cka.aa.com
- American Airlines Inc. -
Issued by Thawte SSL CA
About this certificate
This digital certificate with serial number 79:6a:73:c5:2b:26:8c:a4:73:65:77:8c:03:f0:79:bd was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
American Airlines Inc.
Organization:
American Airlines Inc.
Organization unit: American Airlines ITS
Organization unit: American Airlines ITS
State / Province:
Texas
Locality: Fort Worth
Country: US
Locality: Fort Worth
Country: US
Thawte, Inc.
Organization:
Thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 79:6a:73:c5:2b:26:8c:a4:73:65:77:8c:03:f0:79:bdSerial Number (int): 161389319055386406370510154199630641597
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId:
Fingerprint (sha1): b7:91:71:59:2b:df:56:ad:6b:21:f0:f9:2e:31:fb:c1:bc:69:11:b3
Fingerprint (sha256): 00:ac:25:77:c9:f2:a5:0f:22:a0:0f:82:29:6f:c5:35:54:5f:36:66:94:99:de:4f:0c:a8:e5:29:ba:2d:6c:88
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl
Check the revocation status for certificate cka.aa.com
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cka.aa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Extended Key Usages
Server Authentication
Client Authentication
Extensions
4 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name aa.com
(limited to 100 certificates)
psastage.aa.com
bc-stage.aa.com
boss-cdc.stage.aa.com
dtr.phx.aa.com
fos.aa.com
custhubmdm-grp1.tul.aa.com
mdmds.test.aa.com
aspectwfm.cdc.aa.com
nrsqa.test.qcorpaa.aa.com
mfa.aa.com
admin.aa.com
aemes.envoy.aa.com
loyaltypartnercitibenefit.stage.aa.com
pilotpbs-sb.aa.com
pilot-tts.aa.com
techopsk2.uat.corpaa.aa.com
smetrics.aa.com
americanwaymagazine.com
stage.aa.com
cass.qcorpaa.aa.com
apps.usairways.com
wb.etm.aa.com
yada-beta.stage.aa.com
fb-pdc.aa.com
mclastage.aa.com
cka.aa.com
*.apps.cpepaas.aa.com
owrcm.aa.com
airportal-pdc.aa.com
handpunch.aa.com
fapbsbvr-ws.aa.com
get.azpw.aa.com
itas.aa.com
admin.awarenessnetworks.com
tmscsurvey-test.aa.com
aacloud.qa.esoa.qcorpaa.aa.com
aaapac-expcluster-e01-hon1.aa.com
cass-stage.aa.com
checkfree-stage.aa.com
americaneagle.aa.com
spe-nonprod.aa.com
bw-a.pdc.aa.com
racf.stage.aa.com
lmo.me.aa.com
ifs.aa.com
salt-np.aa.com
scdfwappp1000001.corpaa.aa.com
aacs.stage.esoa.aa.com
pssi.stage.esoa.aa.com
aapilots.com
qa-cdn.flyaa.aa.com
aana-expcluster-e01-bv1.aa.com
cbjocaz.aa.com
newemployeetravel.test.aa.com
diversions-stg.lka.aa.com
res-keystar.stage.aa.com
aasales.dev.esoa.qcorpaa.aa.com
ssofedpdc.aa.com
aepp.jetnet.aa.com
airport360.aa.com
esdfwovp0000001.DFWD1.aa.com
app.aa.com
wb.etm.aa.com
smlogin.qtcorpaa.aa.com
eworkforce.aa.com
Aircraft-cdc.mx.techops.aa.com
uagzeusn.aa.com
premium.stage.aa.com
mercury-cert.aa.com
yada-beta.stage.aa.com
etqstage.aa.com
webref.stage.aa.com
ox-d.aa.com
isolve.aa.com
ltuappp04.corpaa.aa.com
www.aa.com
yada.aa.com
crewwatch-stg.ido.horizon.cherokee.aa.com
mopsmanager.qcorpaa.aa.com
concourse.ci.qcorpaa.aa.com
hub.aa.com
psa.qcorpaa.aa.com
sharedcontent1-stg.aa.com
rovrplus-gateway-east.aa.com
bc.aa.com
faroms-trng.aa.com
soa.apim.dev.sales.aa.com
sharedcontent1-stg-mg-cdc.aa.com
yada-beta.stage.aa.com
handpunch.aa.com
manuals-stage.aa.com
portal45.stage.jetnet.aa.com
*.apps.cpepaas.aa.com
ssc.stagereg.aa.com
fsa.aa.com
npportal-tmp.aa.com
americanwaymagazine.com
security.aa.com
atd.jetnet.aa.com
*.sr.prd.pdc.aa.com
bc-stage.aa.com
boss-cdc.stage.aa.com
dtr.phx.aa.com
fos.aa.com
custhubmdm-grp1.tul.aa.com
mdmds.test.aa.com
aspectwfm.cdc.aa.com
nrsqa.test.qcorpaa.aa.com
mfa.aa.com
admin.aa.com
aemes.envoy.aa.com
loyaltypartnercitibenefit.stage.aa.com
pilotpbs-sb.aa.com
pilot-tts.aa.com
techopsk2.uat.corpaa.aa.com
smetrics.aa.com
americanwaymagazine.com
stage.aa.com
cass.qcorpaa.aa.com
apps.usairways.com
wb.etm.aa.com
yada-beta.stage.aa.com
fb-pdc.aa.com
mclastage.aa.com
cka.aa.com
*.apps.cpepaas.aa.com
owrcm.aa.com
airportal-pdc.aa.com
handpunch.aa.com
fapbsbvr-ws.aa.com
get.azpw.aa.com
itas.aa.com
admin.awarenessnetworks.com
tmscsurvey-test.aa.com
aacloud.qa.esoa.qcorpaa.aa.com
aaapac-expcluster-e01-hon1.aa.com
cass-stage.aa.com
checkfree-stage.aa.com
americaneagle.aa.com
spe-nonprod.aa.com
bw-a.pdc.aa.com
racf.stage.aa.com
lmo.me.aa.com
ifs.aa.com
salt-np.aa.com
scdfwappp1000001.corpaa.aa.com
aacs.stage.esoa.aa.com
pssi.stage.esoa.aa.com
aapilots.com
qa-cdn.flyaa.aa.com
aana-expcluster-e01-bv1.aa.com
cbjocaz.aa.com
newemployeetravel.test.aa.com
diversions-stg.lka.aa.com
res-keystar.stage.aa.com
aasales.dev.esoa.qcorpaa.aa.com
ssofedpdc.aa.com
aepp.jetnet.aa.com
airport360.aa.com
esdfwovp0000001.DFWD1.aa.com
app.aa.com
wb.etm.aa.com
smlogin.qtcorpaa.aa.com
eworkforce.aa.com
Aircraft-cdc.mx.techops.aa.com
uagzeusn.aa.com
premium.stage.aa.com
mercury-cert.aa.com
yada-beta.stage.aa.com
etqstage.aa.com
webref.stage.aa.com
ox-d.aa.com
isolve.aa.com
ltuappp04.corpaa.aa.com
www.aa.com
yada.aa.com
crewwatch-stg.ido.horizon.cherokee.aa.com
mopsmanager.qcorpaa.aa.com
concourse.ci.qcorpaa.aa.com
hub.aa.com
psa.qcorpaa.aa.com
sharedcontent1-stg.aa.com
rovrplus-gateway-east.aa.com
bc.aa.com
faroms-trng.aa.com
soa.apim.dev.sales.aa.com
sharedcontent1-stg-mg-cdc.aa.com
yada-beta.stage.aa.com
handpunch.aa.com
manuals-stage.aa.com
portal45.stage.jetnet.aa.com
*.apps.cpepaas.aa.com
ssc.stagereg.aa.com
fsa.aa.com
npportal-tmp.aa.com
americanwaymagazine.com
security.aa.com
atd.jetnet.aa.com
*.sr.prd.pdc.aa.com
Certificate
The complete raw certificate details for cka.aa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIID8DCCAtigAwIBAgIQeWpzxSsmjKRzZXeMA/B5vTANBgkqhkiG9w0BAQUFADA8 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U aGF3dGUgU1NMIENBMB4XDTExMDMyMTAwMDAwMFoXDTEzMDMyMDIzNTk1OVowgYgx CzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVUZXhhczETMBEGA1UEBxQKRm9ydCBXb3J0 aDEfMB0GA1UEChQWQW1lcmljYW4gQWlybGluZXMgSW5jLjEeMBwGA1UECxQVQW1l cmljYW4gQWlybGluZXMgSVRTMRMwEQYDVQQDFApja2EuYWEuY29tMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHp8sm6cGIXw++XhEPYg1ymDsjiDiMQP duDLGHKG0IUAsbXMj6vqyq1GqoNnJMchwGzjL2lSl5Lb8GnA2tgcVfFtQM5aL8IB GufLiuOBOE/soV0rtGg/w3OnICMq4LwaldJnOOPn7tpmo6oeTRb6hY459077m4jG BT0CTdwfvdVqS4mjDCOqxqXjbW2+3jEUZN4hz7akgNzNZNz8I/q3gz4E90lB/lZd XfsX2ov7xP3oW/4kWOHLguQpy4uMi/66oJI0YC1HtY/MdODiT7fPSYu0r17ADg3H d4oH1CNDAOtXTETloBRnV9HuNMQGljdvXr3WsQb6ENx5IitKzV4JqwIDAQABo4Gg MIGdMAwGA1UdEwEB/wQCMAAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL3N2ci1v di1jcmwudGhhd3RlLmNvbS9UaGF3dGVPVi5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov L29jc3AudGhhd3RlLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAE+/89Xjoq+LxvX8x 7+9GXIGvkhcJo/5ZTCcueKg/xSUi9YRLU+NZ7E7RUGPGophsnIDBBts7DIJAfn8s iwO69P+U6SK5+Vmc8fw/dGh9UykPoYH5TJ+i0s2+JIMkaaT9OCysUuZjCcYTfuwt 1QcmUleFsUNrEc/fX36Blg9mvTu3bar+lWvuPuq/+xjWamRysA1Y+lwwySSyXfjT dBymAT5SIaAn7RXsIRuEz/Aj3dEDuApImi0JtUlLE6XDMNBHl0+8SE7iaGZqcdZi Tjjnh3Csg8sG63C3u+dapKIOpPqz79kY8XkAfCwwqBnFiWVmLtdBpIWNcatR7+4N Zav5jA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHp8sm6cGIXw++XhEPYg 1ymDsjiDiMQPduDLGHKG0IUAsbXMj6vqyq1GqoNnJMchwGzjL2lSl5Lb8GnA2tgc VfFtQM5aL8IBGufLiuOBOE/soV0rtGg/w3OnICMq4LwaldJnOOPn7tpmo6oeTRb6 hY459077m4jGBT0CTdwfvdVqS4mjDCOqxqXjbW2+3jEUZN4hz7akgNzNZNz8I/q3 gz4E90lB/lZdXfsX2ov7xP3oW/4kWOHLguQpy4uMi/66oJI0YC1HtY/MdODiT7fP SYu0r17ADg3Hd4oH1CNDAOtXTETloBRnV9HuNMQGljdvXr3WsQb6ENx5IitKzV4J qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 161389319055386406370510154199630641597 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-03-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-03-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Fort Worth' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'American Airlines Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'American Airlines ITS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'cka.aa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25308061632229187905467857060173161961242622286109268615168638838848215231360932175030905785574876250791364306377774252916880052383144003610562691915404461528502645837203828389803821943996862011369595400634068869134593415440818638110522190628201727862430974837322160893188178520508916808000855895776240923927983238849707716417290380789605188942337599510781098305953781445174807159747227117560373518547418051963416131026128450714714224519062794187782860703685113481444307139884470365030743281107782222543418931580311950640713156898017960828043757737686014541060926047943036020743394718372001316666256397639194502891947 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0013effcf578e8abe2f1bd7f31efef465c81af921709a3fe594c272e78a83fc52522f5844b53e359ec4ed15063c6a2986c9c80c106db3b0c82407e7f2c8b03baf4ff94e922b9f9599cf1fc3f74687d53290fa181f94c9fa2d2cdbe24832469a4fd382cac52e66309c6137eec2dd50726525785b1436b11cfdf5f7e81960f66bd3bb76daafe956bee3eeabffb18d66a6472b00d58fa5c30c924b25df8d3741ca6013e5221a027ed15ec211b84cff023ddd103b80a489a2d09b5494b13a5c330d047974fbc484ee268666a71d6624e38e78770ac83cb06eb70b7bbe75aa4a20ea4fab3efd918f179007c2c30a819c58965662ed741a4858d71ab51efee0d65abf98c