Link YE/YR test sites from website

content/cs/certificates.md

@@ -24,7 +24,7 @@ Upozorňujeme, že kořenové CA nemají datum platnosti ve stejném smyslu jako
   * Podrobnosti certifikátu (podepsaný sám sebou): [crt.sh](https://crt.sh/?id=9314791), [der](/certs/isrgrootx1.der), [pem](/certs/isrgrootx1.pem), [txt](/certs/isrgrootx1.txt)
   * Podrobnosti certifikátu (křížově podepsaný DST Root CA X3): [crt.sh](https://crt.sh/?id=3958242236), [der](/certs/isrg-root-x1-cross-signed.der), [pem](/certs/isrg-root-x1-cross-signed.pem), [txt](/certs/isrg-root-x1-cross-signed.txt) (ukončeno)
   * CRL hostname: `x1.c.lencr.org`
-  * Testovací webstránky: [platný](https://valid-isrgrootx1.letsencrypt.org/), [odvolaný](https://revoked-isrgrootx1.letsencrypt.org/), [expirovaný](https://expired-isrgrootx1.letsencrypt.org/)
+  * Testovací webstránky: [platný](https://valid.x1.test-certs.letsencrypt.org/), [odvolaný](https://revoked.x1.test-certs.letsencrypt.org/), [expirovaný](https://expired.x1.test-certs.letsencrypt.org/)
 * **ISRG Root X2**
   * Předmět: `O = Internet Security Research Group, CN = ISRG Root X2`
   * Typ klíče: `ECDSA P-384`
@@ -34,7 +34,7 @@ Upozorňujeme, že kořenové CA nemají datum platnosti ve stejném smyslu jako
   * Podrobnosti certifikátu (křížově podepsaný ISRG Root X1): [crt.sh](https://crt.sh/?id=3334561878), [der](/certs/isrg-root-x2-cross-signed.der), [pem](/certs/isrg-root-x2-cross-signed.pem), [txt](/certs/isrg-root-x2-cross-signed.txt)
   * Podrobnosti certifikátu (křížově podepsaný ISRG Root X1): [crt.sh](https://crt.sh/?id=20878422868), [der](/certs/gen-y/root-x2-by-x1.der), [pem](/certs/gen-y/root-x2-by-x1.pem), [txt](/certs/gen-y/root-x2-by-x1.txt)
   * CRL hostname: `x2.c.lencr.org`
-  * Testovací webstránky: [platný](https://valid-isrgrootx2.letsencrypt.org/), [odvolaný](https://revoked-isrgrootx2.letsencrypt.org/), [expirovaný](https://expired-isrgrootx2.letsencrypt.org/)
+  * Testovací webstránky: [platný](https://valid.x2.test-certs.letsencrypt.org/), [odvolaný](https://revoked.x2.test-certs.letsencrypt.org/), [expirovaný](https://expired.x2.test-certs.letsencrypt.org/)
 
 Tyto kořeny zatím nejsou zahrnuty v úložištích důvěryhodných kořenových programů (Trust Stores), ale brzy budou předloženy k zařazení:
 

content/da/certificates.md

@@ -24,7 +24,7 @@ Bemærk, at Root CAs ikke har udløbsdatoer på helt samme måde som andre certi
   * Certifikatoplysninger (selvsigneret): [crt.sh](https://crt.sh/?id=9314791), [der](/certs/isrgrootx1.der), [pem](/certs/isrgrootx1.pem), [txt](/certs/isrgrootx1.txt)
   * Certifikatdetaljer (krydssigneret af DST Root CA X3): [crt.sh](https://crt.sh/?id=3958242236), [der](/certs/isrg-root-x1-cross-signed.der), [pem](/certs/isrg-root-x1-cross-signed.pem), [txt](/certs/isrg-root-x1-cross-signed.txt) (pensioneret)
   * CRL værtsnavn: `x1.c.lencr.org`
-  * Test websteder: [gyldigt](https://valid-isrgrootx1.letsencrypt.org/), [tilbagekaldt](https://revoked-isrgrootx1.letsencrypt.org/), [udløbet](https://expired-isrgrootx1.letsencrypt.org/)
+  * Test websteder: [gyldigt](https://valid.x1.test-certs.letsencrypt.org/), [tilbagekaldt](https://revoked.x1.test-certs.letsencrypt.org/), [udløbet](https://expired.x1.test-certs.letsencrypt.org/)
 * **ISRG Root X2**
   * Emne: `O = Research Group, Internet Security Group, CN = ISRG Root X2`
   * Nøgletype: `ECDSA P-384`
@@ -34,7 +34,7 @@ Bemærk, at Root CAs ikke har udløbsdatoer på helt samme måde som andre certi
   * Certifikatoplysninger (krydsunderskrevet af ISRG Root X1): [crt.sh](https://crt.sh/?id=3334561878), [der](/certs/isrg-root-x2-cross-signed.der), [pem](/certs/isrg-root-x2-cross-signed.pem), [txt](/certs/isrg-root-x2-cross-signed.txt)
   * Certifikat detaljer (andet kryds underskrevne af ISRG Root X1): [crt.sh](https://crt.sh/?id=20878422868), [der](/certs/gen-y/root-x2-by-x1.der),[pem](/certs/gen-y/root-x2-by-x1.pem),[txt](/certs/gen-y/root-x2-by-x1.txt)
   * CRL værtsnavn: `x2.c.lencr.org`
-  * Test websteder: [gyldigt](https://valid-isrgrootx2.letsencrypt.org/), [tilbagekaldt](https://revoked-isrgrootx2.letsencrypt.org/), [udløbet](https://expired-isrgrootx2.letsencrypt.org/)
+  * Test websteder: [gyldigt](https://valid.x2.test-certs.letsencrypt.org/), [tilbagekaldt](https://revoked.x2.test-certs.letsencrypt.org/), [udløbet](https://expired.x2.test-certs.letsencrypt.org/)
 
 Disse root certifikater er endnu ikke inkluderet i Root Program Trust Stores, men vil snart blive indsendt:
 

content/de/certificates.md

@@ -24,7 +24,7 @@ Beachten Sie, dass Root CAs keine Verfallsdaten haben, so wie andere Zertifikate
   * Zertifikatsdetails (selbstsigniert): [crt.sh](https://crt.sh/?id=9314791), [der](/certs/isrgrootx1.der), [pem](/certs/isrgrootx1.pem), [txt](/certs/isrgrootx1.txt)
   * Zertifikatsdetails (Crosssigniert von DST Root CA X3): [crt.sh](https://crt.sh/?id=3958242236), [der](/certs/isrg-root-x1-cross-signed.der), [pem](/certs/isrg-root-x1-cross-signed.pem), [txt](/certs/isrg-root-x1-cross-signed.txt) (außer Dienst)
   * CRL Hostname: `x1.c.lencr.org`
-  * Webseiten testen: [gültig](https://valid-isrgrootx1.letsencrypt.org/), [widerrufen](https://revoked-isrgrootx1.letsencrypt.org/), [abgelaufen](https://expired-isrgrootx1.letsencrypt.org/)
+  * Webseiten testen: [gültig](https://valid.x1.test-certs.letsencrypt.org/), [widerrufen](https://revoked.x1.test-certs.letsencrypt.org/), [abgelaufen](https://expired.x1.test-certs.letsencrypt.org/)
 * **ISRG Root X2**
   * Betreff: `O = Internet Security Research Group, CN = ISRG Root X2`
   * Schlüsseltyp: `ECDSA P-384`
@@ -34,7 +34,7 @@ Beachten Sie, dass Root CAs keine Verfallsdaten haben, so wie andere Zertifikate
   * Zertifikatsdetails (Quersigniert von ISRG Root X1): [crt.sh](https://crt.sh/?id=3334561878), [der](/certs/isrg-root-x2-cross-signed.der), [pem](/certs/isrg-root-x2-cross-signed.pem), [txt](/certs/isrg-root-x2-cross-signed.txt)
   * Zertifikatsdetails (zweites quersigniertes von ISRG Root X1): [crt.sh](https://crt.sh/?id=20878422868), [der](/certs/gen-y/root-x2-by-x1.der), [pem](/certs/gen-y/root-x2-by-x1.pem), [txt](/certs/gen-y/root-x2-by-x1.txt)
   * CRL Hostname: `x2.c.lencr.org`
-  * Webseiten testen: [gültig](https://valid-isrgrootx2.letsencrypt.org/), [widerrufen](https://revoked-isrgrootx2.letsencrypt.org/), [abgelaufen](https://expired-isrgrootx2.letsencrypt.org/)
+  * Webseiten testen: [gültig](https://valid.x2.test-certs.letsencrypt.org/), [widerrufen](https://revoked.x2.test-certs.letsencrypt.org/), [abgelaufen](https://expired.x2.test-certs.letsencrypt.org/)
 
 Diese Root CAs sind noch nicht in Root Programme und Trust Stores enthalten, werden aber bald zur Aufnahme eingereicht:
 

content/el/certificates.md

@@ -25,13 +25,13 @@ show_lastmod: 1
 Έχουμε δημιουργήσει ιστότοπους για να δοκιμάσουμε τα πιστοποιητικά αλυσοπρίονο στις ενεργές ρίζες μας.
 
 * ISRG Root X1
-  * [Έγκυρο](https://valid-isrgrootx1.letsencrypt.org/)
-  * [Ανάκληση](https://revoked-isrgrootx1.letsencrypt.org/)
-  * [Ληγμένο](https://expired-isrgrootx1.letsencrypt.org/)
+  * [Έγκυρο](https://valid.x1.test-certs.letsencrypt.org/)
+  * [Ανάκληση](https://revoked.x1.test-certs.letsencrypt.org/)
+  * [Ληγμένο](https://expired.x1.test-certs.letsencrypt.org/)
 * ISRG Root X1
-  * [Έγκυρο](https://valid-isrgrootx2.letsencrypt.org/)
-  * [Ανάκληση](https://revoked-isrgrootx2.letsencrypt.org/)
-  * [Ληγμένο](https://expired-isrgrootx2.letsencrypt.org/)
+  * [Έγκυρο](https://valid.x2.test-certs.letsencrypt.org/)
+  * [Ανάκληση](https://revoked.x2.test-certs.letsencrypt.org/)
+  * [Ληγμένο](https://expired.x2.test-certs.letsencrypt.org/)
 
 # Ενδιάμεσα Πιστοποιητικά
 

content/en/certificates.md

@@ -2,7 +2,7 @@
 title: Chains of Trust
 linkTitle: Chains of Trust (Root and Intermediate Certificates)
 slug: certificates
-lastmod: 2026-01-08
+lastmod: 2026-03-27
 show_lastmod: 1
 ---
 
@@ -24,7 +24,7 @@ Note that Root CAs don't have expiration dates in quite the same way that other
   * Certificate details (self-signed): [crt.sh](https://crt.sh/?id=9314791), [der](/certs/isrgrootx1.der), [pem](/certs/isrgrootx1.pem), [txt](/certs/isrgrootx1.txt)
   * Certificate details (cross-signed by DST Root CA X3): [crt.sh](https://crt.sh/?id=3958242236), [der](/certs/isrg-root-x1-cross-signed.der), [pem](/certs/isrg-root-x1-cross-signed.pem), [txt](/certs/isrg-root-x1-cross-signed.txt) (retired)
   * CRL hostname: `x1.c.lencr.org`
-  * Test websites: [valid](https://valid-isrgrootx1.letsencrypt.org/), [revoked](https://revoked-isrgrootx1.letsencrypt.org/), [expired](https://expired-isrgrootx1.letsencrypt.org/)
+  * Test websites: [valid](https://valid.x1.test-certs.letsencrypt.org/), [revoked](https://revoked.x1.test-certs.letsencrypt.org/), [expired](https://expired.x1.test-certs.letsencrypt.org/)
 * **ISRG Root X2**
   * Subject: `O = Internet Security Research Group, CN = ISRG Root X2`
   * Key type: `ECDSA P-384`
@@ -34,7 +34,7 @@ Note that Root CAs don't have expiration dates in quite the same way that other
   * Certificate details (cross-signed by ISRG Root X1): [crt.sh](https://crt.sh/?id=3334561878), [der](/certs/isrg-root-x2-cross-signed.der), [pem](/certs/isrg-root-x2-cross-signed.pem), [txt](/certs/isrg-root-x2-cross-signed.txt)
   * Certificate details (second cross-sign by ISRG Root X1): [crt.sh](https://crt.sh/?id=20878422868), [der](/certs/gen-y/root-x2-by-x1.der), [pem](/certs/gen-y/root-x2-by-x1.pem), [txt](/certs/gen-y/root-x2-by-x1.txt)
   * CRL hostname: `x2.c.lencr.org`
-  * Test websites: [valid](https://valid-isrgrootx2.letsencrypt.org/), [revoked](https://revoked-isrgrootx2.letsencrypt.org/), [expired](https://expired-isrgrootx2.letsencrypt.org/)
+  * Test websites: [valid](https://valid.x2.test-certs.letsencrypt.org/), [revoked](https://revoked.x2.test-certs.letsencrypt.org/), [expired](https://expired.x2.test-certs.letsencrypt.org/)
 
 These roots are not yet included in Root Program Trust Stores, but will be submitted for inclusion soon:
 
@@ -46,7 +46,7 @@ These roots are not yet included in Root Program Trust Stores, but will be submi
   * Certificate details (self-signed): [der](/certs/gen-y/root-ye.der), [pem](/certs/gen-y/root-ye.pem), [txt](/certs/gen-y/root-ye.txt)
   * Certificate details (cross-signed by ISRG Root X2): [der](/certs/gen-y/root-ye-by-x2.der), [pem](/certs/gen-y/root-ye-by-x2.pem), [txt](/certs/gen-y/root-ye-by-x2.txt)
   * CRL hostname: `ye.c.lencr.org`
-  * Test websites: Forthcoming
+  * Test websites: [valid](https://valid.ye.test-certs.letsencrypt.org/), [revoked](https://revoked.ye.test-certs.letsencrypt.org/), [expired](https://expired.ye.test-certs.letsencrypt.org/)
 * **ISRG Root YR**
   * Subject: `O = ISRG, CN = Root YR`
   * Key type: `RSA 4096`
@@ -55,7 +55,7 @@ These roots are not yet included in Root Program Trust Stores, but will be submi
   * Certificate details (self-signed): [der](/certs/gen-y/root-yr.der), [pem](/certs/gen-y/root-yr.pem), [txt](/certs/gen-y/root-yr.txt)
   * Certificate details (cross-signed by ISRG Root X1): [der](/certs/gen-y/root-yr-by-x1.der), [pem](/certs/gen-y/root-yr-by-x1.pem), [txt](/certs/gen-y/root-yr-by-x1.txt)
   * CRL hostname: `yr.c.lencr.org`
-  * Test websites: Forthcoming
+  * Test websites: [valid](https://valid.yr.test-certs.letsencrypt.org/), [revoked](https://revoked.yr.test-certs.letsencrypt.org/), [expired](https://expired.yr.test-certs.letsencrypt.org/)
 
 For additional information on the compatibility of our root certificates with various devices and trust stores, see [Certificate Compatibility](/docs/cert-compat).
 

content/en/post/2019-4-15-transitioning-to-isrg-root.md

@@ -20,7 +20,7 @@ Since Let’s Encrypt launched, our certificates have been trusted by browsers v
 
 Now that our own root, [ISRG Root X1](https://letsencrypt.org/certificates/), is [widely trusted by browsers](https://letsencrypt.org/2018/08/06/trusted-by-all-major-root-programs.html) we’d like to transition our subscribers to using our root directly, without a cross-sign.
 
-On **January 11, 2021**, Let’s Encrypt will start serving a certificate chain via the ACME protocol which leads directly to our root, with no cross-signature. Most subscribers don’t need to take any action because their ACME client will handle everything automatically. Subscribers who need to support very old TLS/SSL clients may wish to manually configure their servers to continue using the cross-signature from IdenTrust. You can test whether a given client will work with the newer intermediate by accessing our [test site](https://valid-isrgrootx1.letsencrypt.org/).
+On **January 11, 2021**, Let’s Encrypt will start serving a certificate chain via the ACME protocol which leads directly to our root, with no cross-signature. Most subscribers don’t need to take any action because their ACME client will handle everything automatically. Subscribers who need to support very old TLS/SSL clients may wish to manually configure their servers to continue using the cross-signature from IdenTrust. You can test whether a given client will work with the newer intermediate by accessing our [test site](https://valid.x1.test-certs.letsencrypt.org/).
 
 Our current cross-signature from IdenTrust expires on March 17, 2021. The IdenTrust root that we are cross-signed from expires on September 30, 2021. Within the next year we will obtain a new cross-signature that is valid until September 29, 2021. This means that our subscribers will have the option to manually configure a certificate chain that uses IdenTrust until **September 29, 2021**.
 

content/es/certificates.md

@@ -17,11 +17,11 @@ Nuestras raíces son seguramente mantenidas "offline". Emitimos certificados de
 Hemos configurado sitios web para probar certificados encadenados a nuestras raíces.
 
 * Certificado Válido ISRG Root X1
-  * [https://valid-isrgrootx1.letsencrypt.org/](https://valid-isrgrootx1.letsencrypt.org/)
+  * [https://valid.x1.test-certs.letsencrypt.org/](https://valid.x1.test-certs.letsencrypt.org/)
 * Certificado Revocado ISRG Root X1
-  * [https://revoked-isrgrootx1.letsencrypt.org/](https://revoked-isrgrootx1.letsencrypt.org/)
+  * [https://revoked.x1.test-certs.letsencrypt.org/](https://revoked.x1.test-certs.letsencrypt.org/)
 * Certificado Expirado ISRG Root X1 
-  * [https://expired-isrgrootx1.letsencrypt.org/](https://expired-isrgrootx1.letsencrypt.org/)
+  * [https://expired.x1.test-certs.letsencrypt.org/](https://expired.x1.test-certs.letsencrypt.org/)
 
 # Certificados Intermedios
 

content/fi/certificates.md

@@ -25,13 +25,13 @@ Meidän juuret pidetään turvallisesti pois verkosta. Myönnämme loppukäyttä
 Olemme asettaneet verkkosivustot testaamaan varmenteiden ketjutusta aktiivisiin juurimme saakka.
 
 * ISRG Root X1
-  * [Kelvollinen](https://valid-isrgrootx1.letsencrypt.org/)
-  * [Kumottu](https://revoked-isrgrootx1.letsencrypt.org/)
-  * [Vanhentunut](https://expired-isrgrootx1.letsencrypt.org/)
+  * [Kelvollinen](https://valid.x1.test-certs.letsencrypt.org/)
+  * [Kumottu](https://revoked.x1.test-certs.letsencrypt.org/)
+  * [Vanhentunut](https://expired.x1.test-certs.letsencrypt.org/)
 * ISRG Root X2
-  * [Kelvollinen](https://valid-isrgrootx2.letsencrypt.org/)
-  * [Kumottu](https://revoked-isrgrootx2.letsencrypt.org/)
-  * [Vanhentunut](https://expired-isrgrootx2.letsencrypt.org/)
+  * [Kelvollinen](https://valid.x2.test-certs.letsencrypt.org/)
+  * [Kumottu](https://revoked.x2.test-certs.letsencrypt.org/)
+  * [Vanhentunut](https://expired.x2.test-certs.letsencrypt.org/)
 
 # Välilliset varmenteet
 

content/fr/certificates.md

@@ -23,15 +23,15 @@ Notez que les AC racines n'ont pas de date d'expiration comme les autres certifi
   * Détails de l'AC : [crt.sh](https://crt.sh/?caid=7394), [certificats délivrés](https://crt.sh/?Identity=%25&iCAID=7394)
   * Détails du certificat (auto-signé) : [crt.sh](https://crt.sh/?id=9314791), [der](/certs/isrgrootx1.der), [pem](/certs/isrgrootx1.pem), [txt](/certs/isrgrootx1.txt)
   * Détails du certificat (signé par l'AC racine DST X3) : [crt.sh](https://crt.sh/?id=3958242236), [der](/certs/isrg-root-x1-cross-signed.der), [pem](/certs/isrg-root-x1-cross-signed.pem), [txt](/certs/isrg-root-x1-cross-signed.txt) (retiré)
-  * Test de sites web : [valide](https://valid-isrgrootx1.letsencrypt.org/), [révoqué](https://revoked-isrgrootx1.letsencrypt.org/), [expiré](https://expired-isrgrootx1.letsencrypt.org/)
+  * Test de sites web : [valide](https://valid.x1.test-certs.letsencrypt.org/), [révoqué](https://revoked.x1.test-certs.letsencrypt.org/), [expiré](https://expired.x1.test-certs.letsencrypt.org/)
 * **Racine ISRG X2**
   * Objet : `O = Internet Security Research Group, CN = ISRG Root X2`
   * Type de clé : `ECDSA P-384`
   * Validité : jusqu'au 2035-09-04 (généré le 2020-09-04)
   * Détails de l'AC : [crt.sh](https://crt.sh/?caid=183269), [certificats délivrés](https://crt.sh/?Identity=%25&iCAID=183269)
   * Détails du certificat (auto-signé) : [crt.sh](https://crt.sh/?id=3335562555), [der](/certs/isrg-root-x2.der), [pem](/certs/isrg-root-x2.pem), [txt](/certs/isrg-root-x2.txt)
   * Détails du certificat (signé par l'AC racine ISRG X1) : [crt.sh](https://crt.sh/?id=3334561878), [der](/certs/isrg-root-x2-cross-signed.der), [pem](/certs/isrg-root-x2-cross-signed.pem), [txt](/certs/isrg-root-x2-cross-signed.txt)
-  * Test de sites web : [valide](https://valid-isrgrootx2.letsencrypt.org/), [révoqué](https://revoked-isrgrootx2.letsencrypt.org/), [expiré](https://expired-isrgrootx2.letsencrypt.org/)
+  * Test de sites web : [valide](https://valid.x2.test-certs.letsencrypt.org/), [révoqué](https://revoked.x2.test-certs.letsencrypt.org/), [expiré](https://expired.x2.test-certs.letsencrypt.org/)
 
 Pour de plus amples informations sur la compatibilité de nos certificats racine avec divers appareils et magasins de confiance, voir [Compatibilité des certificats](/docs/cert-compat).
 

content/he/certificates.md

@@ -24,7 +24,7 @@ show_lastmod: 1
   * פרטי אישורים (נחתמו עצמאית): [crt.sh](https://crt.sh/?id=9314791),‏ [der](/certs/isrgrootx1.der),‏ [pem](/certs/isrgrootx1.pem),‏ [txt](/certs/isrgrootx1.txt)
   * פרטי אישור (נחתם בהצלבה מול DST Root CA X3):‏ [crt.sh](https://crt.sh/?id=3958242236),‏ [der](/certs/isrg-root-x1-cross-signed.der),‏ [pem](/certs/isrg-root-x1-cross-signed.pem),‏ [txt](/certs/isrg-root-x1-cross-signed.txt) (פרש לגמלאות)
   * שם מארח לרשימת שלילת אישורים (CRL): `x1.c.lencr.org`
-  * אתרי בדיקה: [תקף](https://valid-isrgrootx1.letsencrypt.org/), [נשלל](https://revoked-isrgrootx1.letsencrypt.org/), [פג תוקף](https://expired-isrgrootx1.letsencrypt.org/)
+  * אתרי בדיקה: [תקף](https://valid.x1.test-certs.letsencrypt.org/), [נשלל](https://revoked.x1.test-certs.letsencrypt.org/), [פג תוקף](https://expired.x1.test-certs.letsencrypt.org/)
 * **ISRG Root X2**
   * נושא: `O = Internet Security Research Group,‏ CN = ISRG Root X2`
   * סוג מפתח: `ECDSA P-384`
@@ -34,7 +34,7 @@ show_lastmod: 1
   * פרטי אישור (חתימה צולבת על ידי ISRG Root X1): [crt.sh](https://crt.sh/?id=3334561878),‏ [der](/certs/isrg-root-x2-cross-signed.der),‏ [pem](/certs/isrg-root-x2-cross-signed.pem),‏ [txt](/certs/isrg-root-x2-cross-signed.txt)
   * פרטי אישור (חתימה צולבת שנייה על ידי ISRG Root X1): [crt.sh](https://crt.sh/?id=20878422868),‏ [der](/certs/gen-y/root-x2-by-x1.der),‏ [pem](/certs/gen-y/root-x2-by-x1.pem),‏ [txt](/certs/gen-y/root-x2-by-x1.txt)
   * שם מארח לרשימת שלילת אישורים (CRL): `x2.c.lencr.org`
-  * אתרי בדיקה: [תקף](https://valid-isrgrootx2.letsencrypt.org/), [נשלל](https://revoked-isrgrootx2.letsencrypt.org/), [פג תוקף](https://expired-isrgrootx2.letsencrypt.org/)
+  * אתרי בדיקה: [תקף](https://valid.x2.test-certs.letsencrypt.org/), [נשלל](https://revoked.x2.test-certs.letsencrypt.org/), [פג תוקף](https://expired.x2.test-certs.letsencrypt.org/)
 
 אישורי העל האלה לא נכללים במאגרי האמון של תוכנית אישורי העל, אך תוגש להוספה בקרוב: