DV SSL/TLS Certificate for brand.gema.de

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M03)

About the brand.gema.de DV SSL/TLS Certificate

This certificate with serial number 04:0e:72:ff:8b:9f:97:bf:38:3a:6a:c9:a8:26:b4:8c for brand.gema.de was issued on by Amazon.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for brand.gema.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 04:0e:72:ff:8b:9f:97:bf:38:3a:6a:c9:a8:26:b4:8c
Serial Number (int): 5391936580246760681453461745674138764
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: b4:d6:13:aa:d0:f0:d4:cb:3a:d9:14:65:52:a9:87:cf:63:b9:c3:bf
Authority Key Identifier: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (SHA-1): bd:81:64:f5:f5:0b:d0:5c:8c:2d:9a:29:ef:6a:af:ef:5b:8b:17:11
Fingerprint (SHA-256): 2e:ee:d3:a3:6a:5f:7c:15:fd:0b:11:b1:d3:16:2f:db:36:cd:fd:9a:4a:05:a2:44:0e:9a:11:86:a8:bb:95:2a

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation Information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate brand.gema.de
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for brand.gema.de

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

brand.gema.de

X.509 Certificate

The complete raw X.509 certificate details for brand.gema.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIQBA5y/4ufl784OmrJqCa0jDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI0MTExMzAwMDAwMFoXDTI1MTIxMzIzNTk1OVowGDEW
MBQGA1UEAxMNYnJhbmQuZ2VtYS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAMWL96tblo/dklJmr5Z8YkImLeD0Ne10lFgR2HifEFaGrl3a2tGvblgM
W/XJyGI9aoJzA8ZeV3pmYPBrE59SqTBfssbY5+bREBNsUNjHMZ2ZybCR6Tb75GXc
dbVGrKT4uDbCWcxp9iguJxFUJV3Ks/wB3zayTclzsHoiVt4kH2WrzNdicxenrRIg
2+rYQB9KDLGHOEkW6A8QLZT3QrSYWIl6NHIq/l2YjPNhvcxu5ANcRK5iJTnLy0EW
hbZBGOPSVieIhO+25oP5XRkWYhL9v+7Rc9a+YL6JlVn2i0jFDZVQjDEPtfXjLxBH
Il3UERp/3TIHS46/OoeqJvYgGG/cPnkCAwEAAaOCAuQwggLgMB8GA1UdIwQYMBaA
FFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBS01hOq0PDUyzrZFGVSqYfP
Y7nDvzAYBgNVHREEETAPgg1icmFuZC5nZW1hLmRlMBMGA1UdIAQMMAowCAYGZ4EM
AQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMy5hbWF6b250cnVz
dC5jb20vcjJtMDMuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0
cDovL29jc3AucjJtMDMuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRw
Oi8vY3J0LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jZXIwDAYDVR0TAQH/
BAIwADCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHUA3dzKNJXX4RYF55Uy+sef
+D0cUN/bADoUEnYKLKy7yCoAAAGTIuaCbAAABAMARjBEAiBwxIm9kD3Q0h5ocVf0
/75QPEs+xbPVTJvOGArlfU/ISAIgYG8qR5mPljLd3svVK2QXxBR6fKtpP3WJmch+
7eNBUTAAdgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAZMi5oKp
AAAEAwBHMEUCICuQV6KcvphmF1W0oHxFD8tp1izp54Hs57AAzb4TERYeAiEAzTAp
KBQTQyW0RgXte7tHm0WM7zpuR2X8H9LIsNR8J50AdQDM+w9qhXEJZf6Vm1PO6bJ8
IumFXA2XjbapflTA/kwNsAAAAZMi5oJ3AAAEAwBGMEQCIFIdzEWtJnXFh5LNb49a
jLMyAjIA7vhIoq/3ynEO7RU+AiBDJ7Y1vR/rBR1J98DmC0tn/taJNZs/J1b1Smeo
Y7x5QTANBgkqhkiG9w0BAQsFAAOCAQEAPGOhFJIYF1eH0UJBdZ0hMQHKO0ejzTc5
UpvEg8FMsWf9cd84wrB8dSGi9VH1KqZW0JdPIgAMIyuwtWtX0q7osesGYMv/nSDy
6n01HKfnOxZ1UUnKznR6TA9AqYw8lY10UjknrL/iS5WYj7CEpP4dQP7hbX3Z3iRw
kZICI31kG+o7B9PhmF+wmU12Ac/cticPxWC0eWg0wRMAh2do2VE1+VyrE6OVbOvf
/ublTsJ0wmlcA56oimkHjlHfm7WuZVUkSDViuD8MpoPrYgeSOiwBzzJD/ZF8q+Mo
NPlRQEi0bb5sZTbtKw7BFgHou4moopRq+MMvaNjEWTVuwjig7h7FrA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYv3q1uWj92SUmavlnxi
QiYt4PQ17XSUWBHYeJ8QVoauXdra0a9uWAxb9cnIYj1qgnMDxl5XemZg8GsTn1Kp
MF+yxtjn5tEQE2xQ2McxnZnJsJHpNvvkZdx1tUaspPi4NsJZzGn2KC4nEVQlXcqz
/AHfNrJNyXOweiJW3iQfZavM12JzF6etEiDb6thAH0oMsYc4SRboDxAtlPdCtJhY
iXo0cir+XZiM82G9zG7kA1xErmIlOcvLQRaFtkEY49JWJ4iE77bmg/ldGRZiEv2/
7tFz1r5gvomVWfaLSMUNlVCMMQ+19eMvEEciXdQRGn/dMgdLjr86h6om9iAYb9w+
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5391936580246760681453461745674138764
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-12-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'brand.gema.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24937966604511404382334413900913468753328254302893227307487482424918767620943905343670420330606416316379377813655507313531156660338312168923310034284040883040429258983148661820550146139069516725544898407376944021777974862084103023492848885467466193252021094211189799937850995241501144304588678072163582785371019831516524974476422763268598574296133956885923118624757750557971149681914545331671633521467840168746905365028076812779050584392088052597649193923575958198727777165257029705181144721594851822016339350962697043570635135915844468931400912134877594761339205094431772950806711943605922883197771088704087768448633
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b4d613aad0f0d4cb3ad9146552a987cf63b9c3bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brand.gema.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007500dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019322e6826c0000040300463044022070c489bd903dd0d21e687157f4ffbe503c4b3ec5b3d54c9bce180ae57d4fc8480220606f2a47998f9632dddecbd52b6417c4147a7cab693f758999c87eede3415130007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000019322e682a9000004030047304502202b9057a29cbe98661755b4a07c450fcb69d62ce9e781ece7b000cdbe1311161e022100cd30292814134325b44605ed7bbb479b458cef3a6e4765fc1fd2c8b0d47c279d007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000019322e6827700000403004630440220521dcc45ad2675c58792cd6f8f5a8cb332023200eef848a2aff7ca710eed153e02204327b635bd1feb051d49f7c0e60b4b67fed689359b3f2756f54a67a863bc7941
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003c63a1149218175787d14241759d213101ca3b47a3cd3739529bc483c14cb167fd71df38c2b07c7521a2f551f52aa656d0974f22000c232bb0b56b57d2aee8b1eb0660cbff9d20f2ea7d351ca7e73b16755149cace747a4c0f40a98c3c958d74523927acbfe24b95988fb084a4fe1d40fee16d7dd9de2470919202237d641bea3b07d3e1985fb0994d7601cfdcb6270fc560b4796834c11300876768d95135f95cab13a3956cebdffee6e54ec274c2695c039ea88a69078e51df9bb5ae655524483562b83f0ca683eb6207923a2c01cf3243fd917cabe32834f9514048b46dbe6c6536ed2b0ec11601e8bb89a8a2946af8c32f68d8c459356ec238a0ee1ec5ac