DV SSL/TLS Certificate for thetotem.de

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Domain Validation Secure Server CA)

About the thetotem.de DV SSL/TLS Certificate

This certificate with serial number 72:59:82:94:52:b6:48:2d:65:22:87:54:80:45:76:ae for thetotem.de was issued on by Sectigo Limited.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for thetotem.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 72:59:82:94:52:b6:48:2d:65:22:87:54:80:45:76:ae
Serial Number (int): 151996754404504672150548240053083403950
Serial Number Length: 127 bits, 16 octets

Subject Key Identifier: 1b:0e:8e:da:73:ee:35:cd:0e:01:8d:90:fb:a3:ee:b3:e2:d0:6a:94
Authority Key Identifier: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (SHA-1): 6a:b9:24:99:67:44:b0:e7:08:39:0d:58:67:85:a0:e4:de:d1:ab:45
Fingerprint (SHA-256): f9:45:30:61:da:36:56:55:9b:fc:5a:58:ca:02:21:0f:0d:77:2c:66:ac:62:ae:4b:2e:18:0c:48:94:c0:a2:8e

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate thetotem.de
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for thetotem.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for thetotem.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgIQclmClFK2SC1lIodUgEV2rjANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTI0MTIxODAwMDAwMFoXDTI2MDEwMjIzNTk1OVowFjEUMBIGA1UEAxMLdGhl
dG90ZW0uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcPIOT9sA1
YDWmJ2pzHtTblzd5r7FqMuQs7mkfagKgm51GvcXWwlWD+OXG5YuKVAr8rBzsB3pY
mwoT1Ncu/DA7tzSL9LQV2BsraYuCF1WqHQCkyNPsSrkwKVOWVp2GSOWqlpJOrCw3
TLFDw/iztOHPfwiqqZhoBMEToPSHFzxDSKlm5XvHbGjjfmmc2A1QHFxy2myr33ip
odo5GJVb8U36BCqRxVZuqVGwleDgKi+IZA9k4DjcWtndnlU1RfDwzAfzc1PYj/vN
0W07gZfAzxHCs0oh/HpJy+aV1d2AWkEP/rw4wgTeivInCW2oy6dMgQ2jti38zVpv
n0n4TzE+1UmFAgMBAAGjggL+MIIC+jAfBgNVHSMEGDAWgBSNjF7EVK2K4Xfpm/mb
BeG4AY1h4TAdBgNVHQ4EFgQUGw6O2nPuNc0OAY2Q+6Pus+LQapQwDgYDVR0PAQH/
BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcwJTAjBggrBgEFBQcCARYXaHR0
cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEFBQcBAQR4MHYw
TwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQURv
bWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0
dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgA
dgCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/D8qpxgAAAZPY/VTQAAAEAwBH
MEUCIGM+OK9Ss2TB/FzOXyL35UXTFqyJHEQAzEFZl8Mb3hhgAiEA0PMZi25D27tk
FG5k+UKNB9olaIMO4/9Cy/ZwymLcW9IAdQAZhtTHKKpv/roDb3gqTQGRqs4tcjEP
rs5dcEEtJUzH1AAAAZPY/VRkAAAEAwBGMEQCICLsaRaZcPYpVKMPhfGk5PK3G2fF
LhrrWXlR8b1/hPO6AiAx3XyCFYkH32NC4OqJFUh3NnkMD/lMlfWTnikyjC+3fgB3
AMs49xWJfIShRF9bwd37yW7ymlnNRwppBYWwyxTDFFjnAAABk9j9VJgAAAQDAEgw
RgIhAP+TgPT4pxZlxdp9JqSdEeXZTaBHch7A4ELMreS1Ef6kAiEAn62NckIad5Wj
H8dmzy2Urd29UkHh4aupPw8V6Z/OetkwJwYDVR0RBCAwHoILdGhldG90ZW0uZGWC
D3d3dy50aGV0b3RlbS5kZTANBgkqhkiG9w0BAQsFAAOCAQEAdvOveMYIWLtgnLlB
aqecjGqyI+komoVGpTnMQWIoQzftisEDNQsRwF2dcS3m6GkWUW0iWcIciBCXurBG
187AJbQdJLrZIqA4PS27kZNlbjb8AwGLrmzO3LJwczOzTxTk3p+njPPZE2Sd1k93
AHQcwPuR4+FxbdXpyF6KUPQDb+C0x9/9LNIlYk35o0B6/mlYenQiALwWqbWB/Phx
TvmNfpB+pLTLw3uJb8lG6cjTenYwhXqX0/Dk+zpCSOcz+a6CK20K+nNHAWBdj2Ha
syIGZPWVq4K/rYnyoxKVSyUw5KMJGt3tPNM/CMRdyMo2wUtoNC3gC/wtquMiFYwY
aDec4w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DyDk/bANWA1pidqcx7U
25c3ea+xajLkLO5pH2oCoJudRr3F1sJVg/jlxuWLilQK/Kwc7Ad6WJsKE9TXLvww
O7c0i/S0FdgbK2mLghdVqh0ApMjT7Eq5MClTlladhkjlqpaSTqwsN0yxQ8P4s7Th
z38IqqmYaATBE6D0hxc8Q0ipZuV7x2xo435pnNgNUBxcctpsq994qaHaORiVW/FN
+gQqkcVWbqlRsJXg4CoviGQPZOA43FrZ3Z5VNUXw8MwH83NT2I/7zdFtO4GXwM8R
wrNKIfx6ScvmldXdgFpBD/68OMIE3oryJwltqMunTIENo7Yt/M1ab59J+E8xPtVJ
hQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 151996754404504672150548240053083403950
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-01-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thetotem.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27802267646517471598904007576982465242207399472121840878568202226458720488105998170769322931236924340933220346521754212501507811892778615742114804720333879422857952724572784182711809690408782525935146091915681355984746384316157828573871050781767117398819774160100827755612678304198630424266749667129911150771552758227820689794272928903164889845250439260650530587713756151234105332376046740784003781397671797986715985080002619647700363807244978980966403836343607243151785986776434399367945758588560947419412534381293439904697543245343857832830485150856427984861236256150587893416924116586481177882222149969479116081541
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1b0e8eda73ee35cd0e018d90fba3eeb3e2d06a94
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000193d8fd54d000000403004730450220633e38af52b364c1fc5cce5f22f7e545d316ac891c4400cc415997c31bde1860022100d0f3198b6e43dbbb64146e64f9428d07da2568830ee3ff42cbf670ca62dc5bd20075001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d400000193d8fd54640000040300463044022022ec69169970f62954a30f85f1a4e4f2b71b67c52e1aeb597951f1bd7f84f3ba022031dd7c82158907df6342e0ea8915487736790c0ff94c95f5939e29328c2fb77e007700cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e700000193d8fd54980000040300483046022100ff9380f4f8a71665c5da7d26a49d11e5d94da047721ec0e042ccade4b511fea40221009fad8d72421a7795a31fc766cf2d94adddbd5241e1e1aba93f0f15e99fce7ad9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thetotem.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thetotem.de'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0076f3af78c60858bb609cb9416aa79c8c6ab223e9289a8546a539cc4162284337ed8ac103350b11c05d9d712de6e86916516d2259c21c881097bab046d7cec025b41d24bad922a0383d2dbb9193656e36fc03018bae6ccedcb2707333b34f14e4de9fa78cf3d913649dd64f7700741cc0fb91e3e1716dd5e9c85e8a50f4036fe0b4c7dffd2cd225624df9a3407afe69587a742200bc16a9b581fcf8714ef98d7e907ea4b4cbc37b896fc946e9c8d37a7630857a97d3f0e4fb3a4248e733f9ae822b6d0afa734701605d8f61dab3220664f595ab82bfad89f2a312954b2530e4a3091added3cd33f08c45dc8ca36c14b68342de00bfc2daae322158c1868379ce3