DV SSL/TLS Certificate for vincentnijhuis.nl

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the vincentnijhuis.nl DV SSL/TLS Certificate

This certificate with serial number 05:d4:f9:08:fd:cb:0e:79:a5:2f:10:67:e0:07:8c:8d:42:56 for vincentnijhuis.nl was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for vincentnijhuis.nl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:d4:f9:08:fd:cb:0e:79:a5:2f:10:67:e0:07:8c:8d:42:56
Serial Number (int): 508032315902902926382817589286120939405910
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: b7:74:0e:64:99:a3:70:e5:e7:98:ea:d4:59:a4:bb:28:e1:47:3b:d4
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 68:02:d6:ab:14:73:ee:24:ca:95:31:e0:2e:29:67:08:93:f7:4c:a1
Fingerprint (SHA-256): a7:69:d7:58:03:98:59:2b:6f:d2:30:ec:53:da:05:fc:c7:d6:c2:4e:70:60:2c:81:7d:21:a3:a7:2d:18:b9:2d

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

OCSP Server: http://r11.o.lencr.org
CRL Distribution Point: http://r11.c.lencr.org/87.crl

Check the revocation status for certificate vincentnijhuis.nl
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for vincentnijhuis.nl

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for vincentnijhuis.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISBdT5CP3LDnmlLxBn4AeMjUJWMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNDI0MTMwNTU4WhcNMjUwNzIzMTMwNTU3WjAcMRowGAYDVQQD
ExF2aW5jZW50bmlqaHVpcy5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBAMb36W15bIOVu/Axm7d8F+TnZpR05Y0K+R7x4UDDjVO2/GV8H4Wf2XOu5bIH
I184gheEPJJ/leZFQuMTbntpohTvnI1a+BHn7nIPX1+sQSpTFYqQKM9WotxPYoZg
Vo0lm0T++QqUgEbJf4gL9sh/Hi00yEnE0lm0bPc1tGxkgfF40FeAx6BL5asxoVm+
RD6gFtefLAGfcTff6lsQLPdPAqjDoXeTqZ//Nzg4qPK1y6K0CStFZ8DFtPIRBksk
jRsvTYIKJYcoi1rX3vNIcTz0Oaho94guqOSDCc6JbNjR/CDohB+r6K/djkMQ+pDM
O/t/RjUdcMpUbYBYT1OCUgWp9DN2gecT5v3/hssrZaJhfAIrrm5epAdJYm5rjh7I
U9auTj2VPlbmwTlxNzrkqaW9XB3R5xuU9iZ+I9Uh4N/hjl+3RchrJDCwlLN4gE/P
HpTEX5vtmsheFRwXRr/S83p494NcfgmIvCAqipHE+vAjboMWyXmltaIVPfP+8iqm
81b4XC3HD7th57nqtNQ0Y+iZzr0bKNELlTDVxrOjgeOiKqHl4a6SXRbtmgryl7/4
i1OBcKoJvknYhfBTOnbdsGvVbKhorlXmSBPHcYM9mvHZ4wS8FtnMsTwcoO1BY/7+
XkFAbn/QDbmRbHNYK3lAHhMS1ttcYEHKkWr8sYIIhvzTGLalAgMBAAGjggJbMIIC
VzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLd0DmSZo3Dl55jq1FmkuyjhRzvUMB8G
A1UdIwQYMBaAFMXPRqTq9MPAemyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAi
BggrBgEFBQcwAYYWaHR0cDovL3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYX
aHR0cDovL3IxMS5pLmxlbmNyLm9yZy8wMQYDVR0RBCowKIITKi52aW5jZW50bmlq
aHVpcy5ubIIRdmluY2VudG5pamh1aXMubmwwEwYDVR0gBAwwCjAIBgZngQwBAgEw
LgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMS5jLmxlbmNyLm9yZy84Ny5jcmww
ggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfp
MO8OQh60fk6qNAAAAZZoHT0KAAAEAwBHMEUCID3lDnPF/jX6R95E7xct8KKPHCDB
yc4Tbf0Opssf+p7oAiEAqC+SKoKVWKSKIuDUXvlOCJNyS9z2W27NX0i47JN6IR8A
dwDd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZZoHT1IAAAEAwBI
MEYCIQCoIZ3rmPM42zumfWy26St0WWVaOgt149EpAPUt7DetJgIhAOiepsn71rsL
5dJSHgUFXnzTHChzM+z9RVhPeIZevWPLMA0GCSqGSIb3DQEBCwUAA4IBAQCVcK8k
HHoARLGhig2UoYvtfEp8lFNukDCt4+DbWUalxRGzaAGen09RzgG2xpvd0dSWG3xa
6tH7HwMRtlRSm/2kU3H/UO5i8tUlwrozO7MErEZerlQwpXyE+RPx3Vu6k7ulHQCe
svLSHjAldud1REZZKnkwPP0NL01L0OWqCZ/NEDonPcSJ4vq73LujHhmTfJeWHabl
cMKO4dm/IGBy659qeM5tsBO0Ib33U7KKZlll1hU6OypkGSFVlwipj81iifB95jSX
M1RUr0/gWBmhp3xPPrSjXybOOLxcDqWRfbJzd23XRVNGPNuptrY4dm/5e+rwfuVD
pSh0HEPk0FHxBkh6
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxvfpbXlsg5W78DGbt3wX
5OdmlHTljQr5HvHhQMONU7b8ZXwfhZ/Zc67lsgcjXziCF4Q8kn+V5kVC4xNue2mi
FO+cjVr4Eefucg9fX6xBKlMVipAoz1ai3E9ihmBWjSWbRP75CpSARsl/iAv2yH8e
LTTIScTSWbRs9zW0bGSB8XjQV4DHoEvlqzGhWb5EPqAW158sAZ9xN9/qWxAs908C
qMOhd5Opn/83ODio8rXLorQJK0VnwMW08hEGSySNGy9NggolhyiLWtfe80hxPPQ5
qGj3iC6o5IMJzols2NH8IOiEH6vor92OQxD6kMw7+39GNR1wylRtgFhPU4JSBan0
M3aB5xPm/f+GyytlomF8Aiuubl6kB0libmuOHshT1q5OPZU+VubBOXE3OuSppb1c
HdHnG5T2Jn4j1SHg3+GOX7dFyGskMLCUs3iAT88elMRfm+2ayF4VHBdGv9Lzenj3
g1x+CYi8ICqKkcT68CNugxbJeaW1ohU98/7yKqbzVvhcLccPu2Hnueq01DRj6JnO
vRso0QuVMNXGs6OB46IqoeXhrpJdFu2aCvKXv/iLU4Fwqgm+SdiF8FM6dt2wa9Vs
qGiuVeZIE8dxgz2a8dnjBLwW2cyxPByg7UFj/v5eQUBuf9ANuZFsc1greUAeExLW
21xgQcqRavyxggiG/NMYtqUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 508032315902902926382817589286120939405910
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-24 13:05:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-23 13:05:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vincentnijhuis.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 811720275519430712348378707477155028147098368931836358520782232318776430600387370416261645669010177079835331564740734924114619977936213956681796196311476838832378375208829103205696510001528286865714069383092419465898889952824677807585849669022401305776736842710211677359878596048717857014583920086352188794125599873433695729642783763118921005236604531174513003328461465204246569471001394731859890982786300022965240324609126529088459578114337587009804888110793315755554669251916662579981431507201210993518156628580677014311395233749944092595689440212455457982038272676849185136853067075499825700497419284960513939137525630134422561437488791694647928185021154247734232286030736607254888602796384346623376028587108744141471685199826867200536591311856474145550546707435768202183100195576980357817619575859516633968350729982808443093502896329950936414846794639958548078621858970155952720253193265197820340705730099152695542802074785262230852721780579234197420915992912886018606409435200957086781401220859515810986827432304320531832533719777570324150248870529372209351020144380207489114419704991207687620828975188650906030670087737016371365335765766801130458942691327295549682888357484866687543383123235518725008996083600050558312463775397
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b7740e6499a370e5e798ead459a4bb28e1473bd4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vincentnijhuis.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vincentnijhuis.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/87.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000196681d3d0a000004030047304502203de50e73c5fe35fa47de44ef172df0a28f1c20c1c9ce136dfd0ea6cb1ffa9ee8022100a82f922a829558a48a22e0d45ef94e0893724bdcf65b6ecd5f48b8ec937a211f007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000196681d3d480000040300483046022100a8219deb98f338db3ba67d6cb6e92b7459655a3a0b75e3d12900f52dec37ad26022100e89ea6c9fbd6bb0be5d2521e05055e7cd31c287333ecfd45584f78865ebd63cb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009570af241c7a0044b1a18a0d94a18bed7c4a7c94536e9030ade3e0db5946a5c511b368019e9f4f51ce01b6c69bddd1d4961b7c5aead1fb1f0311b654529bfda45371ff50ee62f2d525c2ba333bb304ac465eae5430a57c84f913f1dd5bba93bba51d009eb2f2d21e302576e7754446592a79303cfd0d2f4d4bd0e5aa099fcd103a273dc489e2fabbdcbba31e19937c97961da6e570c28ee1d9bf206072eb9f6a78ce6db013b421bdf753b28a665965d6153a3b2a641921559708a98fcd6289f07de63497335454af4fe05819a1a77c4f3eb4a35f26ce38bc5c0ea5917db273776dd74553463cdba9b6b638766ff97beaf07ee543a528741c43e4d051f106487a