DV SSL/TLS Certificate for *.ukko.fi

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M02)

About the *.ukko.fi DV SSL/TLS Certificate

This certificate with serial number 0f:1b:a4:99:57:13:43:91:b4:a3:55:54:ae:60:41:c0 for *.ukko.fi was issued on by Amazon.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.ukko.fi provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 0f:1b:a4:99:57:13:43:91:b4:a3:55:54:ae:60:41:c0
Serial Number (int): 20081950415986526527298891524241113536
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: 24:9b:27:bd:6f:3f:b6:3d:28:7a:6b:96:73:fe:5a:fe:24:fa:f1:c9
Authority Key Identifier: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (SHA-1): 73:e8:71:a7:d7:6f:fa:4d:b7:5d:e5:1b:b5:5c:84:53:b9:48:82:bf
Fingerprint (SHA-256): 12:f9:b9:eb:a8:02:ff:85:08:67:ea:fa:36:6e:4e:45:33:21:82:7e:56:09:a5:7e:98:d3:f2:87:98:0a:dd:ea

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation Information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.ukko.fi
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.ukko.fi

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.ukko.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIQDxukmVcTQ5G0o1VUrmBBwDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI1MDYwMTAwMDAwMFoXDTI2MDYyOTIzNTk1OVowFDES
MBAGA1UEAwwJKi51a2tvLmZpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucxLJIrmb3EJGvEf6JuuTWkSVof03Ealf3eFmgPw/MxfgJjl/P41CYRFW5zg
Zefsi2DVAgzAFi8uyOOS2fa5c/2yXLJevrxpBOzn8Ewe7I1ODegsjW4ZDldbcaAf
Hb772J/b3RKGJ/47ig+DblWAFU6ucf1MUvmoCviojCJqI1k6BWM2Wt1egafgZ34V
UE6A2YdbVgwpyZkNaSir8b23lQ2XZ+TUwgMoHMuz4Gvffg/Sq1mIdA25mlA0VI+i
U3+TBd6JcFsPOOKG0TsDU0sOl8Mni33g7ypG+66WHjBHcIJVg7UB1ftzvMgc+G3q
+AZo/gwSz4j27nNwyKxdYueJNwIDAQABo4IC6zCCAucwHwYDVR0jBBgwFoAUwDFS
zVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFCSbJ71vP7Y9KHprlnP+Wv4k+vHJ
MB0GA1UdEQQWMBSCCSoudWtrby5maYIHdWtrby5maTATBgNVHSAEDDAKMAgGBmeB
DAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1
c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0
dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0
cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB
/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AA5XlLzzrqk+MxssmQez
95Dfm8I9cTIl3SGpJaxhxU4hAAABlyj3inQAAAQDAEcwRQIhAKg7u5eSwf7Vhoa2
YuxoLH8W8SwYSqZYXQ90/xBS48UxAiAiz0QanfZMVF9pFkVTuoENfx7UKeqYLGQJ
q8k6++c93AB2AGQRxGykEuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAABlyj3
irEAAAQDAEcwRQIhAO11ODHjYPQXAvd00HPETCTD3gF74A8JcBQEZaGkQGL2AiAO
OcyacSETGh2tupFzzlbgQjQTjlmTXW0ImhDaligkSgB2AEmcm2neHXzs/DbezYdk
prhbrwqHgBnRVVL76esp3fjDAAABlyj3isYAAAQDAEcwRQIhAMgflBkBrCsCvNF6
rmluhZKXDFytvzbFFW4ZUAoZ/tAZAiAczFHrvM3mpkHasUTTWtZ5HyefGAfR9q8r
smyr63g4SzANBgkqhkiG9w0BAQsFAAOCAQEAeEp2L82pEt27uBpCBaTHl3uiaJcE
4OMeSpzprqpi460OMokeOJBRlGA7UEN5+oIPbWJ+2m7zlGKw//FD/o2xQ1jB0MzO
zHb7WqHdMxt9t23aNsk4gif0vby/hDbQbMFiG8+Afh8fqjy9pBNggYTcEvZbnYKV
nOpvWydgAtjexKfKIDIP6ee5QHxmroZ1Tvgk5HzZPrdRwoZoMTofCb71mW2e6U2k
EWa7LoykrTqKIkGGhl3IdMiF3cEhlIvoUh2lmtCHCgmZEFCqoTHDEsSaq6Hcyllp
EhPa+lgmcvH8Rhr9/lGTMoxZpuhtPT4zLUCt8Ec1ryGTWjodvzpeaTWlbA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucxLJIrmb3EJGvEf6Juu
TWkSVof03Ealf3eFmgPw/MxfgJjl/P41CYRFW5zgZefsi2DVAgzAFi8uyOOS2fa5
c/2yXLJevrxpBOzn8Ewe7I1ODegsjW4ZDldbcaAfHb772J/b3RKGJ/47ig+DblWA
FU6ucf1MUvmoCviojCJqI1k6BWM2Wt1egafgZ34VUE6A2YdbVgwpyZkNaSir8b23
lQ2XZ+TUwgMoHMuz4Gvffg/Sq1mIdA25mlA0VI+iU3+TBd6JcFsPOOKG0TsDU0sO
l8Mni33g7ypG+66WHjBHcIJVg7UB1ftzvMgc+G3q+AZo/gwSz4j27nNwyKxdYueJ
NwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20081950415986526527298891524241113536
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-06-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ukko.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23454827311226293222173101391397629970660886593270746681893483967425865476250336511380739317573711253837710859659157036463122537835463257051080627795375645993673590108877318073117794419603268771075087858696223665599201543120468478048859686584041459675846313904147649614516369577374072993798749125084766926422204430499893756319258864762603286993993319848266702834353090603009954102284796911499052719628638550219710020908236415308652452415758794921225877523591277809839401541354307376776820389504478459444202650906145812405991994096661534962822993861584133252921472710836291721276624868402957701185967791270829635373367
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							249b27bd6f3fb63d287a6b9673fe5afe24faf1c9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ukko.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ukko.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e210000019728f78a740000040300473045022100a83bbb9792c1fed58686b662ec682c7f16f12c184aa6585d0f74ff1052e3c531022022cf441a9df64c545f69164553ba810d7f1ed429ea982c6409abc93afbe73ddc0076006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf00000019728f78ab10000040300473045022100ed753831e360f41702f774d073c44c24c3de017be00f0970140465a1a44062f602200e39cc9a7121131a1dadba9173ce56e04234138e59935d6d089a10da9628244a007600499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c30000019728f78ac60000040300473045022100c81f941901ac2b02bcd17aae696e8592970c5cadbf36c5156e19500a19fed01902201ccc51ebbccde6a641dab144d35ad6791f279f1807d1f6af2bb26cabeb78384b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00784a762fcda912ddbbb81a4205a4c7977ba2689704e0e31e4a9ce9aeaa62e3ad0e32891e38905194603b504379fa820f6d627eda6ef39462b0fff143fe8db14358c1d0cccecc76fb5aa1dd331b7db76dda36c9388227f4bdbcbf8436d06cc1621bcf807e1f1faa3cbda413608184dc12f65b9d82959cea6f5b276002d8dec4a7ca20320fe9e7b9407c66ae86754ef824e47cd93eb751c28668313a1f09bef5996d9ee94da41166bb2e8ca4ad3a8a224186865dc874c885ddc121948be8521da59ad0870a09991050aaa131c312c49aaba1dcca59691213dafa582672f1fc461afdfe5193328c59a6e86d3d3e332d40adf04735af21935a3a1dbf3a5e6935a56c