DV SSL/TLS Certificate for hkff.cc

Certificate is witin its validity period

Issued by Leocert LLC (Leocert TLS Issuing RSA CA 1)

About the hkff.cc DV SSL/TLS Certificate

This certificate with serial number 08:72:b1:f9:b4:e8:bb:8f:ed:40:8f:41:dd:29:87:47 for hkff.cc was issued on by Leocert LLC.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for hkff.cc provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Leocert LLC

Organization: Leocert LLC
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 08:72:b1:f9:b4:e8:bb:8f:ed:40:8f:41:dd:29:87:47
Serial Number (int): 11229355578453268025873259721352906567
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: e4:67:d9:93:b8:89:04:b5:e8:78:49:b5:79:24:7d:f9:8f:c9:14:78
Authority Key Identifier: 17:d9:d3:f2:d0:69:e8:1e:37:b7:f9:56:3a:07:e6:29:d3:95:5b:91

Fingerprint (SHA-1): 90:27:43:dd:ed:d0:46:4b:d2:4c:42:56:8f:ed:7b:07:7c:e9:16:26
Fingerprint (SHA-256): 8a:be:3c:d5:e6:c3:9f:21:ef:7f:4b:9d:8b:3b:c8:45:2c:4a:ed:34:ab:87:aa:22:a2:c8:d4:42:7e:46:f2:e6

Issuing Certificate URL: http://cert.ssl.com/Leocert-TLS-I-R1.cer

Revocation Information

OCSP Server: http://ocsps.ssl.com
CRL Distribution Point: http://crls.ssl.com/Leocert-TLS-I-R1.crl

Check the revocation status for certificate hkff.cc
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for hkff.cc

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for hkff.cc in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUzCCBLugAwIBAgIQCHKx+bTou4/tQI9B3SmHRzANBgkqhkiG9w0BAQsFADBK
MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLTGVvY2VydCBMTEMxJTAjBgNVBAMMHExl
b2NlcnQgVExTIElzc3VpbmcgUlNBIENBIDEwHhcNMjUwNjA0MDIyNjAxWhcNMjYw
NzA1MDIyNjAxWjASMRAwDgYDVQQDDAdoa2ZmLmNjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAw7PIdg7p+yNzlkXmN1D0c7BnMNiGY4CSBvrkTM1k+0F/
2Tl90sHQX6vAiM4JSE6D4pz+I7dfMNWVipVWi9pPIxlOyLQ9VEFd389YoZMrOOdg
8L/CDsZ0qlpg8+pcu4b9meZw1QfB/yUfF7bckEh1JK2E4Pb7ls2cZi906lFDpZfN
wUkawQ7x80faABZfQl3u6RI5vePKCzbwRbp8g2/2Txgfgqcvt5QCU4WZs6yWKsl6
u+ZIfWvSK84WOMJQqm1eyFkvFtjWKfF7sIJd9poxafZjqu5rwvx+teSyVscjw3l0
AU2N8jj83FV3UB1Ex44+N/HRsazldTIR+iMdPp6ZdwIDAQABo4IC6zCCAucwDAYD
VR0TAQH/BAIwADAfBgNVHSMEGDAWgBQX2dPy0GnoHje3+VY6B+Yp05VbkTBmBggr
BgEFBQcBAQRaMFgwNAYIKwYBBQUHMAKGKGh0dHA6Ly9jZXJ0LnNzbC5jb20vTGVv
Y2VydC1UTFMtSS1SMS5jZXIwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wu
Y29tMB8GA1UdEQQYMBaCB2hrZmYuY2OCC3d3dy5oa2ZmLmNjMCMGA1UdIAQcMBow
CAYGZ4EMAQIBMA4GDCsGAQQBgqkwAQMBATAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
KwYBBQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybHMuc3NsLmNvbS9M
ZW9jZXJ0LVRMUy1JLVIxLmNybDAdBgNVHQ4EFgQU5GfZk7iJBLXoeEm1eSR9+Y/J
FHgwDgYDVR0PAQH/BAQDAgWgMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDL
OPcViXyEoURfW8Hd+8lu8ppZzUcKaQWFsMsUwxRY5wAAAZc4y7T2AAAEAwBHMEUC
IHDJvl9y4bh2Qpc3GfReTAUU7m2EggOMP7gROZI5BXnUAiEAscSMp1MFFP0kV5g1
jByRP2BuYkCeSEXpwasg9MOXvh4AdgCsqzBwbOvshDH0E9L0kV8RHkIkQ7HypoxP
PCs7px4CwwAAAZc4y7UxAAAEAwBHMEUCIGjmBHNq6wKbelpjfvmcVIq5WhLjGDC9
OqX3Rf+KZaVqAiEArwsRJ0Eg8AcCD/EhppaTKWTq7MEUjnqvKGpuAITECosAdQDY
CVU7lE96/8gWGW+UT4WrsPj8XodVJg8V0S5yu0VLFAAAAZc4y7T1AAAEAwBGMEQC
IChUGUes9bhfWbdsrneO4GISQ+svUnskjXXM868hf6MIAiBU6aP8KpnUuicdtuyd
e3ahB7QIKcX0bCMoh4dWezXEADANBgkqhkiG9w0BAQsFAAOCAYEAFFbGe5KK1A3R
dVn98WCuLcaSGkplMWj/OgbgRW6VNybTqcTvor8TeFHeSMJ/8l+l5nrvk5aY1P8E
Z2/ZZhOL2jWAUPV5I7Nqle6IKe3sBpxxJ3+ovrvqvnE6a97JJI40efUoE5HhAuV8
BEimc+vmUfKQTBxXdd0LTsRyqoYR7kVkOib0TprTFA0pmP6ZiXd4Eg6ZgBtuE+E7
CttRIAeLfVvfH/Z1i0R61/SYQD2FGoDtS1tSn9GXNzoQXtCdFFi8mhRlVueIYUJT
zsGC8zaDe0Dmsh4aOXKg0k1oIwM20rGlkkLPjYHWBwjleQx8ACESzL3umFI26xjv
WfgH+3U1/p7rOm07kaRIZvKZrO07WLYA62KTzXy6zFkUCMa7QxPfndEo2c6lo8K4
+qpT3H9yHVEhO9g63OalCFpKSgisg4tVrDfnjOyH0/lWfLbpl+WCgXODVIwYJLFS
b/eaOjd7Nl1l2lf2VkXYFLxXkLhz6yxPiz2yIef1uAi2HwQPCaVK
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7PIdg7p+yNzlkXmN1D0
c7BnMNiGY4CSBvrkTM1k+0F/2Tl90sHQX6vAiM4JSE6D4pz+I7dfMNWVipVWi9pP
IxlOyLQ9VEFd389YoZMrOOdg8L/CDsZ0qlpg8+pcu4b9meZw1QfB/yUfF7bckEh1
JK2E4Pb7ls2cZi906lFDpZfNwUkawQ7x80faABZfQl3u6RI5vePKCzbwRbp8g2/2
Txgfgqcvt5QCU4WZs6yWKsl6u+ZIfWvSK84WOMJQqm1eyFkvFtjWKfF7sIJd9pox
afZjqu5rwvx+teSyVscjw3l0AU2N8jj83FV3UB1Ex44+N/HRsazldTIR+iMdPp6Z
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11229355578453268025873259721352906567
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Leocert LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Leocert TLS Issuing RSA CA 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-04 02:26:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-07-05 02:26:01 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'hkff.cc'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24705123795231628987523068457086742026229459613350870146988329670743733951022582538967093626152052307498305695460578050074310924291142227227802084393077137142038159412468491511407652043790207604495216854931813907597177537412617004627826514713732215910222238784686353237006603455272060527365877878779421309777112185573352559288009327938879254286294913769246041708272531319608158634823063545744267932234231411001490709095520401485721518057064419643720141494630781210658448439881687610441532932085980409634933269706279830115391676789983980795303901153633425385513727035563792490946101352075131089553283957644515147159927
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d3f2d069e81e37b7f9563a07e629d3955b91
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/Leocert-TLS-I-R1.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hkff.cc'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hkff.cc'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/Leocert-TLS-I-R1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e467d993b88904b5e87849b579247df98fc91478
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e70000019738cbb4f60000040300473045022070c9be5f72e1b87642973719f45e4c0514ee6d8482038c3fb8113992390579d4022100b1c48ca7530514fd245798358c1c913f606e62409e4845e9c1ab20f4c397be1e007600acab30706cebec8431f413d2f4915f111e422443b1f2a68c4f3c2b3ba71e02c30000019738cbb5310000040300473045022068e604736aeb029b7a5a637ef99c548ab95a12e31830bd3aa5f745ff8a65a56a022100af0b11274120f007020ff121a696932964eaecc1148e7aaf286a6e0084c40a8b007500d809553b944f7affc816196f944f85abb0f8fc5e8755260f15d12e72bb454b140000019738cbb4f50000040300463044022028541947acf5b85f59b76cae778ee0621243eb2f527b248d75ccf3af217fa308022054e9a3fc2a99d4ba271db6ec9d7b76a107b40829c5f46c23288787567b35c400
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		001456c67b928ad40dd17559fdf160ae2dc6921a4a653168ff3a06e0456e953726d3a9c4efa2bf137851de48c27ff25fa5e67aef939698d4ff04676fd966138bda358050f57923b36a95ee8829edec069c71277fa8bebbeabe713a6bdec9248e3479f5281391e102e57c0448a673ebe651f2904c1c5775dd0b4ec472aa8611ee45643a26f44e9ad3140d2998fe99897778120e99801b6e13e13b0adb5120078b7d5bdf1ff6758b447ad7f498403d851a80ed4b5b529fd197373a105ed09d1458bc9a146556e788614253cec182f336837b40e6b21e1a3972a0d24d68230336d2b1a59242cf8d81d60708e5790c7c002112ccbdee985236eb18ef59f807fb7535fe9eeb3a6d3b91a44866f299aced3b58b600eb6293cd7cbacc591408c6bb4313df9dd128d9cea5a3c2b8faaa53dc7f721d51213bd83adce6a5085a4a4a08ac838b55ac37e78cec87d3f9567cb6e997e582817383548c1824b1526ff79a3a377b365d65da57f65645d814bc5790b873eb2c4f8b3db221e7f5b808b61f040f09a54a