tkg.vn
Issued by R3
About this certificate
This digital certificate with serial number 04:49:13:61:d2:1c:30:e2:75:9f:36:d1:3a:76:62:a1:07:ec was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tkg.vn
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:49:13:61:d2:1c:30:e2:75:9f:36:d1:3a:76:62:a1:07:ecSerial Number (int): 373315519758524220069597792902069887240172
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 17:1a:c7:d2:6f:39:97:29:97:34:95:02:e3:67:8b:15:b2:d3:61:19
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 01:70:1a:ee:b7:45:36:6e:18:7b:dc:eb:d0:e2:0a:8f:99:a0:0b:18
Fingerprint (sha256): 26:0f:f1:f4:19:e5:3f:94:e5:56:9f:b1:56:a9:5c:69:da:a1:5a:c3:b3:ff:2c:12:ba:6a:6b:30:1a:21:cf:ab
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate tkg.vn
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tkg.vn
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tkg.vn
Other certificates including the domain name tkg.vn
(limited to 100 certificates)
Certificate
The complete raw certificate details for tkg.vn in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgISBEkTYdIcMOJ1nzbROnZioQfsMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTAxNTU3MjVaFw0yNDA2MDgxNTU3MjRaMBExDzANBgNVBAMT BnRrZy52bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANYbAhu0koBk c0TFRG6XNdD4cllgFs9ZfAy5dEOglD2CtbdjitYfa1fsSez2F7ngVyjk4vSbs0ja 8SDLIgv8v16LG3fl0Rr4WANPt1WTY/MDSBS2cA3WD4VXeUFA/dsWsJUc/1pjEZ39 KiDzMsKJcRvFcgSmPBzlYfvPGB9hyI5VXHpSW0+ePjdqhztEaQB4kai3yue2XpSu akbF7o65rKcrXSY5cPMCndMb+vPeJwW7nmiDaT39yOs5Mn925VAhdmzupyX1JK4I mU7wUOE8YdlC3QRJIvi9DDus1hTZEWmP4IO+D2ttgr6eTpDB1YqHm3q6cfFWZU34 nnzyfPo4MUUCAwEAAaOCAgkwggIFMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUFxrH 0m85lymXNJUC42eLFbLTYRkwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wEQYDVR0R BAowCIIGdGtnLnZuMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO KUw68QAABAMARzBFAiEA15I8hLgeJs4iLxPT1Uvgwv0YyzD1Ue6RUEUjLGk7xP8C IDkIFh81IUN0O5Bx8BYJjFG1xXwfLU4HrKalJ91u0fQVAHcA7s3QZNXbGs7FXLed tM0TojKHRny87N7DUUhZRnEftZsAAAGOKUw69QAABAMASDBGAiEA9TWdI/G+ZyQX XyTEIdd6LrSI/ir+9T1i0r5o3DqXc94CIQDRv8JWiCYDd3oTzTRhqR7gAxwAF60j lU37qSXDFOB5lTANBgkqhkiG9w0BAQsFAAOCAQEAKqbBESztQwHT282w//mXHmP3 ZEgBAoSpIFuao9gjz0M0uSWy9guF2JzSKFjWEO5dvIbiuMG2Pf2OfDGcw6olr32z 0kmG3I93z4JUVYTk4kXbP/IrFqoGhOFk5bRODtm03z1VKfsJucTq1VhRlzA/bWD1 JqLdPN3SlQyunInXHAS2I+3KJjmbdV4sAzOp59VT6Hs15z8bRcCpHKs12wzrjGrF VjA1P27W4n/Br5MWtDoz+8pAWk+pGtfBPtAesAqkWM7G4O9BnyoGpuwonkDnMuzX Z5jlukpvN/oyclTscMkc53odhrFkx9jYLb67dCL9YjPviGb5XlmVLv84nzvUPQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hsCG7SSgGRzRMVEbpc1 0PhyWWAWz1l8DLl0Q6CUPYK1t2OK1h9rV+xJ7PYXueBXKOTi9JuzSNrxIMsiC/y/ Xosbd+XRGvhYA0+3VZNj8wNIFLZwDdYPhVd5QUD92xawlRz/WmMRnf0qIPMywolx G8VyBKY8HOVh+88YH2HIjlVcelJbT54+N2qHO0RpAHiRqLfK57ZelK5qRsXujrms pytdJjlw8wKd0xv6894nBbueaINpPf3I6zkyf3blUCF2bO6nJfUkrgiZTvBQ4Txh 2ULdBEki+L0MO6zWFNkRaY/gg74Pa22Cvp5OkMHVioeberpx8VZlTfiefPJ8+jgx RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 373315519758524220069597792902069887240172 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 15:57:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-08 15:57:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tkg.vn' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27028315519916686627349965056489142344912446668445174210923129859199719704248554680732282284252381898336787085085300796532753292547884349061762108973445040652342126363897465743039063325602224773689600570455061331998884411814867827682644253551396463466470219497041048045396492534109985043543990263191107426338385953314528158246571460356734885488905817209501518809815470971050166398592987173433808464634536367853646484101601142415962978748927415413796312794641899439329531216834334036340260444885630724968514016687632853855350057302757062524924892338648047927799903611677719667601654737576661612441436248869051567714629 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 171ac7d26f39972997349502e3678b15b2d36119 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (10 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tkg.vn' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e294c3af10000040300473045022100d7923c84b81e26ce222f13d3d54be0c2fd18cb30f551ee915045232c693bc4ff02203908161f352143743b9071f016098c51b5c57c1f2d4e07aca6a527dd6ed1f415007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e294c3af50000040300483046022100f5359d23f1be6724175f24c421d77a2eb488fe2afef53d62d2be68dc3a9773de022100d1bfc256882603777a13cd3461a91ee0031c0017ad23954dfba925c314e07995 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002aa6c1112ced4301d3dbcdb0fff9971e63f76448010284a9205b9aa3d823cf4334b925b2f60b85d89cd22858d610ee5dbc86e2b8c1b63dfd8e7c319cc3aa25af7db3d24986dc8f77cf82545584e4e245db3ff22b16aa0684e164e5b44e0ed9b4df3d5529fb09b9c4ead5585197303f6d60f526a2dd3cddd2950cae9c89d71c04b623edca26399b755e2c0333a9e7d553e87b35e73f1b45c0a91cab35db0ceb8c6ac55630353f6ed6e27fc1af9316b43a33fbca405a4fa91ad7c13ed01eb00aa458cec6e0ef419f2a06a6ec289e40e732ecd76798e5ba4a6f37fa327254ec70c91ce77a1d86b164c7d8d82dbebb7422fd6233ef8866f95e59952eff389f3bd43d