DV SSL/TLS Certificate for www.madrona.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the www.madrona.org DV SSL/TLS Certificate

This certificate with serial number 06:39:7e:f3:f6:d9:76:0a:92:94:34:10:25:be:1c:85:b6:38 for www.madrona.org was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.madrona.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:39:7e:f3:f6:d9:76:0a:92:94:34:10:25:be:1c:85:b6:38
Serial Number (int): 542238559967362301436778138814099476559416
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 34:ee:6c:be:39:5f:77:8a:ed:ef:48:f0:ce:5a:52:52:44:61:00:ef
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 69:74:f4:96:f4:1a:83:bb:36:d8:9b:c2:29:32:4f:13:c4:04:29:07
Fingerprint (SHA-256): ae:fb:55:2d:76:e1:05:ac:be:56:5c:04:76:b0:09:b2:36:e5:42:67:7a:65:74:40:98:f7:81:2e:67:a0:a7:c5

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/57.crl

Check the revocation status for certificate www.madrona.org
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.madrona.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.madrona.org

X.509 Certificate

The complete raw X.509 certificate details for www.madrona.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgISBjl+8/bZdgqSlDQQJb4chbY4MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTE2MTU1OTM1WhcNMjUwODE0MTU1OTM0WjAaMRgwFgYDVQQD
Ew93d3cubWFkcm9uYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCRPvOEc9qGWTd+w+QfqZLFSkvE/8aR2tpEC6Zm8KUWbnAoYotSXnhWhhYyKaxS
HWE4E+1qPSIfKjKdcBQw+FfA40WESOPap4DJ4ouNKVVyWBqkrRyfcOUcZ4w+eq7U
INdreHhfNaa9XoK3+a8zYJePrxBEqkB7k4yM6WFAhgrmzREKBmJScdeCtiylX5Rc
3PoNHS02CNIEeLAO0sVFslXhDrz/EbRns3fQ9npMh0+z+7VPsH5IPA6Rl9J5HGKY
1Bsuu1wVocsK15OjwDBehgNQzOiMdsgEEEsseEvuW3maSTl0s1feVgoSgwq+gjih
KpaLEqM8Mj62kAhfUvTwxYNvAgMBAAGjggIfMIICGzAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFDTubL45X3eK7e9I8M5aUlJEYQDvMB8GA1UdIwQYMBaAFMXPRqTq9MPA
emyVxC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMS5pLmxlbmNyLm9yZy8wGgYDVR0RBBMwEYIPd3d3Lm1hZHJvbmEub3JnMBMG
A1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTEu
Yy5sZW5jci5vcmcvNTcuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7TxL
1ugGwqSiAFfbyyTiOAHfUS/txIbFcA8g3bc+P+AAAAGW2ggaBwAABAMASDBGAiEA
urQPL78Zyg6JTENM0tVxVY1ftCbg3dt2/CWkfUenCHMCIQCHpzJomvIuEI2Dhkx6
9j88sEGkfDVM6fQs0yCFR0XeeAB1ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAF
hOvlhiY6AAABltoIIekAAAQDAEYwRAIgC3K6nKolUTM1lKkPnUaT4kX3G2sNZArL
1uHBJDyolGACIHYqBQa7vmSSaMSt0dc2B/BFBoKSgioGkJHDWWuXd3AWMA0GCSqG
SIb3DQEBCwUAA4IBAQATayCeEdWY2/gzgzC5nqeBnAqD7qF7G/j8sP+6AFFABgH2
LYTtgHEtgyoN+WJ5ZJ6TXYQ/TZsoXnhXEVgz5CXuBH1ey4xruTleArszYtKTvhHT
Jaaq2W5ZVUx+Xn02+28+eN5o1JcOJlsVUgP32HdkEMDrCxaXqCNxBNJY0pDzucoJ
1tnhs85tbIckQd8cc8jH+Z3BMInUQ7Gkfw5D9uWTZqtE6izeRFrstRANjBLgWRLj
i1mRWHDavJFycyuatxWW4ebZ+UEKXrt96bZSDPER2mGHzwDUI09/FYeYM1LMSAcI
ook7F9RoViGiHFBun79iHm42+EYE5FIanKbD0x98
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT7zhHPahlk3fsPkH6mS
xUpLxP/GkdraRAumZvClFm5wKGKLUl54VoYWMimsUh1hOBPtaj0iHyoynXAUMPhX
wONFhEjj2qeAyeKLjSlVclgapK0cn3DlHGeMPnqu1CDXa3h4XzWmvV6Ct/mvM2CX
j68QRKpAe5OMjOlhQIYK5s0RCgZiUnHXgrYspV+UXNz6DR0tNgjSBHiwDtLFRbJV
4Q68/xG0Z7N30PZ6TIdPs/u1T7B+SDwOkZfSeRximNQbLrtcFaHLCteTo8AwXoYD
UMzojHbIBBBLLHhL7lt5mkk5dLNX3lYKEoMKvoI4oSqWixKjPDI+tpAIX1L08MWD
bwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 542238559967362301436778138814099476559416
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-16 15:59:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-14 15:59:34 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.madrona.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18335596633398146228067670289426732922411177958486021021093045917232578434230961382556338204305897637208922289849250776090013855746080644041139306339209060836708859825380071491992803372362218947889361777702749075914233263719570784381993509286799769878476805841631670423404040373663319228113073030872675622445057044467894107939114953261481304434640859486970525021334551121341313931069594922844243143119112116299936460151138035445407114591935740978096400383367540532963187709153213525789661331601932267553073598511406287396957296468247891409467213437857732274241383544127762488960391436604091797253336796752307196101487
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							34ee6cbe395f778aedef48f0ce5a5252446100ef
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.madrona.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/57.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe000000196da081a070000040300483046022100bab40f2fbf19ca0e894c434cd2d571558d5fb426e0dddb76fc25a47d47a7087302210087a732689af22e108d83864c7af63f3cb041a47c354ce9f42cd320854745de7800750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196da0821e9000004030046304402200b72ba9caa2551333594a90f9d4693e245f71b6b0d640acbd6e1c1243ca894600220762a0506bbbe649268c4add1d73607f045068292822a069091c3596b97777016
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00136b209e11d598dbf8338330b99ea7819c0a83eea17b1bf8fcb0ffba0051400601f62d84ed80712d832a0df96279649e935d843f4d9b285e7857115833e425ee047d5ecb8c6bb9395e02bb3362d293be11d325a6aad96e59554c7e5e7d36fb6f3e78de68d4970e265b155203f7d8776410c0eb0b1697a8237104d258d290f3b9ca09d6d9e1b3ce6d6c872441df1c73c8c7f99dc13089d443b1a47f0e43f6e59366ab44ea2cde445aecb5100d8c12e05912e38b59915870dabc9172732b9ab71596e1e6d9f9410a5ebb7de9b6520cf111da6187cf00d4234f7f1587983352cc480708a2893b17d4685621a21c506e9fbf621e6e36f84604e4521a9ca6c3d31f7c