DV SSL/TLS Certificate for magicshop.nl

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the magicshop.nl DV SSL/TLS Certificate

This certificate with serial number 05:bd:0d:5b:62:39:80:f1:9f:bc:75:37:65:6d:c0:00:c3:d2 for magicshop.nl was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for magicshop.nl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:bd:0d:5b:62:39:80:f1:9f:bc:75:37:65:6d:c0:00:c3:d2
Serial Number (int): 499892551462049986011248377161586801951698
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: df:50:e5:bc:00:1a:a2:f1:7d:79:c1:c1:bf:cf:c6:74:57:4f:52:d4
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): bb:87:cf:b9:1e:8e:83:8b:18:8a:c7:67:73:2a:b4:cb:b5:12:d8:aa
Fingerprint (SHA-256): ed:04:3c:db:b5:6f:f4:64:e8:26:f7:78:e2:dc:f9:bf:71:53:74:50:da:b9:a2:71:d4:19:c7:b4:9b:a7:73:f5

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/83.crl

Check the revocation status for certificate magicshop.nl
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for magicshop.nl

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

magicshop.nl

X.509 Certificate

The complete raw X.509 certificate details for magicshop.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgISBb0NW2I5gPGfvHU3ZW3AAMPSMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTEyMTA0MTQ2WhcNMjUwODEwMTA0MTQ1WjAXMRUwEwYDVQQD
EwxtYWdpY3Nob3AubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW
ziP7L2GjhxAS+csOO1rz/elxNMsbrcNMVLCH1aZQcGQtFDtj22kK9MlhzQz4su/n
FWJAilPphc4f0vLESarkBLc+bFC14yQc9hXSB5QUFBloRa30SUhrKt7CcJJRxrAq
NSkp4zEpcwwz3g8ptA95yDXWxyBBZXYpwqHaXlDgrC7C2x+YyG4KY5rANe076UV4
kIyJDxRYJ6kEYEQUZgbcsG2FU3gHi8zUuTVg7jQn5i7ri6XBInKCUaCaOx2qvEmn
r22bUyOgnYJImnYsNlLcznt54ECeRJ5ITW5M3bhFL1xwc2DARhajGq2acoCJ0YAn
HGfUrNC2d/354b2gxSWjAgMBAAGjggIdMIICGTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFN9Q5bwAGqLxfXnBwb/PxnRXT1LUMB8GA1UdIwQYMBaAFMXPRqTq9MPAemyV
xC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3Ix
MS5pLmxlbmNyLm9yZy8wFwYDVR0RBBAwDoIMbWFnaWNzaG9wLm5sMBMGA1UdIAQM
MAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTEuYy5sZW5j
ci5vcmcvODMuY3JsMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA7TxL1ugGwqSi
AFfbyyTiOAHfUS/txIbFcA8g3bc+P+AAAAGWxEutSQAABAMASDBGAiEAsXf99l+M
ug2hNJ57tFCzwLV34y0GrDpAODmfZE9/XWwCIQDNI1cTIDkSnIJ4gJhZrJiDGtvw
ug0NVJKI1S/pMB9WHwB2AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gq
AAABlsRLrZQAAAQDAEcwRQIgLAxMSnQJYusZu4Ud4yW1DkZBaMO4CsQhqBYIukpN
P0sCIQCq5y+NWEno9HUxDadDJKTtkQPNXBej+2JcRgxVjqDz/DANBgkqhkiG9w0B
AQsFAAOCAQEAf33ZFuQMwSCOnMlntDqEdKrbW2dW6fAL3p+deUW4tV9HdIH0gQN4
wk7C4ENvikZ9lQ4kT6tfqddM0Y7+jqkJHR+X4na9yQfXksXmhnbR++SL+qRw9cjC
qh59W3BurwKzrgjPCaORSTSq1iTgVEujO0X/alMlCmmShyeODDsH778xP9fqAqNF
ACK3x6ANtBH+n0fD6+m0upLh9j5gwFv0ZrNsDV/3vrGnO6S4/bi610dpXGn0ye3O
L0gX5S6ZnGHS8cCj53HJEAEOeQSctD9X9bJekhrsYky7M4jFCg8WvSYa6HW9BPvx
6a7Id4nAZemUvt21ZnwXPdEZqiNm5Rm6bQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s4j+y9ho4cQEvnLDjta
8/3pcTTLG63DTFSwh9WmUHBkLRQ7Y9tpCvTJYc0M+LLv5xViQIpT6YXOH9LyxEmq
5AS3PmxQteMkHPYV0geUFBQZaEWt9ElIayrewnCSUcawKjUpKeMxKXMMM94PKbQP
ecg11scgQWV2KcKh2l5Q4KwuwtsfmMhuCmOawDXtO+lFeJCMiQ8UWCepBGBEFGYG
3LBthVN4B4vM1Lk1YO40J+Yu64ulwSJyglGgmjsdqrxJp69tm1MjoJ2CSJp2LDZS
3M57eeBAnkSeSE1uTN24RS9ccHNgwEYWoxqtmnKAidGAJxxn1KzQtnf9+eG9oMUl
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 499892551462049986011248377161586801951698
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-12 10:41:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-10 10:41:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'magicshop.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27116648957306629947701691792678251750943145519219496427554776019448930191491947921817834925344609480261201000703422797100275757019058446769134108172260975176903091083205397563836872114362268900705022393707983580747865601207903066804514802414759420074366781531390292167407646703930477443560229259697225407214863165834546137509361900173804744389762382480077940404558505662499771529236507518630956372695231016932210681004513751626875342348724082323779314849784470274486025092844743057198708930185918387244752929069754034835126309945178055045732050973034828385437968808206927721497199622814872402871050233501901056714147
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							df50e5bc001aa2f17d79c1c1bfcfc674574f52d4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'magicshop.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/83.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe000000196c44bad490000040300483046022100b177fdf65f8cba0da1349e7bb450b3c0b577e32d06ac3a4038399f644f7f5d6c022100cd2357132039129c8278809859ac98831adbf0ba0d0d549288d52fe9301f561f007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000196c44bad94000004030047304502202c0c4c4a740962eb19bb851de325b50e464168c3b80ac421a81608ba4a4d3f4b022100aae72f8d5849e8f475310da74324a4ed9103cd5c17a3fb625c460c558ea0f3fc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007f7dd916e40cc1208e9cc967b43a8474aadb5b6756e9f00bde9f9d7945b8b55f477481f4810378c24ec2e0436f8a467d950e244fab5fa9d74cd18efe8ea9091d1f97e276bdc907d792c5e68676d1fbe48bfaa470f5c8c2aa1e7d5b706eaf02b3ae08cf09a3914934aad624e0544ba33b45ff6a53250a699287278e0c3b07efbf313fd7ea02a3450022b7c7a00db411fe9f47c3ebe9b4ba92e1f63e60c05bf466b36c0d5ff7beb1a73ba4b8fdb8bad747695c69f4c9edce2f4817e52e999c61d2f1c0a3e771c910010e79049cb43f57f5b25e921aec624cbb3388c50a0f16bd261ae875bd04fbf1e9aec87789c065e994beddb5667c173dd119aa2366e519ba6d