DV SSL/TLS Certificate for decarlo.design

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Domain Validation Secure Server CA)

About the decarlo.design DV SSL/TLS Certificate

This certificate with serial number 98:cd:74:c2:e0:0c:5e:a6:2c:de:01:33:50:33:88:3a for decarlo.design was issued on by Sectigo Limited.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for decarlo.design provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 98:cd:74:c2:e0:0c:5e:a6:2c:de:01:33:50:33:88:3a
Serial Number (int): 203109444414423999983936695768060233786
Serial Number Length: 128 bits, 16 octets

Subject Key Identifier: f8:bf:f0:f7:31:39:f6:7a:9f:31:53:3c:47:91:fa:70:a5:db:45:ca
Authority Key Identifier: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (SHA-1): 32:df:3f:e8:c4:35:d6:37:0b:89:d6:37:a8:2f:1b:41:ed:a7:97:2d
Fingerprint (SHA-256): 98:75:72:b5:4f:ef:a4:e4:ff:09:1d:a4:71:60:e3:6a:6d:2e:5c:32:d4:ed:f3:dc:36:e0:b8:1d:7f:d3:85:a9

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate decarlo.design
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for decarlo.design

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for decarlo.design in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgIRAJjNdMLgDF6mLN4BM1AziDowDQYJKoZIhvcNAQELBQAw
gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE
AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0yNTAzMDYwMDAwMDBaFw0yNjA0MDYyMzU5NTlaMBkxFzAVBgNVBAMTDmRl
Y2FybG8uZGVzaWduMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqpD
G5StZ9fHVFWzAO3q/VNrOY0GjUTjxC+46OXSsUDXJLXFEBnvBWdvjVcuNuFSy95H
7iYxASTFJp67YmnIHfjMJg+ItmHd5X1VzgBd6uOTurhuY8gL8FKvdI+qGbY0w0oM
PrU5NS+g+moP4BRnhO96EHevkhfeWCBWLOiJf+ejlT+mqKoRYygaqWAqfoIS8u8M
3FlsdcXvaeybDick0rn29l+KFLgGJNn9xwCaKVl57SKPl12B2UYzW3NdgKrT7GOz
yO4uyr4/ClVX4ONG1jO66Eob3k7FrYV9CYLpi0oj2+HcWbrqXwB+LqmjyFS84J6O
MNHqkNJsYZXJFPFJjQIDAQABo4IDBTCCAwEwHwYDVR0jBBgwFoAUjYxexFStiuF3
6Zv5mwXhuAGNYeEwHQYDVR0OBBYEFPi/8PcxOfZ6nzFTPEeR+nCl20XKMA4GA1Ud
DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgIHMCUwIwYIKwYBBQUHAgEW
F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBhAYIKwYBBQUHAQEE
eDB2ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29S
U0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzAB
hhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAtBgNVHREEJjAkgg5kZWNhcmxvLmRl
c2lnboISd3d3LmRlY2FybG8uZGVzaWduMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFr
AWkAdwCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/D8qpxgAAAZVsc6b6AAAE
AwBIMEYCIQDwtuIL7SxCB4NAmvqXmEYRvucSd4Mc1vsovy7v4IDSZAIhANL0kTSj
SR23jmKERQvd9hQPmeQsGVmxlerExACxI2SwAHYAGYbUxyiqb/66A294Kk0BkarO
LXIxD67OXXBBLSVMx9QAAAGVbHOm1AAABAMARzBFAiAFDhpW6mOElvNwcaRQvB6A
YXuxTeHjAAJFidfhUNg0fgIhAK18r0VU7Djeo5MS+2ITg7yAJMXcLZKnymPXdfng
x3/hAHYAyzj3FYl8hKFEX1vB3fvJbvKaWc1HCmkFhbDLFMMUWOcAAAGVbHOnBwAA
BAMARzBFAiAVJO3zWtC2KYj5R99c+EZtmevPLxwSzGJ0u52TmV1rCQIhAIbLrxz4
tOLK+tF8Cdza0tfviWWeaDI0x7ifr0nrGTEhMA0GCSqGSIb3DQEBCwUAA4IBAQCr
Y+efE+++8eiE/IrRcQS3ZF7T0gNwmAXF6I3yXK1rKEU/Wt53PE3jpGNypLjxfpnC
2MN8yyuemEK9oR1qcw9bPKwZjgOtV84Uu+uPK07BIKYHGz007ScXvZliWPs5eMHe
d8rYjkMq2ojsgBL6k8d1irWXYWy5eTMYhH/BTE5epFyvQ0kN6N7cmTggZUlw38g3
sE0yU/g7cEUaKv39DZ0gcvCuLGTnjuIKQ2luZv8Ly8VUjKP4Hr3vRgxxoUFB9PP4
uVxP35t/mhin5clVoNfWGXos3bogXJCZKz7oNcWyL0pDgo5W+IfYcwsCYKoVhMqm
khFm1DTOJbp2JOcM8l6c
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqpDG5StZ9fHVFWzAO3q
/VNrOY0GjUTjxC+46OXSsUDXJLXFEBnvBWdvjVcuNuFSy95H7iYxASTFJp67YmnI
HfjMJg+ItmHd5X1VzgBd6uOTurhuY8gL8FKvdI+qGbY0w0oMPrU5NS+g+moP4BRn
hO96EHevkhfeWCBWLOiJf+ejlT+mqKoRYygaqWAqfoIS8u8M3FlsdcXvaeybDick
0rn29l+KFLgGJNn9xwCaKVl57SKPl12B2UYzW3NdgKrT7GOzyO4uyr4/ClVX4ONG
1jO66Eob3k7FrYV9CYLpi0oj2+HcWbrqXwB+LqmjyFS84J6OMNHqkNJsYZXJFPFJ
jQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 203109444414423999983936695768060233786
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-04-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'decarlo.design'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22049424454339876823543540857986804852694235866955928301569703460939666223448242268315764527088620507529421224796706754302911369557502899206773538843763359869618991819357929186901980990876249736584182270381491222913245647685201943976105576084151520506579100150384470542920701191494805114687372119453497710890350976448913106020183325950525499055387965149847388524993041033391835551735467740866663717844518688906424460920561275669352709696251741662536059535408163350997616174500773799429543073539079796470156346116874177568293948421381565623717040030381069853859215134368082731957568371211928366942514468900906510403981
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f8bff0f73139f67a9f31533c4791fa70a5db45ca
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'decarlo.design'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.decarlo.design'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c6000001956c73a6fa0000040300483046022100f0b6e20bed2c420783409afa97984611bee71277831cd6fb28bf2eefe080d264022100d2f49134a3491db78e6284450bddf6140f99e42c1959b195eac4c400b12364b00076001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d4000001956c73a6d400000403004730450220050e1a56ea638496f37071a450bc1e80617bb14de1e300024589d7e150d8347e022100ad7caf4554ec38dea39312fb621383bc8024c5dc2d92a7ca63d775f9e0c77fe1007600cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e7000001956c73a707000004030047304502201524edf35ad0b62988f947df5cf8466d99ebcf2f1c12cc6274bb9d93995d6b0902210086cbaf1cf8b4e2cafad17c09dcdad2d7ef89659e683234c7b89faf49eb193121
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ab63e79f13efbef1e884fc8ad17104b7645ed3d203709805c5e88df25cad6b28453f5ade773c4de3a46372a4b8f17e99c2d8c37ccb2b9e9842bda11d6a730f5b3cac198e03ad57ce14bbeb8f2b4ec120a6071b3d34ed2717bd996258fb3978c1de77cad88e432ada88ec8012fa93c7758ab597616cb9793318847fc14c4e5ea45caf43490de8dedc993820654970dfc837b04d3253f83b70451a2afdfd0d9d2072f0ae2c64e78ee20a43696e66ff0bcbc5548ca3f81ebdef460c71a14141f4f3f8b95c4fdf9b7f9a18a7e5c955a0d7d6197a2cddba205c90992b3ee835c5b22f4a43828e56f887d8730b0260aa1584caa6921166d434ce25ba7624e70cf25e9c