*.data.justworks.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 01:1d:73:d8:40:dd:f7:17:78:40:51:6a:15:ef:41:ae was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.data.justworks.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:1d:73:d8:40:dd:f7:17:78:40:51:6a:15:ef:41:ae
Serial Number (int): 1482154215145328989489180736039633326
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: e4:ca:c6:66:32:99:2b:77:d8:a3:26:22:d1:e8:6a:f3:2c:ee:c0:2d
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 33:f1:ed:eb:8c:c7:0d:2b:17:f8:41:8a:99:73:46:fd:28:5e:93:e0
Fingerprint (sha256): 22:ec:93:a0:e5:1c:e5:9b:16:39:e6:07:75:fb:15:ad:ca:9a:6e:c0:d9:8a:0c:00:6a:4f:81:03:b0:19:c7:d2

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.data.justworks.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.data.justworks.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.data.justworks.com

Other certificates including the domain name justworks.com

(limited to 100 certificates)
sni.cloudflaressl.com
tools.staging.benefits.secure.justworks.com
sni.cloudflaressl.com
sni.cloudflaressl.com
try.justworks.com
sni.cloudflaressl.com
rbstatus.empowerid.net
justworks.com
appstatus.justworks.com
tools.benefits.secure.justworks.com
scim.justworks.com
*.service.justworks.com
api-status.postmates.com
scim.justworks.com
go.justworks.com
tools.benefits.staging.justworks.com
help.justworks.com
help.justworks.com
justworks.com
staging.benefits.secure.justworks.com
payroll.justworks.com
go.justworks.com
rbstatus.empowerid.net
api-status.postmates.com
help.justworks.com
sni.cloudflaressl.com
justworks.com
get.justworks.com
*.justworks.com
leapfrog-ssl-50.gcs-web.com
okta.justworks.com
justworks.com
rbstatus.empowerid.net
go.justworks.com
get.justworks.com
appstatus.justworks.com
okta.justworks.com
leapfrog-ssl-50.gcs-web.com
help.justworks.com
*.vibe.justworks.com
neon.justworks.com
okta.justworks.com
*.contractor.justworks.com
oktapreview.justworks.com
okta.justworks.com
*.infra-nonprod.justworks.com
help.justworks.com
benefits.secure.justworks.com
justworks.com
rbstatus.empowerid.net
sni.cloudflaressl.com
rbstatus.empowerid.net
leapfrog-ssl-50.gcs-web.com
leapfrog-ssl-50.gcs-web.com
help.justworks.com
tour.neon.justworks.com
payroll.justworks.com
help.justworks.com
api-status.postmates.com
rbstatus.empowerid.net
neon.justworks.com
rbstatus.empowerid.net
help.justworks.com
api-status.postmates.com
rbstatus.empowerid.net
*.infra-sandbox.justworks.com
okta.justworks.com
staging-login.justworks.com
leapfrog-ssl-50.gcs-web.com
appstatus.justworks.com
go.justworks.com
justworks.com
help.justworks.com
api-status.postmates.com
leapfrog-ssl-50.gcs-web.com
go.justworks.com
events.justworks.com
sni.cloudflaressl.com
leapfrog-ssl-50.gcs-web.com
updates.justworks.com
leapfrog-ssl-50.gcs-web.com
get.justworks.com
justworks.com
leapfrog-ssl-50.gcs-web.com
*.justworks.com
*.tour.neon.justworks.com
sni.cloudflaressl.com
scim.justworks.com
leapfrog-ssl-50.gcs-web.com
updates.justworks.com
scim.justworks.com
get.justworks.com
leapfrog-ssl-50.gcs-web.com
leapfrog-ssl-50.gcs-web.com
*.data.justworks.com
*.staging.justworks.com
justworks.com
help.justworks.com
try.justworks.com
*.sandbox.vibe.justworks.com

Certificate

The complete raw certificate details for *.data.justworks.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEZzCCA0+gAwIBAgIQAR1z2EDd9xd4QFFqFe9BrjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIyMTExNjAwMDAwMFoXDTIzMTIxNTIzNTk1OVowHzEd
MBsGA1UEAwwUKi5kYXRhLmp1c3R3b3Jrcy5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzNV3idCwCxslntEBG/RguTvXgBFGOcjfGVH7eqwa1afyS
vbqCQeE8HhcLJairMe3uBIJi5Zlxp2/C0YevgerkNlWuHjpb53M8ZrsHNYtEezAY
woF5DRWs7AS6jpxgEgE7yodMnWXglWC4+p6d0S+2KeXWTFlOwUI9gKsJZn+ZEpnb
WLBw7GThsaxPiD/VSfvyLhzkxwdr/AWGks7VKrfdB49iIrmtykmLppFtYkYMYkbW
NncKXjNM+A38IVRVtnBs7JaaQCxgwb6igjNVLXP/fRE333Ko1MBs1VPqjT0r8KsB
YYqD7IYMK4Ulwz0mh0gpOeV2wF3N5AQGu8+yqZtFAgMBAAGjggGAMIIBfDAfBgNV
HSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQU5MrGZjKZK3fY
oyYi0ehq8yzuwC0wHwYDVR0RBBgwFoIUKi5kYXRhLmp1c3R3b3Jrcy5jb20wDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNV
HR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9y
Mm0wMi5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0G
CCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYI
KwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAy
LmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3
DQEBCwUAA4IBAQC1CUfK9+cZaOABpDG1naXmIMv4ljzATFzpFEAnp6OO+4zBpKFo
Jz6X7h3Dvjin2yKoLpJCGkkNkFRN6Ylexop2KJ/f4BwydyvtIdJsWsuNrhSc1+jZ
8IGBn1Itg6pzI1q5cUqALHZlsyk3qCBO0xtCYWXf/ZLEmzcXGMKUD6qydlE7v8gv
7PXe/QnnjbZG9ing6FWRCngy0KqO05Tbz0KSAZfeL9lQpM8hFjDpMEJ0WvG42uHs
8uJw9Ody2mEMgH/CTH0CEm4/msrLsfzn/Mt9sca/UmR211YwY77dj35n+0lgtLYj
iwLyhQEwUcJFpQ/8X7Yp0VQI/nizSEA1lAAx
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8zVd4nQsAsbJZ7RARv0Y
Lk714ARRjnI3xlR+3qsGtWn8kr26gkHhPB4XCyWoqzHt7gSCYuWZcadvwtGHr4Hq
5DZVrh46W+dzPGa7BzWLRHswGMKBeQ0VrOwEuo6cYBIBO8qHTJ1l4JVguPqendEv
tinl1kxZTsFCPYCrCWZ/mRKZ21iwcOxk4bGsT4g/1Un78i4c5McHa/wFhpLO1Sq3
3QePYiK5rcpJi6aRbWJGDGJG1jZ3Cl4zTPgN/CFUVbZwbOyWmkAsYMG+ooIzVS1z
/30RN99yqNTAbNVT6o09K/CrAWGKg+yGDCuFJcM9JodIKTnldsBdzeQEBrvPsqmb
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1482154215145328989489180736039633326
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.data.justworks.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30702224225414817687530707042061048482569093631759118453007900562127253577095130595671527005409942715271519692673508597040594344884758802428756719267946248088665401317058285344385832162349387137569010942514221237960481434919944084219099056598358525090170178673520739179959356242527601138552922128392871261438686556205963495278874096258943102261813381587447232464002295442947932281968108552477785984265764862867024028443201492002647828883415649073848142772143260555543233326970922176293619119037207721072847207709703294105466672570765295953802811118872697586730957581939528225250486402349098827454029097001285577186117
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e4cac66632992b77d8a32622d1e86af32ceec02d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.data.justworks.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b50947caf7e71968e001a431b59da5e620cbf8963cc04c5ce9144027a7a38efb8cc1a4a168273e97ee1dc3be38a7db22a82e92421a490d90544de9895ec68a76289fdfe01c32772bed21d26c5acb8dae149cd7e8d9f081819f522d83aa73235ab9714a802c7665b32937a8204ed31b426165dffd92c49b371718c2940faab276513bbfc82fecf5defd09e78db646f629e0e855910a7832d0aa8ed394dbcf42920197de2fd950a4cf211630e93042745af1b8dae1ecf2e270f4e772da610c807fc24c7d02126e3f9acacbb1fce7fccb7db1c6bf526476d7563063bedd8f7e67fb4960b4b6238b02f285013051c245a50ffc5fb629d15408fe78b3484035940031