DV SSL/TLS Certificate for potomacrunners.org

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the potomacrunners.org DV SSL/TLS Certificate

This certificate with serial number 05:49:79:b8:dc:68:2e:19:fa:77:ad:ce:6e:59:88:7d:2f:b5 for potomacrunners.org was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for potomacrunners.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:49:79:b8:dc:68:2e:19:fa:77:ad:ce:6e:59:88:7d:2f:b5
Serial Number (int): 460563838884525795716098418068942774677429
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 33:f1:55:8c:c6:5b:37:13:95:3c:aa:c2:49:8e:1c:d6:d5:20:0e:81
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 14:f6:7c:47:0a:4c:6e:0d:14:2d:56:e7:7c:67:87:90:ff:31:bd:b7
Fingerprint (SHA-256): ae:a8:64:88:57:b7:c0:4f:48:32:5b:26:01:d3:04:fb:17:8e:d8:9e:a1:a1:a1:bb:0d:ef:17:1a:2f:33:75:d7

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/54.crl

Check the revocation status for certificate potomacrunners.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for potomacrunners.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for potomacrunners.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISBUl5uNxoLhn6d63OblmIfS+1MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjAyMTMwMzQzWhcNMjUwODMxMTMwMzQyWjAdMRswGQYDVQQD
ExJwb3RvbWFjcnVubmVycy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCr08S1EeLS208bkXET76Xcf9go3lrE1qgjON8Edqx3seQZKwCWlDw7tGxT
S7OIx92IWIyA8PfXr7B/lLcQPnY3NnhemF4z3Vu63zhTMPOF2I8xnkXYdNBaFTue
m2a3d3JEPKDCEx+N5okYA1IJQAmkjGCek1mECS+9lvlgadz53re5ym2pnRNCZSsq
FekUlHPNi8IHuYD7DMvJ7Hf7ViUvXAO4NcKa5pgO6+emYwThT325OwoLHtuvE2ty
mQ2GDsMvM3kN/JgqGkgJTLyK4tbQpcfet/rG3rkZxmX0yc/lWqMnwhNWUsR8uAzt
v8c+wFj1geVMgX1F0bGoBE9jrVLJAgMBAAGjggI8MIICODAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFDPxVYzGWzcTlTyqwkmOHNbVIA6BMB8GA1UdIwQYMBaAFLu8w0el
5LypxsOkcgwQjaI14cjoMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0
cDovL3IxMC5pLmxlbmNyLm9yZy8wNQYDVR0RBC4wLIIScG90b21hY3J1bm5lcnMu
b3JnghZ3d3cucG90b21hY3J1bm5lcnMub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIB
MC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTAuYy5sZW5jci5vcmcvNTQuY3Js
MIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX
6TDvDkIetH5OqjQAAAGXMPMyiAAABAMASDBGAiEAiorzTGylcrDr6JiLpB584ARo
hMvTrz2lHz2qZXaVNiUCIQCMKWrEyf+uNsrcO8qlp6nT/4dxyEyqILZAhkHCyMu6
PwB3AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABlzDzOpYAAAQD
AEgwRgIhAIoXyISpzgblK4h5wXk7Ka0OEtzEBlV9PnbDGCaSqSotAiEA6pjzLcrC
2+kBUkDdmWvS1QxLsmgehjME0hqnP7+CmswwDQYJKoZIhvcNAQELBQADggEBAJhD
Zq0/YLMGup+qo29LhIZ6VeFqH7NVDF/DyuOjhFN+6EEfmUJC4P04Qw7KE1bZBhW3
CJQXs97mnfyvXAZ6XeApP+W6XEfvPBBZ9+MdndJhydjHRdBNIqPzn7Mgzble4RII
w7y9yr1Ny4E0/L097iNkRe+Bj5Ys6wxyatzpFqi46FvfuDIba81pCFowv4BWHMO7
00w6nnyqflJ97VTIxedCZ/YvEHxPQOKy/ddM0bHY6dL28MpsvNsDSxSGynCaCuj/
ECeiSiVEUyto0jx4o5scT/GNMmRFL3Ke8UH/u2PQCkpVnSxWWdJQ+9F1xygAltDC
0vON0iKSh4rDAkT83CA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9PEtRHi0ttPG5FxE++l
3H/YKN5axNaoIzjfBHasd7HkGSsAlpQ8O7RsU0uziMfdiFiMgPD316+wf5S3ED52
NzZ4XpheM91but84UzDzhdiPMZ5F2HTQWhU7nptmt3dyRDygwhMfjeaJGANSCUAJ
pIxgnpNZhAkvvZb5YGnc+d63ucptqZ0TQmUrKhXpFJRzzYvCB7mA+wzLyex3+1Yl
L1wDuDXCmuaYDuvnpmME4U99uTsKCx7brxNrcpkNhg7DLzN5DfyYKhpICUy8iuLW
0KXH3rf6xt65GcZl9MnP5VqjJ8ITVlLEfLgM7b/HPsBY9YHlTIF9RdGxqARPY61S
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 460563838884525795716098418068942774677429
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-02 13:03:43 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-31 13:03:42 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'potomacrunners.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21691177033316193168916183846067823703571353349940323478807462642494673061202553246761160226169459318333870167350124944067047063890987720678044403389305692934274930597001017172404598844852053976967148058295610485463681917541262998602922127283044830743312762709497518894269604019473232814130488589847095313780744547193733594123682483490807757120797285122122727702620026259393423481983940986941940396580236429406306095417638591674170176292684560506666183017333442370475251743277929814217453749502108028300806485957277384998929409511423904099509755707228683645511765221271854071697905245294203514399345510214885083796169
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							33f1558cc65b3713953caac2498e1cd6d5200e81
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'potomacrunners.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.potomacrunners.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/54.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f20077000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa340000019730f3328800000403004830460221008a8af34c6ca572b0ebe8988ba41e7ce0046884cbd3af3da51f3daa65769536250221008c296ac4c9ffae36cadc3bcaa5a7a9d3ff8771c84caa20b6408641c2c8cbba3f007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019730f33a9600000403004830460221008a17c884a9ce06e52b8879c1793b29ad0e12dcc406557d3e76c3182692a92a2d022100ea98f32dcac2dbe9015240dd996bd2d50c4bb2681e863304d21aa73fbf829acc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00984366ad3f60b306ba9faaa36f4b84867a55e16a1fb3550c5fc3cae3a384537ee8411f994242e0fd38430eca1356d90615b7089417b3dee69dfcaf5c067a5de0293fe5ba5c47ef3c1059f7e31d9dd261c9d8c745d04d22a3f39fb320cdb95ee11208c3bcbdcabd4dcb8134fcbd3dee236445ef818f962ceb0c726adce916a8b8e85bdfb8321b6bcd69085a30bf80561cc3bbd34c3a9e7caa7e527ded54c8c5e74267f62f107c4f40e2b2fdd74cd1b1d8e9d2f6f0ca6cbcdb034b1486ca709a0ae8ff1027a24a2544532b68d23c78a39b1c4ff18d3264452f729ef141ffbb63d00a4a559d2c5659d250fbd175c7280096d0c2d2f38dd22292878ac30244fcdc20