*.kristal.ai
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 0d:4d:aa:e2:d2:89:41:91:0f:86:93:1e:2e:12:99:1a was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.kristal.ai
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:4d:aa:e2:d2:89:41:91:0f:86:93:1e:2e:12:99:1aSerial Number (int): 17683236783666221612346396333887887642
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: bc:37:f2:e2:e5:7e:92:36:18:26:87:64:d9:50:48:f3:f1:e4:c3:64
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 9b:38:36:81:ba:8e:d2:c3:7f:2c:88:37:63:7b:91:86:40:93:b2:a6
Fingerprint (sha256): e1:31:8b:e9:e4:ac:11:d4:2f:33:ff:4a:b4:41:ff:ca:47:c2:a6:a4:00:98:0f:19:c5:38:a2:74:b4:9d:12:ce
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate *.kristal.ai
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.kristal.ai
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.kristal.ai
Other certificates including the domain name kristal.ai
(limited to 100 certificates)
tls.automattic.com
lovelouie.live
kristal.ai
tls.automattic.com
tls.automattic.com
staging-web1.kristal.ai
kristal.ai
www.mateusnobre.com.br
www.inspirally.com
kristal.ai
investo2o.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
invest.kristal.ai
kristal.ai
kristal.ai
kristal.ai
invest.kristal.ai
snoo.app
app.kidsplace.fr
www.tanakaoriginal.com
invest.kristal.ai
investo2o.com
tls.automattic.com
invest.kristal.ai
invest.kristal.ai
*.kristal.ai
invest.kristal.ai
tls.automattic.com
kristal.ai
*.kristal.ai
kristal.ai
solutions.kristal.ai
invest.kristal.ai
invest.kristal.ai
*.kristal.ai
*.kristal.ai
*.kristal.ai
*.kristal.ai
tls.automattic.com
kristal.ai
*.kristal.ai
stage-manager.mblazek.dev
solutions.kristal.ai
investo2o.com
*.kristal.ai
kristal.ai
kristal.ai
invest.kristal.ai
bfi.org.uk
tls.automattic.com
investo2o.com
staging.kristal.ai
lovelouie.live
kristal.ai
tls.automattic.com
tls.automattic.com
staging-web1.kristal.ai
kristal.ai
www.mateusnobre.com.br
www.inspirally.com
kristal.ai
investo2o.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
invest.kristal.ai
kristal.ai
kristal.ai
kristal.ai
invest.kristal.ai
snoo.app
app.kidsplace.fr
www.tanakaoriginal.com
invest.kristal.ai
investo2o.com
tls.automattic.com
invest.kristal.ai
invest.kristal.ai
*.kristal.ai
invest.kristal.ai
tls.automattic.com
kristal.ai
*.kristal.ai
kristal.ai
solutions.kristal.ai
invest.kristal.ai
invest.kristal.ai
*.kristal.ai
*.kristal.ai
*.kristal.ai
*.kristal.ai
tls.automattic.com
kristal.ai
*.kristal.ai
stage-manager.mblazek.dev
solutions.kristal.ai
investo2o.com
*.kristal.ai
kristal.ai
kristal.ai
invest.kristal.ai
bfi.org.uk
tls.automattic.com
investo2o.com
staging.kristal.ai
Certificate
The complete raw certificate details for *.kristal.ai in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEVzCCAz+gAwIBAgIQDU2q4tKJQZEPhpMeLhKZGjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIyMTIwOTAwMDAwMFoXDTI0MDEwNzIzNTk1OVowFzEV MBMGA1UEAwwMKi5rcmlzdGFsLmFpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA3oiVXRurRMAo3sOWxO1VEfVuxy0qHTEcwxTXCqvHrDBJbL3ZsY4jjVO8 qxjCECi682LEE1OyR77stX1RXSgqJr7CKG1OA1mIS7ZD21a8D7XtYkx9bOXhuLXj GtdPVov8U/6fiO/Dpq3a6EFAiGnSjj9FqUsRSs2bYIAt8eiHSJOQzdQ0OgfGmBgH Lgc6wKd+7TCU2VIPc8S9dGHM4VCyG2x80JgPI9tR9mthFmXjyqnkplYFwCcsgni4 a9ldPTITYX0/0mnVJAuI0blKM2b7oNOHTeMRBVwispu/N9hebER2/jum7PUPY1x8 o54r8zF507DbIk7B8WC278tz4S/ACQIDAQABo4IBeDCCAXQwHwYDVR0jBBgwFoAU gbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFLw38uLlfpI2GCaHZNlQSPPx 5MNkMBcGA1UdEQQQMA6CDCoua3Jpc3RhbC5haTAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0 dHA6Ly9jcmwucjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNybDATBgNVHSAE DDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6 Ly9vY3NwLnIybTAxLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDov L2NydC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1UdEwEB/wQC MAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAAaKM8Se m0Q2OdBtYDa/hcttNNfF70cFdkaewkhkVrn4QDPaNmFSOHw4MMcCK6BhTHED8QaP Qq90sf5Fcqcy3V2IqWPAvbVhc/sasH3wXLdU3Ecm07eQEYSXuJwKwvR+ybvSBIPB 37vPVd5EmBROqCN4nwnHA1xys+tMYo8y+0jkeJRWTRCCF3ESoDY3v+OmlC0gbd/l 7ZZBp+gctDS+KlCCOp/z9YpaM4ZoD08yaOTIpzBX1qKy1KPWalShENYqdRyPsMqo WyJONd7lY7SJnf97njSVeCdZAXFilo9XlsGMZuqNOsVr7l3Gkuj+asAbULcC/PDs flm6joSPhwn5Ies= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oiVXRurRMAo3sOWxO1V EfVuxy0qHTEcwxTXCqvHrDBJbL3ZsY4jjVO8qxjCECi682LEE1OyR77stX1RXSgq Jr7CKG1OA1mIS7ZD21a8D7XtYkx9bOXhuLXjGtdPVov8U/6fiO/Dpq3a6EFAiGnS jj9FqUsRSs2bYIAt8eiHSJOQzdQ0OgfGmBgHLgc6wKd+7TCU2VIPc8S9dGHM4VCy G2x80JgPI9tR9mthFmXjyqnkplYFwCcsgni4a9ldPTITYX0/0mnVJAuI0blKM2b7 oNOHTeMRBVwispu/N9hebER2/jum7PUPY1x8o54r8zF507DbIk7B8WC278tz4S/A CQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17683236783666221612346396333887887642 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.kristal.ai' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28092255512866087385665336988587759598844817733196087294643866371444011968995648620927340372584226521503107753371516608942803957234055474272375233051957234593920503315529482966165957342823074813785785941730286531435755722439032846765414777157971935479474546987808193039139526216370217679946982978867374767977646233995584827993564561453937071455940856786690940771234766190528066368435648185805200527573864846171921173183815860588127383483017873770959302487801512339290409333980716289096497732219684066523284174178462659819823440829831109595621446157196622158403131482229544558042520644633920751972565452663219932872713 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bc37f2e2e57e923618268764d95048f3f1e4c364 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kristal.ai' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00068a33c49e9b443639d06d6036bf85cb6d34d7c5ef470576469ec2486456b9f84033da366152387c3830c7022ba0614c7103f1068f42af74b1fe4572a732dd5d88a963c0bdb56173fb1ab07df05cb754dc4726d3b790118497b89c0ac2f47ec9bbd20483c1dfbbcf55de4498144ea823789f09c7035c72b3eb4c628f32fb48e47894564d1082177112a03637bfe3a6942d206ddfe5ed9641a7e81cb434be2a50823a9ff3f58a5a3386680f4f3268e4c8a73057d6a2b2d4a3d66a54a110d62a751c8fb0caa85b224e35dee563b4899dff7b9e3495782759017162968f5796c18c66ea8d3ac56bee5dc692e8fe6ac01b50b702fcf0ec7e59ba8e848f8709f921eb