DV SSL/TLS Certificate for lievegoed.org

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the lievegoed.org DV SSL/TLS Certificate

This certificate with serial number 06:05:20:6f:53:7b:99:32:fc:cd:12:cc:cc:1d:af:e8:31:ef for lievegoed.org was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for lievegoed.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:05:20:6f:53:7b:99:32:fc:cd:12:cc:cc:1d:af:e8:31:ef
Serial Number (int): 524418240759215060809816054902254578708975
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 33:25:9b:2f:ce:5e:1d:88:eb:d0:c8:dc:40:bd:00:e4:a4:a1:59:c1
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 88:50:c8:24:64:70:7d:00:a4:85:37:bd:1a:36:7b:9d:19:08:07:02
Fingerprint (SHA-256): 8b:c3:22:d4:a9:e3:1e:99:4e:18:4a:f9:c6:9e:ea:d1:71:4f:a0:80:12:63:54:f0:10:09:70:9a:e4:ba:4f:20

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/112.crl

Check the revocation status for certificate lievegoed.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for lievegoed.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for lievegoed.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISBgUgb1N7mTL8zRLMzB2v6DHvMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjIxMjEyNzU1WhcNMjUwOTE5MjEyNzU0WjAYMRYwFAYDVQQD
Ew1saWV2ZWdvZWQub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
z7LEV36yJsxASyQ/Z/qMFdC/Va9Ef6WE+QxmEWqtRunSGJEeZ4nf7K8PHaOCg61s
sxARSu+5yHZYHWrafWmP0reXK4tpOjNtUx+YKum0RTDa20UCYWbs6j5Z56Nzs9av
mEYgRcyNnPJZgtbbmbknCW5t2dzsx6KlAvVXrDThwTFf4gjOYw9TwPNc2wKtJ0Tv
bWoH6ByNug7ssvLLvWlZouZJ2mnIa/65m5tvjfkfJHXdf8iEmbYa5vqBcECQ8VPQ
NHP7tmZhggkLm4aKk5yOIvth8TZgqRBBWZhZCL5STmvCXDnoANjx2pwF3qAVgNBy
Pr3rZaWMVbGRLXcaRrDfowIDAQABo4ICMjCCAi4wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBQzJZsvzl4diOvQyNxAvQDkpKFZwTAfBgNVHSMEGDAWgBTFz0ak6vTDwHps
lcQtsF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9y
MTEuaS5sZW5jci5vcmcvMCsGA1UdEQQkMCKCDWxpZXZlZ29lZC5vcmeCEXd3dy5s
aWV2ZWdvZWQub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAi
oCCGHmh0dHA6Ly9yMTEuYy5sZW5jci5vcmcvMTEyLmNybDCCAQUGCisGAQQB1nkC
BAIEgfYEgfMA8QB3AA3h8jAr0w3BQGISCepVLvxHdHyx1+kw7w5CHrR+Tqo0AAAB
l5SZnzQAAAQDAEgwRgIhAP7zHvEJi16CuE1aSRKnBVThDMWhMb1IceBs0tj7XnFW
AiEA1EOsxV6LSx0wsPr7vyGlkxZ5Omm9E0XrmTjkXsagW8sAdgCkQsUGSWBhVI8P
1Oqc+3otJkVNh6l/L99FWfYnTzqEVAAAAZeUmZ88AAAEAwBHMEUCIQCaByNpVb9F
+puZc4yj5yUZ7G20Lfm6kJBeMyKCrSHgHQIgW6KQcrmbZrvnQjslod2rhR4/I/gT
rzNKsr2b5OXSzeswDQYJKoZIhvcNAQELBQADggEBAEKkSBLM4idsXon8hzowH+zC
o3U5Jx0Zvn0qwGZLna8EQ+Cxv7XFu6mF1Dzd8EqIa3ILxXIcDQBn6FbNwp8P3Adn
yAi0yaSckuaDI9H+vAgR4Hylidb6egxTmeApH9X/1lwUEnHq8hy2x15DGvgPYrv2
xmL+df9l4028zZNEref007oiJ3uXBF+OQ7C2+H8oY77OyOSrEQLRgVX0QdhlpLie
ZU51hw/ylF5r+yumr7pMzeU8d6GWXmZhmawwN2eioR6e4xDRNP915IQsv430oeDs
8lSnX1uDauhvB3fbYczTmbqwZfl95R4EEaFy3rRDPf07qlGiMQnzxtYX8Edtg3s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7LEV36yJsxASyQ/Z/qM
FdC/Va9Ef6WE+QxmEWqtRunSGJEeZ4nf7K8PHaOCg61ssxARSu+5yHZYHWrafWmP
0reXK4tpOjNtUx+YKum0RTDa20UCYWbs6j5Z56Nzs9avmEYgRcyNnPJZgtbbmbkn
CW5t2dzsx6KlAvVXrDThwTFf4gjOYw9TwPNc2wKtJ0TvbWoH6ByNug7ssvLLvWlZ
ouZJ2mnIa/65m5tvjfkfJHXdf8iEmbYa5vqBcECQ8VPQNHP7tmZhggkLm4aKk5yO
Ivth8TZgqRBBWZhZCL5STmvCXDnoANjx2pwF3qAVgNByPr3rZaWMVbGRLXcaRrDf
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 524418240759215060809816054902254578708975
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-21 21:27:55 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-19 21:27:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lievegoed.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26219482401500331767007976258659503018044034268586195955373011489092068624041593797873125441984148723215786917349035287028392730233897722768396797091631982033193102100523446656963731219428232731087431444010936978677702490352470704798284992883640866304117182885315143069231365442261601745381540918042383983345156809119411788899925536858625255933849527193190349846029055993752645184225018865169127927934710216813208528996581437277875079918322350083915482497031189583028344031801049798135499772218362481724923044065767162233277105008415611387421255429068593593331436245367424224175666837811107209549844072268802592661411
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							33259b2fce5e1d88ebd0c8dc40bd00e4a4a159c1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lievegoed.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lievegoed.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/112.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa340000019794999f340000040300483046022100fef31ef1098b5e82b84d5a4912a70554e10cc5a131bd4871e06cd2d8fb5e7156022100d443acc55e8b4b1d30b0fafbbf21a59316793a69bd1345eb9938e45ec6a05bcb007600a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a84540000019794999f3c00000403004730450221009a07236955bf45fa9b99738ca3e72519ec6db42df9ba90905e332282ad21e01d02205ba29072b99b66bbe7423b25a1ddab851e3f23f813af334ab2bd9be4e5d2cdeb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0042a44812cce2276c5e89fc873a301fecc2a37539271d19be7d2ac0664b9daf0443e0b1bfb5c5bba985d43cddf04a886b720bc5721c0d0067e856cdc29f0fdc0767c808b4c9a49c92e68323d1febc0811e07ca589d6fa7a0c5399e0291fd5ffd65c141271eaf21cb6c75e431af80f62bbf6c662fe75ff65e34dbccd9344ade7f4d3ba22277b97045f8e43b0b6f87f2863becec8e4ab1102d18155f441d865a4b89e654e75870ff2945e6bfb2ba6afba4ccde53c77a1965e666199ac303767a2a11e9ee310d134ff75e4842cbf8df4a1e0ecf254a75f5b836ae86f0777db61ccd399bab065f97de51e0411a172deb4433dfd3baa51a23109f3c6d617f0476d837b