Certificate Transparency search

Free, fast search for unexpired certificates from CT logs, with grouped results for easier review.

Found 13 unexpired certificates in 1 group.

Certificate result group 1

SAN set
rapidresponse.synology.me*.rapidresponse.synology.me
Coverage ends (UTC)
2026-10-14 20:2387d
Certificates in this group
Details Issuer organization Serial Logged at (UTC) Valid until (UTC) , sorted ascending
Let's Encrypt 067d0d8c4c1914a5e98a99ea4c26fb35c3ce
2026-05-08 03:14
2026-08-06 02:1618d
Let's Encrypt 06d255326e037e3a034b8dd8e9c247b460c1
2026-05-08 03:14
2026-08-06 02:1618d
Let's Encrypt 05acd403dc4251f1bbf1e33169a68d25fde2
2026-06-25 20:25
2026-09-23 19:2666d
Let's Encrypt 05d63473ec59412d5f57fbad7a714599d541
2026-06-25 20:25
2026-09-23 19:2666d
Let's Encrypt 050b7725e90f51aca5a33674136ebb9f0193
2026-06-25 20:29
2026-09-23 19:3066d
Let's Encrypt 05e6e1a836821828e24d82e68883f0ff8350
2026-06-25 20:29
2026-09-23 19:3066d
Let's Encrypt 058fa6974262472f5393b71f59e810de2f1e
2026-06-25 20:53
2026-09-23 19:5466d
Let's Encrypt 05af66ba15695eb331fa6687d7ee080cb759
2026-07-01 19:20
2026-09-29 18:2172d
Let's Encrypt 055579d6099d8f1f5997bb3ea815144ef12f
2026-07-01 19:20
2026-09-29 18:2172d
Let's Encrypt 05544f74962259cf1496a5dc7e4003f173cd
2026-07-01 19:26
2026-09-29 18:2872d
Let's Encrypt 05c0c66000c04c7663a878a537008d9f6143
2026-07-01 19:26
2026-09-29 18:2872d
Let's Encrypt 057c2838af65cc370d52ee6dc58de533dda1
2026-07-16 21:22
2026-10-14 20:2387d
Let's Encrypt 051b0c349e160b47f19dccf6b90c7112f863
2026-07-16 21:22
2026-10-14 20:2387d

Search scope options

DNS SAN (exact)

Matches only an identical DNS SAN value, including literal wildcards.

Search*.example.com
Matches*.example.com
Does not matchwww.example.com*.example.com.au
DNS host coverage

Matches certificates that directly cover the host, including a wildcard for the parent domain.

Searchwww.example.com
Matcheswww.example.com*.example.com
Does not matchsub.www.example.combadwww.example.comwww.example.com.au
DNS host and subdomains

Matches direct host coverage plus certificates issued for names below the host.

Searchwww.example.com
Matcheswww.example.com*.example.comsub.www.example.comdeeper.sub.www.example.com
Does not matchbadwww.example.comwww.example.com.au

What is Certificate Transparency?

Certificate Transparency is a public logging system for publicly trusted TLS certificates. It makes certificate issuance visible, so domain owners, security researchers, and others can monitor which certificates have been issued by publicly trusted certificate authorities.

Related: we used Certificate Transparency data to analyze when TLS certificates are renewed and how often renewal happens after expiration.

When do new certificates appear?

Publicly trusted TLS server certificates are normally available in search within 10 minutes of being issued.

Are both pre-certificates and final certificates shown?

Certificate Transparency logs may contain a pre-certificate, the final certificate, or both for the same issued certificate. Search results show one result per real certificate. When both a pre-certificate and its corresponding final certificate are found, they are deduplicated into a single result.

Deduplication uses the combination of TBS-no-CT SHA-256 and Issuer SPKI SHA-256. TBS-no-CT SHA-256 identifies the certificate’s to-be-signed data after Certificate Transparency-specific fields have been removed, allowing the pre-certificate and final certificate to match for deduplication.

What is CertObserver?

CertObserver is a certificate monitoring platform that helps teams track TLS certificates, Certificate Transparency activity, and renewal risk across the domains they operate.