htk.org
Issued by R3
About this certificate
This digital certificate with serial number 04:de:2a:10:a4:8e:2f:32:dd:55:33:dc:72:df:b5:ca:38:18 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=htk.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:de:2a:10:a4:8e:2f:32:dd:55:33:dc:72:df:b5:ca:38:18Serial Number (int): 424047743173642209862135549608330353326104
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 21:b9:0f:55:38:f3:c0:76:d0:a6:9d:e8:38:65:12:9e:44:52:50:50
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 30:05:dd:1a:5e:88:a7:1a:10:8d:9e:0c:8c:9d:3f:a2:07:36:57:28
Fingerprint (sha256): f0:8d:4a:e8:a6:34:d2:ba:43:55:aa:82:dd:74:3a:39:cb:9a:0b:74:13:cc:3b:62:e5:c9:57:07:2e:69:56:13
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate htk.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for htk.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
htk.org
Other certificates including the domain name htk.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for htk.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgISBN4qEKSOLzLdVTPcct+1yjgYMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjAwODE2MzVaFw0yMzEyMTkwODE2MzRaMBIxEDAOBgNVBAMT B2h0ay5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDCu44FrLXN aWxR6BLdLhBW2Ebqe57m267Z5h9vSBHtVaG1c8fU7KekU5TRqfU3OIhG0JnBL8Wy Rv0LsY14DS91lXksW0hYCmTULnAOy5l8AZdEcTu4iSbSPxJxRUoQSJlD/e4TwxAT UsHiVRPMh6SS8YSfm010UUinEbyoJjfWC2vSecqk3IWW2zqCn69l8u8nkC1Z4pmw aXJIwRyTgsT+815Br3V1WpwI/kAbQG9tijENRgJ5FGfy1698Z25czkD0iG4Vhce5 dFmCdrvHgNsFOglIguGbZcHgtrkJU+7OwjQd26+9a2OOC3gPc28lFQzyIdLggLva ucXxyS6ITnI8acvWNz06o+4/TkhXKy4U+ba/wVHMsheQvicuQ8D8U/upwnIMigMg UcbC+wu1CHOx/4OGDEM0WtzdhS8lFmKhPxTnEgjULB3JVFitOwB3mqQsq1ZUtk6v xU4GogVcS3p6xbIts64uJJjuXSUjB+mafPTCVZElwGdkeCZwZgqN+hoSbn0ZmVLv dTt1clNwpvOZDIJePmVngmVXfp27vNvEdU2QFH16veKE3DOB6e61COFRfIYaUW3/ tpodyQk/CYf42uW8M4Q0l1JrJJgQK4Z+yKJuK9LEEpVAEOP8JiJfH5dkwU/G4HKl jM8GmtDGdLKM9bTLdEQUMjz1tJF7I9Hz3wIDAQABo4ICCDCCAgQwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBQhuQ9VOPPAdtCmneg4ZRKeRFJQUDAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzASBgNVHREECzAJggdodGsub3JnMBMGA1UdIAQMMAowCAYGZ4EM AQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAtz77JN+cTbp18jnFulj0bF38 Qs96nzXEnh0JgSXttJkAAAGKseCCsQAABAMARzBFAiBcZt+/mDi28HzDjVCZW6Hl dX8f1iSITElgesYgq1DiQwIhAJXVnaIUzvK6xe0muaeEkrZTSER/zodP1CwViQMb 8+A7AHUArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooAAAGKseCDEwAA BAMARjBEAiAhgNsDdcU6h/cm3JWih441g8sAxSrhdCDQusLsYbGYLAIgftIWdvO0 LUinzx8SATAzaEIDVcL3OSjTOkHQ/VU6kT0wDQYJKoZIhvcNAQELBQADggEBAJU0 7wD6R96/WWDBxYPtaQjYhBERQ4ZSEJlDLDSeK8p8viWu4Yg3utNoShroo5Stpxba qS0HE1RgGJN/WTS+9wmK3GT2BlXkYLV+8sXO55F2ib6rfukSxZE+dBZtgSXShv6Q 33PFnRzl5XhAR52Sl/R1owaduXDQljS7m7wKBt/yPQJVxGNE7V/USeSdZKUiHS1x gzWPaAlrMS05WZvXHDA9jz3pn59aS+RuJVcS//kY7Qu7bLT/B2inCjKo0p1FMMPc SGdgDc43BOctSX78wY6v+xD0Ew26r49XV0qlSrrUeGZaARxuStXe0sUEZjhoGOXz 7rRjV2kpg9UiAH8ejbk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwruOBay1zWlsUegS3S4Q VthG6nue5tuu2eYfb0gR7VWhtXPH1OynpFOU0an1NziIRtCZwS/Fskb9C7GNeA0v dZV5LFtIWApk1C5wDsuZfAGXRHE7uIkm0j8ScUVKEEiZQ/3uE8MQE1LB4lUTzIek kvGEn5tNdFFIpxG8qCY31gtr0nnKpNyFlts6gp+vZfLvJ5AtWeKZsGlySMEck4LE /vNeQa91dVqcCP5AG0BvbYoxDUYCeRRn8tevfGduXM5A9IhuFYXHuXRZgna7x4Db BToJSILhm2XB4La5CVPuzsI0HduvvWtjjgt4D3NvJRUM8iHS4IC72rnF8ckuiE5y PGnL1jc9OqPuP05IVysuFPm2v8FRzLIXkL4nLkPA/FP7qcJyDIoDIFHGwvsLtQhz sf+DhgxDNFrc3YUvJRZioT8U5xII1CwdyVRYrTsAd5qkLKtWVLZOr8VOBqIFXEt6 esWyLbOuLiSY7l0lIwfpmnz0wlWRJcBnZHgmcGYKjfoaEm59GZlS73U7dXJTcKbz mQyCXj5lZ4JlV36du7zbxHVNkBR9er3ihNwzgenutQjhUXyGGlFt/7aaHckJPwmH +NrlvDOENJdSaySYECuGfsiibivSxBKVQBDj/CYiXx+XZMFPxuBypYzPBprQxnSy jPW0y3REFDI89bSReyPR898CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 424047743173642209862135549608330353326104 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-20 08:16:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-19 08:16:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'htk.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 794439842639412757100452695194749211043805598823208844509624459710969770591334546700146563789843214604414820646931569696059094071947480032597596940316419357309070772587514166625118695942660397204167896830192000759771659583024688064262668171903995096897202687578129306198821258893611064364726282041274468391227575362682569101470689353979738111680850444530377561837374897605927417202758454890649297930345749334243045716870368794212611026248544410988689115219303614685127907868862013132439250571958803295231073146396714312135300455434922650733515775260766004081462751848547582318977813339088442007795917445995839071812684671487662311211112874016564732487334429263638707031581139509765238792742898457637432924774989798773251568718861803252092964956313348141419071390948109086356445449492101044171733090433700419589774417093674533087438450275762976061596071832624979352231656746931504826251563067545931268349671916832608605052159202816388991613759147545915339541941291069395350625532380456201388251654986981393145745222617119523334252911214408803640011705221567333574515550484098674230972859774977315462961479341141186399020318600117761956130132708263189316361485714779058419039403374967668499620818792217419374042163632814809176601654239 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 21b90f5538f3c076d0a69de83865129e44525050 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (11 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'htk.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018ab1e082b1000004030047304502205c66dfbf9838b6f07cc38d50995ba1e5757f1fd624884c49607ac620ab50e24302210095d59da214cef2bac5ed26b9a78492b65348447fce874fd42c1589031bf3e03b007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018ab1e08313000004030046304402202180db0375c53a87f726dc95a2878e3583cb00c52ae17420d0bac2ec61b1982c02207ed21676f3b42d48a7cf1f1201303368420355c2f73928d33a41d0fd553a913d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009534ef00fa47debf5960c1c583ed6908d88411114386521099432c349e2bca7cbe25aee18837bad3684a1ae8a394ada716daa92d0713546018937f5934bef7098adc64f60655e460b57ef2c5cee7917689beab7ee912c5913e74166d8125d286fe90df73c59d1ce5e57840479d9297f475a3069db970d09634bb9bbc0a06dff23d0255c46344ed5fd449e49d64a5221d2d7183358f68096b312d39599bd71c303d8f3de99f9f5a4be46e255712fff918ed0bbb6cb4ff0768a70a32a8d29d4530c3dc4867600dce3704e72d497efcc18eaffb10f4130dbaaf8f57574aa54abad478665a011c6e4ad5ded2c50466386818e5f3eeb46357692983d522007f1e8db9