tkg.vn

Issued by R3

About this certificate

This digital certificate with serial number 04:49:13:61:d2:1c:30:e2:75:9f:36:d1:3a:76:62:a1:07:ec was issued on by Let's Encrypt.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=tkg.vn

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:49:13:61:d2:1c:30:e2:75:9f:36:d1:3a:76:62:a1:07:ec
Serial Number (int): 373315519758524220069597792902069887240172
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 17:1a:c7:d2:6f:39:97:29:97:34:95:02:e3:67:8b:15:b2:d3:61:19
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 01:70:1a:ee:b7:45:36:6e:18:7b:dc:eb:d0:e2:0a:8f:99:a0:0b:18
Fingerprint (sha256): 26:0f:f1:f4:19:e5:3f:94:e5:56:9f:b1:56:a9:5c:69:da:a1:5a:c3:b3:ff:2c:12:ba:6a:6b:30:1a:21:cf:ab

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate tkg.vn

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for tkg.vn

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

tkg.vn

Other certificates including the domain name tkg.vn

(limited to 100 certificates)
tkg.vn
tkg.vn
tkg.vn

Certificate

The complete raw certificate details for tkg.vn in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgISBEkTYdIcMOJ1nzbROnZioQfsMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMTAxNTU3MjVaFw0yNDA2MDgxNTU3MjRaMBExDzANBgNVBAMT
BnRrZy52bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANYbAhu0koBk
c0TFRG6XNdD4cllgFs9ZfAy5dEOglD2CtbdjitYfa1fsSez2F7ngVyjk4vSbs0ja
8SDLIgv8v16LG3fl0Rr4WANPt1WTY/MDSBS2cA3WD4VXeUFA/dsWsJUc/1pjEZ39
KiDzMsKJcRvFcgSmPBzlYfvPGB9hyI5VXHpSW0+ePjdqhztEaQB4kai3yue2XpSu
akbF7o65rKcrXSY5cPMCndMb+vPeJwW7nmiDaT39yOs5Mn925VAhdmzupyX1JK4I
mU7wUOE8YdlC3QRJIvi9DDus1hTZEWmP4IO+D2ttgr6eTpDB1YqHm3q6cfFWZU34
nnzyfPo4MUUCAwEAAaOCAgkwggIFMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUFxrH
0m85lymXNJUC42eLFbLTYRkwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wEQYDVR0R
BAowCIIGdGtnLnZuMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE
AgSB9gSB8wDxAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO
KUw68QAABAMARzBFAiEA15I8hLgeJs4iLxPT1Uvgwv0YyzD1Ue6RUEUjLGk7xP8C
IDkIFh81IUN0O5Bx8BYJjFG1xXwfLU4HrKalJ91u0fQVAHcA7s3QZNXbGs7FXLed
tM0TojKHRny87N7DUUhZRnEftZsAAAGOKUw69QAABAMASDBGAiEA9TWdI/G+ZyQX
XyTEIdd6LrSI/ir+9T1i0r5o3DqXc94CIQDRv8JWiCYDd3oTzTRhqR7gAxwAF60j
lU37qSXDFOB5lTANBgkqhkiG9w0BAQsFAAOCAQEAKqbBESztQwHT282w//mXHmP3
ZEgBAoSpIFuao9gjz0M0uSWy9guF2JzSKFjWEO5dvIbiuMG2Pf2OfDGcw6olr32z
0kmG3I93z4JUVYTk4kXbP/IrFqoGhOFk5bRODtm03z1VKfsJucTq1VhRlzA/bWD1
JqLdPN3SlQyunInXHAS2I+3KJjmbdV4sAzOp59VT6Hs15z8bRcCpHKs12wzrjGrF
VjA1P27W4n/Br5MWtDoz+8pAWk+pGtfBPtAesAqkWM7G4O9BnyoGpuwonkDnMuzX
Z5jlukpvN/oyclTscMkc53odhrFkx9jYLb67dCL9YjPviGb5XlmVLv84nzvUPQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hsCG7SSgGRzRMVEbpc1
0PhyWWAWz1l8DLl0Q6CUPYK1t2OK1h9rV+xJ7PYXueBXKOTi9JuzSNrxIMsiC/y/
Xosbd+XRGvhYA0+3VZNj8wNIFLZwDdYPhVd5QUD92xawlRz/WmMRnf0qIPMywolx
G8VyBKY8HOVh+88YH2HIjlVcelJbT54+N2qHO0RpAHiRqLfK57ZelK5qRsXujrms
pytdJjlw8wKd0xv6894nBbueaINpPf3I6zkyf3blUCF2bO6nJfUkrgiZTvBQ4Txh
2ULdBEki+L0MO6zWFNkRaY/gg74Pa22Cvp5OkMHVioeberpx8VZlTfiefPJ8+jgx
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 373315519758524220069597792902069887240172
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 15:57:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-08 15:57:24 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tkg.vn'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27028315519916686627349965056489142344912446668445174210923129859199719704248554680732282284252381898336787085085300796532753292547884349061762108973445040652342126363897465743039063325602224773689600570455061331998884411814867827682644253551396463466470219497041048045396492534109985043543990263191107426338385953314528158246571460356734885488905817209501518809815470971050166398592987173433808464634536367853646484101601142415962978748927415413796312794641899439329531216834334036340260444885630724968514016687632853855350057302757062524924892338648047927799903611677719667601654737576661612441436248869051567714629
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							171ac7d26f39972997349502e3678b15b2d36119
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (10 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tkg.vn'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e294c3af10000040300473045022100d7923c84b81e26ce222f13d3d54be0c2fd18cb30f551ee915045232c693bc4ff02203908161f352143743b9071f016098c51b5c57c1f2d4e07aca6a527dd6ed1f415007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e294c3af50000040300483046022100f5359d23f1be6724175f24c421d77a2eb488fe2afef53d62d2be68dc3a9773de022100d1bfc256882603777a13cd3461a91ee0031c0017ad23954dfba925c314e07995
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002aa6c1112ced4301d3dbcdb0fff9971e63f76448010284a9205b9aa3d823cf4334b925b2f60b85d89cd22858d610ee5dbc86e2b8c1b63dfd8e7c319cc3aa25af7db3d24986dc8f77cf82545584e4e245db3ff22b16aa0684e164e5b44e0ed9b4df3d5529fb09b9c4ead5585197303f6d60f526a2dd3cddd2950cae9c89d71c04b623edca26399b755e2c0333a9e7d553e87b35e73f1b45c0a91cab35db0ceb8c6ac55630353f6ed6e27fc1af9316b43a33fbca405a4fa91ad7c13ed01eb00aa458cec6e0ef419f2a06a6ec289e40e732ecd76798e5ba4a6f37fa327254ec70c91ce77a1d86b164c7d8d82dbebb7422fd6233ef8866f95e59952eff389f3bd43d