clf.uk

Issued by E5

About this certificate

This digital certificate with serial number 04:4e:d3:c8:aa:8e:09:5f:db:98:a4:b6:67:ae:f6:d6:e6:72 was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=clf.uk

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:4e:d3:c8:aa:8e:09:5f:db:98:a4:b6:67:ae:f6:d6:e6:72
Serial Number (int): 375272677372619443899212023919024943851122
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: c4:90:92:14:c6:d3:ae:42:6e:b8:ac:c7:d0:48:42:bd:17:b3:b6:a6
AuthorityKeyId: 9f:2b:5f:cf:3c:21:4f:9d:04:b7:ed:2b:2c:c4:c6:70:8b:d2:d7:0d

Fingerprint (sha1): e4:1a:09:68:62:8b:ad:11:17:55:a3:a3:05:03:88:1a:b9:40:61:86
Fingerprint (sha256): 00:87:5a:3c:de:c4:ae:4d:6b:85:9b:3a:fe:03:51:29:ca:71:e7:2f:3d:4d:24:52:39:5a:df:c2:59:2d:ba:9a

Issuing Certificate URL: http://e5.i.lencr.org/

Revocation information

OCSP Server: http://e5.o.lencr.org

Check the revocation status for certificate clf.uk

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for clf.uk

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA384

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

clf.uk
heathfield.clf.uk
www.heathfield.clf.uk

Other certificates including the domain name clf.uk

(limited to 100 certificates)
clf.uk
jca1.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
clf.uk
tls.automattic.com
hpa1.clf-vps-001.clf.uk
clf.uk
clf.clf.academy
tls.automattic.com
staging.p161.clf-vps-001.clf.uk
clf.uk
*.clf.uk
staging.template1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
*.clf.uk
clf.uk
sa1.clf-vps-001.clf.uk
*.clf.uk
sni.cloudflaressl.com
bfa1.clf-vps-001.clf.uk
jca1.clf-vps-001.clf.uk
*.clf.uk
clf.uk
clf.uk
tls.automattic.com
wfa1.clf-vps-001.clf.uk
ba1.clf-vps-001.clf.uk
koa1.clf-vps-001.clf.uk
epa3.clf-vps-001.clf.uk
staging.p161.clf-vps-001.clf.uk
broadoakacademy.clf.uk
ba1.clf-vps-001.clf.uk
clf.uk
sts.clf.uk
tls.automattic.com
clf.clf.academy
clf.uk
clf.clf.academy
sni.cloudflaressl.com
staging.p161.clf-vps-001.clf.uk
tls.automattic.com
bpa1.clf-vps-001.clf.uk
ba1.clf-vps-001.clf.uk
dssb1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
jca1.clf-vps-001.clf.uk
bfa2.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
tls.automattic.com
demoslider.clf-vps-001.clf.uk
broadoakacademy.clf.uk
bpa1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
clfhelpdesk.clf.uk
wfa1.clf-vps-001.clf.uk
bfa1.clf-vps-001.clf.uk
clf.uk
hpa1.clf-vps-001.clf.uk
hva1.clf-vps-001.clf.uk
clf.uk
sa1.clf-vps-001.clf.uk
tls.automattic.com
portal.clf.uk
clf.uk
clf.uk

Certificate

The complete raw certificate details for clf.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIDljCCAxygAwIBAgISBE7TyKqOCV/bmKS2Z6721uZyMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNDA2MTQyMzEzNTdaFw0yNDA5MTIyMzEzNTZaMBExDzANBgNVBAMTBmNs
Zi51azBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOB9RBQPMoQhUWqCdmu5u/w+
W8OHOKEzL75jOLzxyjm5yd6GnivLirAlgjGmSehW9XrLR8V0uuQcAqWV8VaYkbuj
ggIxMIICLTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFMSQkhTG065Cbrisx9BIQr0X
s7amMB8GA1UdIwQYMBaAFJ8rX888IU+dBLftKyzExnCL0tcNMFUGCCsGAQUFBwEB
BEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL2U1Lm8ubGVuY3Iub3JnMCIGCCsGAQUF
BzAChhZodHRwOi8vZTUuaS5sZW5jci5vcmcvMDsGA1UdEQQ0MDKCBmNsZi51a4IR
aGVhdGhmaWVsZC5jbGYudWuCFXd3dy5oZWF0aGZpZWxkLmNsZi51azATBgNVHSAE
DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AEiw42vapkc0
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkBk+ZLIAAAQDAEcwRQIgeVEjsRk2
ABIxM79Nu0bYwhI7hpnKdd7yA10NoZfQLLACIQCKc4KfJZnf7thH5HXr/SusY1X8
i9hryoz2LBiKp1QRTwB1ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTK
AAABkBk+ZPQAAAQDAEYwRAIgde/oGWwYX5OtuG88b0ErRxOi40bXQZMtYhPZsXjx
3OMCICcwmCubnICmGyXvHEyrYnqTXSo3Yj9GEypuwj5n4k3YMAoGCCqGSM49BAMD
A2gAMGUCMQD61SKb7F/OFybcht9Rr/pl3JRszA2YtYUlIW5k1as18dR3D+FZnqvj
ZL1wZfWuS7MCMGC+wf19FaMUVRpXbIKZAXN7VCBqQp3tGew80OROKxesVKJsd16K
lHkIIBDrbTyDvA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4H1EFA8yhCFRaoJ2a7m7/D5bw4c4
oTMvvmM4vPHKObnJ3oaeK8uKsCWCMaZJ6Fb1estHxXS65BwCpZXxVpiRuw==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 375272677372619443899212023919024943851122
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'E5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-14 23:13:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-12 23:13:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'clf.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004e07d44140f328421516a82766bb9bbfc3e5bc38738a1332fbe6338bcf1ca39b9c9de869e2bcb8ab0258231a649e856f57acb47c574bae41c02a595f1569891bb
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c4909214c6d3ae426eb8acc7d04842bd17b3b6a6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9f2b5fcf3c214f9d04b7ed2b2cc4c6708bd2d70d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://e5.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://e5.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clf.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heathfield.clf.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.heathfield.clf.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000190193e64b200000403004730450220795123b1193600123133bf4dbb46d8c2123b8699ca75def2035d0da197d02cb00221008a73829f2599dfeed847e475ebfd2bac6355fc8bd86bca8cf62c188aa754114f0075001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca00000190193e64f40000040300463044022075efe8196c185f93adb86f3c6f412b4713a2e346d741932d6213d9b178f1dce302202730982b9b9c80a61b25ef1c4cab627a935d2a37623f46132a6ec23e67e24dd8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384)
 . . . . [c:0|t:3|false] BIT STRING (824 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38606664287007618731900038813206879295776656618997827827143464212582093113609920317335475836060871993240355513191347
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 14890441029095642007801102191817484669412320274920574970705045344147906390635657401790750963467430651737455776793532