DV SSL/TLS Certificate for aaft.es

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Domain Validation Secure Server CA)

About the aaft.es DV SSL/TLS Certificate

This certificate with serial number 38:1c:c2:f6:82:be:2a:db:31:2e:4e:12:25:b4:eb:ce for aaft.es was issued on by Sectigo Limited.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for aaft.es provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 38:1c:c2:f6:82:be:2a:db:31:2e:4e:12:25:b4:eb:ce
Serial Number (int): 74586106394048300554576069993021369294
Serial Number Length: 126 bits, 16 octets

Subject Key Identifier: 78:31:5d:f4:ae:38:7a:46:ab:37:21:26:89:37:af:34:f1:72:83:e3
Authority Key Identifier: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (SHA-1): cc:5e:c1:ab:c1:e8:c5:27:2e:44:f5:27:38:d9:d5:7b:64:6e:5b:0a
Fingerprint (SHA-256): f7:c8:e9:f7:24:09:6e:9c:07:5c:35:c7:5c:ee:93:66:cd:8d:41:2a:85:8e:aa:5f:dd:70:8a:af:ce:27:61:63

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate aaft.es
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for aaft.es

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for aaft.es in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIQOBzC9oK+KtsxLk4SJbTrzjANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTI0MTIyNTAwMDAwMFoXDTI2MDEwODIzNTk1OVowEjEQMA4GA1UEAxMHYWFm
dC5lczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALyKRgGkanQ2FoXz
6WDQndo3cX8EUIztUl86fQydOoyekO6h/TtQZ3ClN/9Apv16OKmoIZP+K+LDVKPd
17TEq4ZFMKp2MN6Q4l+kT2nTQNVBclvwqQ8QiZazHCL10jEgTrxmMZ2atGs+t3BS
SKaqyfmaNQGslkGMlLPDkovQpVUc8pfuzqaUVFnxyzEPqc7XLgThS+o5K6PjJ/nG
x8fKaJWvzDjmrBoK74FyJ+2SnPissUNNP0kthDWAX+d0OkaXjHQoQCF2XoepawWV
byFgF0/yBTgHWmX6u59TuIrpHgxIEwrUtdmsbAMwRFnSkJx7NqNWT355Oe4HW/I0
pkGM83kCAwEAAaOCAvcwggLzMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF4bgB
jWHhMB0GA1UdDgQWBBR4MV30rjh6Rqs3ISaJN6808XKD4zAOBgNVHQ8BAf8EBAMC
BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
SQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRwczov
L3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBPBggr
BgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9tYWlu
VmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDov
L29jc3Auc2VjdGlnby5jb20wHwYDVR0RBBgwFoIHYWFmdC5lc4ILd3d3LmFhZnQu
ZXMwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB1AJaXZL9VWJet90OHaDcIQnfp
8DrV9qTzNm5GpD8PyqnGAAABk/ti7xIAAAQDAEYwRAIgSwMJSxHK/kE0t0O47u41
ebvISItfvRLGqiwWz19GWeUCIEAin9WXiyre/P20pDqndiKC9YPUUCZeD3DH4DXk
ahLlAHcAGYbUxyiqb/66A294Kk0BkarOLXIxD67OXXBBLSVMx9QAAAGT+2Lu9AAA
BAMASDBGAiEAoXRXcsKAswoPYjJJshI+U90HCtsC2M6TyTMGqbtM3TgCIQDlk0RD
jhXeNJoakrYhvbsBbSnRRqSC1anwAaMM0JGv1wB3AMs49xWJfIShRF9bwd37yW7y
mlnNRwppBYWwyxTDFFjnAAABk/ti7x4AAAQDAEgwRgIhAIQ5zctuGJYcj8qz+WXt
VfyO3hd7KFJ7mzRPLEfV0lj/AiEAiEQ7h7sQCtzf0E/cqwCsFYW1ZZq7ZBPv7wAo
t3o0SmkwDQYJKoZIhvcNAQELBQADggEBAIcXOrrvZDtuvWKa8yeoOmPyE+oonWU/
BsJ5pnBqEz7IZnEtd6eYa7qthVNfET1/vq+Ohdc/4yjJA+La+krYpnvj4YSWWSUF
hzTInuH4O7bGAJbcLe9KSSMPsAh27HkJ0h7Roh8FmJ3QQxWK4xDK/zlzKuxZHVp3
kYzWy8Iv0sPWBqkJ1xT3QSaetLpb1gTTIylkl+HBXQrcXB+sZ/JGqIyU4M6fyap7
AN3fRK2ykIvtB7UCO/5ebRRXNKsLRaHOeD0j+EpbUfk+BcrxTBi8KjkiW3C63CIW
tsPkR2V05BP7yK7tJI3HBz69HJZPQUwnuihpfrQp9usapLcOTmQX69Q=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIpGAaRqdDYWhfPpYNCd
2jdxfwRQjO1SXzp9DJ06jJ6Q7qH9O1BncKU3/0Cm/Xo4qaghk/4r4sNUo93XtMSr
hkUwqnYw3pDiX6RPadNA1UFyW/CpDxCJlrMcIvXSMSBOvGYxnZq0az63cFJIpqrJ
+Zo1AayWQYyUs8OSi9ClVRzyl+7OppRUWfHLMQ+pztcuBOFL6jkro+Mn+cbHx8po
la/MOOasGgrvgXIn7ZKc+KyxQ00/SS2ENYBf53Q6RpeMdChAIXZeh6lrBZVvIWAX
T/IFOAdaZfq7n1O4iukeDEgTCtS12axsAzBEWdKQnHs2o1ZPfnk57gdb8jSmQYzz
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 74586106394048300554576069993021369294
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-01-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aaft.es'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23800986519303406427348811517145223441945286392881991681121854412810757047027538206953450198858174668981103505879648541147646037945969552659785126036329571449968221651567944178994493593369927488260345440753134532427359013844042044942764350796925076652384017587958700820257693486373543032105393117402562043528155696575762768905910951032108486248613961099601167695208682335569129793201910386077433769168632959310543644837843106260892408839779569453257924183227405296101731622281065019149718362816181782422962808447009708008840998883555551846456376276332841414743916731208066776112063382002981236432894733111704649790329
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							78315df4ae387a46ab3721268937af34f17283e3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aaft.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aaft.es'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007500969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000193fb62ef12000004030046304402204b03094b11cafe4134b743b8eeee3579bbc8488b5fbd12c6aa2c16cf5f4659e5022040229fd5978b2adefcfdb4a43aa7762282f583d450265e0f70c7e035e46a12e50077001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d400000193fb62eef40000040300483046022100a1745772c280b30a0f623249b2123e53dd070adb02d8ce93c93306a9bb4cdd38022100e59344438e15de349a1a92b621bdbb016d29d146a482d5a9f001a30cd091afd7007700cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e700000193fb62ef1e00000403004830460221008439cdcb6e18961c8fcab3f965ed55fc8ede177b28527b9b344f2c47d5d258ff02210088443b87bb100adcdfd04fdcab00ac1585b5659abb6413efef0028b77a344a69
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0087173abaef643b6ebd629af327a83a63f213ea289d653f06c279a6706a133ec866712d77a7986bbaad85535f113d7fbeaf8e85d73fe328c903e2dafa4ad8a67be3e184965925058734c89ee1f83bb6c60096dc2def4a49230fb00876ec7909d21ed1a21f05989dd043158ae310caff39732aec591d5a77918cd6cbc22fd2c3d606a909d714f741269eb4ba5bd604d323296497e1c15d0adc5c1fac67f246a88c94e0ce9fc9aa7b00dddf44adb2908bed07b5023bfe5e6d145734ab0b45a1ce783d23f84a5b51f93e05caf14c18bc2a39225b70badc2216b6c3e4476574e413fbc8aeed248dc7073ebd1c964f414c27ba28697eb429f6eb1aa4b70e4e6417ebd4