api.xfinitymfa.com
Issued by Amazon
About this certificate
This digital certificate with serial number 01:f2:5e:ec:99:f8:9e:6e:05:26:2c:cc:a6:3b:b8:c6 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=api.xfinitymfa.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:f2:5e:ec:99:f8:9e:6e:05:26:2c:cc:a6:3b:b8:c6Serial Number (int): 2587689127551209051759108628936374470
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: a3:3f:89:22:c3:58:ea:6b:03:de:f2:e3:65:dc:1f:46:09:3b:a6:eb
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): fc:c4:5d:fd:2d:84:3e:92:dc:47:fb:f7:fa:e9:43:38:ef:44:03:30
Fingerprint (sha256): df:d4:0d:8e:84:c4:7e:fc:2c:a0:f0:45:66:60:c8:0b:2f:9d:b8:d6:c8:1e:ac:9d:23:1b:b8:a2:e3:4f:37:50
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate api.xfinitymfa.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api.xfinitymfa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.xfinitymfa.com
xfinitymfa.com
mfa.comcast.com
xfinitymfa.com
mfa.comcast.com
Other certificates including the domain name xfinitymfa.com
(limited to 100 certificates)
api-staging.xfinitymfa.com
*.xfinitymfa.com
api.xfinitymfa.com
api-dev.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
*.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
test.xfinitymfa.com
api-dev.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
*.xfinitymfa.com
api.xfinitymfa.com
api-dev.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
*.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
test.xfinitymfa.com
api-dev.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
api-staging.xfinitymfa.com
Certificate
The complete raw certificate details for api.xfinitymfa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEmzCCA4OgAwIBAgIQAfJe7Jn4nm4FJizMpju4xjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAyMTQwMDAwMDBaFw0yMDAzMTQx MjAwMDBaMB0xGzAZBgNVBAMTEmFwaS54ZmluaXR5bWZhLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAMJUaMbzykuvdW32naGdEPO4jRhC+P6Nr30w puNgOcnU2JEMy7k3ubbY8gPdU8vQOjYQ8oxrRi4ZBu0pterLSMC9BEjSYOLlcQiZ Ek0B+kjRehW0OEjBmGTnne04nuEYk7ouqOPeIxwj18TwhHB2vfY5tBHjSfc40qSV N9oq3nV5FF34V28YbQ4QNXdkWgRMz3q50XiXJ44eYN4BBwb6c2JFBjnQGcdkkDeX p7lJZUOOYRI8+77AU3190c6COTrJVyFRDyZ3Nt5BVlRPXp/bxORWJpjew/E40C7D hm5s4qa0ykLW0wSv4xB285rN3wA8M+dQjpORkIOzvMfkmShRlbcCAwEAAaOCAaww ggGoMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBSj P4kiw1jqawPe8uNl3B9GCTum6zA+BgNVHREENzA1ghJhcGkueGZpbml0eW1mYS5j b22CDnhmaW5pdHltZmEuY29tgg9tZmEuY29tY2FzdC5jb20wDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg LqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcmww IAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkw ZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29t MDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9z Y2ExYi5jcnQwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq hkiG9w0BAQsFAAOCAQEARSpdy9BJpu6jERLJWv6sJgFkjolExCsVp4ek1f2HWVsw yra+DCRnKLFqllMdYIhVdlZT0/qcty07qYayRwGF1G9iObq8q3XpWBklKIk2CMY3 WOrNNKkNckQF5MzFtPf4Y/gP6FvFSCIPdCRiG6UwTlKtbFONiUCHKlZOcq+WtznU VkIfEHwVXOnNE1OFDoAV/wDGLD/m4i+/z8KU414KQzAZo+mgdLEC1tZrwe4q35Ki uKPkOoZwqeGf7tVV45vqbhW/Bb+82PYJ+ullH3q0lifltN6MgWqYz7eOZUHCPZJp IHbjwKpkGq3Ck4KLFMbg36F73mVIdw0YUxiyvRkTkA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlRoxvPKS691bfadoZ0Q 87iNGEL4/o2vfTCm42A5ydTYkQzLuTe5ttjyA91Ty9A6NhDyjGtGLhkG7Sm16stI wL0ESNJg4uVxCJkSTQH6SNF6FbQ4SMGYZOed7Tie4RiTui6o494jHCPXxPCEcHa9 9jm0EeNJ9zjSpJU32iredXkUXfhXbxhtDhA1d2RaBEzPernReJcnjh5g3gEHBvpz YkUGOdAZx2SQN5enuUllQ45hEjz7vsBTfX3RzoI5OslXIVEPJnc23kFWVE9en9vE 5FYmmN7D8TjQLsOGbmziprTKQtbTBK/jEHbzms3fADwz51COk5GQg7O8x+SZKFGV twIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2587689127551209051759108628936374470 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-14 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.xfinitymfa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24531854933568341381525548906502516111945504995883415480418491648556814240129354578490054486395550191150284629522037583067784594886242787537137223906885939021615816270336939727301379148480488105578574199299360182292517931095422021499067535201455817013936110399401408435925438598141877316517157237364631457727274022761310935505238530440610541180907407205846033884912894046524466988078185517630479665761906983817930885019687651301056446996050295046578903167704794488879681157524007991568409861381430160933102533346082222309682621903975456555314766330741298582997967161698870538617924388471036905280691390119087749305783 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a33f8922c358ea6b03def2e365dc1f46093ba6eb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.xfinitymfa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xfinitymfa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfa.comcast.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00452a5dcbd049a6eea31112c95afeac2601648e8944c42b15a787a4d5fd87595b30cab6be0c246728b16a96531d608855765653d3fa9cb72d3ba986b2470185d46f6239babcab75e958192528893608c63758eacd34a90d724405e4ccc5b4f7f863f80fe85bc548220f7424621ba5304e52ad6c538d8940872a564e72af96b739d456421f107c155ce9cd1353850e8015ff00c62c3fe6e22fbfcfc294e35e0a433019a3e9a074b102d6d66bc1ee2adf92a2b8a3e43a8670a9e19feed555e39bea6e15bf05bfbcd8f609fae9651f7ab49627e5b4de8c816a98cfb78e6541c23d92692076e3c0aa641aadc293828b14c6e0dfa17bde6548770d185318b2bd191390