DV SSL/TLS Certificate for thegoodchoice.fr

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the thegoodchoice.fr DV SSL/TLS Certificate

This certificate with serial number 05:70:54:78:be:f1:22:f5:43:21:c4:eb:3a:dc:84:a5:03:5d for thegoodchoice.fr was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for thegoodchoice.fr provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:70:54:78:be:f1:22:f5:43:21:c4:eb:3a:dc:84:a5:03:5d
Serial Number (int): 473785336853977929107593100630619085669213
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 29:5b:31:2c:5b:0d:2d:21:b3:a6:df:3c:c1:e5:f5:1a:95:a8:bd:aa
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): d6:28:8b:d2:8c:38:03:eb:76:df:5b:62:2c:14:77:b8:f1:be:da:cd
Fingerprint (SHA-256): 84:c8:c7:22:e8:f9:f0:fc:c6:9b:ee:9b:cb:03:65:df:05:c7:db:3b:93:06:47:a3:12:e7:69:f0:d5:5e:7a:92

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

OCSP Server: http://r11.o.lencr.org
CRL Distribution Point: http://r11.c.lencr.org/94.crl

Check the revocation status for certificate thegoodchoice.fr
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for thegoodchoice.fr

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

thegoodchoice.fr

X.509 Certificate

The complete raw X.509 certificate details for thegoodchoice.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISBXBUeL7xIvVDIcTrOtyEpQNdMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTAyMDY0NTM4WhcNMjUwNzMxMDY0NTM3WjAbMRkwFwYDVQQD
ExB0aGVnb29kY2hvaWNlLmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAhJggNxD7iUX8mZH1R8XdTN32VxSwTBpVcohED0RP1MtmBz3fqau2qucUhnYC
9l4W3MAcz9xJabvN/FnPoPw6IxFlK02S8EBzVHo3tE/AleMsu0Vyct3Fv9u5Gk0V
eaVVysKLrEaV1LfGyC0r+L/2vZPRtCOSisnXj2g8M7h0M1p4Q4qwoly0O04r8FAF
ALheA0lxfucKp5afGVx5fFv4aQOXQFQFyy4gSrIcmBEKSluEKudwdeOqFCXPvcT0
4Y0h0vuCheh21ZxuB2ND/hsAbhJ44HCwu8pBbfxk6Krw8bXVY7aaMLd5xOwhkmyy
rAUB1quQdL/o3gGFbxl6HHMTqwIDAQABo4ICQzCCAj8wDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBQpWzEsWw0tIbOm3zzB5fUalai9qjAfBgNVHSMEGDAWgBTFz0ak6vTD
wHpslcQtsF6SLybjuTBXBggrBgEFBQcBAQRLMEkwIgYIKwYBBQUHMAGGFmh0dHA6
Ly9yMTEuby5sZW5jci5vcmcwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTEuaS5sZW5j
ci5vcmcvMBsGA1UdEQQUMBKCEHRoZWdvb2RjaG9pY2UuZnIwEwYDVR0gBAwwCjAI
BgZngQwBAgEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMS5jLmxlbmNyLm9y
Zy85NC5jcmwwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCkQsUGSWBhVI8P1Oqc
+3otJkVNh6l/L99FWfYnTzqEVAAAAZaP8+g6AAAEAwBGMEQCIER8qPWDEAUMwNUf
qTmgw9NoCYF70PhMzw3gy2hDtpRnAiArBl0StsANOwBUs4pXUacgsqPejOUmraNB
MUFY0VNr/gB2ABoE/0nQVB1Ar/agw7/x2MRnL07s7iNAaJhrF0Au3Il9AAABlo/z
6qAAAAQDAEcwRQIhAMFwnHVybxDFHV7wyEaK5nRlIKwQooOV7WViyIoAOtstAiA6
IyBGIeL5nzgGk6g5GEXFVBNqeqG8Vz7YyZ5n/zGV4zANBgkqhkiG9w0BAQsFAAOC
AQEASI2oIfDOAj8ae7cRwZmMWVMfRdqEt2cTps+YNE5m6KnttVHGZQZzR2qXzddh
PfrMnCA+V0DP1fTW3FaeeNo/YzjUHv/0/B7RRwxSIGmAcE0yz299A+O/+omtohMN
WPI2+qo06q3ByEykSyxgYO5tnn9j2cNrtdc1Af/jAXO1yjlxSulJBNUCtwK6590p
guH7e6zJsgE6cA0Kt2c7/jD0B4uf1B8AvLUmxPV8U4NPoZt/zBMOMGBgYltCk7rx
9D6pdDKiwz+RQ7WlyQGCRwNNL2tzc9Cdw1r9MQCF0+oUmu93gMMimdNxoSVlp6hg
FSrvszEh1abrBH0j/T/8lWH+/A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJggNxD7iUX8mZH1R8Xd
TN32VxSwTBpVcohED0RP1MtmBz3fqau2qucUhnYC9l4W3MAcz9xJabvN/FnPoPw6
IxFlK02S8EBzVHo3tE/AleMsu0Vyct3Fv9u5Gk0VeaVVysKLrEaV1LfGyC0r+L/2
vZPRtCOSisnXj2g8M7h0M1p4Q4qwoly0O04r8FAFALheA0lxfucKp5afGVx5fFv4
aQOXQFQFyy4gSrIcmBEKSluEKudwdeOqFCXPvcT04Y0h0vuCheh21ZxuB2ND/hsA
bhJ44HCwu8pBbfxk6Krw8bXVY7aaMLd5xOwhkmyyrAUB1quQdL/o3gGFbxl6HHMT
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 473785336853977929107593100630619085669213
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-02 06:45:38 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-31 06:45:37 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thegoodchoice.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16738472303231248983706908490960259289835629311583232683239429448401366085367910173998610536109044283144671065961631572110214624422995682515955999661308728681823968533645458622767094904925160251131284269810713094342228519576392531281636162017964105019157278727643763252268860189144089626118549359091804082406536248853537921326359128926795708304117678344510765014134875938858979878829509653521631687151118445609568072421309373392680991730716868386539774618662819419939411302215325791430990444932286564198656613104290414998039451958370675400683531110924849152790616004122916133864567951672963399504885826599516588151723
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							295b312c5b0d2d21b3a6df3cc1e5f51a95a8bdaa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thegoodchoice.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/94.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a8454000001968ff3e83a00000403004630440220447ca8f58310050cc0d51fa939a0c3d36809817bd0f84ccf0de0cb6843b6946702202b065d12b6c00d3b0054b38a5751a720b2a3de8ce526ada341314158d1536bfe0076001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d000001968ff3eaa00000040300473045022100c1709c75726f10c51d5ef0c8468ae6746520ac10a28395ed6562c88a003adb2d02203a23204621e2f99f380693a8391845c554136a7aa1bc573ed8c99e67ff3195e3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00488da821f0ce023f1a7bb711c1998c59531f45da84b76713a6cf98344e66e8a9edb551c6650673476a97cdd7613dfacc9c203e5740cfd5f4d6dc569e78da3f6338d41efff4fc1ed1470c52206980704d32cf6f7d03e3bffa89ada2130d58f236faaa34eaadc1c84ca44b2c6060ee6d9e7f63d9c36bb5d73501ffe30173b5ca39714ae94904d502b702bae7dd2982e1fb7bacc9b2013a700d0ab7673bfe30f4078b9fd41f00bcb526c4f57c53834fa19b7fcc130e306060625b4293baf1f43ea97432a2c33f9143b5a5c9018247034d2f6b7373d09dc35afd310085d3ea149aef7780c32299d371a12565a7a860152aefb33121d5a6eb047d23fd3ffc9561fefc