DV SSL/TLS Certificate for nomad.foundation

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the nomad.foundation DV SSL/TLS Certificate

This certificate with serial number 05:c9:5e:3c:4f:9f:2b:8c:e9:5a:fd:b4:88:ad:4b:c1:e5:90 for nomad.foundation was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for nomad.foundation provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:c9:5e:3c:4f:9f:2b:8c:e9:5a:fd:b4:88:ad:4b:c1:e5:90
Serial Number (int): 504083445994246273306245399217467270751632
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 31:ab:99:f0:69:b2:33:96:43:52:0f:e3:8f:7e:6f:0b:98:7d:40:bf
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): e9:39:42:27:76:17:91:f3:db:cb:06:cb:9e:1a:dd:c7:b4:75:f0:f6
Fingerprint (SHA-256): 8f:51:d0:41:6e:86:6b:30:ca:c7:8d:2c:90:aa:20:70:5d:bb:19:1f:cb:50:e3:4a:3d:ee:4a:41:62:47:59:29

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/17.crl

Check the revocation status for certificate nomad.foundation
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for nomad.foundation

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

nomad.foundation

X.509 Certificate

The complete raw X.509 certificate details for nomad.foundation in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgISBclePE+fK4zpWv20iK1LweWQMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNzAxMjAwNjU3WhcNMjUwOTI5MjAwNjU2WjAbMRkwFwYDVQQD
ExBub21hZC5mb3VuZGF0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoWVhHQ10tqzECoILtKp5rtZhQsdpRDq6FUVVGZi+TcRjoFu8mNja6DTg4/p
sCAIvwxT0uOj7ob5m6/cB3fdRbZUqW03n6WqxywI0zdDxIuWhevj38TijjxgDf9G
jxO5JcYOuNduSvrQF9FkeI0mYJEu3yagswNzGlB2clqKAY5S/C/l2XgcFNTTPTX4
o9Y2M7HCLwdjHS+383CoRSTTmlBixDILiQ8/jwouQ27qd0zIU7YP2z9r+sWiFC+T
2+9HAOcjs29eVIDgMwZ++u2wbPgQMxhGsbOngLUQa0Jytz54Fl0fRZFA+Y1Kcsle
bz8leV0cqN4taWJU3qv5TVZfUwIDAQABo4ICHzCCAhswDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBQxq5nwabIzlkNSD+OPfm8LmH1AvzAfBgNVHSMEGDAWgBS7vMNHpeS8
qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6
Ly9yMTAuaS5sZW5jci5vcmcvMBsGA1UdEQQUMBKCEG5vbWFkLmZvdW5kYXRpb24w
EwYDVR0gBAwwCjAIBgZngQwBAgEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3Ix
MC5jLmxlbmNyLm9yZy8xNy5jcmwwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgCk
QsUGSWBhVI8P1Oqc+3otJkVNh6l/L99FWfYnTzqEVAAAAZfHzxrsAAAEAwBHMEUC
IQDGsdkmTzOLk+grizMhjZmXwadakYUbjdYnK8uPl99ADQIgA02yOMVIky31Uip6
Rzx6woVTX0PWFp5JDhxQfgWOa8QAdQDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2Xjbap
flTA/kwNsAAAAZfHzxsDAAAEAwBGMEQCIDUtMPUWDONZSEH0M+nWxx/HaYTmkIrv
yDizJTSPZVpjAiBzyUaGC5AERG/LLrDxH8pLIBBGEfYCPA1wTUb2b8q7/TANBgkq
hkiG9w0BAQsFAAOCAQEAik77SqO9NWjsN+7D8KgZpscdfKnEBQ31XH5KkS/4bHCy
faUuRpyPykzAM1YbKXihzkDxEJ2vX5QEvW5qnVzFSx1N2enFH480pja8VF3bF0t9
PPZ43aWZfCzs05NSqve9naeqmJJGAYCxyGqDbh9t2ro/zGHJtF2I1K72HM7CzeiR
t/y29fx9heLimFB1GYvq6YwEM6evKkjddsxWjxC7mqjxklbKcGIGHe0kV1uUbt+h
vO+7Y37KN/2rtaHiWk9S+XJCb/8IW8lyLFluUHfcHMjyKnN/NmhBKb8slsQ09MHU
L0gKtmbNmPg3FuLLztpgzsP5lbH/OuWCMjDc5yBCCg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoWVhHQ10tqzECoILtKp
5rtZhQsdpRDq6FUVVGZi+TcRjoFu8mNja6DTg4/psCAIvwxT0uOj7ob5m6/cB3fd
RbZUqW03n6WqxywI0zdDxIuWhevj38TijjxgDf9GjxO5JcYOuNduSvrQF9FkeI0m
YJEu3yagswNzGlB2clqKAY5S/C/l2XgcFNTTPTX4o9Y2M7HCLwdjHS+383CoRSTT
mlBixDILiQ8/jwouQ27qd0zIU7YP2z9r+sWiFC+T2+9HAOcjs29eVIDgMwZ++u2w
bPgQMxhGsbOngLUQa0Jytz54Fl0fRZFA+Y1Kcslebz8leV0cqN4taWJU3qv5TVZf
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 504083445994246273306245399217467270751632
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-01 20:06:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-29 20:06:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nomad.foundation'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25061057134597959874946888970827067242815565881160312322592831896231267517494964038504634907826114105598470805557490398853307392745282459616716875028268919988469162665151248299970249256875698303881216932955910589124940787231186252067393152451993610316001343291960562579873999702485862323954304848122828136113024653863606209644689904245288292111626542037923452740232138946891057195165048674214654777350940474666426208794197466782768406713728688948162873371624608279271719729966362318677013695794127656244952389771570685568856738445085430409741870423611645416463411415591020533851794758354048685879740540109069238034259
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							31ab99f069b2339643520fe38f7e6f0b987d40bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nomad.foundation'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/17.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a845400000197c7cf1aec0000040300473045022100c6b1d9264f338b93e82b8b33218d9997c1a75a91851b8dd6272bcb8f97df400d0220034db238c548932df5522a7a473c7ac285535f43d6169e490e1c507e058e6bc4007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000197c7cf1b0300000403004630440220352d30f5160ce3594841f433e9d6c71fc76984e6908aefc838b325348f655a63022073c946860b9004446fcb2eb0f11fca4b20104611f6023c0d704d46f66fcabbfd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008a4efb4aa3bd3568ec37eec3f0a819a6c71d7ca9c4050df55c7e4a912ff86c70b27da52e469c8fca4cc033561b2978a1ce40f1109daf5f9404bd6e6a9d5cc54b1d4dd9e9c51f8f34a636bc545ddb174b7d3cf678dda5997c2cecd39352aaf7bd9da7aa9892460180b1c86a836e1f6ddaba3fcc61c9b45d88d4aef61ccec2cde891b7fcb6f5fc7d85e2e2985075198beae98c0433a7af2a48dd76cc568f10bb9aa8f19256ca7062061ded24575b946edfa1bcefbb637eca37fdabb5a1e25a4f52f972426fff085bc9722c596e5077dc1cc8f22a737f36684129bf2c96c434f4c1d42f480ab666cd98f83716e2cbceda60cec3f995b1ff3ae5823230dce720420a