SSL/TLS certificates are digital certificates used to secure communication between web browsers and servers on the World Wide Web. They enable encrypted connections, protecting sensitive data during transmission. These certificates verify the authenticity of websites and establish trust, contributing to web security and search engine rankings.

Everything is ok

justice.gov.md
Issuer: CN=YR1, O=Let's Encrypt, C=US
Not Before: 2026-06-13T04:52:53Z

Not After: 2026-09-11T04:52:52Z

Signature Algorithm: sha256, rsa

Show details

Fingerprint 19:2C:0D:CC:47:35:77:F6:61:7F:40:33:62:22:5B:09:0B:E9:C5:46

Issuer CN=YR1, O=Let's Encrypt, C=US

Not After 2026-09-11T04:52:52Z

Not Before 2026-06-13T04:52:53Z

Serial number 5CF8A8E790BB5E9F3964385C8322C258902

Signature Algorithm sha256, rsa

Subject CN=justice.gov.md

Extensions:

authorityInfoAccess CA Issuers - URI:http://yr1.i.lencr.org/

authorityKeyIdentifier keyid:1F:2F:35:BE:46:14:82:CD:40:B1:AE:79:2C:55:78:FA:F7:D4:68:FB

basicConstraints CA:FALSE

certificatePolicies Policy: 2.23.140.1.2.1

crlDistributionPoints Full Name: URI:http://yr1.c.lencr.org/3.crl

ctlSignedCertificateTimestamp BIH6APgAdQCUTkOH-uzB74HzGSQmqBhlAcfTXzgCAT9yZ31VNy4Z2AAAAZ6_iPOJAAAEAwBGMEQCIEr7jWZKC5UOZYSSwLUldsbVF0r5FgBxjR4QfPAuqgn_AiAezR4dkTHMMtTMitxwkemedCsIApsjq4Q3ot3QJSW3mAB_AEavhj07PuWfpXfeqCRdNrDZ7SKiI_Rhd0EilFLulVBfAAABnr-I9EMACAAABQAJla0xBAMASDBGAiEAsxyVtJ__Moxnt4dl1OlfVf9AI6W3xGZD1vEtppOigskCIQDVNF5PCTNKEKqdHJEohLX_mS__mtspsvdnnCWnMfLAOg==

extendedKeyUsage TLS Web server authentication

keyUsage Digital Signature, Key Encipherment

subjectAltName DNS:www.justice.gov.md, DNS:justice.gov.md

subjectKeyIdentifier AF:82:75:E6:58:86:76:D0:AE:BC:CA:B4:2C:9E:54:ED:87:11:6E:29

Certificate Chain

Root YR
Issuer: CN=Root YR, O=ISRG, C=US
Not Before: 2025-09-03T00:00:00Z

Not After: 2028-09-02T23:59:59Z

Signature Algorithm: sha256, rsa

Show details

Fingerprint CB:CF:D0:9C:E3:CD:22:D9:9D:94:E5:8F:92:E9:89:8F:BE:E5:1A:5E

Issuer CN=Root YR, O=ISRG, C=US

Not After 2028-09-02T23:59:59Z

Not Before 2025-09-03T00:00:00Z

Serial number A20253F15F2691C05DC1CE13B9BCCA4E

Signature Algorithm sha256, rsa

Subject CN=YR1, O=Let's Encrypt, C=US

Extensions:

authorityInfoAccess CA Issuers - URI:http://yr.i.lencr.org/

authorityKeyIdentifier keyid:DE:E7:5B:60:D0:22:6D:40:28:7D:3F:0D:01:FE:A4:B5:52:B4:51:94

basicConstraints CA:TRUE

certificatePolicies Policy: 2.23.140.1.2.1

crlDistributionPoints Full Name: URI:http://yr.c.lencr.org/

extendedKeyUsage TLS Web server authentication

keyUsage Digital Signature, Key Cert Sign, C R L Sign

subjectKeyIdentifier 1F:2F:35:BE:46:14:82:CD:40:B1:AE:79:2C:55:78:FA:F7:D4:68:FB

ISRG Root X1
Issuer: CN=ISRG Root X1, O=Internet Security Research Group, C=US
Not Before: 2026-05-13T00:00:00Z

Not After: 2032-09-02T23:59:59Z

Signature Algorithm: sha256, rsa

Show details

Fingerprint AB:9D:02:63:24:4D:D0:32:6E:B6:70:15:70:5A:66:7E:79:CF:E9:98

Issuer CN=ISRG Root X1, O=Internet Security Research Group, C=US

Not After 2032-09-02T23:59:59Z

Not Before 2026-05-13T00:00:00Z

Serial number F24B6D17F9D9AD7CB1C9FEA78782699F

Signature Algorithm sha256, rsa

Subject CN=Root YR, O=ISRG, C=US

Extensions:

authorityInfoAccess CA Issuers - URI:http://x1.i.lencr.org/

authorityKeyIdentifier keyid:79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E

basicConstraints CA:TRUE

certificatePolicies Policy: 2.23.140.1.2.1

crlDistributionPoints Full Name: URI:http://x1.c.lencr.org/

extendedKeyUsage TLS Web server authentication

keyUsage Key Cert Sign, C R L Sign

subjectKeyIdentifier DE:E7:5B:60:D0:22:6D:40:28:7D:3F:0D:01:FE:A4:B5:52:B4:51:94

Fingerprint	19:2C:0D:CC:47:35:77:F6:61:7F:40:33:62:22:5B:09:0B:E9:C5:46
Issuer	CN=YR1, O=Let's Encrypt, C=US
Not After	2026-09-11T04:52:52Z
Not Before	2026-06-13T04:52:53Z
Serial number	5CF8A8E790BB5E9F3964385C8322C258902
Signature Algorithm	sha256, rsa
Subject	CN=justice.gov.md

Extensions:
authorityInfoAccess	CA Issuers - URI:http://yr1.i.lencr.org/
authorityKeyIdentifier	keyid:1F:2F:35:BE:46:14:82:CD:40:B1:AE:79:2C:55:78:FA:F7:D4:68:FB
basicConstraints	CA:FALSE
certificatePolicies	Policy: 2.23.140.1.2.1
crlDistributionPoints	Full Name: URI:http://yr1.c.lencr.org/3.crl
ctlSignedCertificateTimestamp	BIH6APgAdQCUTkOH-uzB74HzGSQmqBhlAcfTXzgCAT9yZ31VNy4Z2AAAAZ6_iPOJAAAEAwBGMEQCIEr7jWZKC5UOZYSSwLUldsbVF0r5FgBxjR4QfPAuqgn_AiAezR4dkTHMMtTMitxwkemedCsIApsjq4Q3ot3QJSW3mAB_AEavhj07PuWfpXfeqCRdNrDZ7SKiI_Rhd0EilFLulVBfAAABnr-I9EMACAAABQAJla0xBAMASDBGAiEAsxyVtJ__Moxnt4dl1OlfVf9AI6W3xGZD1vEtppOigskCIQDVNF5PCTNKEKqdHJEohLX_mS__mtspsvdnnCWnMfLAOg==
extendedKeyUsage	TLS Web server authentication
keyUsage	Digital Signature, Key Encipherment
subjectAltName	DNS:www.justice.gov.md, DNS:justice.gov.md
subjectKeyIdentifier	AF:82:75:E6:58:86:76:D0:AE:BC:CA:B4:2C:9E:54:ED:87:11:6E:29

Fingerprint	CB:CF:D0:9C:E3:CD:22:D9:9D:94:E5:8F:92:E9:89:8F:BE:E5:1A:5E
Issuer	CN=Root YR, O=ISRG, C=US
Not After	2028-09-02T23:59:59Z
Not Before	2025-09-03T00:00:00Z
Serial number	A20253F15F2691C05DC1CE13B9BCCA4E
Signature Algorithm	sha256, rsa
Subject	CN=YR1, O=Let's Encrypt, C=US

Extensions:
authorityInfoAccess	CA Issuers - URI:http://yr.i.lencr.org/
authorityKeyIdentifier	keyid:DE:E7:5B:60:D0:22:6D:40:28:7D:3F:0D:01:FE:A4:B5:52:B4:51:94
basicConstraints	CA:TRUE
certificatePolicies	Policy: 2.23.140.1.2.1
crlDistributionPoints	Full Name: URI:http://yr.c.lencr.org/
extendedKeyUsage	TLS Web server authentication
keyUsage	Digital Signature, Key Cert Sign, C R L Sign
subjectKeyIdentifier	1F:2F:35:BE:46:14:82:CD:40:B1:AE:79:2C:55:78:FA:F7:D4:68:FB

Fingerprint	AB:9D:02:63:24:4D:D0:32:6E:B6:70:15:70:5A:66:7E:79:CF:E9:98
Issuer	CN=ISRG Root X1, O=Internet Security Research Group, C=US
Not After	2032-09-02T23:59:59Z
Not Before	2026-05-13T00:00:00Z
Serial number	F24B6D17F9D9AD7CB1C9FEA78782699F
Signature Algorithm	sha256, rsa
Subject	CN=Root YR, O=ISRG, C=US

Extensions:
authorityInfoAccess	CA Issuers - URI:http://x1.i.lencr.org/
authorityKeyIdentifier	keyid:79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E
basicConstraints	CA:TRUE
certificatePolicies	Policy: 2.23.140.1.2.1
crlDistributionPoints	Full Name: URI:http://x1.c.lencr.org/
extendedKeyUsage	TLS Web server authentication
keyUsage	Key Cert Sign, C R L Sign
subjectKeyIdentifier	DE:E7:5B:60:D0:22:6D:40:28:7D:3F:0D:01:FE:A4:B5:52:B4:51:94

Valid Certificate and Certificate Chain

This certificate is valid and has a valid certificate chain, meanubg the certificate has been issued by a trusted Certificate Authority (CA) and is considered reliable. SSL certificates are used to secure websites, and their validity is crucial for data encryption and user trust. The certificate chain consists of the server's certificate, intermediate certificates, and a root CA certificate. Browsers validate this chain to ensure that the website's identity has been verified and that data transmission is secure. In essence, a valid SSL certificate with a valid certificate chain ensures encrypted and trustworthy communication between users and the website.

Domain Name System

Protocols

Secure Transport

Modern Security Features

Application Security

Domain Name System

Protocols

Secure Transport

Modern Security Features

Application Security