preprod.eu-west-1.mytandem.eu
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0f:6e:a8:4d:0b:8e:7e:5d:19:44:80:a8:1c:ac:ba:12 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=preprod.eu-west-1.mytandem.eu
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0f:6e:a8:4d:0b:8e:7e:5d:19:44:80:a8:1c:ac:ba:12Serial Number (int): 20512986140171095521645513479474166290
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 33:d7:7a:40:25:8f:be:75:1c:36:37:5a:f9:44:60:cc:b2:30:32:0d
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 9c:f0:85:3f:04:d7:f5:d0:d5:1b:f5:e3:09:fb:bc:7d:ec:01:9c:81
Fingerprint (sha256): 76:a1:af:df:aa:51:a6:b1:ec:bd:5b:d5:d1:b5:c2:6b:04:4a:6c:bb:87:8b:22:be:65:01:94:ca:e0:97:b0:be
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate preprod.eu-west-1.mytandem.eu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for preprod.eu-west-1.mytandem.eu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
preprod.eu-west-1.mytandem.eu
*.preprod.eu-west-1.mytandem.eu
*.preprod.eu-west-1.mytandem.eu
Other certificates including the domain name mytandem.eu
(limited to 100 certificates)
*.mytandem.eu
*.mytandem.eu
stage.eu-west-1.mytandem.eu
*.mytandem.eu
*.mytandem.eu
mytandem.eu
*.mytandem.eu
dev.eu-west-1.mytandem.eu
*.test.mytandem.eu
*.mytandem.eu
*.mytandem.eu
demo.mytandem.eu
nonprod.mytandem.eu
*.mytandem.eu
mytandem.eu
preprod.eu-west-1.mytandem.eu
mytandem.eu
*.test.mytandem.eu
*.lambda.mytandem.eu
mytandem.eu
uat.eu-west-1.mytandem.eu
mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.lambda.mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
mytandem.eu
*.mytandem.eu
stage.eu-west-1.mytandem.eu
*.mytandem.eu
*.mytandem.eu
mytandem.eu
*.mytandem.eu
dev.eu-west-1.mytandem.eu
*.test.mytandem.eu
*.mytandem.eu
*.mytandem.eu
demo.mytandem.eu
nonprod.mytandem.eu
*.mytandem.eu
mytandem.eu
preprod.eu-west-1.mytandem.eu
mytandem.eu
*.test.mytandem.eu
*.lambda.mytandem.eu
mytandem.eu
uat.eu-west-1.mytandem.eu
mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.lambda.mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
*.mytandem.eu
mytandem.eu
Certificate
The complete raw certificate details for preprod.eu-west-1.mytandem.eu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEmjCCA4KgAwIBAgIQD26oTQuOfl0ZRICoHKy6EjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDYwNjAwMDAwMFoXDTI1MDcwNjIzNTk1OVowKDEm MCQGA1UEAxMdcHJlcHJvZC5ldS13ZXN0LTEubXl0YW5kZW0uZXUwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZrwn1r8jzg3WGBJrRXv5mcX9larYwLojt OdpBKRwf1K3K/5FtomG/0e9twJ8aeTuPLwjpXfy/vUT4d+bY+hdbGER3UX1NWVOC bEbT7eLwxNiNsrSFh6EgQIT/zpmii+I//TqCHmdPy06cxBb6iaizG2OMFrclBrOC XOh9mnfSuli22RjfBN0gkglt2OATKwn4hrrsjjjLOgDND5Q+YLBJG4lamNGU5twV 70jm2znjQ57dC6e3fZwmm3gdQpSckjhuQ46SOPdWig2T0yff3E6LLe3JHVV45jW7 1k6XHVlBJ5n2COSxQH+pKu0htayfv2dgV8erLi9V3rrLLduvoVSHAgMBAAGjggGq MIIBpjAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQU M9d6QCWPvnUcNjda+URgzLIwMg0wSQYDVR0RBEIwQIIdcHJlcHJvZC5ldS13ZXN0 LTEubXl0YW5kZW0uZXWCHyoucHJlcHJvZC5ldS13ZXN0LTEubXl0YW5kZW0uZXUw EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3Iy bTAyLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG SIb3DQEBCwUAA4IBAQACZk+zqIw6RyXmddX6Yd2q2RsXXJzN+YtnvO44WPW5y9+m ZscjnadOiO8MKxwI3FJ0X2OQYMWezQ5qJgCTGk6T6zwWjYtqtsvjX/7WAWf3xxJb ayagXDlN+fRoScZMuoLvrKufjBeYBPwvwwW0MbS2GKTYBxezXboq4p3AzpQZA0Be rPiBF1BlipgC0E1bzkVINCTHyWFdGBlfUPOx7pPjEUqh4vnDBdQ3uw6KZBr9vd2I 9xqBM3R2mOjchr5tY6UpJQW43JVmVW/dMvYrOGs1pZ+iXz1V2KdH6aiASNxoe0jH 1MptLYLMKOFinAmVXdxFK1ltDWpEfAlEG4xPyVr2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma8J9a/I84N1hgSa0V7+ ZnF/ZWq2MC6I7TnaQSkcH9Styv+RbaJhv9HvbcCfGnk7jy8I6V38v71E+Hfm2PoX WxhEd1F9TVlTgmxG0+3i8MTYjbK0hYehIECE/86ZooviP/06gh5nT8tOnMQW+omo sxtjjBa3JQazglzofZp30rpYttkY3wTdIJIJbdjgEysJ+Ia67I44yzoAzQ+UPmCw SRuJWpjRlObcFe9I5ts540Oe3Qunt32cJpt4HUKUnJI4bkOOkjj3VooNk9Mn39xO iy3tyR1VeOY1u9ZOlx1ZQSeZ9gjksUB/qSrtIbWsn79nYFfHqy4vVd66yy3br6FU hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20512986140171095521645513479474166290 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'preprod.eu-west-1.mytandem.eu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19400775560927446461445416572394938475106121521758352456224026007433023843579505579935681444674048388467590192607337826738287843095479498929020471481420109588281787684774944806416076355560263052640195838402384103306834612251064395218172629561598239480476415709078345560007562932621744583862746639139848425549091589269540837962541307605682163300035223577404099713818388277324303640060096441337659918301595931405004353314926086398174966484546890159865263841538694272516021082138403926011397603289442428463110435487698121403578289576243026563611532387252030447654668509596079664547450219565766192040172860671967843406983 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 33d77a40258fbe751c36375af94460ccb230320d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preprod.eu-west-1.mytandem.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preprod.eu-west-1.mytandem.eu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0002664fb3a88c3a4725e675d5fa61ddaad91b175c9ccdf98b67bcee3858f5b9cbdfa666c7239da74e88ef0c2b1c08dc52745f639060c59ecd0e6a2600931a4e93eb3c168d8b6ab6cbe35ffed60167f7c7125b6b26a05c394df9f46849c64cba82efacab9f8c179804fc2fc305b431b4b618a4d80717b35dba2ae29dc0ce941903405eacf8811750658a9802d04d5bce45483424c7c9615d18195f50f3b1ee93e3114aa1e2f9c305d437bb0e8a641afdbddd88f71a8133747698e8dc86be6d63a5292505b8dc9566556fdd32f62b386b35a59fa25f3d55d8a747e9a88048dc687b48c7d4ca6d2d82cc28e1629c09955ddc452b596d0d6a447c09441b8c4fc95af6