DV SSL/TLS Certificate for *.kelso.org.uk

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Domain Validation Secure Server CA)

About the *.kelso.org.uk DV SSL/TLS Certificate

This certificate with serial number 29:3a:9f:a8:62:39:a3:50:16:00:89:ef:da:3b:0d:c9 for *.kelso.org.uk was issued on by Sectigo Limited.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.kelso.org.uk provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 29:3a:9f:a8:62:39:a3:50:16:00:89:ef:da:3b:0d:c9
Serial Number (int): 54802739288834064760788484565933690313
Serial Number Length: 126 bits, 16 octets

Subject Key Identifier: dc:86:b8:89:b2:f4:e7:41:36:8e:06:cd:a1:b9:50:29:ad:d9:55:41
Authority Key Identifier: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (SHA-1): df:63:f1:3f:6d:7f:23:76:82:85:95:c7:98:44:82:fa:0d:9a:2e:d8
Fingerprint (SHA-256): cf:30:77:b0:2d:c8:81:06:61:2d:ac:14:1e:36:aa:ef:68:33:c9:2d:0c:f3:75:7b:0a:25:25:84:7f:7d:4f:c0

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate *.kelso.org.uk
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.kelso.org.uk

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.kelso.org.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIQKTqfqGI5o1AWAInv2jsNyTANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTI0MTIyNDAwMDAwMFoXDTI2MDEwNzIzNTk1OVowGTEXMBUGA1UEAwwOKi5r
ZWxzby5vcmcudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh/VH3
fFuRpA4YMM7XaSEMpUa/OWGB53wAxGFZcMPY0BT5kBkVYxqMUU7pmOOoKhRI/vqI
61yfnEOXvV2UMa/1eTyIvYpC5i0HKhH1RvkwaQebW45iajVjvKDdQ+Ts5NOQqV0h
qyLZViUjB5xNabAl8ixODg5IHXJSkk98zqNMgNXZlEX+QkLxP3E71C9BgWGbq6oH
L/yAPLRotJEdqSj82BrS5b0AoJV+uUQfy1gAq+bvHCSOk9Pw8Njefy1Cte87TGlI
in7MkXFeM7TaUOPu3tGVt/InpGbVhLMzH9QlYJmwTz85AOBrsqHlaVFDY1JARvWZ
YOGey5iF/VIV9LUPAgMBAAGjggL8MIIC+DAfBgNVHSMEGDAWgBSNjF7EVK2K4Xfp
m/mbBeG4AY1h4TAdBgNVHQ4EFgQU3Ia4ibL050E2jgbNoblQKa3ZVUEwDgYDVR0P
AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcwJTAjBggrBgEFBQcCARYX
aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEFBQcBAQR4
MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JT
QURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGG
F2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFo
AWYAdgCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/D8qpxgAAAZP2TAWLAAAE
AwBHMEUCICQ2YX3nc1BrvlAMOqEPANn7Zsd0aQfu9MMJyzBZk61QAiEAuHFpe6w5
oJQZ4QZJYiFeRf4MY06MVeLBZCsZhpFzOfMAdQAZhtTHKKpv/roDb3gqTQGRqs4t
cjEPrs5dcEEtJUzH1AAAAZP2TAU6AAAEAwBGMEQCIDKgIwfQL+9SLBfuVFSJ5A5e
CWdZ7Xzo+EeBjVitJRGNAiBz6E4bUwHeOZZ9q3/GsGs0QrhRGqMi0meMxCpPADs2
FQB1AMs49xWJfIShRF9bwd37yW7ymlnNRwppBYWwyxTDFFjnAAABk/ZMBVkAAAQD
AEYwRAIgYNenknLgYvYOIMKbrKuun4WfaXa7DPgCdLKvcnPvTK4CIAQDsB4FXQn4
gmZVAxeJxthwJlsVb1Wtl53xJz+4/3koMCcGA1UdEQQgMB6CDioua2Vsc28ub3Jn
LnVrggxrZWxzby5vcmcudWswDQYJKoZIhvcNAQELBQADggEBAJXeZr46eFW6F3ar
dljBah3Ni+h2qweIWnsk0A5ED8HyBwCdHYAqtWOXMWB8yk67WR1yUCwQwvbmy2wf
JeM3U6rqTHEK+z8zJHa0HIvDUr5DWFGo2n0mjR7RUvFbMc91tAQfUGuvLeTB31jX
POSiXwadpLC6ZB9UhDAxVGiA1zLpSA7Q7XMLHSvoRHY8NxggwktME+3WcBWX7iok
kdbgNejbvE/Sryn13Yq/Cl1Oeo60a6aF2KaBOQLdAyV24j3B6fcx2dmQ0ZZTLwSN
u0OF+V2jYRZHDh7otSXi1/W5w5BRoYu+2yL7qNkwIrThrBarWgUbR8ImvNZkRFts
jfKYeCU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4f1R93xbkaQOGDDO12kh
DKVGvzlhged8AMRhWXDD2NAU+ZAZFWMajFFO6ZjjqCoUSP76iOtcn5xDl71dlDGv
9Xk8iL2KQuYtByoR9Ub5MGkHm1uOYmo1Y7yg3UPk7OTTkKldIasi2VYlIwecTWmw
JfIsTg4OSB1yUpJPfM6jTIDV2ZRF/kJC8T9xO9QvQYFhm6uqBy/8gDy0aLSRHako
/Nga0uW9AKCVfrlEH8tYAKvm7xwkjpPT8PDY3n8tQrXvO0xpSIp+zJFxXjO02lDj
7t7RlbfyJ6Rm1YSzMx/UJWCZsE8/OQDga7Kh5WlRQ2NSQEb1mWDhnsuYhf1SFfS1
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 54802739288834064760788484565933690313
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-01-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.kelso.org.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28528535455109264038942253283385343909509502407932099936121866355141868398145516686863269226922826604211920861692800999550870690675401591758805465839952662888051374921294290203915443284057354214022942148683255102024968014241053566485978104903546485143722185454080800756903877727449284884664314608361191256554843652499707348301237246065285860463242897640068396075997109745466113329314562550970334752847764365471637720286982609818505884730612090869121407578370106520350804135847882678147407339785203463334585994833783579286558332893129622428730736853970875557469952291851877439676047924546959880087171657332493624063247
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dc86b889b2f4e741368e06cda1b95029add95541
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007600969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000193f64c058b000004030047304502202436617de773506bbe500c3aa10f00d9fb66c7746907eef4c309cb305993ad50022100b871697bac39a09419e1064962215e45fe0c634e8c55e2c1642b1986917339f30075001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d400000193f64c053a0000040300463044022032a02307d02fef522c17ee545489e40e5e096759ed7ce8f847818d58ad25118d022073e84e1b5301de39967dab7fc6b06b3442b8511aa322d2678cc42a4f003b3615007500cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e700000193f64c05590000040300463044022060d7a79272e062f60e20c29bacabae9f859f6976bb0cf80274b2af7273ef4cae02200403b01e055d09f8826655031789c6d870265b156f55ad979df1273fb8ff7928
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kelso.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kelso.org.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0095de66be3a7855ba1776ab7658c16a1dcd8be876ab07885a7b24d00e440fc1f207009d1d802ab5639731607cca4ebb591d72502c10c2f6e6cb6c1f25e33753aaea4c710afb3f332476b41c8bc352be435851a8da7d268d1ed152f15b31cf75b4041f506baf2de4c1df58d73ce4a25f069da4b0ba641f54843031546880d732e9480ed0ed730b1d2be844763c371820c24b4c13edd6701597ee2a2491d6e035e8dbbc4fd2af29f5dd8abf0a5d4e7a8eb46ba685d8a6813902dd032576e23dc1e9f731d9d990d196532f048dbb4385f95da36116470e1ee8b525e2d7f5b9c39051a18bbedb22fba8d93022b4e1ac16ab5a051b47c226bcd664445b6c8df2987825