DV SSL/TLS Certificate for *.code.org

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M03)

About the *.code.org DV SSL/TLS Certificate

This certificate with serial number 0c:73:d0:36:bc:63:a3:b6:16:d1:9a:3a:7b:7e:db:bd for *.code.org was issued on by Amazon.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.code.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 0c:73:d0:36:bc:63:a3:b6:16:d1:9a:3a:7b:7e:db:bd
Serial Number (int): 16552073165972469577092218171665865661
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: 97:5f:08:39:31:e0:3d:1f:fc:8a:8c:58:6c:f0:c0:71:65:23:88:cd
Authority Key Identifier: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (SHA-1): 65:f7:49:f0:d2:41:54:bc:2f:20:df:14:f1:82:00:58:4e:3c:1b:7d
Fingerprint (SHA-256): f1:17:59:a7:3c:14:db:47:23:d0:24:12:25:3a:2e:c5:9a:b0:fb:b9:db:84:8b:cd:f5:c6:f8:4e:1c:8e:9e:90

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation Information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate *.code.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.code.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.code.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgIQDHPQNrxjo7YW0Zo6e37bvTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI1MDYxODAwMDAwMFoXDTI2MDcxNjIzNTk1OVowFTET
MBEGA1UEAwwKKi5jb2RlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4BQ6fu8L5a80MDZ6CvsPTS3pv9fej69I0fvrTJV1fZmMooFuJsLsl+vUYg
eUEBKO11IFsnmGur4374JrPbDKsVnhQS/3+Uodd//sGl4IF+JloFAanZh/7lHJbR
vBqR2imeT7qbD5Atebp+1c8vLpZVbSpBXGRaVBOEhMO/+7v5KRA8wsvMiDYZp7mQ
J6Nm/PclHEiz/OrihDiXggjOOwmqSn2XstFzojDRKqsaLk9s4EZOgoUz21FeOvyp
EB7kDPpSamncVo050bUMycDKeeXIxsCMLoH0IEtTnB/KXOgL274IJUsHC00uUEAp
MBCAX+PgP+S0NxwjB47y08oE/EECAwEAAaOCAuQwggLgMB8GA1UdIwQYMBaAFFXZ
GF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBSXXwg5MeA9H/yKjFhs8MBxZSOI
zTAfBgNVHREEGDAWggoqLmNvZGUub3Jngghjb2RlLm9yZzATBgNVHSAEDDAKMAgG
BmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwOwYD
VR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMy5hbWF6b250cnVzdC5jb20v
cjJtMDMuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29j
c3AucjJtMDMuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0
LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jZXIwDAYDVR0TAQH/BAIwADCC
AX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcA2AlVO5RPev/IFhlvlE+Fq7D4/F6H
VSYPFdEucrtFSxQAAAGXgKJhpQAABAMASDBGAiEAhhHrrByHkoqeqJO2QQXUcxTm
ZeMe7/HPP6IlMJgODJ0CIQDu0UJCycpOhgGb0SGSuJxCB9KA9KZ0KDcvNSVCtwtg
3wB2AMIxfldFGaNF7n843rKQQevHwiFaIr9/1bWtdprZDlLNAAABl4CiYZIAAAQD
AEcwRQIhANjIyn1kfe0mh72/5zFiRE67sq0SEe1JcB6PHt13d+GvAiB0nAmjnGk+
l2yzrmytcCzD/SnFYBk7ZzERjcCd3IqwoQB2AJROQ4f67MHvgfMZJCaoGGUBx9Nf
OAIBP3JnfVU3LhnYAAABl4CiYasAAAQDAEcwRQIhANrYI0EywNOR7KY+4cJbcduH
mCjemhUDhvhvvDhlV6JWAiBa50z4SupltKUudsJd5lWlTQq3IZ51NVFNQrLGDm2q
rDANBgkqhkiG9w0BAQsFAAOCAQEAQJGgDvosrxhO/2xu7iDQ+jxjjkj45mK9lvef
GBGtyjbqfNOJ++h1NMU0Kr9+buggwlxmq8H07ig8uizCwuzBJYURhUpV3TDB/sWJ
KNpW2Kq61Bw+pMHE+T1BF9CS+ffB6MSJz4RW5ZJ6hei+CNUpL3sVm+tMhQ9e+X6R
zsDLaK65SmyfZAPsB1Kv/ghkibITu9QjSZ0cN/GTb8UCv+i+riiBiNasPh1nScId
buVcSZ6FGPG9wNud2z5o60Y0qkyIfjsrsJ18LIuQREHmOPqwdzLeLiyiW9EZYHO8
xcZwXg/pgt2ihIXFG8HQ6oOWGSTnJwl4Hdda1ezrMzU5BFttOQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngFDp+7wvlrzQwNnoK+w
9NLem/196Pr0jR++tMlXV9mYyigW4mwuyX69RiB5QQEo7XUgWyeYa6vjfvgms9sM
qxWeFBL/f5Sh13/+waXggX4mWgUBqdmH/uUcltG8GpHaKZ5PupsPkC15un7Vzy8u
llVtKkFcZFpUE4SEw7/7u/kpEDzCy8yINhmnuZAno2b89yUcSLP86uKEOJeCCM47
CapKfZey0XOiMNEqqxouT2zgRk6ChTPbUV46/KkQHuQM+lJqadxWjTnRtQzJwMp5
5cjGwIwugfQgS1OcH8pc6AvbvgglSwcLTS5QQCkwEIBf4+A/5LQ3HCMHjvLTygT8
QQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16552073165972469577092218171665865661
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-07-16 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.code.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19946275624937719064188011253502499559169542032523511784831153338540803791820324737204610170402520190321753527669922704071101109929629317668424159994738649541517959410282579611146153191680023607458115245822418151975767955613853650580227482700537554452089245885585401185894244777548326902086344261343443965540332113649270422464143087035346095320123600254289186660938933946593042617464872844437026763455970790685608845182858577193869313593741570613756741918326919430508900205247195886117337944296283116433974912567651768827569000315800484140640263138149568683517751418604954755057353530873458386983673223460769608563777
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							975f083931e03d1ffc8a8c586cf0c071652388cd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.code.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'code.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700d809553b944f7affc816196f944f85abb0f8fc5e8755260f15d12e72bb454b140000019780a261a500000403004830460221008611ebac1c87928a9ea893b64105d47314e665e31eeff1cf3fa22530980e0c9d022100eed14242c9ca4e86019bd12192b89c4207d280f4a67428372f352542b70b60df007600c2317e574519a345ee7f38deb29041ebc7c2215a22bf7fd5b5ad769ad90e52cd0000019780a261920000040300473045022100d8c8ca7d647ded2687bdbfe73162444ebbb2ad1211ed49701e8f1edd7777e1af0220749c09a39c693e976cb3ae6cad702cc3fd29c560193b6731118dc09ddc8ab0a1007600944e4387faecc1ef81f3192426a8186501c7d35f3802013f72677d55372e19d80000019780a261ab0000040300473045022100dad8234132c0d391eca63ee1c25b71db879828de9a150386f86fbc386557a25602205ae74cf84aea65b4a52e76c25de655a54d0ab7219e7535514d42b2c60e6daaac
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004091a00efa2caf184eff6c6eee20d0fa3c638e48f8e662bd96f79f1811adca36ea7cd389fbe87534c5342abf7e6ee820c25c66abc1f4ee283cba2cc2c2ecc1258511854a55dd30c1fec58928da56d8aabad41c3ea4c1c4f93d4117d092f9f7c1e8c489cf8456e5927a85e8be08d5292f7b159beb4c850f5ef97e91cec0cb68aeb94a6c9f6403ec0752affe086489b213bbd423499d1c37f1936fc502bfe8beae288188d6ac3e1d6749c21d6ee55c499e8518f1bdc0db9ddb3e68eb4634aa4c887e3b2bb09d7c2c8b904441e638fab07732de2e2ca25bd1196073bcc5c6705e0fe982dda28485c51bc1d0ea83961924e72709781dd75ad5eceb333539045b6d39