www.cyswllt.cwmarian.org.uk
Issued by R11
About this certificate
This digital certificate with serial number 03:2d:d6:92:75:a5:73:4c:c9:11:b9:a6:e2:53:20:bb:03:32 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.cyswllt.cwmarian.org.uk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:2d:d6:92:75:a5:73:4c:c9:11:b9:a6:e2:53:20:bb:03:32Serial Number (int): 276934779559312542923472172039516955804466
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 53:96:89:93:c6:e6:3f:7c:e4:c5:02:2e:51:69:b8:9f:10:18:b3:b4
AuthorityKeyId: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9
Fingerprint (sha1): 06:ef:f0:31:17:eb:3b:e0:e8:14:83:91:b1:f1:77:45:7e:e6:56:65
Fingerprint (sha256): 01:15:d2:eb:94:42:8d:2a:ef:5d:f7:2a:38:9b:ab:32:1c:8f:57:61:85:2c:26:72:49:24:17:cb:44:4a:81:6f
Issuing Certificate URL: http://r11.i.lencr.org/
Revocation information
OCSP Server: http://r11.o.lencr.orgCheck the revocation status for certificate www.cyswllt.cwmarian.org.uk
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cyswllt.cwmarian.org.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.30c382a52a7cb95d5d8c7a17ddf845ec-14804.sites.k-hosting.co.uk
30c382a52a7cb95d5d8c7a17ddf845ec-14804.sites.k-hosting.co.uk
cyswllt.cwmarian.org.uk
www.cyswllt.cwmarian.org.uk
30c382a52a7cb95d5d8c7a17ddf845ec-14804.sites.k-hosting.co.uk
cyswllt.cwmarian.org.uk
www.cyswllt.cwmarian.org.uk
Other certificates including the domain name cwmarian.org.uk
(limited to 100 certificates)
www.cyswllt.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
mail.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
www.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
www.cwmarian.org.uk
www.cwmarian.org.uk
cwmarian.org.uk
www.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
mail.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
mail.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
www.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
www.cwmarian.org.uk
www.cwmarian.org.uk
cwmarian.org.uk
www.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
mail.cwmarian.org.uk
cwmarian.org.uk
cwmarian.org.uk
Certificate
The complete raw certificate details for www.cyswllt.cwmarian.org.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgISAy3WknWlc0zJEbmm4lMguwMyMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjQwNjA5MDk1MjQ5WhcNMjQwOTA3MDk1MjQ4WjAmMSQwIgYDVQQD Ext3d3cuY3lzd2xsdC5jd21hcmlhbi5vcmcudWswggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCfLMu65KMUjencNSmLw+ya4L6nT87G3bSIIW0nzsMd9OUi ZTWIkMQDOGTVXVhyS6eWDUYFov3DQJ/MY7v4Qn6q4cN1HfgfseZSpmLWVM1bYVKI UkCjSyQDFut4muO20x+ctPmcsM80RilTmi7dvP0g5O8daL+WW6pnDZztrQZka7ke n1DeHzDDR3X2ZurZpjTMA7ZEpSilfekIrGLwMiZPTK/9EoJlIAcL+Dp6WrFiEDrP hxhT7RD+cvWTKzXw/h11R8hK/sKEvtLJiMVa1W1fyKM4FRef6wzbH2FGN5gWdT+J zUEzzKYgNe0x4Xjb+/FetEvdJthOtzqzgMfVIHEPAgMBAAGjggK5MIICtTAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFFOWiZPG5j985MUCLlFpuJ8QGLO0MB8GA1UdIwQY MBaAFMXPRqTq9MPAemyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAiBggrBgEF BQcwAYYWaHR0cDovL3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDov L3IxMS5pLmxlbmNyLm9yZy8wgb8GA1UdEQSBtzCBtII+Ki4zMGMzODJhNTJhN2Ni OTVkNWQ4YzdhMTdkZGY4NDVlYy0xNDgwNC5zaXRlcy5rLWhvc3RpbmcuY28udWuC PDMwYzM4MmE1MmE3Y2I5NWQ1ZDhjN2ExN2RkZjg0NWVjLTE0ODA0LnNpdGVzLmst aG9zdGluZy5jby51a4IXY3lzd2xsdC5jd21hcmlhbi5vcmcudWuCG3d3dy5jeXN3 bGx0LmN3bWFyaWFuLm9yZy51azATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisG AQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s5 2IRzAAABj/yhIDMAAAQDAEcwRQIhAJ8V7v9fuAwpisHxqTrwU4ubdPGH0wUdu6NR q2xQsrI/AiB7U/FyOrHyAHx7pCUq7kWJmidLDBJOHnnbCGg6NrGdagB2AD8XS0/X IkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABj/yhIEEAAAQDAEcwRQIgEMFV o31KgMEbRd3QjVFGgS9ulR3f5X1gNJXvy0qayFUCIQC9NN7lYo8h6BRkzShmscYC Gzo3BOTeE39xNsTevBlFrDANBgkqhkiG9w0BAQsFAAOCAQEAljN7TqlWebv0Fj+C vM0z8NNkyUxmE+25g1zrgZsgt4wToLvXcrwyMjIgXLyYH9AtXlIUvC2wDB0l7Jm7 e7JSAY/hcR9ySea7qfkY4MGxBwdz9jOlywL3+abiow/AbrtVhV1J4EfYdVLy1oSO uxvNTV/52t1eD71EMyZ0Lxxa4lTqIN7XvuCdEnUTgZFbxSe6MfDNNjtxdT3StmOB jStonH/PJB8jokedom41NGhbwxoXFxmmvjmWzN8oMQWdAlCpwMg2SRdRnJroYdPH MHyA8WNozIAZYUUYkjyn/fPeFRChYwrElYX6fblze+EsNqEV8EdPlNRSp8ANckhh 9QnQpg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyzLuuSjFI3p3DUpi8Ps muC+p0/Oxt20iCFtJ87DHfTlImU1iJDEAzhk1V1Yckunlg1GBaL9w0CfzGO7+EJ+ quHDdR34H7HmUqZi1lTNW2FSiFJAo0skAxbreJrjttMfnLT5nLDPNEYpU5ou3bz9 IOTvHWi/lluqZw2c7a0GZGu5Hp9Q3h8ww0d19mbq2aY0zAO2RKUopX3pCKxi8DIm T0yv/RKCZSAHC/g6elqxYhA6z4cYU+0Q/nL1kys18P4ddUfISv7ChL7SyYjFWtVt X8ijOBUXn+sM2x9hRjeYFnU/ic1BM8ymIDXtMeF42/vxXrRL3SbYTrc6s4DH1SBx DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 276934779559312542923472172039516955804466 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-09 09:52:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-07 09:52:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cyswllt.cwmarian.org.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20093980131990327804313029350714359140420313765482458264888907303766072208769545329027448581787671672083742379918548155336209228119833886272843429390529658674534304453497841503165563290419430022114277268819045981385469905000932958769702158702523543870558135836217751665071428190417679607392923432729812095696350366976237591579653704769177187500635295517043840408785409801871490122657047690959031393317454358133405780716100186808487571889394625952565346235688174840678058550120101740694731775845882614038634578957689962947969091610307832491683946339932573812895763199219795561816245407665614296126682313423741528338703 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 53968993c6e63f7ce4c5022e5169b89f1018b3b4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (183 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.30c382a52a7cb95d5d8c7a17ddf845ec-14804.sites.k-hosting.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '30c382a52a7cb95d5d8c7a17ddf845ec-14804.sites.k-hosting.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cyswllt.cwmarian.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cyswllt.cwmarian.org.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ffca1203300000403004730450221009f15eeff5fb80c298ac1f1a93af0538b9b74f187d3051dbba351ab6c50b2b23f02207b53f1723ab1f2007c7ba4252aee45899a274b0c124e1e79db08683a36b19d6a0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ffca120410000040300473045022010c155a37d4a80c11b45ddd08d5146812f6e951ddfe57d603495efcb4a9ac855022100bd34dee5628f21e81464cd2866b1c6021b3a3704e4de137f7136c4debc1945ac . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0096337b4ea95679bbf4163f82bccd33f0d364c94c6613edb9835ceb819b20b78c13a0bbd772bc323232205cbc981fd02d5e5214bc2db00c1d25ec99bb7bb252018fe1711f7249e6bba9f918e0c1b1070773f633a5cb02f7f9a6e2a30fc06ebb55855d49e047d87552f2d6848ebb1bcd4d5ff9dadd5e0fbd443326742f1c5ae254ea20ded7bee09d12751381915bc527ba31f0cd363b71753dd2b663818d2b689c7fcf241f23a2479da26e3534685bc31a171719a6be3996ccdf2831059d0250a9c0c8364917519c9ae861d3c7307c80f16368cc8019614518923ca7fdf3de1510a1630ac49585fa7db9737be12c36a115f0474f94d452a7c00d724861f509d0a6