vanity.jefferson.us003-rapididentity.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 09:12:ba:ad:d3:5b:78:73:51:f6:ba:b3:28:8b:74:19 was issued on by Amazon.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=vanity.jefferson.us003-rapididentity.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 09:12:ba:ad:d3:5b:78:73:51:f6:ba:b3:28:8b:74:19
Serial Number (int): 12060299605588182065025437178127938585
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 6b:cc:76:e0:97:7b:5e:50:8e:39:7f:fe:77:b8:d7:1b:0a:48:61:fd
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): e7:c4:32:b2:a4:d3:e7:44:a4:b7:d2:be:c6:8d:77:e2:86:80:cf:ba
Fingerprint (sha256): 92:4f:bd:e6:7d:a4:88:8d:81:37:70:c2:26:f7:8a:48:4a:a9:5e:45:99:a9:66:27:d7:c5:df:b6:79:da:b3:a2

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate vanity.jefferson.us003-rapididentity.com

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vanity.jefferson.us003-rapididentity.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vanity.jefferson.us003-rapididentity.com
jefferson.us003-rapididentity.com
ia9c840320772946bcb4f99238452be405.us003-rapididentity.com
*.jcpsky.net
jcpsky.net

Other certificates including the domain name us003-rapididentity.com

(limited to 100 certificates)
vanity.fountainvalley.us003-rapididentity.com
portal.shenandoah.k12.va.us
sso.floydboe.net
vanity.shenandoahk12.us003-rapididentity.com
vanity.merrick.us003-rapididentity.com
vanity.pharosbx.us003-rapididentity.com
rapidid.jefferson.kyschools.us
vanity.cherokee.us003-rapididentity.com
vanity.escondido.us003-rapididentity.com
vanity.usd-test.us003-rapididentity.com
vanity.disd.us003-rapididentity.com
vanity.usd.us003-rapididentity.com
vanity.cherokee.us003-rapididentity.com
vanity.greeleyschools.us003-rapididentity.com
password.pacollege.edu
vanity.jefferson-uat.us003-rapididentity.com
vanity.jefferson.us003-rapididentity.com
password.pacollege.edu
vanity.willmar.us003-rapididentity.com
vanity.lasalle.us003-rapididentity.com
accounts-tst.mica.edu
portal.bccs286.org
portal.shenandoah.k12.va.us
rapidid.jefferson.kyschools.us
vanity.dallascollege.us003-rapididentity.com
portal.dallasisd.org
vanity.challenge.us003-rapididentity.com
vanity.hamilton.us003-rapididentity.com
vanity.disd.us003-rapididentity.com

Certificate

The complete raw certificate details for vanity.jefferson.us003-rapididentity.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIQCRK6rdNbeHNR9rqzKIt0GTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIxNTAwMDAwMFoXDTI1MDExMjIzNTk1OVowMzEx
MC8GA1UEAxModmFuaXR5LmplZmZlcnNvbi51czAwMy1yYXBpZGlkZW50aXR5LmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAONwG5wHGVbefg9LmRMK
MDWkWYmbUwBRkfCu0v6T9X3qUtW05q0/WKrNj8h9oGTKQI68F/m9fTK40N0yBCYM
U1u99N1DcpdOzPwU2c4SY0Bp6g/qztvRtigHX27aUHQe0Xl8p3FwMRqrHoUXN5aK
h3uEqmxnKNiIswIzxocGovKMQUTR3nggVidUeOuyXZzu+ZXm5J4URfUhkISyTwCg
+wlCcOjaygnyRBdlqycsgqdPBsRuzkZ8FoRdPQGy5n3GXboHqRqgWNjKkCaF+3Nb
oR7jFAIz+4DdozXReXTqBw36Djrt/OdcTO8bK0WcMAjHuTQJJPSNBuVYD4vRpFgo
h/UCAwEAAaOCAhAwggIMMB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664Li
MB0GA1UdDgQWBBRrzHbgl3teUI45f/53uNcbCkhh/TCBrgYDVR0RBIGmMIGjgih2
YW5pdHkuamVmZmVyc29uLnVzMDAzLXJhcGlkaWRlbnRpdHkuY29tgiFqZWZmZXJz
b24udXMwMDMtcmFwaWRpZGVudGl0eS5jb22COmlhOWM4NDAzMjA3NzI5NDZiY2I0
Zjk5MjM4NDUyYmU0MDUudXMwMDMtcmFwaWRpZGVudGl0eS5jb22CDCouamNwc2t5
Lm5ldIIKamNwc2t5Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIw
MKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNy
bDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAy
LmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5h
bWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHW
eQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAIJqBxFEi/4ifXaoqZZQBLfC
YMkQIDbJ4K5L7w8fTHMVrf6l/jxv7bxB9k5ILlEgCxpI8HItaY6M/kT7kbdj5yQq
wpp6ARyRSHZhpQrG5U86UcIJJEqCSWFbEMo9W8ad9hdFubn8b3Iub4JHDG4NqYyB
JkTaW+pT7Bz2Tiw/znDtPVmXIs5YHSQkFcXBG7H+FQDN16LieEjqDhULBM0S19an
1vxKXVKDMDlSvk8XtfaIopoovPRZYZ1xkcHkMfzf+3LZn9IM9vV/+wAhh0klCziA
1nPc7yWKNRjH9nmx4VmcP9CtTKo/mon8tFQDnn+sNYFZWLPUi1w5+JMsex9MpyU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43AbnAcZVt5+D0uZEwow
NaRZiZtTAFGR8K7S/pP1fepS1bTmrT9Yqs2PyH2gZMpAjrwX+b19MrjQ3TIEJgxT
W7303UNyl07M/BTZzhJjQGnqD+rO29G2KAdfbtpQdB7ReXyncXAxGqsehRc3loqH
e4SqbGco2IizAjPGhwai8oxBRNHeeCBWJ1R467JdnO75lebknhRF9SGQhLJPAKD7
CUJw6NrKCfJEF2WrJyyCp08GxG7ORnwWhF09AbLmfcZdugepGqBY2MqQJoX7c1uh
HuMUAjP7gN2jNdF5dOoHDfoOOu3851xM7xsrRZwwCMe5NAkk9I0G5VgPi9GkWCiH
9QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12060299605588182065025437178127938585
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vanity.jefferson.us003-rapididentity.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28711377668310358124143674529474387906508864221853266285487025411348837015491502799350424562246134406940473228751301407265587811305381734064910504857347926205771902198741702932109394552777461397597378897736191142513568955203096618368098432244803942287824341883287555968684472910230587045764720305726823749121647621255559957583809303105762135453321611214545442074024765040947754845537524370223458025784432910786903004882318862565654922484025301402382790234531030195808602834975849556430256627886953739146330270833172280664750952854076240563634928784717355249727915257789793272706402873118955430534619799570296664000501
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6bcc76e0977b5e508e397ffe77b8d71b0a4861fd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (166 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vanity.jefferson.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jefferson.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ia9c840320772946bcb4f99238452be405.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jcpsky.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jcpsky.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00826a0711448bfe227d76a8a9965004b7c260c9102036c9e0ae4bef0f1f4c7315adfea5fe3c6fedbc41f64e482e51200b1a48f0722d698e8cfe44fb91b763e7242ac29a7a011c91487661a50ac6e54f3a51c209244a8249615b10ca3d5bc69df61745b9b9fc6f722e6f82470c6e0da98c812644da5bea53ec1cf64e2c3fce70ed3d599722ce581d242415c5c11bb1fe1500cdd7a2e27848ea0e150b04cd12d7d6a7d6fc4a5d5283303952be4f17b5f688a29a28bcf459619d7191c1e431fcdffb72d99fd20cf6f57ffb00218749250b3880d673dcef258a3518c7f679b1e1599c3fd0ad4caa3f9a89fcb454039e7fac35815958b3d48b5c39f8932c7b1f4ca725