DV SSL/TLS Certificate for www.doma.market

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the www.doma.market DV SSL/TLS Certificate

This certificate with serial number 06:9b:20:14:03:51:47:6b:31:b2:af:3e:3b:b0:4f:00:8c:f2 for www.doma.market was issued on by Let's Encrypt.

With 5 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.doma.market provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:9b:20:14:03:51:47:6b:31:b2:af:3e:3b:b0:4f:00:8c:f2
Serial Number (int): 575460121672396042721114496186862102678770
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: fc:46:7d:13:0f:4d:cb:cb:14:d0:09:f6:f4:ee:c5:86:88:af:ab:ad
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): cc:6d:6d:6d:55:e5:53:c2:07:e8:91:16:a3:89:78:c0:8f:3a:14:c1
Fingerprint (SHA-256): 1e:1f:ad:36:9a:3b:fb:b5:9a:4a:0d:d8:8e:82:d8:b8:80:a4:d8:54:99:83:93:02:a2:75:3c:97:f8:d4:d2:e7

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/115.crl

Check the revocation status for certificate www.doma.market
5
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.doma.market

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for www.doma.market in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISBpsgFANRR2sxsq8+O7BPAIzyMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjE4MDMxMzA5WhcNMjUwOTE2MDMxMzA4WjAaMRgwFgYDVQQD
Ew93d3cuZG9tYS5tYXJrZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLKEWaBvKbFHRO/eBjEMkfej6eHLpFujTW9JrLx6kQkpbUX8sbq6eE+sTnQsHQ
QweeWaf583QIKAWmHMMiggHyCoUGShlNqw2gCairUFmOqjoF8XTEI2/1d4Xzs+4d
NT8CVHNzFMXc8PYTOCXgg30fTdOFNVHSoC2egACjOGKMDeEhxG2FwRz3gS80NV5H
csk1PaY5IhJFpLPwx/j9UUOdigue/nCgs4kw+ZrN/fM7jM5rTPky+hAcbX5vHBNm
4aV7LMBMC/mc3aPA8rYuzJ+RoLYV5CBMNO8sXF2V8g3jY9LY4KO+QSjidFF/4/ls
2UHIMt0UjV8iyiz2hRelApsJAgMBAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFPxGfRMPTcvLFNAJ9vTuxYaIr6utMB8GA1UdIwQYMBaAFLu8w0el5Lyp
xsOkcgwQjaI14cjoMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMC5pLmxlbmNyLm9yZy8wYgYDVR0RBFswWYISY3BhbmVsLmRvbWEubWFya2V0
ggtkb21hLm1hcmtldIIQbWFpbC5kb21hLm1hcmtldIITd2ViZGlzay5kb21hLm1h
cmtldIIPd3d3LmRvbWEubWFya2V0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1Ud
HwQoMCYwJKAioCCGHmh0dHA6Ly9yMTAuYy5sZW5jci5vcmcvMTE1LmNybDCCAQMG
CisGAQQB1nkCBAIEgfQEgfEA7wB2AO08S9boBsKkogBX28sk4jgB31Ev7cSGxXAP
IN23Pj/gAAABl4E8Q0YAAAQDAEcwRQIgANG2um3LGxNaoU20yJ5kiDKz/qpsQMwU
a+igF8ne6U4CIQDG2zzvOgqB1dRRe0h79YY/FLVjEP3D6/D8gYR7icv+ngB1AA3h
8jAr0w3BQGISCepVLvxHdHyx1+kw7w5CHrR+Tqo0AAABl4E8Q1YAAAQDAEYwRAIg
KZFejIe9CzbSpqBbDi1eHAsDCol684t0zeo72bKSZlcCIGGslEDn0MmnvtdmzISp
4t2RnE4UQRbcz+XQnTJGGNGbMA0GCSqGSIb3DQEBCwUAA4IBAQCZwo6Cwb1Hru47
GzFLVXUhUeG9hTc4vOuPEsP5sg9RNCf3KN5gnUDsGLoPOAPknJnjG4UxvZlHlEcE
OwStURBSEuUd3vx6bOWBOlMIrKuDQbdKinZWbnWjRiSiB7+kSZjFgUekNVSs6Fl8
2HIl9u4OMyRZhfq+OBhgVOMER7CAOV9VRZQKu05CHKhsmXKOyrizjMSLJcU6HcaM
1KU3PZAOM21KC+rTXXcBhSpS4Bj36bYQN3DCPhqnxHw2bT1M2AtTiXjKlTOVQpnU
SGIdZoySXKLJCMkh+UQalVno1dukryF8R8egXAQ/Z6lQMcREdtDTv5eTo5regTgk
ti8sV+L/
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyhFmgbymxR0Tv3gYxDJ
H3o+nhy6Rbo01vSay8epEJKW1F/LG6unhPrE50LB0EMHnlmn+fN0CCgFphzDIoIB
8gqFBkoZTasNoAmoq1BZjqo6BfF0xCNv9XeF87PuHTU/AlRzcxTF3PD2Ezgl4IN9
H03ThTVR0qAtnoAAozhijA3hIcRthcEc94EvNDVeR3LJNT2mOSISRaSz8Mf4/VFD
nYoLnv5woLOJMPmazf3zO4zOa0z5MvoQHG1+bxwTZuGleyzATAv5nN2jwPK2Lsyf
kaC2FeQgTDTvLFxdlfIN42PS2OCjvkEo4nRRf+P5bNlByDLdFI1fIsos9oUXpQKb
CQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 575460121672396042721114496186862102678770
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-18 03:13:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-16 03:13:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.doma.market'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25646234713034038989795346608589724883948356715870443320629444429577014858094197904850586109208553575118603024849255050364285509792650557807508744691608528506009657886588778582547418328546744865972676360464541408014342370868378067526748666992620690670396537634545124154961213420750031220798502100266634214216792005714998852616997742180164689386335200579241875455168654087002803483489275687851823034684929790043198657562191196656939374387047682942727536761471931560702299415143628060091617700350213414675545534460876974007945418554303728224781133196119379858259496844610085296992368326480264586627392033832699844270857
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fc467d130f4dcbcb14d009f6f4eec58688afabad
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.doma.market'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'doma.market'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.doma.market'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.doma.market'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.doma.market'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/115.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe000000197813c43460000040300473045022000d1b6ba6dcb1b135aa14db4c89e648832b3feaa6c40cc146be8a017c9dee94e022100c6db3cef3a0a81d5d4517b487bf5863f14b56310fdc3ebf0fc81847b89cbfe9e0075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197813c43560000040300463044022029915e8c87bd0b36d2a6a05b0e2d5e1c0b030a897af38b74cdea3bd9b2926657022061ac9440e7d0c9a7bed766cc84a9e2dd919c4e144116dccfe5d09d324618d19b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0099c28e82c1bd47aeee3b1b314b55752151e1bd853738bceb8f12c3f9b20f513427f728de609d40ec18ba0f3803e49c99e31b8531bd99479447043b04ad51105212e51ddefc7a6ce5813a5308acab8341b74a8a76566e75a34624a207bfa44998c58147a43554ace8597cd87225f6ee0e33245985fabe38186054e30447b080395f5545940abb4e421ca86c99728ecab8b38cc48b25c53a1dc68cd4a5373d900e336d4a0bead35d7701852a52e018f7e9b6103770c23e1aa7c47c366d3d4cd80b538978ca9533954299d448621d668c925ca2c908c921f9441a9559e8d5dba4af217c47c7a05c043f67a95031c44476d0d3bf9793a39ade813824b62f2c57e2ff