DV SSL/TLS Certificate for www.spalek.org

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Domain Validation Secure Server CA)

About the www.spalek.org DV SSL/TLS Certificate

This certificate with serial number 5e:89:ad:7e:b7:3d:84:9e:5e:f8:e5:2d:a8:2e:db:cf for www.spalek.org was issued on by Sectigo Limited.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.spalek.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 5e:89:ad:7e:b7:3d:84:9e:5e:f8:e5:2d:a8:2e:db:cf
Serial Number (int): 125662295169721399520463835338082540495
Serial Number Length: 127 bits, 16 octets

Subject Key Identifier: 55:d2:35:53:92:16:fd:35:de:ba:91:57:f2:98:3d:7f:fd:df:39:9c
Authority Key Identifier: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (SHA-1): 64:0b:60:73:15:a4:db:b7:8e:aa:85:7c:7b:1a:6a:10:2f:d4:68:92
Fingerprint (SHA-256): 52:36:4d:f3:fc:30:b0:b8:3b:85:81:dc:49:b0:d0:ba:b2:b1:ba:ee:46:0d:d6:63:06:c9:7c:40:87:23:82:05

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate www.spalek.org
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.spalek.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.spalek.org

X.509 Certificate

The complete raw X.509 certificate details for www.spalek.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIQXomtfrc9hJ5e+OUtqC7bzzANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTI1MDExNzAwMDAwMFoXDTI2MDIxNjIzNTk1OVowGTEXMBUGA1UEAxMOd3d3
LnNwYWxlay5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+wwds
DDDTsF4xe/5HzohSgqAAufhwItTcO1+LkHAhfvojn6yTPL4CQ8LsqflES/6TURSE
xhDLPaa4zZT/XIbwJyA4dquA+OVi2n6evyyyObm3vYZAmjW6vMRTL4t+qM8My2FX
ptdr31XjTBv9O2Vcl+hqU/aSK+KyOLlJcJy8mef5gaUhDET7C6Tr1b3CCrDGyEbu
QDAhZgSRuEtwkul1DdtF2IXK8c4GqKvEmLG/cXm0RhwUB122pT1I4lKiqfNt/SAN
H1aVdnxHQRDP9rMmjrYYMo/MQuPCA9gjn+wHgpBQW7MN9xawwWL0RQE00cyfiZzW
DIO9mZ+omMh7NZ4lAgMBAAGjggLwMIIC7DAfBgNVHSMEGDAWgBSNjF7EVK2K4Xfp
m/mbBeG4AY1h4TAdBgNVHQ4EFgQUVdI1U5IW/TXeupFX8pg9f/3fOZwwDgYDVR0P
AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcwJTAjBggrBgEFBQcCARYX
aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEFBQcBAQR4
MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JT
QURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGG
F2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMBkGA1UdEQQSMBCCDnd3dy5zcGFsZWsu
b3JnMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCWl2S/VViXrfdDh2g3CEJ3
6fA61fak8zZuRqQ/D8qpxgAAAZRzmoyeAAAEAwBHMEUCIQDVdx5v6mywoK2/fROM
nWoA/RTrXvnT/hxiXa5akI5COgIgAa3cgSdMhoyL/DSSAIH1Dj+qu0YOzeNCy7BN
ZzHGR+IAdgAZhtTHKKpv/roDb3gqTQGRqs4tcjEPrs5dcEEtJUzH1AAAAZRzmoxC
AAAEAwBHMEUCIGMm5AIMDtwlNT1Mk3XZZQYJjgeuH3jOjGwDc6WHIQgKAiEA8zVa
1fj4BiYZ0HZo7VF5JGsAST5laa6Iu+JHoIofZ3IAdgDLOPcViXyEoURfW8Hd+8lu
8ppZzUcKaQWFsMsUwxRY5wAAAZRzmoxSAAAEAwBHMEUCID8f2SVIA1tCxOCUHPJC
wMSGczV6UIT2g7zCQbm4lmPIAiEAlHx7bTS3cyAeA8XDmq/xIKa0Ft6k0cLStuNT
hainc9kwDQYJKoZIhvcNAQELBQADggEBAC+ABES7mnS3iG2eT5yrXe5SzejHtc7u
c4gukpV3C4d6DahGV77WlLL6IhQYZyMs7ki3A4NIIQGt+Ux2nfZE1BEJD4kbnRLh
gSn/6/vNqARSRw7p0NNOg+MU+3nriurLxeqH3f6dlo6MM+zuM+xu3r6kuG1JD/5d
lqv+qTmduhhnuL9nHJXHklN9HwUxRnQEDkZ0nzEGJeU/WSXdZkf421DPd56UbRzC
nWF0rw2jxm3X8tMrsxSWUvOwAaMVPA/PZTKjdR2my3SQ1FjVJa/9PB1NRVGVlB3P
CtIwEHp5eyd5twDllrZL1ZcwC4yz8B51NjkcEtv6E1BG7EmekGHzeYI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsMHbAww07BeMXv+R86I
UoKgALn4cCLU3Dtfi5BwIX76I5+skzy+AkPC7Kn5REv+k1EUhMYQyz2muM2U/1yG
8CcgOHargPjlYtp+nr8ssjm5t72GQJo1urzEUy+LfqjPDMthV6bXa99V40wb/Ttl
XJfoalP2kivisji5SXCcvJnn+YGlIQxE+wuk69W9wgqwxshG7kAwIWYEkbhLcJLp
dQ3bRdiFyvHOBqirxJixv3F5tEYcFAddtqU9SOJSoqnzbf0gDR9WlXZ8R0EQz/az
Jo62GDKPzELjwgPYI5/sB4KQUFuzDfcWsMFi9EUBNNHMn4mc1gyDvZmfqJjIezWe
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 125662295169721399520463835338082540495
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-02-16 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.spalek.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24081450324110031557944497431033766457554791220686548519272122389627813814213590893797908606200182107590177267010017577731778579526338288116690826520972070803469264409423968965151485465960920210773602163645476437364573772146670730521751944050171217097217293179056538516098240696961207949752166952376051345925224681848275110270457912811658370785854504430244780430450635459930341675408685540986163338756877897103086012431319569752101631622811142480172752500963899171387048079194576751423359443864373548262876340169205420194983424737979713806071520492698419575848430662555947841242665527598308736662751637480646454386213
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							55d235539216fd35deba9157f2983d7ffddf399c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.spalek.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000194739a8c9e0000040300473045022100d5771e6fea6cb0a0adbf7d138c9d6a00fd14eb5ef9d3fe1c625dae5a908e423a022001addc81274c868c8bfc34920081f50e3faabb460ecde342cbb04d6731c647e20076001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d400000194739a8c42000004030047304502206326e4020c0edc25353d4c9375d96506098e07ae1f78ce8c6c0373a58721080a022100f3355ad5f8f8062619d07668ed5179246b00493e6569ae88bbe247a08a1f6772007600cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e700000194739a8c52000004030047304502203f1fd92548035b42c4e0941cf242c0c48673357a5084f683bcc241b9b89663c8022100947c7b6d34b773201e03c5c39aaff120a6b416dea4d1c2d2b6e35385a8a773d9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002f800444bb9a74b7886d9e4f9cab5dee52cde8c7b5ceee73882e9295770b877a0da84657bed694b2fa22141867232cee48b70383482101adf94c769df644d411090f891b9d12e18129ffebfbcda80452470ee9d0d34e83e314fb79eb8aeacbc5ea87ddfe9d968e8c33ecee33ec6edebea4b86d490ffe5d96abfea9399dba1867b8bf671c95c792537d1f05314674040e46749f310625e53f5925dd6647f8db50cf779e946d1cc29d6174af0da3c66dd7f2d32bb3149652f3b001a3153c0fcf6532a3751da6cb7490d458d525affd3c1d4d455195941dcf0ad230107a797b2779b700e596b64bd597300b8cb3f01e7536391c12dbfa135046ec499e9061f37982