DV SSL/TLS Certificate for www.photo.kh.ua

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the www.photo.kh.ua DV SSL/TLS Certificate

This certificate with serial number 05:33:ad:9c:e4:4b:13:9c:34:56:03:e3:d6:22:87:ff:4e:25 for www.photo.kh.ua was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.photo.kh.ua provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:33:ad:9c:e4:4b:13:9c:34:56:03:e3:d6:22:87:ff:4e:25
Serial Number (int): 453146601443687387624788916691091660426789
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 0e:c5:8a:a5:60:93:0b:e0:3f:ae:ec:5b:66:8e:72:27:69:19:d4:69
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): bd:5f:9b:52:c0:a3:42:1b:1d:42:7d:9e:73:ff:b2:85:6d:fe:89:a6
Fingerprint (SHA-256): 4e:67:78:ba:09:72:41:b0:d5:d3:e9:1c:e9:47:2f:6d:a7:15:88:8c:37:9d:02:df:c6:23:b7:b4:ae:44:7a:fb

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/38.crl

Check the revocation status for certificate www.photo.kh.ua
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.photo.kh.ua

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for www.photo.kh.ua in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISBTOtnORLE5w0VgPj1iKH/04lMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTEzMTE0ODU3WhcNMjUwODExMTE0ODU2WjAaMRgwFgYDVQQD
Ew93d3cucGhvdG8ua2gudWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnSVHl/QMdO0PCq1+xfCwuc+C1YQA6k8UqZD0VaShdWVf2n3I5afAqaKSTNPVn
8+CXo/J6PVXohOGVc72G2XdgECucoE5vcrOlHndURl/XK/umTpceZZ4BZfl0qnJD
jpZDXkp1Yi5MKHOLRucy5eM7uyJhe9L7acSYLVSTUl90nhxpIzBBpIaXLxR4uj93
v56TIiNLp239oBtTQPNf6P4P0NNbspolNhaiZp267itcZoCVMYn80I9eHhc5C/6e
k+sqkWjhmBcVVnIYV4rZ8Gz1fD54QtKICiB/InYu9OTiAEAG2u+fIVhQZOF6XN2l
wmWApwTuykndWFgS1zyW1hZ7AgMBAAGjggIsMIICKDAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFA7FiqVgkwvgP67sW2aOcidpGdRpMB8GA1UdIwQYMBaAFMXPRqTq9MPA
emyVxC2wXpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMS5pLmxlbmNyLm9yZy8wJwYDVR0RBCAwHoILcGhvdG8ua2gudWGCD3d3dy5w
aG90by5raC51YTATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAf
hh1odHRwOi8vcjExLmMubGVuY3Iub3JnLzM4LmNybDCCAQQGCisGAQQB1nkCBAIE
gfUEgfIA8AB2AA3h8jAr0w3BQGISCepVLvxHdHyx1+kw7w5CHrR+Tqo0AAABlsmv
jbkAAAQDAEcwRQIgWjbGY761D04S+u+xgWZM6hk9SMcf+Xul3vznHn7fXxoCIQCf
FjS+IyubEwB9S7if/S4d19q767tdxaknevRJR9TwjwB2ABLxTjS9U3JMhAYZw48/
ehP457Vih4icbTAFhOvlhiY6AAABlsmvja8AAAQDAEcwRQIhALs4JTB/lD8A+cJy
3+i4+Ta4fbYEO7mhCtHy8x6U8KPZAiAh6No+w9fHUs2Gybi1/4lojPJcFR0qL5eE
oLQWf4buqDANBgkqhkiG9w0BAQsFAAOCAQEAs4roRjVfOutJ+sEGD6GgzDgYXuFa
WRCUpYFdoNVFFrNAtUElNq/6jy5mcbEKemaICvo6ol5m7P2ThJd1bsiBzK1cFjx5
q18FjgyxbpgjtSkgF67U0PdvXl+egqTYOErSurh65wpry9K4M9Pw4RbzjkkqEdA9
v7LU6DM/Q3VLFlbuINC/7PCaU5KiAcVO6gP2NaF1K1b204qTq+OhQ92WuEeZpkE9
e1RK/0cDBV8Y4D0avHn5IbkyE1C7KF1pPl6axDZaB612VylZUp6oPGNmWYxyOs7y
a24I39LDUsYNxrawqdytMFhdVIZapa2WmA/2WzZTN4+0gWREGtMQ1aEy0w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0lR5f0DHTtDwqtfsXws
LnPgtWEAOpPFKmQ9FWkoXVlX9p9yOWnwKmikkzT1Z/Pgl6Pyej1V6IThlXO9htl3
YBArnKBOb3KzpR53VEZf1yv7pk6XHmWeAWX5dKpyQ46WQ15KdWIuTChzi0bnMuXj
O7siYXvS+2nEmC1Uk1JfdJ4caSMwQaSGly8UeLo/d7+ekyIjS6dt/aAbU0DzX+j+
D9DTW7KaJTYWomaduu4rXGaAlTGJ/NCPXh4XOQv+npPrKpFo4ZgXFVZyGFeK2fBs
9Xw+eELSiAogfyJ2LvTk4gBABtrvnyFYUGThelzdpcJlgKcE7spJ3VhYEtc8ltYW
ewIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 453146601443687387624788916691091660426789
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-13 11:48:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-11 11:48:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.photo.kh.ua'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21117952327241027186403206999366073635468968678662527108752525280854775088224132550077901497693895798673684780019066772062113085025386645923115714370501473290972681447686944380961563956905054773922273305039429845884684207289131445078487727300985952835035788843300287396641932802920295141251265337080800284669881599840592344660395327715732526649281839311172738557318061931077909433882425306155246416981109868007338164941375424257238237197067085095566712278611522261085579443902876065971753245853234147909147889211734869181085517550507833099748295133226550855718590489182629138416629768618324074060986607145188509226619
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0ec58aa560930be03faeec5b668e72276919d469
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photo.kh.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.photo.kh.ua'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/38.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000196c9af8db9000004030047304502205a36c663beb50f4e12faefb181664cea193d48c71ff97ba5defce71e7edf5f1a0221009f1634be232b9b13007d4bb89ffd2e1dd7dabbebbb5dc5a9277af44947d4f08f00760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196c9af8daf0000040300473045022100bb3825307f943f00f9c272dfe8b8f936b87db6043bb9a10ad1f2f31e94f0a3d9022021e8da3ec3d7c752cd86c9b8b5ff89688cf25c151d2a2f9784a0b4167f86eea8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b38ae846355f3aeb49fac1060fa1a0cc38185ee15a591094a5815da0d54516b340b5412536affa8f2e6671b10a7a66880afa3aa25e66ecfd938497756ec881ccad5c163c79ab5f058e0cb16e9823b5292017aed4d0f76f5e5f9e82a4d8384ad2bab87ae70a6bcbd2b833d3f0e116f38e492a11d03dbfb2d4e8333f43754b1656ee20d0bfecf09a5392a201c54eea03f635a1752b56f6d38a93abe3a143dd96b84799a6413d7b544aff4703055f18e03d1abc79f921b9321350bb285d693e5e9ac4365a07ad76572959529ea83c6366598c723acef26b6e08dfd2c352c60dc6b6b0a9dcad30585d54865aa5ad96980ff65b3653378fb48164441ad310d5a132d3