I've found a strange situation with the certificate for www.michelin.fr which I don't understand:
crt.sh shows that recent pre-certs were logged in various public logs, including the pre-cert for the currently used certificate
the certificate currently in use by the website is only registered with Submariner, a log which is supposed to mean that the Root is not trusted (if I understand correctly)
Can someone with deeper understanding of CT help me? In this strange situation, should the certificate be trusted? or not? Why?
Here's the crt.sh for the current cert : https://crt.sh/?id=4208557599
Any idea?
(I'm working on a CT related project and I was using michelin.fr as a test: I'm not related to this company at all)