DV SSL/TLS Certificate for umokindness.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the umokindness.org DV SSL/TLS Certificate

This certificate with serial number 05:0c:27:be:92:b7:2a:1d:d2:8e:f9:7f:3d:2d:7b:01:c0:2a for umokindness.org was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for umokindness.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:0c:27:be:92:b7:2a:1d:d2:8e:f9:7f:3d:2d:7b:01:c0:2a
Serial Number (int): 439697647465834818427822560281143036461098
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: c9:16:53:f2:a5:b5:4a:90:c0:2d:d1:2b:91:cf:24:47:5e:53:cd:69
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): f5:e1:6a:41:2b:e8:98:36:dd:3e:76:8e:62:60:2c:82:e5:27:ef:ea
Fingerprint (SHA-256): 96:3e:f6:0c:e8:03:22:55:90:8c:7f:98:47:60:38:c3:b7:57:65:74:1f:c3:0f:70:0f:50:6d:8d:c2:3e:f5:85

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/43.crl

Check the revocation status for certificate umokindness.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for umokindness.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for umokindness.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISBQwnvpK3Kh3Sjvl/PS17AcAqMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNzAxMTcwNjI5WhcNMjUwOTI5MTcwNjI4WjAaMRgwFgYDVQQD
Ew91bW9raW5kbmVzcy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvuUftnvo6vZKD1p2iPnlCpWQDSL9TQaWKaSPf9qJpKCvYMxKxJrvTwKs+GQn3
jbuv0zz8Wy0t7QgiY6iPqfPCZD1G/CphUWNl9bst0j5KgCcN/sjfWpdVqFBmj6HE
a14vON2uNRr9iRFdhTUxiyN2c7bn/7MX9SSvUSJXtI4Xv0jxtSRqRbBfq0A36DRc
jO93mqkCNgvZLZqWd9ZatedzOHZEaxqMp5UipyB9Dfx1F0RYv449H1yRpqX32v0y
8TMRFtIfmHItWsZ7e4Fj9LwHRbD33Hs0HlEAij+FAA02Zf6yldmQsBwHYhJziEfM
oG14F5i78UZ/3AnAlhAqhnRTAgMBAAGjggI1MIICMTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFMkWU/KltUqQwC3RK5HPJEdeU81pMB8GA1UdIwQYMBaAFMXPRqTq9MPA
emyVxC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMS5pLmxlbmNyLm9yZy8wLwYDVR0RBCgwJoIPdW1va2luZG5lc3Mub3JnghN3
d3cudW1va2luZG5lc3Mub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQn
MCUwI6AhoB+GHWh0dHA6Ly9yMTEuYy5sZW5jci5vcmcvNDMuY3JsMIIBBQYKKwYB
BAHWeQIEAgSB9gSB8wDxAHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5M
DbAAAAGXxyngoQAABAMASDBGAiEAzpMoIiM/mhMmwGwqNmtQcwgmLP6WMu3gthY2
Vg3ycfMCIQCXuFoqrwmUKxfMGS9iA8QLOxRT8CN7cDbjbr+t7ZGJLQB2AN3cyjSV
1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABl8cp4OYAAAQDAEcwRQIgSrhz
3WnxZY+U/xEAvc3KnQH7JrxC59GV7p9bukqsv7UCIQD6NoB9FTo+sNcy23he7qWL
auF9R+mQuH+ue2B2MVrl9TANBgkqhkiG9w0BAQsFAAOCAQEAJOYMP+HU60ClsDIZ
7W4TaG/ahwssJi0OOzEQ3uFfWsjx5MHUILUQkGveOr8+YNY7WkerBTfpRTJLEW7r
ZrZ5lsbraORBqzsujuTPc1CfDNXdWwYQ2+J6BarjVVPkwPDMg1V6FRBFeLZJpHdG
Ujk2ZqXiqdBAer4zaBYvZV/pxlshIxmxTi2fatyKLqyEAXng818qlNTxpkQVlztm
ezc0jYBuZFcwuJZ44YwyltUufaGx2Ug78vqwsYcWlV4ooQaTDZAflz6qA9bPIcjf
QcH5RsepiJty6pW+YqFazUPkTzQbV8A7exCDIq83wdpcejIGSePwX+4AmZscelnl
qQESag==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7lH7Z76Or2Sg9adoj55
QqVkA0i/U0Glimkj3/aiaSgr2DMSsSa708CrPhkJ9427r9M8/FstLe0IImOoj6nz
wmQ9RvwqYVFjZfW7LdI+SoAnDf7I31qXVahQZo+hxGteLzjdrjUa/YkRXYU1MYsj
dnO25/+zF/Ukr1EiV7SOF79I8bUkakWwX6tAN+g0XIzvd5qpAjYL2S2alnfWWrXn
czh2RGsajKeVIqcgfQ38dRdEWL+OPR9ckaal99r9MvEzERbSH5hyLVrGe3uBY/S8
B0Ww99x7NB5RAIo/hQANNmX+spXZkLAcB2ISc4hHzKBteBeYu/FGf9wJwJYQKoZ0
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 439697647465834818427822560281143036461098
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-01 17:06:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-29 17:06:28 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'umokindness.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22183068820386708773561784227511838718668145815411588673756618834103998561788414468058143595190013041456659080438548840919509545622449455946518501961546884933490496813265135857856168742283119757432589923411153232016203044283205672688053685421586377996634730398347785599332907895271260173499117753015397068401100913020458048561167344752589578264427852793172023791238016032792177823051748934969765802954216123811072741761056556383765190013072825663314081668192727621322391023438068784099723425709893415055886079966880957069341513240054643389295841345570861406561758086702040079187585480491119067637995901225528516310099
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c91653f2a5b54a90c02dd12b91cf24475e53cd69
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'umokindness.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.umokindness.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/43.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197c729e0a10000040300483046022100ce932822233f9a1326c06c2a366b507308262cfe9632ede0b61636560df271f302210097b85a2aaf09942b17cc192f6203c40b3b1453f0237b7036e36ebfaded91892d007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000197c729e0e6000004030047304502204ab873dd69f1658f94ff1100bdcdca9d01fb26bc42e7d195ee9f5bba4aacbfb5022100fa36807d153a3eb0d732db785eeea58b6ae17d47e990b87fae7b6076315ae5f5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0024e60c3fe1d4eb40a5b03219ed6e13686fda870b2c262d0e3b3110dee15f5ac8f1e4c1d420b510906bde3abf3e60d63b5a47ab0537e945324b116eeb66b67996c6eb68e441ab3b2e8ee4cf73509f0cd5dd5b0610dbe27a05aae35553e4c0f0cc83557a15104578b649a4774652393666a5e2a9d0407abe3368162f655fe9c65b212319b14e2d9f6adc8a2eac840179e0f35f2a94d4f1a64415973b667b37348d806e645730b89678e18c3296d52e7da1b1d9483bf2fab0b18716955e28a106930d901f973eaa03d6cf21c8df41c1f946c7a9889b72ea95be62a15acd43e44f341b57c03b7b108322af37c1da5c7a320649e3f05fee00999b1c7a59e5a901126a