lal.org.uk

Issued by GTS CA 1P5

About this certificate

This digital certificate with serial number a5:67:09:63:c6:a5:7d:a6:13:3d:8e:07:38:a4:31:62 was issued on by Google Trust Services LLC.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=lal.org.uk

Google Trust Services LLC

Organization: Google Trust Services LLC
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): a5:67:09:63:c6:a5:7d:a6:13:3d:8e:07:38:a4:31:62
Serial Number (int): 219857616327692826116289076139015811426
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 76:4f:7b:c8:91:07:cf:bb:6f:2c:d6:e7:b6:0f:3a:54:0a:e3:f5:c2
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8

Fingerprint (sha1): 22:e3:ff:d0:18:30:74:5d:cf:59:33:43:3f:a8:bc:a3:f5:49:1a:f4
Fingerprint (sha256): fb:a2:62:e7:86:8a:46:13:27:83:47:56:e4:b9:34:dc:49:25:cc:ba:45:ca:d8:3e:33:9b:e4:b7:a7:f3:05:9e

Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der

Revocation information

OCSP Server: http://ocsp.pki.goog/s/gts1p5/9UbhJhsn2_A
CRL Distribution Point: http://crls.pki.goog/gts1p5/eexkC2PJxaw.crl

Check the revocation status for certificate lal.org.uk

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for lal.org.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

lal.org.uk
*.lal.org.uk

Other certificates including the domain name lal.org.uk

(limited to 100 certificates)
lal.org.uk
lal.org.uk
lal.org.uk
lal.org.uk
lal.org.uk
lal.org.uk
mkt.lal.org.uk
lal.org.uk
lal.org.uk
lal.org.uk
mkt.contek.pt
staging.lal.org.uk
lal.org.uk
lal.org.uk
lal.org.uk
lal.org.uk

Certificate

The complete raw certificate details for lal.org.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIRAKVnCWPGpX2mEz2OBzikMWIwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjQwMjA1MDE0NjA0WhcNMjQwNTA1
MDE0NjAzWjAVMRMwEQYDVQQDEwpsYWwub3JnLnVrMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA9G9clNhmweL41Jx+Y12qSsPRq7R+GQwhm4LkzhVeQVXq
2rXg5hzyR103ZoymBidjeKLH097QTK6CUWqJ9VXH1vgpXkmRfbn4381+uIYcMU3Y
2AV+3aRdg7RgKcc4YiPYtW6VWNnNozWimWrarOHeBB9tNq6Ed35g32fJRRe8NX6L
ZdyZr3aJVbQlzX1+FfWQLo9HF10MAKz7M8Hw4HYQeD9tLakIMhSrEMSzZpSizMUD
p3aHvx44U8oeWJB84UwqAhoC6neNH2K7pXioRHSFsE895cHpQkTRmXV082mE/Iye
QChs7xKDgQ4Wxq/6cVQmm9V4H6nEEjvNxv9EmDZLQQIDAQABo4ICgDCCAnwwDgYD
VR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFHZPe8iRB8+7byzW57YPOlQK4/XCMB8GA1UdIwQYMBaAFNX8ng3f
HsrdCJeXbivFX8Ur9ey4MHgGCCsGAQUFBwEBBGwwajA1BggrBgEFBQcwAYYpaHR0
cDovL29jc3AucGtpLmdvb2cvcy9ndHMxcDUvOVViaEpoc24yX0EwMQYIKwYBBQUH
MAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFwNS5kZXIwIwYDVR0R
BBwwGoIKbGFsLm9yZy51a4IMKi5sYWwub3JnLnVrMCEGA1UdIAQaMBgwCAYGZ4EM
AQIBMAwGCisGAQQB1nkCBQMwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybHMu
cGtpLmdvb2cvZ3RzMXA1L2VleGtDMlBKeGF3LmNybDCCAQUGCisGAQQB1nkCBAIE
gfYEgfMA8QB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjXco
lK4AAAQDAEgwRgIhAPixh5XV7xhheyGjeo5Gcf/gc4r0gu1BbASvaXJCW68VAiEA
xP/AOVEvXfMwPFl4OP2sNAACVmpAkCePipxM29fn0xkAdgBIsONr2qZHNA/lagL6
nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY13KJTRAAAEAwBHMEUCIEsx70d8kOvrmRMT
Q9LKtX9k6kvYNj8Zoh5KJfIgtUf6AiEA69EDBUsp1l7F/K1qoTiaQwi+kJcyUlaT
9+M0bYfSvzswDQYJKoZIhvcNAQELBQADggEBADRphNZjLeMVBhw9V8EPeQHpW7JH
JZTDU0LcN/K1OW/roCQM4A+MVEsVInQ1mGeyKyQ7nBVmXsG+ttc1CD+ER1+B0VWl
85Nd6Y8h/CKDPF/jUaKn0h0xjXLGXHPoPOm5h7M6cVy6p1xxka+5CM5sE7/eZAEp
+rfzadVbJtGLJqymhb5/LjKBNJ/J/pasz0lu5yBe1BvE62+Su6sCtukN1WJ1GmBK
7ViRFO77md2nVWaZtBw+th1UvrX/swYmWeqXdUzxgqhvW3yrv+NVKNPn2v8ojDfM
AeVtA0pFHvzHcrYD5h6sdkY4vzQ0ikND46K2ivUp0hw6LE7Kh0MhtKOuWoY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9G9clNhmweL41Jx+Y12q
SsPRq7R+GQwhm4LkzhVeQVXq2rXg5hzyR103ZoymBidjeKLH097QTK6CUWqJ9VXH
1vgpXkmRfbn4381+uIYcMU3Y2AV+3aRdg7RgKcc4YiPYtW6VWNnNozWimWrarOHe
BB9tNq6Ed35g32fJRRe8NX6LZdyZr3aJVbQlzX1+FfWQLo9HF10MAKz7M8Hw4HYQ
eD9tLakIMhSrEMSzZpSizMUDp3aHvx44U8oeWJB84UwqAhoC6neNH2K7pXioRHSF
sE895cHpQkTRmXV082mE/IyeQChs7xKDgQ4Wxq/6cVQmm9V4H6nEEjvNxv9EmDZL
QQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 219857616327692826116289076139015811426
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-05 01:46:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-05 01:46:03 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lal.org.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30857060886149674015548687756701493833456730509573302726712723402771452508401390987127495617609442563814931001946411137408963760979630051182456060183323483791457960178901868075773082832344343645166105147197074156551430885358695047971026105815845101241185214471080293603402600655387382952638028540624013419722419574142689500602462205492402782266729000005993262125375599932714548205186933394187187183974999552849709645909642666566406769772196961236693381773661030849367817107264804211247894100622708647221556691723593862215400959576759838658301855624156088961023682324946824631915577695346028235195358419006509335071553
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							764f7bc89107cfbb6f2cd6e7b60f3a540ae3f5c2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/9UbhJhsn2_A'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lal.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lal.org.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/eexkC2PJxaw.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d772894ae0000040300483046022100f8b18795d5ef18617b21a37a8e4671ffe0738af482ed416c04af6972425baf15022100c4ffc039512f5df3303c597838fdac340002566a4090278f8a9c4cdbd7e7d31900760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d772894d1000004030047304502204b31ef477c90ebeb99131343d2cab57f64ea4bd8363f19a21e4a25f220b547fa022100ebd103054b29d65ec5fcad6aa1389a4308be909732525693f7e3346d87d2bf3b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00346984d6632de315061c3d57c10f7901e95bb2472594c35342dc37f2b5396feba0240ce00f8c544b152274359867b22b243b9c15665ec1beb6d735083f84475f81d155a5f3935de98f21fc22833c5fe351a2a7d21d318d72c65c73e83ce9b987b33a715cbaa75c7191afb908ce6c13bfde640129fab7f369d55b26d18b26aca685be7f2e3281349fc9fe96accf496ee7205ed41bc4eb6f92bbab02b6e90dd562751a604aed589114eefb99dda7556699b41c3eb61d54beb5ffb3062659ea97754cf182a86f5b7cabbfe35528d3e7daff288c37cc01e56d034a451efcc772b603e61eac764638bf34348a4343e3a2b68af529d21c3a2c4eca874321b4a3ae5a86