mail.nmof.org
Issued by Sectigo RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number 18:67:51:6a:56:7e:20:ed:53:97:45:74:92:37:93:f6 was issued on by Sectigo Limited.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=mail.nmof.org
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 18:67:51:6a:56:7e:20:ed:53:97:45:74:92:37:93:f6Serial Number (int): 32437929775398381484290411089408529398
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 09:4a:fc:b4:8a:d6:8f:a3:19:ec:28:ea:19:52:dd:58:d7:45:ed:dc
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1
Fingerprint (sha1): 7b:f4:61:b8:0d:3c:76:01:95:a5:40:8b:99:ce:c7:c4:5d:1d:8d:54
Fingerprint (sha256): 67:ac:5f:b3:d5:1b:80:df:cf:79:16:73:c6:8c:45:38:97:fd:7c:f1:77:0b:73:b9:ff:a6:01:bf:a3:5e:ba:c5
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate mail.nmof.org
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mail.nmof.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mail.nmof.org
autodiscover.nmof.org
mail.museumofflight.org
autodiscover.nmof.org
mail.museumofflight.org
Other certificates including the domain name nmof.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for mail.nmof.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgIQGGdRalZ+IO1Tl0V0kjeT9jANBgkqhkiG9w0BAQsFADCB jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB MB4XDTIyMTIwMzAwMDAwMFoXDTI0MDEwMzIzNTk1OVowGDEWMBQGA1UEAxMNbWFp bC5ubW9mLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM8kCHDY rZBgs/GeZdm0MH1msyLaeUSM8fyqbK5Oid0KUsVO+invnsvAMIYltja0MPNfiefQ D+naa53TICyiQa1C7uWGbeBoyEw4dXgcPhfYwejjoZnhKdrqRABOmSLRwlCTYRGN hFc/5L4tj1NZHGY0o4e4S7fSo/+F5kJwqOPQ39SF5I1r5f/1xAKg+FwnyosmH1Wt bjm435WvzH6P3dUVp6UswHmUMST1bxktBoe4zyVBBoe/KXB7lxhzG4eZ5HeRddnm BNMC1PUsQVI2m9uucy+hqzuX55z3uXipZ3NItK8yQoGRK3rjTQRJIY1GFOomvOqH 55NK+zbm7h2arzMCAwEAAaOCAx4wggMaMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb +ZsF4bgBjWHhMB0GA1UdDgQWBBQJSvy0itaPoxnsKOoZUt1Y10Xt3DAOBgNVHQ8B Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdo dHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgw djBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNB RG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYX aHR0cDovL29jc3Auc2VjdGlnby5jb20wggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkB ZwB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABhNWw3FsAAAQD AEYwRAIgTVygrxSq21wikIbykBbJbCyee3xndyuVBD6Y9KdWx6QCIELFAr/pku3V u4ZpUTKWPJ8xOmj2gsJ1WMDtsj9qbuINAHcA2ra/az+1tiKfm8K7XGvocJFxbLtR hIU0vaQ9MEjX+6sAAAGE1bDcIQAABAMASDBGAiEA2CqR+Q5WdcbiSDgkUGhi0SsA 16WtNwYfylWsHOse5qgCIQCR8XUGm8uTGX0jepFf4bkeSZyBYi4Jk7X0kD3w4M+3 tQB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhNWw2/IAAAQD AEYwRAIgO0p5pWrh81rMw2eUJO0mA5ixKxwqlfW2aixCYmihRcECICjoZ1rq68tD 1HYsxUvbeq7XbIjq0b2GX2rC78nsXyz+MEgGA1UdEQRBMD+CDW1haWwubm1vZi5v cmeCFWF1dG9kaXNjb3Zlci5ubW9mLm9yZ4IXbWFpbC5tdXNldW1vZmZsaWdodC5v cmcwDQYJKoZIhvcNAQELBQADggEBAJ49mTCw6hsR39ntwhijRDAgzXAk2NDRMzTi Vo/2rRTjUGdsrweA/3WRQeFfLeClxTMZP4ZSyZjaPmDFz6c2vd1aGDUUgjPwogHr 0wD9qPILdxZgGEzH7lhwlHoVJBg1NvN3Qz0Sjyq/LmPEXGTEvOxCK+fsMYHiGehs kAKWdOeQZh/44Wgrb3gLip2WwSqFJ7Gw9JYeEMs27U/bR117epEmZoxTAZaRKpij v8u03EICL6+deSX8zNSR63PPSIAYschpDCmdPrvGjjtSmgRCud2KiWqKYU1QspLa 5X7U8KJU1PfSw/cWvD0BY1d6rdQWy0JK570j4yi4X0yX0RYrMWc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyQIcNitkGCz8Z5l2bQw fWazItp5RIzx/Kpsrk6J3QpSxU76Ke+ey8AwhiW2NrQw81+J59AP6dprndMgLKJB rULu5YZt4GjITDh1eBw+F9jB6OOhmeEp2upEAE6ZItHCUJNhEY2EVz/kvi2PU1kc ZjSjh7hLt9Kj/4XmQnCo49Df1IXkjWvl//XEAqD4XCfKiyYfVa1uObjfla/Mfo/d 1RWnpSzAeZQxJPVvGS0Gh7jPJUEGh78pcHuXGHMbh5nkd5F12eYE0wLU9SxBUjab 265zL6GrO5fnnPe5eKlnc0i0rzJCgZEreuNNBEkhjUYU6ia86ofnk0r7NubuHZqv MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 32437929775398381484290411089408529398 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.nmof.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26149097648659558735307533131649101685296135688350451612575505234636848390821030409073092303576972931461216266070595600176794362690016858920911095802939910474902080090934798840778829294989554901505771435347140325112243608663358077920384638691234121814302879052197529473707240327190952336331207994276512429252486186147270676319325291151195545632396117069799703742379105944922126235145049631359135944999734766343433539203603856854833100313865351541305291560759468661159872077618396231381290263711332389464983304778702915189154108201553012386548702550146351984638213844981075120387013733344186010763921059825087044824883 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 094afcb48ad68fa319ec28ea1952dd58d745eddc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000184d5b0dc5b000004030046304402204d5ca0af14aadb5c229086f29016c96c2c9e7b7c67772b95043e98f4a756c7a4022042c502bfe992edd5bb86695132963c9f313a68f682c27558c0edb23f6a6ee20d007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000184d5b0dc210000040300483046022100d82a91f90e5675c6e2483824506862d12b00d7a5ad37061fca55ac1ceb1ee6a802210091f175069bcb93197d237a915fe1b91e499c81622e0993b5f4903df0e0cfb7b5007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000184d5b0dbf2000004030046304402203b4a79a56ae1f35accc3679424ed260398b12b1c2a95f5b66a2c426268a145c1022028e8675aeaebcb43d4762cc54bdb7aaed76c88ead1bd865f6ac2efc9ec5f2cfe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.nmof.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.nmof.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.museumofflight.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009e3d9930b0ea1b11dfd9edc218a3443020cd7024d8d0d13334e2568ff6ad14e350676caf0780ff759141e15f2de0a5c533193f8652c998da3e60c5cfa736bddd5a1835148233f0a201ebd300fda8f20b771660184cc7ee5870947a1524183536f377433d128f2abf2e63c45c64c4bcec422be7ec3181e219e86c90029674e790661ff8e1682b6f780b8a9d96c12a8527b1b0f4961e10cb36ed4fdb475d7b7a9126668c530196912a98a3bfcbb4dc42022faf9d7925fcccd491eb73cf488018b1c8690c299d3ebbc68e3b529a0442b9dd8a896a8a614d50b292dae57ed4f0a254d4f7d2c3f716bc3d0163577aadd416cb424ae7bd23e328b85f4c97d1162b3167