sZW5jci5vcmcvNDUuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB
8QDvAHUAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGXN8CZ5gAA
BAMARjBEAiAVx3e8QUeB3WoDoFJZKorBo59FMk2kJou2Rt04aoaKIAIgUAF2NxL/
QutP8+XfBxUmbcc2TLwTBCThhxOYyArnH1cAdgAS8U40vVNyTIQGGcOPP3oT+Oe1
YoeInG0wBYTr5YYmOgAAAZc3wJnTAAAEAwBHMEUCIDNKwusfFPTaFVQbSuncM5zS
OQhElWSneqGXR66cRnyjAiEA/mZRGxx5rcFDeMPqOFjusJ17zTI92vvFy6wTfYSN
itYwDQYJKoZIhvcNAQELBQADggEBAFj1Yd0bzxM8L3ADkUJ8RPdPfu4XHChUDMKx
wBxKsKWxuAht9vcdgv1GHac/1NQNKgGKF/Yj57YQ4AiMwECM+NA00hwZLPlaswCO
NA9az+qtB2tTV05oVq6oLb5V3dDvcMeWUIQZkunuPaMLD+LQCfyhuFaGZlH4e2I2
NK36Rwwba3UOeioSqfOUBYNhTtgN+bv2imTAYLk6lztYjSx4GPfUH1A5vPrg74+I
4+DPMK+j8aDu6q+671vcivhLvVJzm92ISwyhZhxkbqfWoKu/CTjK93ntJrDKm+8h
CB53uAk82nc55QYzfcnd88vTF9f0pK38t4AKElwwXVNC0DNs6lY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4nfY7CQ4ZZ89iSYX+R2
ylJ36e/8WcaXUmqX4yHmFFR2qNHMkFsAVtoeAlN5uuCWZAdd4RD29vwQaD3IlG05
Mqw/WNmhbP33BmqVcRKndLfeafFey9oVx9ow3amo3qk+m3n4/7JNudOuJdC8XWdD
A4w4sQv704nhrwja02XD7Ubqv3nUPzbju8OLW0yzis1SvDqI+86DDpQNbQFuFEPj
2dj6J8stvcLWPnU9+FcxssvyfSFmp0ihh68Ex56nUcISkUS+LtL2sCqr8YWVPzP+
kcZ5cmaiBF5lZuX9mczyUVaU+DnYOCBgxKPKUWxwnrVkE99WTPV7y0KdtIT0LvBk
4wIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 483205765884452575738582157521535509954604
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-03 20:45:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-01 20:45:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'momd.gov.iq'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23169597329122675104832107530186032556614529321404558020257226259946264792288782721582553956193289231654053660077896341680581876674785579936097820908135836842368461414667113725415068509035260727108756396504466874242157699765185808350328166845327522448750357486323063890730889617903249203567242941383187779344413143098363360541941282870062715436318878327235116598549174799600670185430823995465957308382449914440859664813769343445656755772147209695175484702029023127423304433726455267667923545948873973705892552381774911858663991559348308357034443875509716110404581842485145332864201051477205612307826794168582310749411
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							55d9fe4a1d73f97caa97a7d9d1c3d1c9e7b99c1a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'momd.gov.iq'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.momd.gov.iq'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/45.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000019737c099e60000040300463044022015c777bc414781dd6a03a052592a8ac1a39f45324da4268bb646dd386a868a2002205001763712ff42eb4ff3e5df0715266dc7364cbc130424e1871398c80ae71f5700760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a0000019737c099d300000403004730450220334ac2eb1f14f4da15541b4ae9dc339cd23908449564a77aa19747ae9c467ca3022100fe66511b1c79adc14378c3ea3858eeb09d7bcd323ddafbc5cbac137d848d8ad6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0058f561dd1bcf133c2f700391427c44f74f7eee171c28540cc2b1c01c4ab0a5b1b8086df6f71d82fd461da73fd4d40d2a018a17f623e7b610e0088cc0408cf8d034d21c192cf95ab3008e340f5acfeaad076b53574e6856aea82dbe55ddd0ef70c79650841992e9ee3da30b0fe2d009fca1b856866651f87b623634adfa470c1b6b750e7a2a12a9f3940583614ed80df9bbf68a64c060b93a973b588d2c7818f7d41f5039bcfae0ef8f88e3e0cf30afa3f1a0eeeaafbaef5bdc8af84bbd52739bdd884b0ca1661c646ea7d6a0abbf0938caf779ed26b0ca9bef21081e77b8093cda7739e506337dc9ddf3cbd317d7f4a4adfcb7800a125c305d5342d0336cea56