cka.aa.com

- American Airlines Inc. -

Issued by Thawte SSL CA

About this certificate

This digital certificate with serial number 79:6a:73:c5:2b:26:8c:a4:73:65:77:8c:03:f0:79:bd was issued on by Thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

American Airlines Inc.

Organization: American Airlines Inc.
Organization unit: American Airlines ITS
State / Province: Texas
Locality: Fort Worth
Country: US

Thawte, Inc.

Organization: Thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 79:6a:73:c5:2b:26:8c:a4:73:65:77:8c:03:f0:79:bd
Serial Number (int): 161389319055386406370510154199630641597
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId:

Fingerprint (sha1): b7:91:71:59:2b:df:56:ad:6b:21:f0:f9:2e:31:fb:c1:bc:69:11:b3
Fingerprint (sha256): 00:ac:25:77:c9:f2:a5:0f:22:a0:0f:82:29:6f:c5:35:54:5f:36:66:94:99:de:4f:0c:a8:e5:29:ba:2d:6c:88


Revocation information

OCSP Server: http://ocsp.thawte.com
CRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl

Check the revocation status for certificate cka.aa.com

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cka.aa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Extended Key Usages

Server Authentication
Client Authentication

Extensions

4 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name aa.com

(limited to 100 certificates)
psastage.aa.com
bc-stage.aa.com
boss-cdc.stage.aa.com
dtr.phx.aa.com
fos.aa.com
custhubmdm-grp1.tul.aa.com
mdmds.test.aa.com
aspectwfm.cdc.aa.com
nrsqa.test.qcorpaa.aa.com
mfa.aa.com
admin.aa.com
aemes.envoy.aa.com
loyaltypartnercitibenefit.stage.aa.com
pilotpbs-sb.aa.com
pilot-tts.aa.com
techopsk2.uat.corpaa.aa.com
smetrics.aa.com
americanwaymagazine.com
stage.aa.com
cass.qcorpaa.aa.com
apps.usairways.com
wb.etm.aa.com
yada-beta.stage.aa.com
fb-pdc.aa.com
mclastage.aa.com
cka.aa.com
*.apps.cpepaas.aa.com
owrcm.aa.com
airportal-pdc.aa.com
handpunch.aa.com
fapbsbvr-ws.aa.com
get.azpw.aa.com
itas.aa.com
admin.awarenessnetworks.com
tmscsurvey-test.aa.com
aacloud.qa.esoa.qcorpaa.aa.com
aaapac-expcluster-e01-hon1.aa.com
cass-stage.aa.com
checkfree-stage.aa.com
americaneagle.aa.com
spe-nonprod.aa.com
bw-a.pdc.aa.com
racf.stage.aa.com
lmo.me.aa.com
ifs.aa.com
salt-np.aa.com
scdfwappp1000001.corpaa.aa.com
aacs.stage.esoa.aa.com
pssi.stage.esoa.aa.com
aapilots.com
qa-cdn.flyaa.aa.com
aana-expcluster-e01-bv1.aa.com
cbjocaz.aa.com
newemployeetravel.test.aa.com
diversions-stg.lka.aa.com
res-keystar.stage.aa.com
aasales.dev.esoa.qcorpaa.aa.com
ssofedpdc.aa.com
aepp.jetnet.aa.com
airport360.aa.com
esdfwovp0000001.DFWD1.aa.com
app.aa.com
wb.etm.aa.com
smlogin.qtcorpaa.aa.com
eworkforce.aa.com
Aircraft-cdc.mx.techops.aa.com
uagzeusn.aa.com
premium.stage.aa.com
mercury-cert.aa.com
yada-beta.stage.aa.com
etqstage.aa.com
webref.stage.aa.com
ox-d.aa.com
isolve.aa.com
ltuappp04.corpaa.aa.com
www.aa.com
yada.aa.com
crewwatch-stg.ido.horizon.cherokee.aa.com
mopsmanager.qcorpaa.aa.com
concourse.ci.qcorpaa.aa.com
hub.aa.com
psa.qcorpaa.aa.com
sharedcontent1-stg.aa.com
rovrplus-gateway-east.aa.com
bc.aa.com
faroms-trng.aa.com
soa.apim.dev.sales.aa.com
sharedcontent1-stg-mg-cdc.aa.com
yada-beta.stage.aa.com
handpunch.aa.com
manuals-stage.aa.com
portal45.stage.jetnet.aa.com
*.apps.cpepaas.aa.com
ssc.stagereg.aa.com
fsa.aa.com
npportal-tmp.aa.com
americanwaymagazine.com
security.aa.com
atd.jetnet.aa.com
*.sr.prd.pdc.aa.com

Certificate

The complete raw certificate details for cka.aa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIID8DCCAtigAwIBAgIQeWpzxSsmjKRzZXeMA/B5vTANBgkqhkiG9w0BAQUFADA8
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U
aGF3dGUgU1NMIENBMB4XDTExMDMyMTAwMDAwMFoXDTEzMDMyMDIzNTk1OVowgYgx
CzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVUZXhhczETMBEGA1UEBxQKRm9ydCBXb3J0
aDEfMB0GA1UEChQWQW1lcmljYW4gQWlybGluZXMgSW5jLjEeMBwGA1UECxQVQW1l
cmljYW4gQWlybGluZXMgSVRTMRMwEQYDVQQDFApja2EuYWEuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHp8sm6cGIXw++XhEPYg1ymDsjiDiMQP
duDLGHKG0IUAsbXMj6vqyq1GqoNnJMchwGzjL2lSl5Lb8GnA2tgcVfFtQM5aL8IB
GufLiuOBOE/soV0rtGg/w3OnICMq4LwaldJnOOPn7tpmo6oeTRb6hY459077m4jG
BT0CTdwfvdVqS4mjDCOqxqXjbW2+3jEUZN4hz7akgNzNZNz8I/q3gz4E90lB/lZd
XfsX2ov7xP3oW/4kWOHLguQpy4uMi/66oJI0YC1HtY/MdODiT7fPSYu0r17ADg3H
d4oH1CNDAOtXTETloBRnV9HuNMQGljdvXr3WsQb6ENx5IitKzV4JqwIDAQABo4Gg
MIGdMAwGA1UdEwEB/wQCMAAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL3N2ci1v
di1jcmwudGhhd3RlLmNvbS9UaGF3dGVPVi5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
L29jc3AudGhhd3RlLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAE+/89Xjoq+LxvX8x
7+9GXIGvkhcJo/5ZTCcueKg/xSUi9YRLU+NZ7E7RUGPGophsnIDBBts7DIJAfn8s
iwO69P+U6SK5+Vmc8fw/dGh9UykPoYH5TJ+i0s2+JIMkaaT9OCysUuZjCcYTfuwt
1QcmUleFsUNrEc/fX36Blg9mvTu3bar+lWvuPuq/+xjWamRysA1Y+lwwySSyXfjT
dBymAT5SIaAn7RXsIRuEz/Aj3dEDuApImi0JtUlLE6XDMNBHl0+8SE7iaGZqcdZi
Tjjnh3Csg8sG63C3u+dapKIOpPqz79kY8XkAfCwwqBnFiWVmLtdBpIWNcatR7+4N
Zav5jA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHp8sm6cGIXw++XhEPYg
1ymDsjiDiMQPduDLGHKG0IUAsbXMj6vqyq1GqoNnJMchwGzjL2lSl5Lb8GnA2tgc
VfFtQM5aL8IBGufLiuOBOE/soV0rtGg/w3OnICMq4LwaldJnOOPn7tpmo6oeTRb6
hY459077m4jGBT0CTdwfvdVqS4mjDCOqxqXjbW2+3jEUZN4hz7akgNzNZNz8I/q3
gz4E90lB/lZdXfsX2ov7xP3oW/4kWOHLguQpy4uMi/66oJI0YC1HtY/MdODiT7fP
SYu0r17ADg3Hd4oH1CNDAOtXTETloBRnV9HuNMQGljdvXr3WsQb6ENx5IitKzV4J
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 161389319055386406370510154199630641597
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-03-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-03-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Texas'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Fort Worth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'American Airlines Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'American Airlines ITS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'cka.aa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25308061632229187905467857060173161961242622286109268615168638838848215231360932175030905785574876250791364306377774252916880052383144003610562691915404461528502645837203828389803821943996862011369595400634068869134593415440818638110522190628201727862430974837322160893188178520508916808000855895776240923927983238849707716417290380789605188942337599510781098305953781445174807159747227117560373518547418051963416131026128450714714224519062794187782860703685113481444307139884470365030743281107782222543418931580311950640713156898017960828043757737686014541060926047943036020743394718372001316666256397639194502891947
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0013effcf578e8abe2f1bd7f31efef465c81af921709a3fe594c272e78a83fc52522f5844b53e359ec4ed15063c6a2986c9c80c106db3b0c82407e7f2c8b03baf4ff94e922b9f9599cf1fc3f74687d53290fa181f94c9fa2d2cdbe24832469a4fd382cac52e66309c6137eec2dd50726525785b1436b11cfdf5f7e81960f66bd3bb76daafe956bee3eeabffb18d66a6472b00d58fa5c30c924b25df8d3741ca6013e5221a027ed15ec211b84cff023ddd103b80a489a2d09b5494b13a5c330d047974fbc484ee268666a71d6624e38e78770ac83cb06eb70b7bbe75aa4a20ea4fab3efd918f179007c2c30a819c58965662ed741a4858d71ab51efee0d65abf98c