DV SSL/TLS Certificate for www.zfu.ch

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Domain Validation Secure Server CA)

About the www.zfu.ch DV SSL/TLS Certificate

This certificate with serial number 5b:57:ed:84:27:cc:1e:20:cf:a9:05:07:85:6b:5d:d4 for www.zfu.ch was issued on by Sectigo Limited.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.zfu.ch provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 5b:57:ed:84:27:cc:1e:20:cf:a9:05:07:85:6b:5d:d4
Serial Number (int): 121416294844630070293199268759254818260
Serial Number Length: 127 bits, 16 octets

Subject Key Identifier: 1e:c0:9a:3b:36:ca:a9:a7:a9:75:a0:2f:c4:08:75:8d:99:1c:6e:5f
Authority Key Identifier: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (SHA-1): f9:6d:d5:9b:66:56:75:df:a4:cc:57:03:2f:9b:af:54:11:16:10:92
Fingerprint (SHA-256): 08:9f:43:fc:1b:3a:24:a7:9e:0f:9d:c3:02:5f:b1:d7:a2:a7:38:df:9e:37:d2:7f:25:f2:2a:2d:c5:49:54:8a

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate www.zfu.ch
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.zfu.ch

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for www.zfu.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIQW1fthCfMHiDPqQUHhWtd1DANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTI0MTIyMDAwMDAwMFoXDTI2MDExNjIzNTk1OVowFTETMBEGA1UEAxMKd3d3
LnpmdS5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALRaAAkXosVA
VMb5NNpgGzVHUkvT5Vsan2ZDhrwmgZUzQ2vQy8aTOM9zL1i6KlVnd7KfHFWWs432
6CFrDur8FerVgkuf+YvkxsgA7IS1ujhXMdrSuMZtabwI3vW7jgaKEH0kKrzZuFR1
Aygh/nitWclidwMT7gXAtC2OUihJzrvDsPIdp99QJdbWFicdix4B369qBX4Y2fJ6
yx9BL4O1H9AtZ5OAcqD0ar40QdXvb2//sg9h+ct0h99ZhmRNlQs7a1pCvWl64JS+
BEpbEmLPxgGe5OVj4LXL5eOSFUvaKUXNunf/Qg88qflYPwSGirDJbNaXrRGWAEwO
s6RpvG0wersCAwEAAaOCAvQwggLwMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF
4bgBjWHhMB0GA1UdDgQWBBQewJo7Nsqpp6l1oC/ECHWNmRxuXzAOBgNVHQ8BAf8E
BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRw
czovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBP
BggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9t
YWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0
cDovL29jc3Auc2VjdGlnby5jb20wHQYDVR0RBBYwFIIKd3d3LnpmdS5jaIIGemZ1
LmNoMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCWl2S/VViXrfdDh2g3CEJ3
6fA61fak8zZuRqQ/D8qpxgAAAZPj/IQ0AAAEAwBHMEUCIBroBITblREcXkM/RMyQ
PGYwSJoL7b4bYcO418efxibvAiEAqBj22Nz8ypmWtT367NG9p1dNkrFoOJLiOmp4
gqVwDrAAdQAZhtTHKKpv/roDb3gqTQGRqs4tcjEPrs5dcEEtJUzH1AAAAZPj/IQV
AAAEAwBGMEQCIANo6onay3PwnJ7CFQFwcUgNUpwII+p7b2Pvt/JMnv9aAiBm0NKS
gTnI/9bFTuAWbHln7oSQh8+hcwvlligxx4kYHgB3AMs49xWJfIShRF9bwd37yW7y
mlnNRwppBYWwyxTDFFjnAAABk+P8hD4AAAQDAEgwRgIhAM+P4hXZ5dAfL+Z8oDCd
HufVbQUVznVJdcOvVSNliXRPAiEAvPO5JSi4MVC+VPq9F8CYQ0JbvYKXgyxsB+kQ
aiZ6ihkwDQYJKoZIhvcNAQELBQADggEBAKHH+chjP1eqBTj9SAr12ySfdtQGxlCY
j121gziqW5pxwkevitwYpe1fYMxOi36CEtp/KzzLfZjaXJlJVGXBsjZoilKMad8G
yL6Q7hD2TvbEaRdSZEbP2YnLnFDrDIJxHEa4khDxffoS1lqkY7XkVVyywKbVV3I0
MNdGIsv/EkM2OMvcfwRkA/UnELlFuGraIJvxEDCWEUT1M8VIss8NGbO+VT6+oCyQ
fiva6s3i3BWfMXfdDFofAM9ak3QAPk5Y4As1Jg2V9nqsn1mIvNbjAn2LdX2ZuDbx
2o6dKTmsnVUH6qj0pnZzfyGurjSDYSv76tTM2eeQczInG96PPYkA1AQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFoACReixUBUxvk02mAb
NUdSS9PlWxqfZkOGvCaBlTNDa9DLxpM4z3MvWLoqVWd3sp8cVZazjfboIWsO6vwV
6tWCS5/5i+TGyADshLW6OFcx2tK4xm1pvAje9buOBooQfSQqvNm4VHUDKCH+eK1Z
yWJ3AxPuBcC0LY5SKEnOu8Ow8h2n31Al1tYWJx2LHgHfr2oFfhjZ8nrLH0Evg7Uf
0C1nk4ByoPRqvjRB1e9vb/+yD2H5y3SH31mGZE2VCztrWkK9aXrglL4ESlsSYs/G
AZ7k5WPgtcvl45IVS9opRc26d/9CDzyp+Vg/BIaKsMls1petEZYATA6zpGm8bTB6
uwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 121416294844630070293199268759254818260
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-01-16 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.zfu.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22767275616394393449238714124442595302227447977738978139471882703214594310242908063202260074775467992232268676298899195458251150153570075770436953374733483351005973505981750932133822971369677591066536943484697912193714639105497835910240035574332415612046193573684583507528444832649476232258769933456900845659358398907451850852021872785425508542954662053843048108894357627477970641736140194330041059077376103377227790146763346995638409494438855459648970153464167332193315958111881830363847599610643733841231338197230264830881235939519927945728094027086105271820836634603842529667894955738801790416362453264102446889659
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1ec09a3b36caa9a7a975a02fc408758d991c6e5f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zfu.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zfu.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000193e3fc8434000004030047304502201ae80484db95111c5e433f44cc903c6630489a0bedbe1b61c3b8d7c79fc626ef022100a818f6d8dcfcca9996b53dfaecd1bda7574d92b1683892e23a6a7882a5700eb00075001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d400000193e3fc8415000004030046304402200368ea89dacb73f09c9ec215017071480d529c0823ea7b6f63efb7f24c9eff5a022066d0d2928139c8ffd6c54ee0166c7967ee849087cfa1730be5962831c789181e007700cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e700000193e3fc843e0000040300483046022100cf8fe215d9e5d01f2fe67ca0309d1ee7d56d0515ce754975c3af55236589744f022100bcf3b92528b83150be54fabd17c09843425bbd8297832c6c07e9106a267a8a19
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a1c7f9c8633f57aa0538fd480af5db249f76d406c650988f5db58338aa5b9a71c247af8adc18a5ed5f60cc4e8b7e8212da7f2b3ccb7d98da5c99495465c1b236688a528c69df06c8be90ee10f64ef6c46917526446cfd989cb9c50eb0c82711c46b89210f17dfa12d65aa463b5e4555cb2c0a6d557723430d74622cbff12433638cbdc7f046403f52710b945b86ada209bf11030961144f533c548b2cf0d19b3be553ebea02c907e2bdaeacde2dc159f3177dd0c5a1f00cf5a9374003e4e58e00b35260d95f67aac9f5988bcd6e3027d8b757d99b836f1da8e9d2939ac9d5507eaa8f4a676737f21aeae3483612bfbead4ccd9e7907332271bde8f3d8900d404