en.job-flow.nl
Issued by R3
About this certificate
This digital certificate with serial number 03:d7:fc:08:75:a6:77:5c:f7:d1:5d:59:e2:b4:f9:9a:44:d9 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=en.job-flow.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d7:fc:08:75:a6:77:5c:f7:d1:5d:59:e2:b4:f9:9a:44:d9Serial Number (int): 334832576062825916375334108417001478833369
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ff:48:40:f6:fa:ab:5d:d2:5f:f1:18:68:ff:ac:e1:23:9f:f3:83:c2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 4b:a0:2f:de:e3:2a:49:0c:4d:b8:57:8e:38:6d:a1:81:05:82:38:09
Fingerprint (sha256): dd:f7:a2:26:21:15:5c:6d:d7:b1:24:7c:d6:21:1e:cf:a2:55:c6:5e:70:ac:86:5b:06:f6:68:af:99:64:2a:ab
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate en.job-flow.nl
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for en.job-flow.nl
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
en.job-flow.nl
job-flow.nl
www.job-flow.nl
job-flow.nl
www.job-flow.nl
Other certificates including the domain name job-flow.nl
(limited to 100 certificates)
Certificate
The complete raw certificate details for en.job-flow.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCDCCBPCgAwIBAgISA9f8CHWmd1z30V1Z4rT5mkTZMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMjcyMjM2NDlaFw0yNDAyMjUyMjM2NDhaMBkxFzAVBgNVBAMT DmVuLmpvYi1mbG93Lm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA rrEHNf3jSEVarFARb2uUHp6YGwi2mEV0EXWcIR8UEJyBQl6Ih2t74S8ZI1k4RQ7Q m4WIgjvtFX1nsPfRrR8xn2lBp64AlOExIlOzQHmq4kSyPJYYq6VH242WFZ+/ZaAF nK6WWOfQPgWJtsQgiBHKc3ZuTnPADo/VieQ/zGRyYQygaJHseuJtjCeKrGs1dO04 8Q9GPB1LZBNQ7lcO6ta0Vb4HmAw+rmQNnLtGX4ZMuYdJUiIn74Adt+ql5atov13t OYXKZEKy/Qddg7IMawFWygIczBUZdLdRpi+g1KjsAvgYljkade66iKm81iCubo6G 9mQSDtyWwskiPqvyfPXwlW9pVjQf/E/aSi6qC7b95rb5F9yA01J2fF9jK3rdccRL Vnxi5aEZfaEGQqHHjR7SFWGtY7FSbKTXKV1t7RwIT3mMdKczHPa6UhotA2+hZCUK UQQYbeeUt9qTrpTmHzebu+THqnNWlMH9a3x5shbTBu/vRRUmF7vkjRkEej4BQLyw bzCN6MgPTXF0Wl3quhNtGEK8bZRi+6013irBGcdC3WN4CECchW/0YrcoydvaT8dh iZ+VQy4zVW2N1JkERG6YG1blKwryWUQDnBLGloKDTpEUoHvc7h/C9PN5vbQzxToZ t3UmMvsBuPx682TulHtjCI92pwonmRYrGuFiP4M+V7MCAwEAAaOCAi8wggIrMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQU/0hA9vqrXdJf8Rho/6zhI5/zg8IwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wNwYDVR0RBDAwLoIOZW4uam9iLWZsb3cubmyCC2pv Yi1mbG93Lm5sgg93d3cuam9iLWZsb3cubmwwEwYDVR0gBAwwCjAIBgZngQwBAgEw ggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwA7U3d1Pi25gE6LMFsG/kA7Z9hPw/TH vQANLXJv4frUFwAAAYwTJINNAAAEAwBIMEYCIQD1oIq4zhi36NEYgCctFt3TbaNo iUjXCTvXcoCTHyUDjQIhAMlO8gJAGzLuTG0ZnnnrYitR5b8RAFxkyzbtQOZh0QMA AHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMEySDMAAABAMA RzBFAiBkj7TodVROoZi9eq13VNja9piT4TQbmkIj3qtW952EVAIhAOMc8XE86oX3 QEV3gGt7ZkX0aGCrjcfM8pgZC+DAPqHNMA0GCSqGSIb3DQEBCwUAA4IBAQBwTCQV /TkX0Si+zwRoti/uUaNwpHygfWfOIG5qMxCLTnwgfi+25W5yKpGDAsLpOVMG7WK1 Og6e0gitQZwrwEa2Vr0Kli/LTVFQgW6He3uKaqpF64tAbUdyXQB5ZQgVRhzRrQ5O 04MFcqzfarHWKA+FgiTfkWaBDcDlPGJI4gnZaaI2FOZaHaueZwzk8KocJb+GYNRM lC1/Pt8J1Bdu+iMxiDavbTWRkasHM2ayj+jZ6mInzvpllmpI1h//95RakL2dLJCS E4Sn0KEB46NhQN4vSIZ2fYZToQwSr2hvVQUh2+jU5LEKy70vDXtTskSUDoEe11ED u2KINEoy7NUMiRKf -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArrEHNf3jSEVarFARb2uU Hp6YGwi2mEV0EXWcIR8UEJyBQl6Ih2t74S8ZI1k4RQ7Qm4WIgjvtFX1nsPfRrR8x n2lBp64AlOExIlOzQHmq4kSyPJYYq6VH242WFZ+/ZaAFnK6WWOfQPgWJtsQgiBHK c3ZuTnPADo/VieQ/zGRyYQygaJHseuJtjCeKrGs1dO048Q9GPB1LZBNQ7lcO6ta0 Vb4HmAw+rmQNnLtGX4ZMuYdJUiIn74Adt+ql5atov13tOYXKZEKy/Qddg7IMawFW ygIczBUZdLdRpi+g1KjsAvgYljkade66iKm81iCubo6G9mQSDtyWwskiPqvyfPXw lW9pVjQf/E/aSi6qC7b95rb5F9yA01J2fF9jK3rdccRLVnxi5aEZfaEGQqHHjR7S FWGtY7FSbKTXKV1t7RwIT3mMdKczHPa6UhotA2+hZCUKUQQYbeeUt9qTrpTmHzeb u+THqnNWlMH9a3x5shbTBu/vRRUmF7vkjRkEej4BQLywbzCN6MgPTXF0Wl3quhNt GEK8bZRi+6013irBGcdC3WN4CECchW/0YrcoydvaT8dhiZ+VQy4zVW2N1JkERG6Y G1blKwryWUQDnBLGloKDTpEUoHvc7h/C9PN5vbQzxToZt3UmMvsBuPx682TulHtj CI92pwonmRYrGuFiP4M+V7MCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 334832576062825916375334108417001478833369 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-27 22:36:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-25 22:36:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'en.job-flow.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 712679208123848052603838104608047049491900767387660400135704399669584584188216186030332944011639999861075995252361845783788921553111801882307615027729721424024591988629633160588481310246319204265232878535357326855965663677698932063897145758074268907240423557839234626155104831596217606163182280187051938353541602389904528536924810180941539122698964672463945643189432987147335935435826388130216449001470952415222164528928664251054615602804303971352416862851546073538090011564702938702407977485389729836436388626702473866093192231237383645676161615850679128292193468787264382426667906472766577054689165099051384036511046181990997270472297958663980417791799395072449241682566916348226977035555363360818675079342977259925296276178280035395422572396836006945953193716394906879995424731758313183762760179382966237720813037533215554832140888436234085412272974781240908367712340409784330306590260315414690604989623260787681155280592952921748663390678730470437418971696447057999426678767517908316801949897341687938690792764583744324189957672097705692112555329105676311598028619081146659689190630233262067105134920675505110096454122446408075524606076796573639821140439759683151397565167145397800648952669450254910572589793149890632675816789939 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ff4840f6faab5dd25ff11868fface1239ff383c2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'en.job-flow.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'job-flow.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.job-flow.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c1324834d0000040300483046022100f5a08ab8ce18b7e8d11880272d16ddd36da3688948d7093bd77280931f25038d022100c94ef202401b32ee4c6d199e79eb622b51e5bf11005c64cb36ed40e661d10300007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c1324833000000403004730450220648fb4e875544ea198bd7aad7754d8daf69893e1341b9a4223deab56f79d8454022100e31cf1713cea85f7404577806b7b6645f46860ab8dc7ccf298190be0c03ea1cd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00704c2415fd3917d128becf0468b62fee51a370a47ca07d67ce206e6a33108b4e7c207e2fb6e56e722a918302c2e9395306ed62b53a0e9ed208ad419c2bc046b656bd0a962fcb4d5150816e877b7b8a6aaa45eb8b406d47725d0079650815461cd1ad0e4ed3830572acdf6ab1d6280f858224df9166810dc0e53c6248e209d969a23614e65a1dab9e670ce4f0aa1c25bf8660d44c942d7f3edf09d4176efa23318836af6d359191ab073366b28fe8d9ea6227cefa65966a48d61ffff7945a90bd9d2c90921384a7d0a101e3a36140de2f4886767d8653a10c12af686f550521dbe8d4e4b10acbbd2f0d7b53b244940e811ed75103bb6288344a32ecd50c89129f