Certificate for ip-172-31-86-210.ec2.internal

Certificate is witin its validity period

Issued by itself (self-signed)

About the ip-172-31-86-210.ec2.internal Certificate

This certificate with serial number 52:69:9f:bc:a9:3c:76:aa:15:9e:ca:bb:e0:ea:40:73:a5:eb:91:6b for ip-172-31-86-210.ec2.internal was issued on by itself (self-signed).

This Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this Certificate review for ip-172-31-86-210.ec2.internal provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
  • Subscriber Certificate: authorityInformationAccess MUST be present. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
  • Subscriber certificates MUST have the extended key usage extension present (BRs: 7.1.2.3)
  • TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC must not have a validity period greater than 398 days (https://support.apple.com/en-us/HT211025)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

ip-172-31-86-210.ec2.internal

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 52:69:9f:bc:a9:3c:76:aa:15:9e:ca:bb:e0:ea:40:73:a5:eb:91:6b
Serial Number (int): 470492736504902163331601876082537098581964984683
Serial Number Length: 159 bits, 20 octets

Subject Key Identifier:
Authority Key Identifier:

Fingerprint (SHA-1): dd:1f:69:ac:ea:c1:32:dd:71:59:ed:a9:45:38:c7:81:ed:07:7c:67
Fingerprint (SHA-256): 64:f0:4a:60:4b:b3:d6:ff:81:dd:b2:e9:d4:f2:f7:c5:fb:9d:8c:07:b5:8e:81:97:79:15:1f:29:63:d9:24:b6


Revocation Information


Check the revocation status for certificate ip-172-31-86-210.ec2.internal
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ip-172-31-86-210.ec2.internal

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
None
Extended Key Usages
None
Extensions
2
CA Certificate
This is not a CA certificate

Subject Alternative Names

ip-172-31-86-210.ec2.internal

X.509 Certificate

The complete raw X.509 certificate details for ip-172-31-86-210.ec2.internal in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIDFTCCAf2gAwIBAgIUUmmfvKk8dqoVnsq74OpAc6XrkWswDQYJKoZIhvcNAQEL
BQAwKDEmMCQGA1UEAwwdaXAtMTcyLTMxLTg2LTIxMC5lYzIuaW50ZXJuYWwwHhcN
MjEwMzMxMjMxMzMyWhcNMzEwMzI5MjMxMzMyWjAoMSYwJAYDVQQDDB1pcC0xNzIt
MzEtODYtMjEwLmVjMi5pbnRlcm5hbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAK5PjJyse4qEO+vVqvLRSxrVEZYRT+C0O5fug4KXaYNnbpayRb3wX05z
e3G7CJ9WHiZ7i2sC+LctcqxnTx85N0zGLzoT059OMYqv+FAJRHVu/7l0vwAN8jm6
e+EibylWy80qAXf/Hmmzd0KAip3lWloYGdU+u8K/jcBvYaHKm0aoRXm3SKkQZ7uT
IIeiHDIkNS5XVUJebOTEi9I0JEMGDEMS3XgnTKNlUSOErAx75uYuV9ywTEJjaaUl
ko/rg41g7NFJnySACKKY5lJWVM2lliq+/TV2vYEJczi5dF3wUhZWHtEs9unAimTm
JkEhk7Q3CfgRZ/a3ZBP/c3F0H1ViBUUCAwEAAaM3MDUwCQYDVR0TBAIwADAoBgNV
HREEITAfgh1pcC0xNzItMzEtODYtMjEwLmVjMi5pbnRlcm5hbDANBgkqhkiG9w0B
AQsFAAOCAQEAlF30zhag7Olmcy7CoWCMEbvAaXNv2R/u6sil9R23Zt3MAju6MZ/1
9Hy1ba63Rf4+JZHc+bshZysHssqhWmG/WPnUP49gm3sear2ffD9QMmS3ea6EqZuj
YPrQvpsfRIgRXj1Q6bXwlMm00IHdsGj0kqVjrwk4QaPhNiocbmKLek67IE9giau/
uoY1eCoZV+80YbVgsXbF5gOspCpG66VCkBgTrB+4EIaaIdx3h8K/fXbhypG7X+BS
E9R0U+YQnmmDUfnQB25r828NXvFG2AO28p6Rk11M58bl8l3iVFu11GuA0qkRqc78
aZBSVsCoWU36f4CfDz/Fs055PVGNsa5aEw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk+MnKx7ioQ769Wq8tFL
GtURlhFP4LQ7l+6Dgpdpg2dulrJFvfBfTnN7cbsIn1YeJnuLawL4ty1yrGdPHzk3
TMYvOhPTn04xiq/4UAlEdW7/uXS/AA3yObp74SJvKVbLzSoBd/8eabN3QoCKneVa
WhgZ1T67wr+NwG9hocqbRqhFebdIqRBnu5Mgh6IcMiQ1LldVQl5s5MSL0jQkQwYM
QxLdeCdMo2VRI4SsDHvm5i5X3LBMQmNppSWSj+uDjWDs0UmfJIAIopjmUlZUzaWW
Kr79NXa9gQlzOLl0XfBSFlYe0Sz26cCKZOYmQSGTtDcJ+BFn9rdkE/9zcXQfVWIF
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 470492736504902163331601876082537098581964984683
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ip-172-31-86-210.ec2.internal'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-31 23:13:32 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2031-03-29 23:13:32 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ip-172-31-86-210.ec2.internal'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22004692269005079614298807362315062795171187639943761307892899051346765299988034916162723721831353874163775053176629038084586845823805104998612585580877358368887932806111097407878279590994701264404911579602484111483085977991886360610070009210338178169720588377711806996947188357321223500870345013488676519755464295335973136618660463745063647761717593973222114279283734726704288855660923447844112643099887073190252722339592183275264164163090422133791562639706803764175295954324226217665049668734581423461465760215306553936696633988622895773647780863860485759103986304952462541824086078744939342338943458877912582849861
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ip-172-31-86-210.ec2.internal'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00945df4ce16a0ece966732ec2a1608c11bbc069736fd91feeeac8a5f51db766ddcc023bba319ff5f47cb56daeb745fe3e2591dcf9bb21672b07b2caa15a61bf58f9d43f8f609b7b1e6abd9f7c3f503264b779ae84a99ba360fad0be9b1f4488115e3d50e9b5f094c9b4d081ddb068f492a563af093841a3e1362a1c6e628b7a4ebb204f6089abbfba8635782a1957ef3461b560b176c5e603aca42a46eba542901813ac1fb810869a21dc7787c2bf7d76e1ca91bb5fe05213d47453e6109e698351f9d0076e6bf36f0d5ef146d803b6f29e91935d4ce7c6e5f25de2545bb5d46b80d2a911a9cefc69905256c0a8594dfa7f809f0f3fc5b34e793d518db1ae5a13