DV SSL/TLS Certificate for klapjes.nl

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the klapjes.nl DV SSL/TLS Certificate

This certificate with serial number 05:88:ee:5f:5b:16:9c:34:86:5e:83:51:2a:94:31:0b:29:71 for klapjes.nl was issued on by Let's Encrypt.

With 5 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for klapjes.nl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:88:ee:5f:5b:16:9c:34:86:5e:83:51:2a:94:31:0b:29:71
Serial Number (int): 482156682938737871718345399437146974792049
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 4c:4c:b0:68:a2:41:83:b5:e6:70:9a:66:e5:ba:56:29:db:21:8a:86
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 2f:c6:9a:d8:bd:5b:99:7d:ce:72:19:ab:6f:ba:89:69:bf:e4:8c:9d
Fingerprint (SHA-256): 00:90:da:44:1a:8b:b7:7e:3d:81:f2:76:51:c0:c3:c9:7e:d6:e0:a4:1f:4d:20:1f:34:7b:64:49:ae:51:0e:f8

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/114.crl

Check the revocation status for certificate klapjes.nl
5
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for klapjes.nl

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for klapjes.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgISBYjuX1sWnDSGXoNRKpQxCylxMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTIzMDQzODQ0WhcNMjUwODIxMDQzODQzWjAVMRMwEQYDVQQD
EwprbGFwamVzLm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0BIT
r9HPkGeCXr43DfX51kOLxHXOaZKrAK4xFwA/iTPG+R72DYhK/a0UEA4DcYxIbvP1
D0X7Vz4JKDBBc9zy2iG2pd6M9YExdDPiinxvnhghmuxW34twNqmuJFEDY2XJZUNC
foTrUSZco3vcZo7OSjQ5x+D6I38vs8hxL2mpGvPdREN40rqd8BPBIx6uEo7wrvPL
XP+iqSBnWcqhIaCzNUyql77577xciqxsi9WqPlmxlWwdmjt3GpddNaJFTsMBMcPn
jODm/uQihvFDboFvl5OwV4UVAmablKfsvzZZVdnLW/HivYejHvL3rDApP8ft0qt6
YoxT5PUSMZssoe9zBQzp5e2CwGff80G8bnMj1+VxoQvRJMoqNw0TJSlaP+YLjMhh
yOzzJuRiYrAXrBFKtcZp4jVUJMgJzF/GfDdMH0CC4JaGdliJPXFiy0Yscav+ievE
WIOg89L8TgBKTWwE84JG9Wr9bAPsetlqWRF0Fa5rmTxWLh6pGnges5d3jYJsbwpp
3u8yGRu/sB4HMCn6FmdEydqclLZOhKKur+JDPPa5AWOSdxl7x+C3AE8v1i/yAEAY
ag9LrOEHZIV7k21iqrf4/VhBxC6Gvrh8cbVeBJKACNmIUHbsrvgTrikZYgAH6ORW
7X0zQAalQYQZww/iMSySCJp0OYofR4J0kp/plB0CAwEAAaOCAmgwggJkMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQUTEywaKJBg7XmcJpm5bpWKdshioYwHwYDVR0jBBgw
FoAUxc9GpOr0w8B6bJXELbBeki8m47kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUF
BzAChhdodHRwOi8vcjExLmkubGVuY3Iub3JnLzBiBgNVHREEWzBZggprbGFwamVz
Lm5sgg9tYWlsLmtsYXBqZXMubmyCEnBvZGNhc3Qua2xhcGplcy5ubIIOd3d3Lmts
YXBqZXMubmyCFnd3dy5wb2RjYXN0LmtsYXBqZXMubmwwEwYDVR0gBAwwCjAIBgZn
gQwBAgEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3IxMS5jLmxlbmNyLm9yZy8x
MTQuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYApELFBklgYVSPD9TqnPt6
LSZFTYepfy/fRVn2J086hFQAAAGW+6VFBQAABAMARzBFAiEAxgQI0DQ3uKu8dQQh
1LpR4RlFiYcBgOAiylDCHiIPxfMCIE6FEV42F1T8VJgRP9stXeeMzA1RHRU6VRTh
+dn/yeYdAHYADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGW+6VF
BAAABAMARzBFAiB1geoXwEiEGP8uYgfnbwokYR8qYEfJx19W5FeWOyVFvQIhAK+i
1pDDRqegfwpPtNwJyJYdnMXyfbgGhj5bWMNSTXkyMA0GCSqGSIb3DQEBCwUAA4IB
AQA6H/jn67TnYl/HsWIOSfT32QbCEtRaezBoW7Pukxx3RE3lbmLIsWy4mb0tiUp9
cLUP8IQ9s46WgviiX69W8irL+vIbvnmezyFKRBvJILNVkCAL6lkkYGz0clvyYwzF
hAvedDdGTwjWdLpnYxBlR/mW8oOkKRVZ2fvYtPhOcBCETMWaziYFuOqAioY82uJ5
qADDjxN9XgBIj/eqEF/DUqGaJXIWFHwf6aNvb85m54YxvGZ+I2rrYm+D4i7uONnc
LxYIchEw5SJSN12nuiHPPrsD2McRpr2i5hKfivJ0iZoXNb87evyF2LXTk+YI1wlF
894SG9nqQivUuRACyzMSyYUU
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0BITr9HPkGeCXr43DfX5
1kOLxHXOaZKrAK4xFwA/iTPG+R72DYhK/a0UEA4DcYxIbvP1D0X7Vz4JKDBBc9zy
2iG2pd6M9YExdDPiinxvnhghmuxW34twNqmuJFEDY2XJZUNCfoTrUSZco3vcZo7O
SjQ5x+D6I38vs8hxL2mpGvPdREN40rqd8BPBIx6uEo7wrvPLXP+iqSBnWcqhIaCz
NUyql77577xciqxsi9WqPlmxlWwdmjt3GpddNaJFTsMBMcPnjODm/uQihvFDboFv
l5OwV4UVAmablKfsvzZZVdnLW/HivYejHvL3rDApP8ft0qt6YoxT5PUSMZssoe9z
BQzp5e2CwGff80G8bnMj1+VxoQvRJMoqNw0TJSlaP+YLjMhhyOzzJuRiYrAXrBFK
tcZp4jVUJMgJzF/GfDdMH0CC4JaGdliJPXFiy0Yscav+ievEWIOg89L8TgBKTWwE
84JG9Wr9bAPsetlqWRF0Fa5rmTxWLh6pGnges5d3jYJsbwpp3u8yGRu/sB4HMCn6
FmdEydqclLZOhKKur+JDPPa5AWOSdxl7x+C3AE8v1i/yAEAYag9LrOEHZIV7k21i
qrf4/VhBxC6Gvrh8cbVeBJKACNmIUHbsrvgTrikZYgAH6ORW7X0zQAalQYQZww/i
MSySCJp0OYofR4J0kp/plB0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 482156682938737871718345399437146974792049
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-23 04:38:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-21 04:38:43 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'klapjes.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 848854041633152357641275292665659129640664781575905915978804220676957981549011359258568163035841655389334100658200595717136433858704081602064714351203256178887301767825314093046624556092175234613885795752442127818904157207016857297724294514611631420292210033502373968371350305240909115284108974605559838745313078290979781939147313637951802562043283825243888110905378866656157594088515622671181578150118365138759458748277931847959000960557129050120033041371547461105783421089733167179034267458849261937827704105878292291371553977891781353476847153263316486742707134330702883577225214935390209093357723082932138662664670803373894249003814373544347477887392199906088159862312564771826559761658229119002793745201844600447381811868162469468034957663838541552322622056302108037821704603812293053588014458997297294542790105814684616943718600136852640574010081676361620191531567633388212207379388879254888230133420323649217655813232609380678969566077879058400946546376669456189029320140078210262076241971485392327526818651614080612460019797548139965637468260855404627896804409219859343306974224062843315836470727874487988765886521565395240662670963743907203470013753190505696975323939835811393745938950754667250240482100325664424710569038877
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4c4cb068a24183b5e6709a66e5ba5629db218a86
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'klapjes.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.klapjes.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'podcast.klapjes.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.klapjes.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.podcast.klapjes.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/114.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a845400000196fba545050000040300473045022100c60408d03437b8abbc750421d4ba51e1194589870180e022ca50c21e220fc5f302204e85115e361754fc5498113fdb2d5de78ccc0d511d153a5514e1f9d9ffc9e61d0076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000196fba54504000004030047304502207581ea17c0488418ff2e6207e76f0a24611f2a6047c9c75f56e457963b2545bd022100afa2d690c346a7a07f0a4fb4dc09c8961d9cc5f27db806863e5b58c3524d7932
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003a1ff8e7ebb4e7625fc7b1620e49f4f7d906c212d45a7b30685bb3ee931c77444de56e62c8b16cb899bd2d894a7d70b50ff0843db38e9682f8a25faf56f22acbfaf21bbe799ecf214a441bc920b35590200bea5924606cf4725bf2630cc5840bde7437464f08d674ba6763106547f996f283a4291559d9fbd8b4f84e7010844cc59ace2605b8ea808a863cdae279a800c38f137d5e00488ff7aa105fc352a19a257216147c1fe9a36f6fce66e78631bc667e236aeb626f83e22eee38d9dc2f1608721130e52252375da7ba21cf3ebb03d8c711a6bda2e6129f8af274899a1735bf3b7afc85d8b5d393e608d70945f3de121bd9ea422bd4b91002cb3312c98514