dynamic.zacdn.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 08:b5:78:2b:97:e0:98:27:c4:92:76:4c:b1:52:0b:5b was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=dynamic.zacdn.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:b5:78:2b:97:e0:98:27:c4:92:76:4c:b1:52:0b:5bSerial Number (int): 11576067040641311497721577733495065435
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f3:71:87:2f:d2:48:35:f9:c5:31:85:cf:0d:e1:7c:69:a7:60:52:ae
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 7f:31:8a:8a:83:30:a2:3d:80:f2:af:78:0a:44:12:8f:ef:c6:86:5c
Fingerprint (sha256): 34:7e:3f:e7:ca:1f:de:14:49:12:43:cd:24:6e:c6:58:7a:03:d3:a7:23:cb:62:df:ba:54:b2:6f:18:f2:5f:6d
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate dynamic.zacdn.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dynamic.zacdn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dynamic.zacdn.com
thumtastic.zalora.net
thumtastic.zalora.net
Other certificates including the domain name zacdn.com
(limited to 100 certificates)
*.zacdn.com
static-ph.zacdn.com
static-checkout-sg.zacdn.com
*.zacdn.com
dynamic.zacdn.com
static-my.zacdn.com
static-checkout-sg.zacdn.com
static-id.zacdn.com
static-ph.zacdn.com
*.zacdn.com
static-checkout-ph.zacdn.com
rum.zacdn.com
static-checkout-hk.zacdn.com
static-hk.zacdn.com
static-id.zacdn.com
dynamic.zacdn.com
dynamic.zacdn.com
static-hk.zacdn.com
dynamic.zacdn.com
static-sg.zacdn.com
static-checkout-tw.zacdn.com
*.zacdn.com
*.zacdn.com
static-tw.zacdn.com
static-checkout-hk.zacdn.com
static-checkout-id.zacdn.com
dynamic.zacdn.com
static-checkout-id.zacdn.com
static-my.zacdn.com
dynamic.zacdn.com
static-checkout-id.zacdn.com
*.zacdn.com
static-checkout-my.zacdn.com
*.zacdn.com
rum.zacdn.com
*.zacdn.com
static-checkout-my.zacdn.com
static-hk.zacdn.com
static-checkout-ph.zacdn.com
static-checkout-tw.zacdn.com
*.zacdn.com
static-id.zacdn.com
static-ph.zacdn.com
static-checkout-sg.zacdn.com
*.zacdn.com
dynamic.zacdn.com
static-my.zacdn.com
static-checkout-sg.zacdn.com
static-id.zacdn.com
static-ph.zacdn.com
*.zacdn.com
static-checkout-ph.zacdn.com
rum.zacdn.com
static-checkout-hk.zacdn.com
static-hk.zacdn.com
static-id.zacdn.com
dynamic.zacdn.com
dynamic.zacdn.com
static-hk.zacdn.com
dynamic.zacdn.com
static-sg.zacdn.com
static-checkout-tw.zacdn.com
*.zacdn.com
*.zacdn.com
static-tw.zacdn.com
static-checkout-hk.zacdn.com
static-checkout-id.zacdn.com
dynamic.zacdn.com
static-checkout-id.zacdn.com
static-my.zacdn.com
dynamic.zacdn.com
static-checkout-id.zacdn.com
*.zacdn.com
static-checkout-my.zacdn.com
*.zacdn.com
rum.zacdn.com
*.zacdn.com
static-checkout-my.zacdn.com
static-hk.zacdn.com
static-checkout-ph.zacdn.com
static-checkout-tw.zacdn.com
*.zacdn.com
static-id.zacdn.com
Certificate
The complete raw certificate details for dynamic.zacdn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEeDCCA2CgAwIBAgIQCLV4K5fgmCfEknZMsVILWzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDIyOTAwMDAwMFoXDTI1MDMzMDIzNTk1OVowHDEa MBgGA1UEAxMRZHluYW1pYy56YWNkbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJsOGM1MO2l2nKyQ5Dzn7VtLhzT9NeBoB0A1+T5Da8mruk/nQ/ sLKQRJlrcHFep2UD4DkAdChy04CIjiClc7oge6jEcLU6phvM91j4hC6Z3x0nRrFo ruknJYCSycPcY/TZaI3UJGp5qlBrQLp4kiVUmETcvrJyixplJy1mICX/xdq0Mob5 ZW4f9ToQqwsv3lhmFoO2SS6EiGh2f0JURPP68/EnEdlG1/EAyZZ8KwzhDrcP98Vh 6rs2KbFtCzrW/ccM2YiorRkVQyc7ocMQ6XkciNO0bxlhL/8El78JYFYV9I7mnPmI ejlzXd8xG+mGmcFuUQYWl3GYOgCTFOoJSsfzAgMBAAGjggGUMIIBkDAfBgNVHSME GDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQU83GHL9JINfnFMYXP DeF8aadgUq4wMwYDVR0RBCwwKoIRZHluYW1pYy56YWNkbi5jb22CFXRodW10YXN0 aWMuemFsb3JhLm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu oCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1 BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFt YXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6 b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIE AwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJR6W3ukWKrM9KCuHumENuQW5Qm2 aBBtnyVLLjcIDZd+gCIk9pbL8B8agZvVAPChlgJ/2xgvFq3U/AstLEW2TlhFxqn5 9/KJi5FhUIlkRN36QGURhnexjSIZ7cnRWIcIi9sfCnOlkSkB5RV+Y0O4fmQm5/+1 jzSjWVvNNNfYNMY+tO/QrJU471n6oY203q89GYOypw6btevSTaKvDO3UvPbbzAI9 wDU5T0RSHFC69e0IxspX9lWLc8Vs1FrJiWUZoR7+5NzNyrc/nDQx4aRFDAeYFPcU wmhpAcdLkE227JvSU87Z9tcduX9nTnLXY+bdCXDrve3sWjQ+g88T3D1pLCA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybDhjNTDtpdpyskOQ85+ 1bS4c0/TXgaAdANfk+Q2vJq7pP50P7CykESZa3BxXqdlA+A5AHQoctOAiI4gpXO6 IHuoxHC1OqYbzPdY+IQumd8dJ0axaK7pJyWAksnD3GP02WiN1CRqeapQa0C6eJIl VJhE3L6ycosaZSctZiAl/8XatDKG+WVuH/U6EKsLL95YZhaDtkkuhIhodn9CVETz +vPxJxHZRtfxAMmWfCsM4Q63D/fFYeq7NimxbQs61v3HDNmIqK0ZFUMnO6HDEOl5 HIjTtG8ZYS//BJe/CWBWFfSO5pz5iHo5c13fMRvphpnBblEGFpdxmDoAkxTqCUrH 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11576067040641311497721577733495065435 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dynamic.zacdn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25461122597335153206616441786068763099217574696592277294058588008279458803494389968866776584066882507044962786510623018423987165098386931317254318821798580036418504254175501998944315582404183493204845976885986879889400805485981346808275840384579463532471819596496265784543872447204262038358091991602564159463366403148667050588148082443742432685059476953367630683856182647718130059952070414197608583608931772755734889323165463536959202352887551293851294695356923428361117134575100872554176048586889419895047830833841494507117949433536185819035658546222815427243866357186861382045829540116762533731768791203453743056883 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f371872fd24835f9c53185cf0de17c69a76052ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dynamic.zacdn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thumtastic.zalora.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00947a5b7ba458aaccf4a0ae1ee98436e416e509b668106d9f254b2e37080d977e802224f696cbf01f1a819bd500f0a196027fdb182f16add4fc0b2d2c45b64e5845c6a9f9f7f2898b916150896444ddfa4065118677b18d2219edc9d15887088bdb1f0a73a5912901e5157e6343b87e6426e7ffb58f34a3595bcd34d7d834c63eb4efd0ac9538ef59faa18db4deaf3d1983b2a70e9bb5ebd24da2af0cedd4bcf6dbcc023dc035394f44521c50baf5ed08c6ca57f6558b73c56cd45ac9896519a11efee4dccdcab73f9c3431e1a4450c079814f714c2686901c74b904db6ec9bd253ced9f6d71db97f674e72d763e6dd0970ebbdedec5a343e83cf13dc3d692c20