DV SSL/TLS Certificate for www.deki.app

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M03)

About the www.deki.app DV SSL/TLS Certificate

This certificate with serial number 0b:73:41:59:be:e6:99:f6:2d:c7:a1:c8:44:09:72:96 for www.deki.app was issued on by Amazon.

With 9 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.deki.app provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 0b:73:41:59:be:e6:99:f6:2d:c7:a1:c8:44:09:72:96
Serial Number (int): 15219947559377212775163119227426665110
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: ad:13:9b:f9:7b:d4:54:f6:73:0a:99:87:4e:92:28:a0:61:f3:a5:84
Authority Key Identifier: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (SHA-1): e2:ce:40:aa:bf:bb:0e:a7:03:44:75:b6:b5:c1:27:1f:a2:c9:f9:cb
Fingerprint (SHA-256): e2:8a:ba:13:db:fc:72:0b:7e:35:07:76:52:13:3e:c2:52:30:18:2a:fb:06:05:17:76:70:73:25:13:e2:da:7b

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation Information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate www.deki.app
9
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.deki.app

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.deki.app
auth.deki.app
auth.prod.deki.app
dev.www.deki.app
prod.www.deki.app
prod.deki.app
auth.dev.deki.app
deki.app
dev.deki.app

X.509 Certificate

The complete raw X.509 certificate details for www.deki.app in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgIQC3NBWb7mmfYtx6HIRAlyljANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI0MDkwNzAwMDAwMFoXDTI1MTAwNzIzNTk1OVowFzEV
MBMGA1UEAxMMd3d3LmRla2kuYXBwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+Cj3faWmZKWdAxsQGp+7LltCF1vu9Qp1ykrKdaLvU0zuwvS7X8HmVuc
zmav1o/DgoS0DBKoFtMUxSI09DgI0nt+9/wIs/h4EKjsDLeL7SheFsCvITGV8zux
wS08S1C0MxE6ElEvJfDkNtZur1kNIqoZ9netFZ8DBvCdDD4LVdKu0fvUVGH6TEXU
xD/1OJW9acRkfdbKk1KVXo5xLelnk4P/EctM+wjcSYfSxBTORzND36YF94H4ZPB5
xQg04P2SWm0wX7xkNHDCOa8aefK4ShZC3mUh6OlRy07OTVorSJPwR6Bd0ohCk63N
SEmQJjM7ptPcKnNkSIpimepaFqw2cQIDAQABo4IDazCCA2cwHwYDVR0jBBgwFoAU
VdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFK0Tm/l71FT2cwqZh06SKKBh
86WEMIGbBgNVHREEgZMwgZCCDHd3dy5kZWtpLmFwcIINYXV0aC5kZWtpLmFwcIIS
YXV0aC5wcm9kLmRla2kuYXBwghBkZXYud3d3LmRla2kuYXBwghFwcm9kLnd3dy5k
ZWtpLmFwcIINcHJvZC5kZWtpLmFwcIIRYXV0aC5kZXYuZGVraS5hcHCCCGRla2ku
YXBwggxkZXYuZGVraS5hcHAwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy
MDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5j
cmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0w
My5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMu
YW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYB
BAHWeQIEAgSCAW8EggFrAWkAdwAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr
5YYmOgAAAZHKfYzpAAAEAwBIMEYCIQDeQfTp73YXSJao4DZCeY+MPug+bh9E/8YN
rdB9Nay9xgIhAIjU3LkHrqiHIe0riwsDLeaC5kxRaehwaoCmExwDPTkpAHYAfVke
EuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGRyn2MLQAABAMARzBFAiBv
o7CrbsRTmnhyA/t1rkhOrsL3Y2CGh+1LI4muSTB1yAIhAO98oTEqNfdD4yYDmbYB
Fg1qUFzIAi42xgXC6Zu1YuYuAHYA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId
/R43jlAAAAGRyn2MSwAABAMARzBFAiArjBWgpgLaB9y0AiKEl8QbNW0eu7uZvAyY
cTZXzrookgIhANf63LIFtBb+n810S/U+SseHUGkXg0uHDV3lQmNdvdvRMA0GCSqG
SIb3DQEBCwUAA4IBAQADRvocw4y+UUZkthnBJxdXnAEJyXQmCKFA6bSZnhAPedf0
unIbisoT3U35TvlYlKs83RIfCd3OSAr8wVYjHADNxowB4JA9L4jUZbvTIdTJ8odY
RYDv2H+lhW8BK0ZVs/P8WWfgV/fdIsJ260Lare4nmlFe0vPu+jjEiZutWReExJQm
bFSd3+olz7Hwk/HZIYNfcsgdOn7Tmc3ogckshsUpcEkkwKxBARPsyotqe6ZuUzs8
XY9ctQM4oLbdH1oXeoA/Y0MwmXPOc59w65YlUAtHFqOFP4/Juxa0EK8DOOxjRAHP
JXNkJNcy+n513V6PLVXaPo/+mmy7TPzcCVbiLmnn
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+Cj3faWmZKWdAxsQGp+
7LltCF1vu9Qp1ykrKdaLvU0zuwvS7X8HmVuczmav1o/DgoS0DBKoFtMUxSI09DgI
0nt+9/wIs/h4EKjsDLeL7SheFsCvITGV8zuxwS08S1C0MxE6ElEvJfDkNtZur1kN
IqoZ9netFZ8DBvCdDD4LVdKu0fvUVGH6TEXUxD/1OJW9acRkfdbKk1KVXo5xLeln
k4P/EctM+wjcSYfSxBTORzND36YF94H4ZPB5xQg04P2SWm0wX7xkNHDCOa8aefK4
ShZC3mUh6OlRy07OTVorSJPwR6Bd0ohCk63NSEmQJjM7ptPcKnNkSIpimepaFqw2
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15219947559377212775163119227426665110
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.deki.app'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24727243633082266860241181540165337763322661787726371367288683654393544225668355765772868817294203918093631023210354111280534520557128624719208719771985502824734472649983303857684821466592039871450563270945774144948917168383204490290080466735978326777290546783699620277352555457819013401169548776737828075629654162945719839046715444187938874358319935246712005641357763802188013066676723234949137320847960395305722131134141373838400270971622270231683899771586902282470119364138451771581506453961141123136668726704844241547271962101569630075528183893216520992627423253255123897650745249903060611277108170179618863330929
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ad139bf97bd454f6730a99874e9228a061f3a584
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.prod.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.www.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.www.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.dev.deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'deki.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.deki.app'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900770012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000191ca7d8ce90000040300483046022100de41f4e9ef76174896a8e03642798f8c3ee83e6e1f44ffc60dadd07d35acbdc602210088d4dcb907aea88721ed2b8b0b032de682e64c5169e8706a80a6131c033d39290076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000191ca7d8c2d000004030047304502206fa3b0ab6ec4539a787203fb75ae484eaec2f763608687ed4b2389ae493075c8022100ef7ca1312a35f743e3260399b601160d6a505cc8022e36c605c2e99bb562e62e007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e5000000191ca7d8c4b000004030047304502202b8c15a0a602da07dcb402228497c41b356d1ebbbb99bc0c98713657ceba2892022100d7fadcb205b416fe9fcd744bf53e4ac787506917834b870d5de542635dbddbd1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000346fa1cc38cbe514664b619c12717579c0109c9742608a140e9b4999e100f79d7f4ba721b8aca13dd4df94ef95894ab3cdd121f09ddce480afcc156231c00cdc68c01e0903d2f88d465bbd321d4c9f287584580efd87fa5856f012b4655b3f3fc5967e057f7dd22c276eb42daadee279a515ed2f3eefa38c4899bad591784c494266c549ddfea25cfb1f093f1d921835f72c81d3a7ed399cde881c92c86c529704924c0ac410113ecca8b6a7ba66e533b3c5d8f5cb50338a0b6dd1f5a177a803f6343309973ce739f70eb9625500b4716a3853f8fc9bb16b410af0338ec634401cf25736424d732fa7e75dd5e8f2d55da3e8ffe9a6cbb4cfcdc0956e22e69e7