SSL-Tools

SSL check results of challenge202.ro

NEW You can also bulk check multiple servers.

Discover if the mail servers for challenge202.ro can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 09 Sep 2025 13:49:43 +0000

The mailservers of challenge202.ro can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @challenge202.ro addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.challenge202.ro
2a02:2f04:15d:3d00::9
Results incomplete
0 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mail.challenge202.ro
82.79.56.205
 0
supported
mail.challenge202.ro
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @challenge202.ro address so far. Test mail delivery

Certificates

First seen at:

CN=mail.challenge202.ro

Certificate chain
  • mail.challenge202.ro
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R12
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.challenge202.ro
Alternative Names
  • mail.challenge202.ro
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R12
validity period
Not valid before
2025-08-21
Not valid after
2025-11-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
8C:05:3E:E6:9F:EF:B7:A6:0E:A6:95:13:BE:01:00:B3:20:D6:12:2A:E9:78:15:E2:C7:D2:0D:62:F5:69:C9:78
SHA1
6C:14:20:9C:57:84:69:AC:E6:51:0B:30:BB:84:9E:86:DF:0D:C9:43
X509v3 extensions
subjectKeyIdentifier
  • 84:2D:04:58:A6:86:A5:7B:BE:1F:F1:6B:11:F5:1E:1A:49:59:C0:C5
authorityKeyIdentifier
  • keyid:00:B5:29:F2:2D:8E:6F:31:E8:9B:4C:AD:78:3E:FA:DC:E9:0C:D1:D2
authorityInfoAccess
  • CA Issuers - URI:http://r12.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r12.c.lencr.org/15.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Aug 21 12:22:33.368 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:12:7F:27:CE:9B:62:1D:28:BE:3E:EA:4D:
  • 13:B2:9F:08:8F:62:BD:B1:45:D2:DD:03:6E:A5:B2:90:
  • C3:EC:D6:F6:02:21:00:EF:DF:52:F5:A1:A5:64:06:C2:
  • 91:58:9B:CE:9B:C0:5E:5C:1C:DD:E2:9B:9B:95:85:2B:
  • 5A:1D:9C:05:BA:E4:F7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Aug 21 12:22:33.380 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:9D:B9:B2:77:B0:3E:D4:C3:A8:D7:98:
  • F7:64:B8:E7:BD:EE:66:D5:F2:1B:A9:86:24:CA:72:60:
  • DD:E3:2F:92:19:02:21:00:DA:0E:5B:AE:E1:14:69:33:
  • CA:32:B0:F9:29:CC:CC:57:56:2C:D9:6A:73:57:C3:2C:
  • A8:29:19:40:79:7C:0F:C4

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.challenge202.ro
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid