Certificate Transparency search

Free, fast search for unexpired certificates from CT logs, with grouped results for easier review.

Found 5 unexpired certificates in 3 groups.

Certificate result group 1

SAN set
www.linknacional.com.bradmin.linknacional.com.br
Coverage ends (UTC)
2026-09-18 13:5470d
Certificates in this group
Details Issuer organization Serial Logged at (UTC) Valid until (UTC) , sorted ascending
Let's Encrypt 064e582fa9b1be76dd09476bdcfdedbd9373
2026-04-20 12:44
2026-07-19 11:469d
Let's Encrypt 058aad44cd19e6b8171af500e20fcb528636
2026-06-20 14:53
2026-09-18 13:5470d

Certificate result group 2

SAN set
*.linknacional.com.brlinknacional.com.br
Coverage ends (UTC)
2026-09-23 23:2676d
Certificates in this group
Details Issuer organization Serial Logged at (UTC) Valid until (UTC) , sorted ascending
Google Trust Services 00b8e15cdbdf7a74010ecf36027d80035e
2026-06-25 23:28
2026-09-23 23:2676d
SSL Corporation 19298bec2100e611ca210451439f69e7
2026-06-25 23:29
2026-09-23 23:2676d

Certificate result group 3

SAN set
www.linknacional.com.brautoconfig.linknacional.com.br
Coverage ends (UTC)
2026-09-30 04:0082d
Certificates in this group
Details Issuer organization Serial Logged at (UTC) Valid until (UTC) , sorted ascending
Let's Encrypt 05b458d503aa1751a15bcbbe18869e654d86
2026-07-02 04:59
2026-09-30 04:0082d

Search scope options

DNS SAN (exact)

Matches only an identical DNS SAN value, including literal wildcards.

Search*.example.com
Matches*.example.com
Does not matchwww.example.com*.example.com.au
DNS host coverage

Matches certificates that directly cover the host, including a wildcard for the parent domain.

Searchwww.example.com
Matcheswww.example.com*.example.com
Does not matchsub.www.example.combadwww.example.comwww.example.com.au
DNS host and subdomains

Matches direct host coverage plus certificates issued for names below the host.

Searchwww.example.com
Matcheswww.example.com*.example.comsub.www.example.comdeeper.sub.www.example.com
Does not matchbadwww.example.comwww.example.com.au

What is Certificate Transparency?

Certificate Transparency is a public logging system for publicly trusted TLS certificates. It makes certificate issuance visible, so domain owners, security researchers, and others can monitor which certificates have been issued by publicly trusted certificate authorities.

Related: we used Certificate Transparency data to analyze when TLS certificates are renewed and how often renewal happens after expiration.

When do new certificates appear?

Publicly trusted TLS server certificates are normally available in search within 10 minutes of being issued.

Are both pre-certificates and final certificates shown?

Certificate Transparency logs may contain a pre-certificate, the final certificate, or both for the same issued certificate. Search results show one result per real certificate. When both a pre-certificate and its corresponding final certificate are found, they are deduplicated into a single result.

Deduplication uses the combination of TBS-no-CT SHA-256 and Issuer SPKI SHA-256. TBS-no-CT SHA-256 identifies the certificate’s to-be-signed data after Certificate Transparency-specific fields have been removed, allowing the pre-certificate and final certificate to match for deduplication.

What is CertObserver?

CertObserver is a certificate monitoring platform that helps teams track TLS certificates, Certificate Transparency activity, and renewal risk across the domains they operate.