payments.ig.com

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 08:20:f1:d6:3f:d5:72:39:5b:f7:58:97:d9:99:4b:77 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=payments.ig.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 08:20:f1:d6:3f:d5:72:39:5b:f7:58:97:d9:99:4b:77
Serial Number (int): 10804882501049295798676826141528509303
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: a0:0e:39:3d:c9:8a:2d:8d:0b:39:d3:20:18:f5:30:2a:08:d4:69:61
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 8d:d7:4b:e9:f2:2a:b6:e6:0d:ba:b8:ca:81:22:7b:ff:5a:ad:b6:a3
Fingerprint (sha256): 05:71:d2:06:f1:5c:a6:e0:04:19:e1:42:d7:34:eb:14:0f:3d:87:52:1a:0d:69:02:c7:3b:7b:ea:96:a2:b7:b8

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate payments.ig.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for payments.ig.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

payments.ig.com
*.payments.ig.com

Other certificates including the domain name ig.com

(limited to 100 certificates)
pages.chartsdtu.ig.com
statuspage.io
private-cloud.status.ovhcloud.dev
affiliates.ig.com
incapsula.com
affiliates.ig.com
statuspage.io
statuspage.io
status-media.bucketeer.jp
status-media.bucketeer.jp
etfscreener.ig.com
statuspage.io
router-ext-covg.ig.com
affiliates.ig.com
investments.ig.com
trade.ig.com
*.raf.ig.com
secure05.stage.lithium.com
community.ig.com
*.test.client-onboarding.ig.com
statuspage.io
mybranch.staging.tradedtu.ig.com
sbc2.ig.com
secure05.stage.lithium.com
sfbaccessuk1.ig.com
sepsbe.status.symantec.com
sepsbe.status.symantec.com
test-staging-branch-hoist.webshell.tradedtu.ig.com
edge.dtu.iggroup.net
statuspage.io
statuspage.io
autodiscover.ig.com
statuspage.io
autodiscover.ig.com
statuspage.io
payments.ig.com
status-media.bucketeer.jp
community.ig.com
statuspage.io
statuspage.io
chartsprd.ig.com
igamerica.ig.com
statuspage.io
web.ig.com
sitca.ig.com
status-media.bucketeer.jp
status-media.bucketeer.jp
affiliates.ig.com
test.chartsdtu.ig.com
statuspage.io
academy-api.ig.com
statuspage.io
statuspage.io
web.ig.com
statuspage.io
statuspage.io
web.ig.com
pages.chartsdtu.ig.com
*.dtu-dealing.mobile.ig.com
net-cpm.marketdatasystems.com
statuspage.io
dgs.ig.com
uat.webshell.tradedtu.ig.com
sts.iggroup.net
academy-api.ig.com
imperva.com
web.ig.com
statuspage.io
igamerica.ig.com
labgroup.ig.com
private-cloud.status.ovhcloud.dev
statuspage.io
secure05.stage.lithium.com
*.ig.com
statuspage.io
statuspage.io
statuspage.io
services.ig.com
investments-api.ig.com
igamerica.ig.com
statuspage.io
staging-branch-hoist.staging.tradedtu.ig.com
access.ig.com
statuspage.io
sepsbe.status.symantec.com
sfbaccessuk1.ig.com
status-media.bucketeer.jp
web-ca.ig.com
localhost.ig.com
affiliates.ig.com
incapsula.com
sepsbe.status.symantec.com
uat.screener.ig.com
academy-api.ig.com
uat.webshell.tradedtu.ig.com
affiliates.ig.com
investments.ig.com
secure05.stage.lithium.com
private-cloud.status.ovhcloud.dev
web.ig.com

Certificate

The complete raw certificate details for payments.ig.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEcDCCA1igAwIBAgIQCCDx1j/Vcjlb91iX2ZlLdzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI0MDIwODAwMDAwMFoXDTI1MDMwODIzNTk1OVowGjEY
MBYGA1UEAxMPcGF5bWVudHMuaWcuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxT/98SeC5ogL0doZXfxABIBXtmkDtkXqwrQGgN9ma+J2vsU6nVn/
ivbpt1NB18g7+80sJw/3CSKF3AB2A7J8fxCyjKkOtyGmkgtxy6vo/BVBAWwIAAuw
Nl4VY1ArL1ofu4a6wUFDlS2G7QCs5/FSjf86KILNOU7WJyPMB6/TiJX9bP2rSSvT
3CCag+CBa1F7PaijyYAaBwiw2MgQicA+hgxlXKijCVfdQsQzFF7RJWM4kBC36xE+
nH7n8BR+ndyG32vKapRQJNK7phdrabVHhTBtYXLB+syepOU+6mN/l55eIXUwtwwl
mFBxa59NXOPZBgIHAPSgbPW47h6Ag4JxCQIDAQABo4IBjjCCAYowHwYDVR0jBBgw
FoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFKAOOT3Jii2NCznTIBj1
MCoI1GlhMC0GA1UdEQQmMCSCD3BheW1lbnRzLmlnLmNvbYIRKi5wYXltZW50cy5p
Zy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRw
Oi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUH
AQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVz
dC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3Qu
Y29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUA
MA0GCSqGSIb3DQEBCwUAA4IBAQC0U3FX2EnoHNeppOByM9JCo8bW5wDAzZ04p9bd
MdQkOY0x58l5UaWPykOFhsmFoFMDkFwt9JW+06o150lD8WKN3jEPVE2EhBtZUdH8
KRn/OkOQBWMr11jbKFmTP5oOgNNK2bxzbhBTVPiqg/X7tytpcToJOvv5pz8Wkl2K
QpDOPosaddgLyKzVlQOGPYGz9oaACdRzSczkus+HLEIOJj4YVVAagbrELqzIV9bS
f8RT5VnJajBFYp3k92KW/IY1hSvKARXzA0CMrG10OabMHh3TOBlsk2GyFqIhVB2H
ero3H24z9/jIlsDjM1vTGboCLDFLFcbLe6L2rDcZ1gCGn62r
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT/98SeC5ogL0doZXfxA
BIBXtmkDtkXqwrQGgN9ma+J2vsU6nVn/ivbpt1NB18g7+80sJw/3CSKF3AB2A7J8
fxCyjKkOtyGmkgtxy6vo/BVBAWwIAAuwNl4VY1ArL1ofu4a6wUFDlS2G7QCs5/FS
jf86KILNOU7WJyPMB6/TiJX9bP2rSSvT3CCag+CBa1F7PaijyYAaBwiw2MgQicA+
hgxlXKijCVfdQsQzFF7RJWM4kBC36xE+nH7n8BR+ndyG32vKapRQJNK7phdrabVH
hTBtYXLB+syepOU+6mN/l55eIXUwtwwlmFBxa59NXOPZBgIHAPSgbPW47h6Ag4Jx
CQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10804882501049295798676826141528509303
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'payments.ig.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24900501690363211980843519513250887609880380619223840917182476205278766042428660341637915085723293744515817032249850344739366707920171402935473140896369331098545822944914063437384190208174394035846320084041364072546683672274985485836554993661271436580406063298591557772046817666699952003470954575488040938395667154745869836128073056039356944660577062289151827811280888957753046949524624842399436040137170638933014135903834603086165573719535327795747586445356551821839902009759328172411693969285414263824659036410063196920156597698621475739119400240187032707158246887334752622240765445044677267840008621447559799533833
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a00e393dc98a2d8d0b39d32018f5302a08d46961
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'payments.ig.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.payments.ig.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b4537157d849e81cd7a9a4e07233d242a3c6d6e700c0cd9d38a7d6dd31d424398d31e7c97951a58fca438586c985a05303905c2df495bed3aa35e74943f1628dde310f544d84841b5951d1fc2919ff3a439005632bd758db2859933f9a0e80d34ad9bc736e105354f8aa83f5fbb72b69713a093afbf9a73f16925d8a4290ce3e8b1a75d80bc8acd59503863d81b3f6868009d47349cce4bacf872c420e263e1855501a81bac42eacc857d6d27fc453e559c96a3045629de4f76296fc8635852bca0115f303408cac6d7439a6cc1e1dd338196c9361b216a221541d877aba371f6e33f7f8c896c0e3335bd319ba022c314b15c6cb7ba2f6ac3719d600869fadab