DV SSL/TLS Certificate for mpai.nl

Certificate is witin its validity period

Issued by Let's Encrypt (E5)

About the mpai.nl DV SSL/TLS Certificate

This certificate with serial number 06:77:bd:40:05:5d:c7:45:bd:37:87:18:e5:dc:89:d4:be:12 for mpai.nl was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for mpai.nl provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:77:bd:40:05:5d:c7:45:bd:37:87:18:e5:dc:89:d4:be:12
Serial Number (int): 563418873761197391319304528349506475179538
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 71:f3:4f:9c:89:c4:f5:43:13:bd:bf:66:72:ad:e9:41:3b:f1:4c:d0
Authority Key Identifier: 9f:2b:5f:cf:3c:21:4f:9d:04:b7:ed:2b:2c:c4:c6:70:8b:d2:d7:0d

Fingerprint (SHA-1): ee:f4:52:1a:94:e3:5a:00:63:86:c5:75:b9:08:c9:e9:90:78:42:6b
Fingerprint (SHA-256): 90:54:38:c2:6f:22:cc:97:ff:f6:f6:e8:13:c2:0b:94:cf:1e:76:88:ce:28:32:2f:f9:b6:3b:79:83:af:6d:18

Issuing Certificate URL: http://e5.i.lencr.org/

Revocation Information

CRL Distribution Point: http://e5.c.lencr.org/19.crl

Check the revocation status for certificate mpai.nl
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for mpai.nl

Public Key Algorithm
ECDSA
Key Size
384
Signature Algorithm
ECDSA with SHA384
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for mpai.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIDpDCCAymgAwIBAgISBne9QAVdx0W9N4cY5dyJ1L4SMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNTA2MTYxOTAzMjZaFw0yNTA5MTQxOTAzMjVaMBIxEDAOBgNVBAMTB21w
YWkubmwwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT84XxfNHsCFpzv77UQnfUWt2im
ZqzBn+M7PBeGqCXJssuqjD1s5jBBVAWcOORoqbPuIr22Qi8DzCXytdgEQyUFoB51
WpuNVxAQUKxIj9V71LBm1KkCR2E15v4lQ6IN9BijggIgMIICHDAOBgNVHQ8BAf8E
BAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwHQYDVR0OBBYEFHHzT5yJxPVDE72/ZnKt6UE78UzQMB8GA1UdIwQYMBaAFJ8r
X888IU+dBLftKyzExnCL0tcNMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYW
aHR0cDovL2U1LmkubGVuY3Iub3JnLzAdBgNVHREEFjAUggkqLm1wYWkubmyCB21w
YWkubmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwLQYDVR0fBCYwJDAioCCgHoYcaHR0
cDovL2U1LmMubGVuY3Iub3JnLzE5LmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB3ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABl3pVjUcAAAQD
AEgwRgIhAPinnOXp+XYv8qopntIW+F/ZNjjdpkgtx4gfNrLV0CiyAiEA9l8dcfei
PglK8fa3LWpuZuy4UlrdPPJIXeBrpdj57pQAdQAaBP9J0FQdQK/2oMO/8djEZy9O
7O4jQGiYaxdALtyJfQAAAZd6VY7NAAAEAwBGMEQCIAKKpMvx/0h+qzMaNsZsZc6p
DXM7rZU1vjGbFh6yl4KqAiBR5981gh227avHMQ3EH3Y8CIhQRsZpSunUuw17dhUG
7TAKBggqhkjOPQQDAwNpADBmAjEAuyaAKvBLCoKWhYMsn13473HVZZcQ4+MKdf7P
yGl1Rx+4hCorjppKizvzCwy77VkxAjEAwte13Wmt/IgRw31YO9bkRftZPbAmm5AF
s6yyMPSohGxwPdGR2cabgeE0roth0zQD
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/OF8XzR7Ahac7++1EJ31FrdopmaswZ/j
OzwXhqglybLLqow9bOYwQVQFnDjkaKmz7iK9tkIvA8wl8rXYBEMlBaAedVqbjVcQ
EFCsSI/Ve9SwZtSpAkdhNeb+JUOiDfQY
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 563418873761197391319304528349506475179538
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'E5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-16 19:03:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-14 19:03:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mpai.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.132.0.34
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (776 bits)
				0004fce17c5f347b02169cefefb5109df516b768a666acc19fe33b3c1786a825c9b2cbaa8c3d6ce6304154059c38e468a9b3ee22bdb6422f03cc25f2b5d804432505a01e755a9b8d57101050ac488fd57bd4b066d4a902476135e6fe2543a20df418
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							71f34f9c89c4f54313bdbf6672ade9413bf14cd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9f2b5fcf3c214f9d04b7ed2b2cc4c6708bd2d70d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://e5.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mpai.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mpai.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://e5.c.lencr.org/19.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000770012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a000001977a558d470000040300483046022100f8a79ce5e9f9762ff2aa299ed216f85fd93638dda6482dc7881f36b2d5d028b2022100f65f1d71f7a23e094af1f6b72d6a6e66ecb8525add3cf2485de06ba5d8f9ee940075001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d000001977a558ecd00000403004630440220028aa4cbf1ff487eab331a36c66c65cea90d733bad9535be319b161eb29782aa022051e7df35821db6edabc7310dc41f763c08885046c6694ae9d4bb0d7b761506ed
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3
 . . . . [c:0|t:3|false] BIT STRING (832 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28805081843387240484223307414398758670464851662331561175779772441594521245300049549136198195271537203025555917461809
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29989023721908448152277332544223764443128846650696400964048148174417332584482117856288258926638747269296764182803459