*.justworks.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 07:62:be:f5:ad:fa:a8:4c:56:9e:97:95:51:27:0b:c0 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.justworks.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:62:be:f5:ad:fa:a8:4c:56:9e:97:95:51:27:0b:c0
Serial Number (int): 9817314185199266949825517144773168064
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: aa:47:87:79:7b:43:52:11:19:ae:f7:fd:3a:f3:dc:3e:3e:da:b5:f4
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 9c:eb:26:5f:b6:e9:0d:48:af:b1:de:ef:6b:3b:a8:fd:f2:91:f3:1f
Fingerprint (sha256): 09:c8:63:d3:58:0e:e7:a0:b1:53:e0:66:57:04:6d:cc:87:76:dd:38:12:47:98:1a:7a:0a:a0:1a:7d:ce:59:67

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.justworks.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.justworks.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.justworks.com

Other certificates including the domain name justworks.com

(limited to 100 certificates)
sni.cloudflaressl.com
tools.staging.benefits.secure.justworks.com
sni.cloudflaressl.com
sni.cloudflaressl.com
try.justworks.com
sni.cloudflaressl.com
rbstatus.empowerid.net
justworks.com
appstatus.justworks.com
tools.benefits.secure.justworks.com
scim.justworks.com
*.service.justworks.com
api-status.postmates.com
scim.justworks.com
go.justworks.com
tools.benefits.staging.justworks.com
help.justworks.com
help.justworks.com
justworks.com
staging.benefits.secure.justworks.com
payroll.justworks.com
go.justworks.com
rbstatus.empowerid.net
api-status.postmates.com
help.justworks.com
sni.cloudflaressl.com
justworks.com
get.justworks.com
*.justworks.com
leapfrog-ssl-50.gcs-web.com
okta.justworks.com
justworks.com
rbstatus.empowerid.net
go.justworks.com
get.justworks.com
appstatus.justworks.com
okta.justworks.com
leapfrog-ssl-50.gcs-web.com
help.justworks.com
*.vibe.justworks.com
neon.justworks.com
okta.justworks.com
*.contractor.justworks.com
oktapreview.justworks.com
okta.justworks.com
*.infra-nonprod.justworks.com
help.justworks.com
benefits.secure.justworks.com
justworks.com
rbstatus.empowerid.net
sni.cloudflaressl.com
rbstatus.empowerid.net
leapfrog-ssl-50.gcs-web.com
leapfrog-ssl-50.gcs-web.com
help.justworks.com
tour.neon.justworks.com
payroll.justworks.com
help.justworks.com
api-status.postmates.com
rbstatus.empowerid.net
neon.justworks.com
rbstatus.empowerid.net
help.justworks.com
api-status.postmates.com
rbstatus.empowerid.net
*.infra-sandbox.justworks.com
okta.justworks.com
staging-login.justworks.com
leapfrog-ssl-50.gcs-web.com
appstatus.justworks.com
go.justworks.com
justworks.com
help.justworks.com
api-status.postmates.com
leapfrog-ssl-50.gcs-web.com
go.justworks.com
events.justworks.com
sni.cloudflaressl.com
leapfrog-ssl-50.gcs-web.com
updates.justworks.com
leapfrog-ssl-50.gcs-web.com
get.justworks.com
justworks.com
leapfrog-ssl-50.gcs-web.com
*.justworks.com
*.tour.neon.justworks.com
sni.cloudflaressl.com
scim.justworks.com
leapfrog-ssl-50.gcs-web.com
updates.justworks.com
scim.justworks.com
get.justworks.com
leapfrog-ssl-50.gcs-web.com
leapfrog-ssl-50.gcs-web.com
*.data.justworks.com
*.staging.justworks.com
justworks.com
help.justworks.com
try.justworks.com
*.sandbox.vibe.justworks.com

Certificate

The complete raw certificate details for *.justworks.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEXTCCA0WgAwIBAgIQB2K+9a36qExWnpeVUScLwDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDIxMDAwMDAwMFoXDTI0MDIwNzIzNTk1OVowGjEY
MBYGA1UEAwwPKi5qdXN0d29ya3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAzGNvddueZTMXofswLPgqSRUFf+RPLruHBSvN0OuDcitizFNT35ZP
8UXLvz/WXSHD5dP5EYhJgIz5RXCypGU5QnqjH4lp4z8IodM7tQI+pnOsLAQhWMsj
Ze4bUSv6zcahUsTH6VSz8Xp4cWWY3o8zCIDK1Jw3RhMz53cVA0VoB++uPHGRiLqg
kR3J7DWdBVoOHyRM2ArsYhfUgG3KTsFoFb9w8YTG9aSMjd1PkH6zQdG16AtlUC1v
CxKHH8kRS+ZKUuw4kDdQa7TiEIKiYRxmGah7HFrs/HwzHwfV7JPpkdcD5W2bWsFc
jhEOGnu74MhxoLRg5wNEIYvtXtY1SjfwoQIDAQABo4IBezCCAXcwHwYDVR0jBBgw
FoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFKpHh3l7Q1IRGa73/Trz
3D4+2rX0MBoGA1UdEQQTMBGCDyouanVzdHdvcmtzLmNvbTAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu
oCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDAT
BgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG
IWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq
aHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1Ud
EwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEB
AKTVcOAJK8NMUul8BxsKw7iu/NSDd7af6p8q47kekLL388TJAT4x31vZ4Bq04WVx
CCvDcJqPr7/tIxHmrGOYJvTvFkhawlfzas0S9M/Spr1eMhASvLf8IGGsxoOrzTw4
N/MH8wXpGa94IuEXQhbLAAB07v6c0qqPu/Xd1VyxkH6GH7PHgW9GQV2KtXJozur8
+Ojj3UgR/OQAxbmQYtTB6JOlBQR3O4TqaTvMXFZjmg49Igbtl5N/T50LbHBU6h9n
fpoI71BxewQc622wfJrUOLyq6ii9iFdxYm2HTHDAi27PnmyxUUwH78/AkIEc1faN
wav1q1AQbsLPRk0bYR8jRa4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGNvddueZTMXofswLPgq
SRUFf+RPLruHBSvN0OuDcitizFNT35ZP8UXLvz/WXSHD5dP5EYhJgIz5RXCypGU5
QnqjH4lp4z8IodM7tQI+pnOsLAQhWMsjZe4bUSv6zcahUsTH6VSz8Xp4cWWY3o8z
CIDK1Jw3RhMz53cVA0VoB++uPHGRiLqgkR3J7DWdBVoOHyRM2ArsYhfUgG3KTsFo
Fb9w8YTG9aSMjd1PkH6zQdG16AtlUC1vCxKHH8kRS+ZKUuw4kDdQa7TiEIKiYRxm
Gah7HFrs/HwzHwfV7JPpkdcD5W2bWsFcjhEOGnu74MhxoLRg5wNEIYvtXtY1Sjfw
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9817314185199266949825517144773168064
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.justworks.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25801647632430215074141861904653615257839564137305860546182877267230521095812578197512522942104382401665002103741179909170442083506376397929810846253233229835328019189261711501389121490089066541347350577140823039407657936725669023924783866766644790233574225988873352787734757189086863979497923608999197864118465820335968696115400311272939542817479088226231600787502147483174304164135344486036696948387296550354429949744846119334293206497106368201068970864514260808479645598790873007410524325093203448005785106641203717147086353055758071413294727709861619074139173879613008630388973325081432022168581370569283123802273
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							aa4787797b43521119aef7fd3af3dc3e3edab5f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.justworks.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a4d570e0092bc34c52e97c071b0ac3b8aefcd48377b69fea9f2ae3b91e90b2f7f3c4c9013e31df5bd9e01ab4e16571082bc3709a8fafbfed2311e6ac639826f4ef16485ac257f36acd12f4cfd2a6bd5e321012bcb7fc2061acc683abcd3c3837f307f305e919af7822e1174216cb000074eefe9cd2aa8fbbf5ddd55cb1907e861fb3c7816f46415d8ab57268ceeafcf8e8e3dd4811fce400c5b99062d4c1e893a50504773b84ea693bcc5c56639a0e3d2206ed97937f4f9d0b6c7054ea1f677e9a08ef50717b041ceb6db07c9ad438bcaaea28bd885771626d874c70c08b6ecf9e6cb1514c07efcfc090811cd5f68dc1abf5ab50106ec2cf464d1b611f2345ae