DV SSL/TLS Certificate for mail.nmof.org

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo Public Server Authentication CA DV R36)

About the mail.nmof.org DV SSL/TLS Certificate

This certificate with serial number 20:61:8c:75:34:32:4c:a1:7c:b7:a1:62:99:fd:d1:8f for mail.nmof.org was issued on by Sectigo Limited.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for mail.nmof.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 20:61:8c:75:34:32:4c:a1:7c:b7:a1:62:99:fd:d1:8f
Serial Number (int): 43041797483588740296132133151729111439
Serial Number Length: 126 bits, 16 octets

Subject Key Identifier: e8:43:4c:74:a3:da:46:3d:ac:f2:8b:1c:05:76:82:5e:6a:e1:98:e4
Authority Key Identifier: 68:c0:12:16:18:0e:af:ce:f6:87:a6:32:57:a3:46:51:5d:cb:07:27

Fingerprint (SHA-1): 19:47:38:c9:4a:00:59:81:62:70:49:2f:3d:98:27:a8:31:74:49:2a
Fingerprint (SHA-256): 1b:d0:5d:2f:29:e9:61:5a:58:65:17:52:7a:02:a0:4f:aa:91:eb:95:f7:c5:a0:ab:39:be:5b:e4:7e:3c:67:1f

Issuing Certificate URL: http://crt.sectigo.com/SectigoPublicServerAuthenticationCADVR36.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate mail.nmof.org
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for mail.nmof.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for mail.nmof.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGSjCCBLKgAwIBAgIQIGGMdTQyTKF8t6Fimf3RjzANBgkqhkiG9w0BAQwFADBg
MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFB1YmxpYyBTZXJ2ZXIgQXV0aGVudGljYXRpb24gQ0EgRFYgUjM2
MB4XDTI1MDYxOTAwMDAwMFoXDTI1MTIwMzIzNTk1OVowGDEWMBQGA1UEAxMNbWFp
bC5ubW9mLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOjLWnAu
nyS8TFRFy/1nkZfdNXdXihpDRdFb8pe2bZeuu/gVlrJuqOP13qosfqnn67ytw1KM
nFI2qVJe07m9mG/46vqz5HWLNFvrjlQBYRhSb6A2MUDX2PvTlR1imAskfeqEyZMJ
6wFyTZmS/cCQRxY4J0hSOgQJfRxUqY6JcOY3sft4ZXQRIkAbz+h7h6BUkdnZGgAg
bFDlW1HpsmNDd44ZjJ2Y/4LK+maEbGkfKwz6K1HpcD+qCIElbdFwbm5lA1YMBm2N
VEd+B/dASFhKw6aBmYnAn32Hlv8MGDmrlCAbbK2bjyvEz0Qjy1DBL+cVJAnR/5kg
mIe8yZ27zjruUXkCAwEAAaOCAsYwggLCMB8GA1UdIwQYMBaAFGjAEhYYDq/O9oem
MlejRlFdywcnMB0GA1UdDgQWBBToQ0x0o9pGPazyixwFdoJeauGY5DAOBgNVHQ8B
Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdo
dHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgw
djBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUHVi
bGljU2VydmVyQXV0aGVudGljYXRpb25DQURWUjM2LmNydDAjBggrBgEFBQcwAYYX
aHR0cDovL29jc3Auc2VjdGlnby5jb20wggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA
dgDd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZeJWk+nAAAEAwBH
MEUCIGd9rwL95iQ+yXW9bgk/nKj1OQd/3VR10jDwQ6uMGMZeAiEA5/YQu6H8+ceh
5icxh3GvZ8f2thhyAtFyrNNQMAVcefAAdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfp
MO8OQh60fk6qNAAAAZeJWk91AAAEAwBHMEUCIQCLwoI9BFMSSi6ATreoQos+JJ/a
t2YddqXocp5+pnZSZQIgNqLCd4eGO2iAiMIkJdchyP3aJ1+svnKBTR2mF4LRGaEw
aQYDVR0RBGIwYIINbWFpbC5ubW9mLm9yZ4IfYXV0b2Rpc2NvdmVyLm11c2V1bW9m
ZmxpZ2h0Lm9yZ4IVYXV0b2Rpc2NvdmVyLm5tb2Yub3JnghdtYWlsLm11c2V1bW9m
ZmxpZ2h0Lm9yZzANBgkqhkiG9w0BAQwFAAOCAYEAaS6HbSst74ggO+QmI6g1tpxU
GcUwFN36hfwnr/zj7Z3PMoDfoNsa2MpP22muCrVs/CRpxfgF46Ooe+oEcU9WQhJ/
fGZXvwOBgxipduuooMRlad4f27Zo8GyiuBIil9gzhT5sTrtkovqyZ9gZIt3qoMll
g7bPvHhepdXFgaG24NR2bAVxUY8u+qDdAbjhq6YxxPq575ITgJMtXEdvbpuvBu1a
0N8pw5SCQfKl4f6spQL2eiw8p006ikr72aA3NCAGGp3MOwnS/dbZOnvArBh4/td1
b5V/b44nN5vYyt3jjtivVQZrmZwmoJrkPNUSuQlp0N4P11wsuiLhkM4zbIgZvkPV
KdQyFUwLWx79M6f9vkbwv8Z/TfBMznAwurHDCJcXHAfFBMXh+WdFGbzLez+ul2/o
uOgHHuHVsoC651w06wGGCMXxlfXpfwdya/7jcUQz4H+hSbNSLOdOPB75mMHinIV1
gxJEyxRvKkwiHBpjMSNU4UbkLJkr2yqAPS1UzGEg
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MtacC6fJLxMVEXL/WeR
l901d1eKGkNF0Vvyl7Ztl667+BWWsm6o4/Xeqix+qefrvK3DUoycUjapUl7Tub2Y
b/jq+rPkdYs0W+uOVAFhGFJvoDYxQNfY+9OVHWKYCyR96oTJkwnrAXJNmZL9wJBH
FjgnSFI6BAl9HFSpjolw5jex+3hldBEiQBvP6HuHoFSR2dkaACBsUOVbUemyY0N3
jhmMnZj/gsr6ZoRsaR8rDPorUelwP6oIgSVt0XBubmUDVgwGbY1UR34H90BIWErD
poGZicCffYeW/wwYOauUIBtsrZuPK8TPRCPLUMEv5xUkCdH/mSCYh7zJnbvOOu5R
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 43041797483588740296132133151729111439
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Public Server Authentication CA DV R36'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-12-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.nmof.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29387563989048607091332849510301205340204515944470061098480076501920688555079373057323201321252060914002684250850399369068211249508427147224158610870323929428503601990579095840013251776623134792167173680830419127153643066542787653321776882546439982709145988705959212615975063805273228705604914892989221627302382199735607661311573696143750979555223727943057912853384879804052809140174450173969645206931384173861533432484955540480426295170086858253710342416445459810227017956426609060559008434808399049226111102927689287634395314329875266001826076307297476971702758775168492522084271849428013699639062443551484418085241
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 68c01216180eafcef687a63257a346515dcb0727
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e8434c74a3da463dacf28b1c0576825e6ae198e4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoPublicServerAuthenticationCADVR36.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000197895a4fa700000403004730450220677daf02fde6243ec975bd6e093f9ca8f539077fdd5475d230f043ab8c18c65e022100e7f610bba1fcf9c7a1e627318771af67c7f6b6187202d172acd35030055c79f00076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197895a4f7500000403004730450221008bc2823d0453124a2e804eb7a8428b3e249fdab7661d76a5e8729e7ea6765265022036a2c27787863b688088c22425d721c8fdda275facbe72814d1da61782d119a1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.nmof.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.museumofflight.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.nmof.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.museumofflight.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		00692e876d2b2def88203be42623a835b69c5419c53014ddfa85fc27affce3ed9dcf3280dfa0db1ad8ca4fdb69ae0ab56cfc2469c5f805e3a3a87bea04714f5642127f7c6657bf03818318a976eba8a0c46569de1fdbb668f06ca2b8122297d833853e6c4ebb64a2fab267d81922ddeaa0c96583b6cfbc785ea5d5c581a1b6e0d4766c0571518f2efaa0dd01b8e1aba631c4fab9ef921380932d5c476f6e9baf06ed5ad0df29c3948241f2a5e1feaca502f67a2c3ca74d3a8a4afbd9a0373420061a9dcc3b09d2fdd6d93a7bc0ac1878fed7756f957f6f8e27379bd8cadde38ed8af55066b999c26a09ae43cd512b90969d0de0fd75c2cba22e190ce336c8819be43d529d432154c0b5b1efd33a7fdbe46f0bfc67f4df04cce7030bab1c30897171c07c504c5e1f9674519bccb7b3fae976fe8b8e8071ee1d5b280bae75c34eb018608c5f195f5e97f07726bfee3714433e07fa149b3522ce74e3c1ef998c1e29c8575831244cb146f2a4c221c1a63312354e146e42c992bdb2a803d2d54cc6120