DV SSL/TLS Certificate for jhfw.org

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the jhfw.org DV SSL/TLS Certificate

This certificate with serial number 06:85:9a:ed:4a:2a:bb:b0:a7:94:df:f6:dd:2a:70:a2:b1:cf for jhfw.org was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for jhfw.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:85:9a:ed:4a:2a:bb:b0:a7:94:df:f6:dd:2a:70:a2:b1:cf
Serial Number (int): 568137203581036626073932384163774907724239
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 12:c1:8d:ed:65:17:6b:14:1e:63:a4:23:77:6c:6a:82:4e:c7:3a:a6
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 84:1a:a4:95:18:11:ef:cc:24:9e:d2:3b:2c:c0:19:b2:48:3a:61:4d
Fingerprint (SHA-256): 23:bf:40:c3:7d:3d:aa:05:d6:54:82:15:a1:6e:47:39:50:ac:d5:f5:89:88:ff:c0:a0:ac:cf:40:49:e2:8e:c9

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/80.crl

Check the revocation status for certificate jhfw.org
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for jhfw.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

jhfw.org

X.509 Certificate

The complete raw X.509 certificate details for jhfw.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgISBoWa7Uoqu7CnlN/23SpworHPMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTI5MDk0ODU2WhcNMjUwODI3MDk0ODU1WjATMREwDwYDVQQD
EwhqaGZ3Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJgiPb+V
6ZIKbjJ2TjdlT/iM/Lp+2Wxb1ObnfcVtwCDokpq2vSa8aqb3A63kggGvUogx5y6z
3Yr42rw7pgoQqZskmIOni5MNzrDbUU1Y2NDCICpMpuIogbmA+/vTlgLAFXyvW/wX
x/08KTtaCAerBm/o5uH0O9wvQ1BaNNbeY32/t7NmOZw0AOaOL3HsEDQbJtZugG0V
HLOH5XCyraPanfHRCFJhPi5i5fN4Jm/5/Egw/pzkkC9xGgz1/A/bvf9D3a4JmBM8
8CNly3OrV3x1FH/3kpfAUHsI7RU50iyhOqEvxehHNubAXYAr9GDDLsPYPaBO8buR
PaoaFhUch1HryJsCAwEAAaOCAhgwggIUMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
EsGN7WUXaxQeY6Qjd2xqgk7HOqYwHwYDVR0jBBgwFoAUu7zDR6XkvKnGw6RyDBCN
ojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEwLmku
bGVuY3Iub3JnLzATBgNVHREEDDAKgghqaGZ3Lm9yZzATBgNVHSAEDDAKMAgGBmeB
DAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEwLmMubGVuY3Iub3JnLzgw
LmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AKRCxQZJYGFUjw/U6pz7ei0m
RU2HqX8v30VZ9idPOoRUAAABlxunbMUAAAQDAEgwRgIhAJaVPJ+cG4f13sKFM9P5
TC0i4LBPgYlhZg0ZPFyeIMmvAiEAvh/J79vG1kTkIojWxYNQQsQpK0LQGiIdikqs
XyPUaocAdQAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZcbp2zF
AAAEAwBGMEQCIHOAReTj737lgO1AjEpZ8k95KLjq/WxcDq6TiEaEF1BqAiBkTX7Q
u9GVkgIF+qJ0xYDMiZhzFlZmlDE6JSP5PiTTqTANBgkqhkiG9w0BAQsFAAOCAQEA
N4EoZdS+kIyTfMQSmy4UJ+nOkoONZrg9I1G6Bg3Vw0UZkD3v0FScDtiG64DwvETl
2uyYT5pPouXBXY3adHGkRYAirkThEI0oqAtxmduqAjlOLdqgqPmxWwuj55SpYT/R
8SLaJQ/DPEv7Byseb5LItAmUnQ4is7C/1Kd1PiwG0BodY44yqIc4JL+xLAOiG4vl
cLKJoJ+PxdnHN/VSdj77iBsDO4HtVN7YcSp8mQiUhKYey3E2LJLOThXwHgEG8BBC
ltFcFwOSy7CnsJnaOzxLVEU1lHq52sKYyTXfAkERNxaFYKF/pSb8bsXs8lttVrHV
g23/sBbL4Oi5CjppzDDnsg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCI9v5XpkgpuMnZON2VP
+Iz8un7ZbFvU5ud9xW3AIOiSmra9JrxqpvcDreSCAa9SiDHnLrPdivjavDumChCp
mySYg6eLkw3OsNtRTVjY0MIgKkym4iiBuYD7+9OWAsAVfK9b/BfH/TwpO1oIB6sG
b+jm4fQ73C9DUFo01t5jfb+3s2Y5nDQA5o4vcewQNBsm1m6AbRUcs4flcLKto9qd
8dEIUmE+LmLl83gmb/n8SDD+nOSQL3EaDPX8D9u9/0PdrgmYEzzwI2XLc6tXfHUU
f/eSl8BQewjtFTnSLKE6oS/F6Ec25sBdgCv0YMMuw9g9oE7xu5E9qhoWFRyHUevI
mwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 568137203581036626073932384163774907724239
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-29 09:48:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-27 09:48:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'jhfw.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19205107322147515064071201217057070579008473241914187830423787484013355408070894457819171808756500965228594454611309680505195321979863524952958590520452429236640246229099470584862608916829760458397479053980344134011650458989349512538032648153789571689717185607914669715030397216169869477463992006266733876292181243597634908458040171911217213422892738455437092896630170535149922312485048751852017778565953460959837362308378371547030341224432746973994070727261623607680731436809389380598787044464998586730933952962042391794380008042765340070238594157871704962769807639871469658526909122207806901107484557774633642477723
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							12c18ded65176b141e63a423776c6a824ec73aa6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfw.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/80.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a8454000001971ba76cc5000004030048304602210096953c9f9c1b87f5dec28533d3f94c2d22e0b04f818961660d193c5c9e20c9af022100be1fc9efdbc6d644e42288d6c5835042c4292b42d01a221d8a4aac5f23d46a870075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34000001971ba76cc500000403004630440220738045e4e3ef7ee580ed408c4a59f24f7928b8eafd6c5c0eae9388468417506a0220644d7ed0bbd195920205faa274c580cc89987316566694313a2523f93e24d3a9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0037812865d4be908c937cc4129b2e1427e9ce92838d66b83d2351ba060dd5c34519903defd0549c0ed886eb80f0bc44e5daec984f9a4fa2e5c15d8dda7471a4458022ae44e1108d28a80b7199dbaa02394e2ddaa0a8f9b15b0ba3e794a9613fd1f122da250fc33c4bfb072b1e6f92c8b409949d0e22b3b0bfd4a7753e2c06d01a1d638e32a8873824bfb12c03a21b8be570b289a09f8fc5d9c737f552763efb881b033b81ed54ded8712a7c99089484a61ecb71362c92ce4e15f01e0106f0104296d15c170392cbb0a7b099da3b3c4b544535947ab9dac298c935df02411137168560a17fa526fc6ec5ecf25b6d56b1d5836dffb016cbe0e8b90a3a69cc30e7b2