DV SSL/TLS Certificate for kaczmarek.io

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the kaczmarek.io DV SSL/TLS Certificate

This certificate with serial number 06:9b:9a:62:29:6d:fb:f9:11:9e:51:02:8d:ed:2b:4b:65:96 for kaczmarek.io was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for kaczmarek.io provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:9b:9a:62:29:6d:fb:f9:11:9e:51:02:8d:ed:2b:4b:65:96
Serial Number (int): 575622693260042600481069438434038373901718
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: b2:d0:a4:e8:69:ca:41:9a:07:b1:74:33:1b:ab:af:be:6b:e7:9f:0c
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 26:25:b2:ac:bd:f6:c0:74:1b:92:52:d4:c5:96:7f:ae:1a:59:94:30
Fingerprint (SHA-256): 91:38:19:a2:d1:97:1d:fa:af:21:1b:d6:bb:de:1a:e7:38:bd:7c:68:92:68:d4:81:23:58:19:84:63:26:0e:a3

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/23.crl

Check the revocation status for certificate kaczmarek.io
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for kaczmarek.io

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for kaczmarek.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISBpuaYilt+/kRnlECje0rS2WWMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjAyMTkxMzIzWhcNMjUwODMxMTkxMzIyWjAXMRUwEwYDVQQD
EwxrYWN6bWFyZWsuaW8wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDQ
/aUvEMVxZ4vgm9shgtwzxBbv/Bcjval+lsr8jr0TZ1IYLSvH7/WOVAhvhP1Pi/jU
llAH7N8Qt0VCY70fTFuAj1HSINLOxmUH/KBCYydInPgUfTdUiJez5erRVTNw2C2+
6g6kObh2qkBqqJRzatfkuLWsparAAz03e9wYk4F4F74NUdvDdJLt5+I0rYZ7A15N
YxiILIQwcLAnrtAdARGYOinMErn9SYbmk9ZRTyJEhwXBx0y3LdexJrEkxTQhAzr2
2AkUh9YL0XhGi+iPX4WKQlB/iRgjzSPyEFpndd8++T69yWsjIqITTuu/9GkY+TSt
ZSIGpOfizIBneEP1HXgkHtO699Fj2yuucgCDnd13rImHOYsNppHgDxwrf94E6sia
3J6A7fOArMKedgasC9gIW8nMl3TSnVmjA5SReJ8CUxFF4BRwvepB1LaZiupCj9Hl
SkxhSsFr30wkflc+prF4obI6zocBFFNJJdOXPRjTU/5T9C23M2/ZbseSymGul088
EVIVLaqrqkrTGz6Qb1LeaPm6jVLlTwrjcsmCf5NyyP1SX5itpp+xIDaAUV1aiy/R
ssR0z9cjou3hzOX11rCHHyLRm9Xpfx8/cZ32IDfToTmigRd/iaxCaV1489i7DE1g
vFvw5OrsWfd65ldQronS9ZtQjpjIQFy5oLNnB+/3bwIDAQABo4ICLTCCAikwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBSy0KToacpBmgexdDMbq6++a+efDDAfBgNVHSME
GDAWgBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
BQUHMAKGF2h0dHA6Ly9yMTAuaS5sZW5jci5vcmcvMCcGA1UdEQQgMB6CDioua2Fj
em1hcmVrLmlvggxrYWN6bWFyZWsuaW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwLgYD
VR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMC5jLmxlbmNyLm9yZy8yMy5jcmwwggEF
BgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkQsUGSWBhVI8P1Oqc+3otJkVNh6l/L99F
WfYnTzqEVAAAAZcyRaDlAAAEAwBIMEYCIQCLplAs73tXvT8gRGnPM87FM8dSEZx3
2Wd6KxacuCYJVQIhAJFRMnzHL/w/d+uL9HxVAzNRR/b50rms2Ezrm4B5ub0sAHYA
EvFONL1TckyEBhnDjz96E/jntWKHiJxtMAWE6+WGJjoAAAGXMkWg7gAABAMARzBF
AiBj5EeTMOT4gQsLYDP/dgACcu1UFSygxzp2TBXOEy1+pwIhAP8KJM3Fsf9jCxH4
4AHYW94PmC3zBIpvJOHovjoU6gTLMA0GCSqGSIb3DQEBCwUAA4IBAQB6p18rP/a6
b7yCJz3XocyftdTOM+i8rWWHvK0yxhvOPGTJycnK6GOjFYKo+LxyQSzohP9wpY8E
1Yw3xCXnQJUm25OIjMaZNpfIlCkRGwqEFKsSSDPDeAkE9FKX/FN3J1EwBoa1CSUI
j3baY/vsShoPvCEg0jjnI8hbrTMYtE1eaomNGC89rI49dm/TvqOa1cVMkS4y5vkJ
5xxXUk8mLSzuDUwk14YVe427wXNfA/5p1SxHQNs/4CTcyllXAc4+GJcrOQt4SO22
Y/9ZU6PZslsGXh1haxLNnAY2svx1EiZVBQBt1ezHZGSR86UCZovRMsR2kQB7X49q
/2t0VTmmXKv6
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0P2lLxDFcWeL4JvbIYLc
M8QW7/wXI72pfpbK/I69E2dSGC0rx+/1jlQIb4T9T4v41JZQB+zfELdFQmO9H0xb
gI9R0iDSzsZlB/ygQmMnSJz4FH03VIiXs+Xq0VUzcNgtvuoOpDm4dqpAaqiUc2rX
5Li1rKWqwAM9N3vcGJOBeBe+DVHbw3SS7efiNK2GewNeTWMYiCyEMHCwJ67QHQER
mDopzBK5/UmG5pPWUU8iRIcFwcdMty3XsSaxJMU0IQM69tgJFIfWC9F4Rovoj1+F
ikJQf4kYI80j8hBaZ3XfPvk+vclrIyKiE07rv/RpGPk0rWUiBqTn4syAZ3hD9R14
JB7TuvfRY9srrnIAg53dd6yJhzmLDaaR4A8cK3/eBOrImtyegO3zgKzCnnYGrAvY
CFvJzJd00p1ZowOUkXifAlMRReAUcL3qQdS2mYrqQo/R5UpMYUrBa99MJH5XPqax
eKGyOs6HARRTSSXTlz0Y01P+U/QttzNv2W7HksphrpdPPBFSFS2qq6pK0xs+kG9S
3mj5uo1S5U8K43LJgn+Tcsj9Ul+YraafsSA2gFFdWosv0bLEdM/XI6Lt4czl9daw
hx8i0ZvV6X8fP3Gd9iA306E5ooEXf4msQmldePPYuwxNYLxb8OTq7Fn3euZXUK6J
0vWbUI6YyEBcuaCzZwfv928CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 575622693260042600481069438434038373901718
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-02 19:13:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-31 19:13:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kaczmarek.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 852608084652671309143785400340068672138194934984291995942216840065758480992869158887676148010343160424591396352370374744572455897733640238909957974769682634659344500860830993395114373750395072716417708504715047099938393514534164594152699802062231076195073367455345985952833243056048758801937189910373167275364861612566961215071727200546774548157724841542012166484787471473533788893746156606268841231095147946882387610387657763178390109019175842818367173647281746467428618695283929733581733805985806696159766031548875048085067801738130297388092669722902922997976189391261338881712460291899618708287873859091966867580281626931415490821150000803416354954145228779763425504579550671108134050593769975405211110516332862908039896601451721338700489324784980959238881271513278193818715494650648044136939928629285962351133275928848229962517471325394318329453984412854592018289794413156749089218624119144113136219101544342649000690068923335031870261615055307563769040928943566812665347677023609184848151697624454583538802159199428504245771104061693214674267311115678508543611948749489172188129920387518882595937075053886051148185426106104124442168682790921009292777432005031460035956791994673965775155491201363546311117921939182451993976239983
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b2d0a4e869ca419a07b174331babafbe6be79f0c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kaczmarek.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaczmarek.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/23.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a8454000001973245a0e500000403004830460221008ba6502cef7b57bd3f204469cf33cec533c752119c77d9677a2b169cb82609550221009151327cc72ffc3f77eb8bf47c5503335147f6f9d2b9acd84ceb9b8079b9bd2c00760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a000001973245a0ee0000040300473045022063e4479330e4f8810b0b6033ff76000272ed54152ca0c73a764c15ce132d7ea7022100ff0a24cdc5b1ff630b11f8e001d85bde0f982df3048a6f24e1e8be3a14ea04cb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007aa75f2b3ff6ba6fbc82273dd7a1cc9fb5d4ce33e8bcad6587bcad32c61bce3c64c9c9c9cae863a31582a8f8bc72412ce884ff70a58f04d58c37c425e7409526db93888cc6993697c89429111b0a8414ab124833c3780904f45297fc53772751300686b50925088f76da63fbec4a1a0fbc2120d238e723c85bad3318b44d5e6a898d182f3dac8e3d766fd3bea39ad5c54c912e32e6f909e71c57524f262d2cee0d4c24d786157b8dbbc1735f03fe69d52c4740db3fe024dcca595701ce3e18972b390b7848edb663ff5953a3d9b25b065e1d616b12cd9c0636b2fc7512265505006dd5ecc7646491f3a502668bd132c47691007b5f8f6aff6b745539a65cabfa