SSL-Tools

SSL check results of sliwa.io

NEW You can also bulk check multiple servers.

Discover if the mail servers for sliwa.io can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 03 Aug 2025 08:20:14 +0000

The mailservers of sliwa.io can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @sliwa.io addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
rome.sliwa.io
2a01:4f8:1c1c:d1a::1
 10
supported
*.sliwa.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
rome.sliwa.io
188.245.39.12
 10
supported
*.sliwa.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @sliwa.io address so far. Test mail delivery

Certificates

First seen at:

CN=*.sliwa.io

Certificate chain
  • *.sliwa.io
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.sliwa.io
Alternative Names
  • *.sliwa.io
  • sliwa.io
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-06-16
Not valid after
2025-09-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
01:AE:DB:2C:CA:68:90:CE:37:7E:BB:C2:5B:E0:29:61:59:60:72:B0:6A:D6:11:F7:63:D5:2B:8B:8F:3F:5A:F3
SHA1
F7:69:41:73:DC:A7:74:1A:5A:0C:8A:68:EE:9F:F4:5C:08:4F:34:64
X509v3 extensions
subjectKeyIdentifier
  • 29:49:2C:3F:06:09:6D:23:63:4A:28:22:B2:23:82:41:7A:5D:BF:13
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/106.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
  • 26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
  • Timestamp : Jun 16 04:59:23.661 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CE:95:2A:1A:8D:2F:2C:A3:E9:D4:39:
  • 51:5B:1E:EB:6B:01:ED:FB:29:73:14:16:55:96:00:31:
  • 7F:36:7E:0C:0E:02:20:6A:DC:52:C4:DB:21:57:DC:B7:
  • 3F:2B:E9:ED:EA:D7:65:16:1B:6E:B8:5B:8E:64:48:F7:
  • EB:53:78:6B:5F:79:49
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jun 16 04:59:23.724 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E7:01:A9:17:FC:3A:C6:7A:F5:2C:09:
  • 73:85:98:C7:FE:0A:82:8B:7F:CE:1C:62:5A:F7:A6:3C:
  • E1:C4:45:D4:25:02:21:00:AB:E4:62:0C:62:7E:37:4F:
  • 9C:2B:06:88:62:94:8C:C1:20:61:7B:B2:DC:E3:97:2C:
  • 14:D6:35:0B:62:F5:26:C8

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.rome.sliwa.io
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid