aws.duplex.snapchat.comat.com
Issued by R3
About this certificate
This digital certificate with serial number 04:35:f4:5e:a8:bb:69:5d:b7:75:94:86:2e:1f:82:78:92:16 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=aws.duplex.snapchat.comat.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:35:f4:5e:a8:bb:69:5d:b7:75:94:86:2e:1f:82:78:92:16Serial Number (int): 366808932303020035922982628453284450963990
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 42:56:77:8e:37:19:8e:11:97:5b:00:ea:08:60:c1:54:16:1b:71:33
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5b:f4:d7:6c:87:ea:ee:37:b0:19:39:2a:01:a4:a8:9b:8f:d1:88:d1
Fingerprint (sha256): 36:20:61:9c:17:ff:3e:e2:b8:b4:da:38:0c:7a:b3:fb:f3:c1:c7:9d:f0:94:32:a2:79:e6:29:37:b5:94:80:0f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate aws.duplex.snapchat.comat.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aws.duplex.snapchat.comat.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aws.duplex.snapchat.comat.com
Other certificates including the domain name comat.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for aws.duplex.snapchat.comat.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISBDX0Xqi7aV23dZSGLh+CeJIWMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDIyMjM2MjJaFw0yNDA3MDEyMjM2MjFaMCgxJjAkBgNVBAMT HWF3cy5kdXBsZXguc25hcGNoYXQuY29tYXQuY29tMIICIjANBgkqhkiG9w0BAQEF AAOCAg8AMIICCgKCAgEA1K72hNBmxts6iFKQMMf20zZkERnavH4ZhbTorYz7WLSh DfWqVFIt/otIQfotvr++kh5MY58SHA5668ru2AWiGT0VfpJHDQ5mI856ExQSKHEI 8E4FZ1IPk86GJyD89Vv0SnA/s9DUHY1xXq4l9rd7+NtQ3yYe6ndx2jShwYlUMwA6 yn/hs+w/dhVclGJDGSvXv/t0QmJb+sylS1U5bR+53nptRXZ/wQABxhXfvpDgktzN z+cIanV2X+V4EAB9GboLQG9YzfZV8eQUFMDjKZzCwKUkdn+OS9XvWMBTcdt9ZaGX G8lk0Z3wDMKsuosn+2VDD0hawD0cKoIsKS8/aMVeNl0GQBLcbzXGOgUYj1BqSzIN QaN5A3n4vn2CfY9ehTBushxzMHE0+3a3JYiCrn4dLU300cZWAiupZ8A2QQOIbFPc 3EljhLjaXdf14M2IXwGDnK6UhbgJ9kRQRuxGLhJqd/FOkENrcqER5YW88PPzawVb IiFOjG8yoaUJ+PrSavqgeI/0cU7uRl9o0G8RSwLRVttPk8R46BYekCQVO1clKJe1 q5O1ismlCBZsOACBAjgU4dBHlWZddLCsVlcVqXp/M1YzEHmDTe05qYQ6RS21He1U Vfcwn55n8zPB0MOj1brV5lCdMSfmHs255cmaEIUuZTLpw+K4oRamLOBMvwIOEpUC AwEAAaOCASwwggEoMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUQlZ3jjcZjhGXWwDq CGDBVBYbcTMwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYB BQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYI KwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wKAYDVR0RBCEwH4IdYXdz LmR1cGxleC5zbmFwY2hhdC5jb21hdC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw EwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAIpi0RfYSbpK H7neNRbdjdvpVcXsVm17L6AhuHfHYe4bkl9FP/TP0SE0J1mQjNHyJPLW1NUoLOmc j4WlnHfjfTYtXqKOm4xHGJ1fCGhSxaa2Ivu/SL7cWgXx++Y0QRYKLvzyffXLycwZ S6UNYOGawPlNn9TPv3jxaQkryLm8UdlxvWkKmRYIJFt4zZN1CTbbaiyjyf3dyeDe GpNhAvA61npK6Ohn4CF/cm4PcOwAs5t6wb9opehkq21GZPAzfGkGwq048Nh0qbIZ LASL2rQ5R9CeXZ/TE7f3StaeSI4xam50Dg0g32LIQgiwTBgBtQxKMk1lruTW3xP5 jMTVRcyu4OE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1K72hNBmxts6iFKQMMf2 0zZkERnavH4ZhbTorYz7WLShDfWqVFIt/otIQfotvr++kh5MY58SHA5668ru2AWi GT0VfpJHDQ5mI856ExQSKHEI8E4FZ1IPk86GJyD89Vv0SnA/s9DUHY1xXq4l9rd7 +NtQ3yYe6ndx2jShwYlUMwA6yn/hs+w/dhVclGJDGSvXv/t0QmJb+sylS1U5bR+5 3nptRXZ/wQABxhXfvpDgktzNz+cIanV2X+V4EAB9GboLQG9YzfZV8eQUFMDjKZzC wKUkdn+OS9XvWMBTcdt9ZaGXG8lk0Z3wDMKsuosn+2VDD0hawD0cKoIsKS8/aMVe Nl0GQBLcbzXGOgUYj1BqSzINQaN5A3n4vn2CfY9ehTBushxzMHE0+3a3JYiCrn4d LU300cZWAiupZ8A2QQOIbFPc3EljhLjaXdf14M2IXwGDnK6UhbgJ9kRQRuxGLhJq d/FOkENrcqER5YW88PPzawVbIiFOjG8yoaUJ+PrSavqgeI/0cU7uRl9o0G8RSwLR VttPk8R46BYekCQVO1clKJe1q5O1ismlCBZsOACBAjgU4dBHlWZddLCsVlcVqXp/ M1YzEHmDTe05qYQ6RS21He1UVfcwn55n8zPB0MOj1brV5lCdMSfmHs255cmaEIUu ZTLpw+K4oRamLOBMvwIOEpUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 366808932303020035922982628453284450963990 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-02 22:36:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-01 22:36:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aws.duplex.snapchat.comat.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 867672771398937801795545163735291548294963309434485825274510118483475113165290168429531375317101786493399327700409807733705871060254645498094069424572184883551570317030498099523967145468058727458621855551573105872784471809406624885138398409298237737315939750755250357640298597348973089727163796308387881124628137150882439489571350066070996866395152142755877098595465162404613391482819791396404439502991756828828560497652426023744653368228493662212430870077711341707530910120513900847167711397370701921217967630407115679126587298225172496495514798453530196528026155819447495589430698713198282932956280901909967627363512779983467990820638927861139915816735515605390272945632259666846737530116544077125632981992770347938616801005642200051299720892670182371741284013261311861399522196836605789895353918128791346621289911747937778153442863831176785530473045624287109383018885539785111684782801029270637293915881514565181649579427409190095687168351092432056190370273930723904547399195363919343560871955953303894659098354046034329160764387090913445878099631357843279774509183660000686001690964927870291443353292353962377074928398528059247463222390671466945127070260276424179324078020963494252247278295230905677670920224514895025344690918037 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4256778e37198e11975b00ea0860c154161b7133 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws.duplex.snapchat.comat.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008a62d117d849ba4a1fb9de3516dd8ddbe955c5ec566d7b2fa021b877c761ee1b925f453ff4cfd121342759908cd1f224f2d6d4d5282ce99c8f85a59c77e37d362d5ea28e9b8c47189d5f086852c5a6b622fbbf48bedc5a05f1fbe63441160a2efcf27df5cbc9cc194ba50d60e19ac0f94d9fd4cfbf78f169092bc8b9bc51d971bd690a991608245b78cd93750936db6a2ca3c9fdddc9e0de1a936102f03ad67a4ae8e867e0217f726e0f70ec00b39b7ac1bf68a5e864ab6d4664f0337c6906c2ad38f0d874a9b2192c048bdab43947d09e5d9fd313b7f74ad69e488e316a6e740e0d20df62c84208b04c1801b50c4a324d65aee4d6df13f98cc4d545ccaee0e1