clf.uk
Issued by E5
About this certificate
This digital certificate with serial number 04:4e:d3:c8:aa:8e:09:5f:db:98:a4:b6:67:ae:f6:d6:e6:72 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=clf.uk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:4e:d3:c8:aa:8e:09:5f:db:98:a4:b6:67:ae:f6:d6:e6:72Serial Number (int): 375272677372619443899212023919024943851122
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: c4:90:92:14:c6:d3:ae:42:6e:b8:ac:c7:d0:48:42:bd:17:b3:b6:a6
AuthorityKeyId: 9f:2b:5f:cf:3c:21:4f:9d:04:b7:ed:2b:2c:c4:c6:70:8b:d2:d7:0d
Fingerprint (sha1): e4:1a:09:68:62:8b:ad:11:17:55:a3:a3:05:03:88:1a:b9:40:61:86
Fingerprint (sha256): 00:87:5a:3c:de:c4:ae:4d:6b:85:9b:3a:fe:03:51:29:ca:71:e7:2f:3d:4d:24:52:39:5a:df:c2:59:2d:ba:9a
Issuing Certificate URL: http://e5.i.lencr.org/
Revocation information
OCSP Server: http://e5.o.lencr.orgCheck the revocation status for certificate clf.uk
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for clf.uk
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
ECDSA with SHA384
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
clf.uk
heathfield.clf.uk
www.heathfield.clf.uk
heathfield.clf.uk
www.heathfield.clf.uk
Other certificates including the domain name clf.uk
(limited to 100 certificates)
clf.uk
jca1.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
clf.uk
tls.automattic.com
hpa1.clf-vps-001.clf.uk
clf.uk
clf.clf.academy
tls.automattic.com
staging.p161.clf-vps-001.clf.uk
clf.uk
*.clf.uk
staging.template1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
*.clf.uk
clf.uk
sa1.clf-vps-001.clf.uk
*.clf.uk
sni.cloudflaressl.com
bfa1.clf-vps-001.clf.uk
jca1.clf-vps-001.clf.uk
*.clf.uk
clf.uk
clf.uk
tls.automattic.com
wfa1.clf-vps-001.clf.uk
ba1.clf-vps-001.clf.uk
koa1.clf-vps-001.clf.uk
epa3.clf-vps-001.clf.uk
staging.p161.clf-vps-001.clf.uk
broadoakacademy.clf.uk
ba1.clf-vps-001.clf.uk
clf.uk
sts.clf.uk
tls.automattic.com
clf.clf.academy
clf.uk
clf.clf.academy
sni.cloudflaressl.com
staging.p161.clf-vps-001.clf.uk
tls.automattic.com
bpa1.clf-vps-001.clf.uk
ba1.clf-vps-001.clf.uk
dssb1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
jca1.clf-vps-001.clf.uk
bfa2.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
tls.automattic.com
demoslider.clf-vps-001.clf.uk
broadoakacademy.clf.uk
bpa1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
clfhelpdesk.clf.uk
wfa1.clf-vps-001.clf.uk
bfa1.clf-vps-001.clf.uk
clf.uk
hpa1.clf-vps-001.clf.uk
hva1.clf-vps-001.clf.uk
clf.uk
sa1.clf-vps-001.clf.uk
tls.automattic.com
portal.clf.uk
clf.uk
clf.uk
jca1.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
clf.uk
tls.automattic.com
hpa1.clf-vps-001.clf.uk
clf.uk
clf.clf.academy
tls.automattic.com
staging.p161.clf-vps-001.clf.uk
clf.uk
*.clf.uk
staging.template1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
*.clf.uk
clf.uk
sa1.clf-vps-001.clf.uk
*.clf.uk
sni.cloudflaressl.com
bfa1.clf-vps-001.clf.uk
jca1.clf-vps-001.clf.uk
*.clf.uk
clf.uk
clf.uk
tls.automattic.com
wfa1.clf-vps-001.clf.uk
ba1.clf-vps-001.clf.uk
koa1.clf-vps-001.clf.uk
epa3.clf-vps-001.clf.uk
staging.p161.clf-vps-001.clf.uk
broadoakacademy.clf.uk
ba1.clf-vps-001.clf.uk
clf.uk
sts.clf.uk
tls.automattic.com
clf.clf.academy
clf.uk
clf.clf.academy
sni.cloudflaressl.com
staging.p161.clf-vps-001.clf.uk
tls.automattic.com
bpa1.clf-vps-001.clf.uk
ba1.clf-vps-001.clf.uk
dssb1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
jca1.clf-vps-001.clf.uk
bfa2.clf-vps-001.clf.uk
hwa1.clf-vps-001.clf.uk
tls.automattic.com
demoslider.clf-vps-001.clf.uk
broadoakacademy.clf.uk
bpa1.clf-vps-001.clf.uk
clfhelpdesk.clf.uk
clfhelpdesk.clf.uk
wfa1.clf-vps-001.clf.uk
bfa1.clf-vps-001.clf.uk
clf.uk
hpa1.clf-vps-001.clf.uk
hva1.clf-vps-001.clf.uk
clf.uk
sa1.clf-vps-001.clf.uk
tls.automattic.com
portal.clf.uk
clf.uk
clf.uk
Certificate
The complete raw certificate details for clf.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIDljCCAxygAwIBAgISBE7TyKqOCV/bmKS2Z6721uZyMAoGCCqGSM49BAMDMDIx CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF NTAeFw0yNDA2MTQyMzEzNTdaFw0yNDA5MTIyMzEzNTZaMBExDzANBgNVBAMTBmNs Zi51azBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOB9RBQPMoQhUWqCdmu5u/w+ W8OHOKEzL75jOLzxyjm5yd6GnivLirAlgjGmSehW9XrLR8V0uuQcAqWV8VaYkbuj ggIxMIICLTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFMSQkhTG065Cbrisx9BIQr0X s7amMB8GA1UdIwQYMBaAFJ8rX888IU+dBLftKyzExnCL0tcNMFUGCCsGAQUFBwEB BEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL2U1Lm8ubGVuY3Iub3JnMCIGCCsGAQUF BzAChhZodHRwOi8vZTUuaS5sZW5jci5vcmcvMDsGA1UdEQQ0MDKCBmNsZi51a4IR aGVhdGhmaWVsZC5jbGYudWuCFXd3dy5oZWF0aGZpZWxkLmNsZi51azATBgNVHSAE DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AEiw42vapkc0 D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkBk+ZLIAAAQDAEcwRQIgeVEjsRk2 ABIxM79Nu0bYwhI7hpnKdd7yA10NoZfQLLACIQCKc4KfJZnf7thH5HXr/SusY1X8 i9hryoz2LBiKp1QRTwB1ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTK AAABkBk+ZPQAAAQDAEYwRAIgde/oGWwYX5OtuG88b0ErRxOi40bXQZMtYhPZsXjx 3OMCICcwmCubnICmGyXvHEyrYnqTXSo3Yj9GEypuwj5n4k3YMAoGCCqGSM49BAMD A2gAMGUCMQD61SKb7F/OFybcht9Rr/pl3JRszA2YtYUlIW5k1as18dR3D+FZnqvj ZL1wZfWuS7MCMGC+wf19FaMUVRpXbIKZAXN7VCBqQp3tGew80OROKxesVKJsd16K lHkIIBDrbTyDvA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4H1EFA8yhCFRaoJ2a7m7/D5bw4c4 oTMvvmM4vPHKObnJ3oaeK8uKsCWCMaZJ6Fb1estHxXS65BwCpZXxVpiRuw== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 375272677372619443899212023919024943851122 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384) . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'E5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-14 23:13:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-12 23:13:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'clf.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 0004e07d44140f328421516a82766bb9bbfc3e5bc38738a1332fbe6338bcf1ca39b9c9de869e2bcb8ab0258231a649e856f57acb47c574bae41c02a595f1569891bb . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c4909214c6d3ae426eb8acc7d04842bd17b3b6a6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9f2b5fcf3c214f9d04b7ed2b2cc4c6708bd2d70d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://e5.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://e5.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clf.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heathfield.clf.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.heathfield.clf.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000190193e64b200000403004730450220795123b1193600123133bf4dbb46d8c2123b8699ca75def2035d0da197d02cb00221008a73829f2599dfeed847e475ebfd2bac6355fc8bd86bca8cf62c188aa754114f0075001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca00000190193e64f40000040300463044022075efe8196c185f93adb86f3c6f412b4713a2e346d741932d6213d9b178f1dce302202730982b9b9c80a61b25ef1c4cab627a935d2a37623f46132a6ec23e67e24dd8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384) . . . . [c:0|t:3|false] BIT STRING (824 bits) . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38606664287007618731900038813206879295776656618997827827143464212582093113609920317335475836060871993240355513191347 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 14890441029095642007801102191817484669412320274920574970705045344147906390635657401790750963467430651737455776793532