*.investis.com

Issued by Amazon

About this certificate

This digital certificate with serial number 05:3d:64:fd:e7:f4:44:5d:91:ef:59:3d:41:7f:8b:89 was issued on by Amazon.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.investis.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:3d:64:fd:e7:f4:44:5d:91:ef:59:3d:41:7f:8b:89
Serial Number (int): 6964918444767023141479637628707900297
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: a8:23:8e:64:a4:9e:7b:fb:3e:2d:41:f9:cc:7f:3c:98:ba:fb:3b:b6
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 59:06:7f:ce:fd:9c:82:0f:68:ad:ea:31:36:53:df:0b:dc:8d:6a:5d
Fingerprint (sha256): 12:82:80:ba:aa:ba:de:f1:0a:69:fb:6a:46:3f:ec:41:14:c8:f5:9b:1f:48:4b:e2:79:7b:8c:0a:72:01:ce:a0

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.investis.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.investis.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.investis.com
blog.investis.com
*.blog.investis.com

Other certificates including the domain name investis.com

(limited to 100 certificates)
incapsula.com
incapsula.com
*.stage-mid-euw3.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
production.investis.com
phoenix.investis.com
incapsula.com
press.investis.com
dr.production.phoenix.investis.com
incapsula.com
incapsula.com
incapsula.com
investisdigital.com
incapsula.com
incapsula.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.tools.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
investis.com
incapsula.com
incapsula.com
tools.investis.com
prod-mid-euw3.investis.com
incapsula.com
*.dp-staging.investis.com
*.investis.com
incapsula.com
staging.myinvestis.com
incapsula.com
prod-use1.investis.com
*.investis.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
investis.com
prod-use1.investis.com
incapsula.com
deloitte-backoffice.solutions.staging.investis.com
visualisation.investis.com
incapsula.com
incapsula.com
calculator.rollsroyce.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
incapsula.com
incapsula.com
staging.myinvestis.com
incapsula.com
tools.investis.com
*.cm.invdcloud-is.co.uk
incapsula.com
incapsula.com
incapsula.com
*.tf.investis.com
insurance.angloamerican.investis.com
incapsula.com
cvs.tools.investis.com
incapsula.com
*.stage-use1.investis.com
www.futurology.investis.com
incapsula.com
incapsula.com
production.investis.com
incapsula.com
*.prod-euw1.investis.com
investis.com
*.dib1-u1.investis.com
incapsula.com
*.investis.com
incapsula.com
investis.mx
research.investis.com
esi-test.html.investis.com
www.futurology.investis.com
*.tools.investis.com
tools.investis.com
incapsula.com
incapsula.com
prod-mid-euw3.investis.com
incapsula.com
incapsula.com
blog.investis.com
incapsula.com

Certificate

The complete raw certificate details for *.investis.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEmjCCA4KgAwIBAgIQBT1k/ef0RF2R71k9QX+LiTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA4MTIwMDAwMDBaFw0yMDA5MTIx
MjAwMDBaMBkxFzAVBgNVBAMMDiouaW52ZXN0aXMuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA4fgBYiVflFkyIFz6dCeeNB2x3ypGKO1UPdHZ+fBG
0g8T2smsM+DrPlp5Kg/FFm11qhZyfixldoB2NcJ5f4sh7Gq9IhsJADUE6H7RB3af
Z+Z0DgGUoOglf2NPF9sW9prOS5uFplWMiT+YxE82noYe9OWgofm+7nsxaBTIAhxK
q2E65kKi1PhK5izgnLwHx7L4H3kJ+BuXVoRevcdUbKmObnxKNgA4RC6NE6YayuTP
QS01hAhyeRXT7d/Qfpu/AxrTu8XoA9fUTTz2/AdxZmLYZLpX6xcz8ZjD30cQe+9q
PnbdlLmkG3bMGwB7etedNDN0wjQRIk3vJLlG/o9AYiacQQIDAQABo4IBrzCCAasw
HwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFKgjjmSk
nnv7Pi1B+cx/PJi6+zu2MEEGA1UdEQQ6MDiCDiouaW52ZXN0aXMuY29tghFibG9n
LmludmVzdGlzLmNvbYITKi5ibG9nLmludmVzdGlzLmNvbTAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu
oCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAg
BgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBn
MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20w
NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3Nj
YTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG
SIb3DQEBCwUAA4IBAQAt15m2ap62oxb69UK0K11rYh3/cvG2DfW4ZTRiJEAz6edD
e9RoN0jSNaMGsoY/5nP6Etp/4TflpRcI7Ed/ja5V2GIlvZrlUQoYGDEN3A0q7QpO
rj89plUH5NSy+8xS9a2oZH5pgBNDbHorloLjEau4zuYeUlxx1BmEeWNsm/JYCnR+
4tiGZABg1gKAnH7BKRSiiiOsbIjYKd9bmG1TB2vL2ofN4wArKvjPP2noWFVa8GFB
KxX5LlFbhXPmWEnweO3NJXlr93Yoatr0LBnQpjvAjanib2iL/pqGU5Ws8RADNj+c
v/gOS8ksOYBTpFo54uvi3/DKzxqfpeJx05CJQIND
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fgBYiVflFkyIFz6dCee
NB2x3ypGKO1UPdHZ+fBG0g8T2smsM+DrPlp5Kg/FFm11qhZyfixldoB2NcJ5f4sh
7Gq9IhsJADUE6H7RB3afZ+Z0DgGUoOglf2NPF9sW9prOS5uFplWMiT+YxE82noYe
9OWgofm+7nsxaBTIAhxKq2E65kKi1PhK5izgnLwHx7L4H3kJ+BuXVoRevcdUbKmO
bnxKNgA4RC6NE6YayuTPQS01hAhyeRXT7d/Qfpu/AxrTu8XoA9fUTTz2/AdxZmLY
ZLpX6xcz8ZjD30cQe+9qPnbdlLmkG3bMGwB7etedNDN0wjQRIk3vJLlG/o9AYiac
QQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6964918444767023141479637628707900297
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-12 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.investis.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28525914640031363359925522373814460627597678935681787826618602157005868475640299471497607846674498011119486380582712543982990491398783445234685574008113841383159509232703891321945402454940295585754497403864614939603558587340177112377889397228843385279617530384518619990084503997983136070841547254474174401995354266766371079629316507753277010987674948722900554638680904549032405921852866011118397641062813542800628543983210600528196859489582610933788827529049681040297475707018596580175265619692092490078825420744501193114170314616078932883504900927273758514036045967801380190792059871972661215546151245975378012314689
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a8238e64a49e7bfb3e2d41f9cc7f3c98bafb3bb6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.investis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.investis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.blog.investis.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002dd799b66a9eb6a316faf542b42b5d6b621dff72f1b60df5b8653462244033e9e7437bd4683748d235a306b2863fe673fa12da7fe137e5a51708ec477f8dae55d86225bd9ae5510a1818310ddc0d2aed0a4eae3f3da65507e4d4b2fbcc52f5ada8647e698013436c7a2b9682e311abb8cee61e525c71d4198479636c9bf2580a747ee2d886640060d602809c7ec12914a28a23ac6c88d829df5b986d53076bcbda87cde3002b2af8cf3f69e858555af061412b15f92e515b8573e65849f078edcd25796bf776286adaf42c19d0a63bc08da9e26f688bfe9a865395acf11003363f9cbff80e4bc92c398053a45a39e2ebe2dff0cacf1a9fa5e271d39089408343