DV SSL/TLS Certificate for bakefive.nl

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the bakefive.nl DV SSL/TLS Certificate

This certificate with serial number 06:52:e8:f8:2b:60:a7:cd:aa:0e:9d:17:bc:51:99:05:b4:13 for bakefive.nl was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for bakefive.nl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:52:e8:f8:2b:60:a7:cd:aa:0e:9d:17:bc:51:99:05:b4:13
Serial Number (int): 550886539142522900191401940117964215137299
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 64:e0:f0:24:83:27:8c:c0:67:d3:6a:6f:e1:c9:fb:51:db:71:59:ee
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 18:dc:73:f1:b0:17:a6:8c:10:ad:f3:73:63:fd:e2:72:16:f9:a6:5f
Fingerprint (SHA-256): f0:28:74:b1:76:50:cc:3d:fe:90:0a:29:70:7d:b4:7f:3c:0a:c8:04:e7:74:05:d3:ca:df:36:89:59:b6:87:91

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/20.crl

Check the revocation status for certificate bakefive.nl
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for bakefive.nl

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for bakefive.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISBlLo+Ctgp82qDp0XvFGZBbQTMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjE4MTAyNzQxWhcNMjUwOTE2MTAyNzQwWjAWMRQwEgYDVQQD
EwtiYWtlZml2ZS5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ7W
TKMW53jOxzJGXYFDryWBkhjPaPXotxYY4BOwH9QUViZm+nWMb/1j91g+GEfxOMD6
ocLJUqsuZ1DEVz+MS3bd1s1BAw7hvnUJ1EzhDhTRmPsH2D4lIYX9Dkx267YCS96g
HTMlOkH0gND1ph8oDipRRQTWfwoX7xnggiAIXv06AzNc3ox5tBTacxymP6FweuTM
qo0+LLQLNkray1tcam6L7hDU8mhCAxA8AfeGYCEniHjx/vXOIvhRLKQIn5S4nfr4
ASVUNzKX81G8/v2KMZ2DUvwDIkIzkl4RZ6ocnkxneBFzVAAORL+9IJ038xa9xvjg
b6JfpqnAqHaG01oK7I0CAwEAAaOCAiwwggIoMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUZODwJIMnjMBn02pv4cn7UdtxWe4wHwYDVR0jBBgwFoAUu7zDR6XkvKnGw6Ry
DBCNojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEw
LmkubGVuY3Iub3JnLzAnBgNVHREEIDAeggtiYWtlZml2ZS5ubIIPd3d3LmJha2Vm
aXZlLm5sMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0
dHA6Ly9yMTAuYy5sZW5jci5vcmcvMjAuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB
8gDwAHYA3dzKNJXX4RYF55Uy+sef+D0cUN/bADoUEnYKLKy7yCoAAAGXgsoXVwAA
BAMARzBFAiEAtstTvUR81oynPo6Ucl7GC6X2Lut3RbP3VWqQ1Xr61I8CIBPToo/l
uDDc9AOWkfOEiPQbqSeBc1ppps/AICFWu/A+AHYADeHyMCvTDcFAYhIJ6lUu/Ed0
fLHX6TDvDkIetH5OqjQAAAGXgsofzwAABAMARzBFAiEAuB1/99fpWRPUOFx3e5iS
M+6Q1mkttIZYe+axPoYxiesCIEMTuBxrCWDqIiUQAWfIqNB2/+jQOBee/NsT9eqQ
Vek3MA0GCSqGSIb3DQEBCwUAA4IBAQAoLTWFJkpZbcEc2pTqmSyr6wwZHDz+vArh
OMo56rETi2kxl5Dkv5EyYnciXo6pMWbGtag5rmzVd6xeB2eeUZQzWwvLFbOmaGi1
5MmApZMTGQFSiL5pnYp2dlwJ2ZxakZVv/O2pMIXPaynh6F50au5IxbAmSefBmFuo
FCi531ZL5df0L4iIF7kCo3Egiph63oZxb62OesH9BcXR1WsbySiaSPf5Tk9xA35C
vMB8+ZfERu90slNdC4xCKTwTsYtEsBvqEINsmZBJQPHPArNlTzrNLZwpbpRYvyog
zez+l5EeSe+4bi5Q6UMznbR7TFWC1qzcLjGujHXuVTnfJ5vfD6gg
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntZMoxbneM7HMkZdgUOv
JYGSGM9o9ei3FhjgE7Af1BRWJmb6dYxv/WP3WD4YR/E4wPqhwslSqy5nUMRXP4xL
dt3WzUEDDuG+dQnUTOEOFNGY+wfYPiUhhf0OTHbrtgJL3qAdMyU6QfSA0PWmHygO
KlFFBNZ/ChfvGeCCIAhe/ToDM1zejHm0FNpzHKY/oXB65MyqjT4stAs2StrLW1xq
bovuENTyaEIDEDwB94ZgISeIePH+9c4i+FEspAiflLid+vgBJVQ3MpfzUbz+/Yox
nYNS/AMiQjOSXhFnqhyeTGd4EXNUAA5Ev70gnTfzFr3G+OBvol+mqcCodobTWgrs
jQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 550886539142522900191401940117964215137299
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-18 10:27:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-16 10:27:40 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bakefive.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20051327139362188489269370763940299077229845639616528084372811523331440000493046766025239243339369120006048916263456177664215293451767507960236737350163371538394613367744951987328026385536599632407466109701599307600829541519954800002532481815564318906668199538892974670705149409902581599019085803002867307781817550866939175026842732805297912129248370960415314058252902207756701186956051303965431307087751275230194882524505208636258071998649111379024437692764668208102920450390254776492245309032510980115444920575101452457601540638403772951380382806003548466076297551160117808793320953201366541989787546310165712792717
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							64e0f02483278cc067d36a6fe1c9fb51db7159ee
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bakefive.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bakefive.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/20.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019782ca17570000040300473045022100b6cb53bd447cd68ca73e8e94725ec60ba5f62eeb7745b3f7556a90d57afad48f022013d3a28fe5b830dcf4039691f38488f41ba92781735a69a6cfc0202156bbf03e0076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa340000019782ca1fcf0000040300473045022100b81d7ff7d7e95913d4385c777b989233ee90d6692db486587be6b13e863189eb02204313b81c6b0960ea2225100167c8a8d076ffe8d038179efcdb13f5ea9055e937
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00282d3585264a596dc11cda94ea992cabeb0c191c3cfebc0ae138ca39eab1138b69319790e4bf91326277225e8ea93166c6b5a839ae6cd577ac5e07679e5194335b0bcb15b3a66868b5e4c980a5931319015288be699d8a76765c09d99c5a91956ffceda93085cf6b29e1e85e746aee48c5b02649e7c1985ba81428b9df564be5d7f42f888817b902a371208a987ade86716fad8e7ac1fd05c5d1d56b1bc9289a48f7f94e4f71037e42bcc07cf997c446ef74b2535d0b8c42293c13b18b44b01bea10836c99904940f1cf02b3654f3acd2d9c296e9458bf2a20cdecfe97911e49efb86e2e50e943339db47b4c5582d6acdc2e31ae8c75ee5539df279bdf0fa820