appflow.test.saas.ibm.com

Issued by R3

About this certificate

This digital certificate with serial number 04:17:12:ab:92:c1:c3:c6:6b:90:4b:8d:d9:a2:47:79:3c:ef was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=appflow.test.saas.ibm.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:17:12:ab:92:c1:c3:c6:6b:90:4b:8d:d9:a2:47:79:3c:ef
Serial Number (int): 356300455129492936137969295320331035688175
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 46:6c:41:f5:63:25:8c:c3:cb:98:0f:0b:bd:83:64:41:8b:d9:a0:46
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 94:7f:ef:51:8e:ce:c4:0a:d5:1a:eb:ad:88:66:c2:39:a6:ad:c8:05
Fingerprint (sha256): 00:aa:e1:41:6b:68:8d:85:54:87:f7:70:14:74:66:f8:ab:a6:5e:44:d9:53:03:fe:47:cd:67:bc:e1:81:38:ec

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate appflow.test.saas.ibm.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for appflow.test.saas.ibm.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.appflow.test.saas.ibm.com
appflow.test.saas.ibm.com

Other certificates including the domain name ibm.com

(limited to 100 certificates)
sasvpn03.pok.ibm.com
webdk.dst.ibm.com
eventstreams.cloud.ibm.com
*.admin.cfapps.sapcp.cloud.ibm.com
eu-de-2-0.eu-de.apiconnect.test.cloud.ibm.com
www-919.ibm.com
*.cau.ibm.com
w3-501.ibm.com
statuspage.io
iespccu.sras.ibm.com
devops.test.cloud.ibm.com
prod-0.eu-de.apiconnect.cloud.ibm.com
sni.cloudflaressl.com
ssl515828.cloudflaressl.com
statuspage.io
iha01wdc.private.us-south.websphereappsvr.cloud.ibm.com
el01.podc.sl.edst.ibm.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mhasportal.mhas.ibm.com
ssl965152.cloudflaressl.com
watsonwork.ibm.com
gbnh2is220sdmxm.uk.ibm.com
gbsjira.in.edst.ibm.com
sni.cloudflaressl.com
ssl942376.cloudflaressl.com
ic-prestage-1-1.eu-de.apiconnect.test.cloud.ibm.com
sni.cloudflaressl.com
*.us-south.db2oncloud.cloud.ibm.com
ssl965007.cloudflaressl.com
*.cloudantnosqldb.cloud.ibm.com
statuspage.io
www.ess5.de.smi.ibm.com
download3.boulder.ibm.com
statuspage.io
dev-api-us.sec.ibm.com
web-chat.assistant.watson.cloud.ibm.com
containers.cloud.ibm.com
eu.smi.ibm.com
d24bml09.br.ibm.com
*.swg.usma.ibm.com
ssl748572.cloudflaressl.com
statuspage.io
mea.newsroom.ibm.com
frgr11ng23008.ng2.mop.ssm.sdc.gts.ibm.com
*.resource-controller.preprod.cloud.ibm.com
sni.cloudflaressl.com
ssl944689.cloudflaressl.com
resource-controller.cloud.ibm.com
sni.cloudflaressl.com
sni.cloudflaressl.com
domino.research.ibm.com
www.ibm.com
appflow.test.saas.ibm.com
staples.us-east.apiconnect.cloud.ibm.com
sni.cloudflaressl.com
ssl903019.cloudflaressl.com
ssl875348.cloudflaressl.com
service5.boulder.ibm.com
confluence-dev.wce.ibm.com
*.iacs.ibm.com
*.tools.ibm.com
w3.tap.ibm.com
ssl439395.cloudflaressl.com
sni.cloudflaressl.com
ssl876250.cloudflaressl.com
sni.cloudflaressl.com
status-beta.cloud.tenable.com
ssl505185.cloudflaressl.com
sni.cloudflaressl.com
hostedb2-scale-fyp.eu-de.db2oncloud.cloud.ibm.com
*.bastionx.cloud.ibm.com
ssoqa-mssiam.sec.ibm.com
ocp-550002y9v5-qx16.cloud.techzone.ibm.com
ssl389895.cloudflaressl.com
*.sandbox.maximomro.ibmiot.ibm.com
eventstreams.cloud.ibm.com
www.ibm.com
statuspage.io
isrvce.ibm.com
sni.cloudflaressl.com
eu-gb.monitoring.test.cloud.ibm.com
sni.cloudflaressl.com
ctl-remote-access-ps.boulder.us.sni.ibm.com
sni.cloudflaressl.com
msciftpgw.im-ies.ibm.com
hub.8b6a-441cd40b.eu-de.apiconnect.cloud.ibm.com
sni.cloudflaressl.com
*.rmc.test.cloud.ibm.com
sni.cloudflaressl.com
celsiusnetworkstatus.com
monitor.jumio.com
*.icds.ibm.com
ssl419666.cloudflaressl.com
ssl943434.cloudflaressl.com
sni.cloudflaressl.com
ssl942441.cloudflaressl.com
*.cf.sapcp.cloud.ibm.com
bpg-auth-tst.partnerworld.ibm.com
iga-bld-hde-01p.boulder.ibm.com

Certificate

The complete raw certificate details for appflow.test.saas.ibm.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEKTCCAxGgAwIBAgISBBcSq5LBw8ZrkEuN2aJHeTzvMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MDIwOTExNTZaFw0yNDA3MDEwOTExNTVaMCQxIjAgBgNVBAMT
GWFwcGZsb3cudGVzdC5zYWFzLmlibS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpJojjCDc7LpHKtokcXUaPxt4pIk5zgddzIhV0wF9+jxqlrAQQ
SUQUz1xrew4D+cNTvo72v0vDIxlS7t4fjG54tQ/b55iEFs60uZtk2ihp0g+xHsLr
JTLrZBIwyZQGuDGhkaNiILD35PGmC36fapypPQtsvFM7iyxQ3Vyz/8UuELu0FxLF
udOvq/3OtmF+pT1zUOT2xOM/AYjAUKIIIAKMNFdCGkoHoCOhBQo23kQo2h5IAqHC
EpriTNTRkMCuav5NtLttJjKcxpqFwptg9QLkRDisrBR7jAkocUhIXeMlBbyxAQCc
M6E2B6umPRKAFZdp7vxvk1MIFKMMhwvXEPcXAgMBAAGjggFFMIIBQTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFEZsQfVjJYzDy5gPC72DZEGL2aBGMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMEEGA1UdEQQ6MDiCGyouYXBwZmxvdy50ZXN0LnNhYXMuaWJt
LmNvbYIZYXBwZmxvdy50ZXN0LnNhYXMuaWJtLmNvbTATBgNVHSAEDDAKMAgGBmeB
DAECATATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGaK
xTSYjZBJ511dCoy0Z/u6K8+TldNPQVOJBGtgIpOlLRWdVSG8YKwktEWTqI7Gc0zT
zEu57cKtSz3OtDeXtJcyasOH/2YliuJrfPXNJQYcaaXwxNFNxa8wxUqYfoQZu/mR
6XKGayxxdxf38Ummx2EXffWVxBhNWz/XrzToqVqEkJExEIhvhUphPSKmfZg6SGm/
sUA+gTcFXyvPUfJb0Qo0jVB623GoH+4tOWWi6Pq7GHjrUL6T3ZKLebPNAouh6Jix
+DBas3tUlpUj9oAxv8rHJ+By79uebbP19EGpyfU+yDFbvcM7wTT/TXpkbAEq00Wm
BhbgoI26ZjqrCA4jNw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSaI4wg3Oy6RyraJHF1G
j8beKSJOc4HXcyIVdMBffo8apawEEElEFM9ca3sOA/nDU76O9r9LwyMZUu7eH4xu
eLUP2+eYhBbOtLmbZNooadIPsR7C6yUy62QSMMmUBrgxoZGjYiCw9+Txpgt+n2qc
qT0LbLxTO4ssUN1cs//FLhC7tBcSxbnTr6v9zrZhfqU9c1Dk9sTjPwGIwFCiCCAC
jDRXQhpKB6AjoQUKNt5EKNoeSAKhwhKa4kzU0ZDArmr+TbS7bSYynMaahcKbYPUC
5EQ4rKwUe4wJKHFISF3jJQW8sQEAnDOhNgerpj0SgBWXae78b5NTCBSjDIcL1xD3
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 356300455129492936137969295320331035688175
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-02 09:11:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-01 09:11:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'appflow.test.saas.ibm.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21353275715073885100759806327082847642619221663000380359040499475470071320574879099497245902142794107833108578053445067074347431150793747486415943264084338185043544597887499404703653943488772009707191998421482173700465702997007691004564526998084625503370889724459874228945486851864721802568791338715448699382900571391066731316954918180476948161196874251520820677313204167016372816723080188838230560638878366140463974514094992629971822144722045171651382824369586319764455711019045954022753440075126119780474114778471192375200786109260837838179957331816634859088981767822070978739126971212689831777367822109624992069399
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							466c41f563258cc3cb980f0bbd8364418bd9a046
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.appflow.test.saas.ibm.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appflow.test.saas.ibm.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004c668ac534988d9049e75d5d0a8cb467fbba2bcf9395d34f415389046b602293a52d159d5521bc60ac24b44593a88ec6734cd3cc4bb9edc2ad4b3dceb43797b497326ac387ff66258ae26b7cf5cd25061c69a5f0c4d14dc5af30c54a987e8419bbf991e972866b2c717717f7f149a6c761177df595c4184d5b3fd7af34e8a95a8490913110886f854a613d22a67d983a4869bfb1403e8137055f2bcf51f25bd10a348d507adb71a81fee2d3965a2e8fabb1878eb50be93dd928b79b3cd028ba1e898b1f8305ab37b54969523f68031bfcac727e072efdb9e6db3f5f441a9c9f53ec8315bbdc33bc134ff4d7a646c012ad345a60616e0a08dba663aab080e2337