*.lectura-prod.il-apps.com

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 0c:b9:bf:d2:b9:c9:51:fc:69:57:d2:40:69:ff:0f:ef was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.lectura-prod.il-apps.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0c:b9:bf:d2:b9:c9:51:fc:69:57:d2:40:69:ff:0f:ef
Serial Number (int): 16915201503894467125232459178819129327
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 32:4a:43:dc:29:7b:98:09:72:c1:b9:3b:57:79:5b:39:4d:71:3e:3c
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 0b:89:03:9f:4e:51:4a:ba:05:81:8d:fc:78:48:0e:28:46:1b:30:56
Fingerprint (sha256): f4:72:b9:e7:85:a5:13:82:48:2e:02:b8:ef:15:29:42:1e:84:18:14:78:c5:e1:0f:0f:fb:e8:e8:fc:14:85:63

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate *.lectura-prod.il-apps.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.lectura-prod.il-apps.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.lectura-prod.il-apps.com
*.lectura-prod-app.wna.cloud
reading.imaginelearning.com
lectura.imaginelearning.com

Other certificates including the domain name il-apps.com

(limited to 100 certificates)
*.rosterverse-qa.il-apps.com
*.rosterverse-staging.il-apps.com
*.at-prod.il-apps.com
*.assessment-prod.il-apps.com
*.assessment-dev.il-apps.com
*.itemengine-prod.il-apps.com
*.assessment-prod.il-apps.com
*.rosterverse-prod.il-apps.com
*.twig-content-dev.il-apps.com
*.rosterverse-prod.il-apps.com
*.rosterverse-staging.il-apps.com
*.rosterverse-prod.il-apps.com
*.readiness-admin-ui-dev.il-apps.com
*.rosterverse-qa.il-apps.com
*.sso-prod.il-apps.com
*.ops.wna.cloud
*.doolittle-production.wna.cloud
*.rosterverse-prod.il-apps.com
*.lectura-staging.il-apps.com
*.doolittle-production.wna.cloud
*.doolittle-prod.il-apps.com
*.cat-prod.il-apps.com
*.sso-dev.il-apps.com
*.assessment-prod.il-apps.com
*.sso-prod.il-apps.com
*.intergalactic-prod.il-apps.com
*.sso-prod.il-apps.com
*.twig-content-dev.il-apps.com
*.data-science-qa.il-apps.com
*.lectura-prod.il-apps.com
*.doolittle-production.wna.cloud
*.sandbox-prod.il-apps.com
*.literacy-prod.il-apps.com
*.doolittle-nonprod.wna.cloud
*.readiness-admin-ui-dev.il-apps.com
*.lectura-prod.il-apps.com
*.data-science-qa.il-apps.com

Certificate

The complete raw certificate details for *.lectura-prod.il-apps.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgIQDLm/0rnJUfxpV9JAaf8P7zANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMTIyMTAwMDAwMFoXDTI1MDExOTIzNTk1OVowJTEj
MCEGA1UEAwwaKi5sZWN0dXJhLXByb2QuaWwtYXBwcy5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDIXWz16KpN6qA/wctACMU9scM/NpLtf6M2uPDP
Vt4cbgOowP/QSBsqOBpVhm5R86B7Gn+i4B+OTxNSV9btBowtW41nOfdaA2zskoLW
KW9UIBLsdp0pWy9Cjkd3JuQIPd1QNjDPPmXMP/RAYUUT+RKpl2yTObfJLI2TflZZ
4ObwsxMMdBT7j6ZwhSlojQaxBzUtde/wtvTEqCdl3on409Hs7uCgBO0sFfbXoKDm
k+8fE0QFIM7Ri4JBgIvm0XBHmJ8os8IW/g+BsQbBBpTUDHMN9ubM4wWecMJ39rLT
oU0G6rAmr7cr8DwfXOyci5obGCiinlAv5SUz6hGm4Zn5cbCVAgMBAAGjggHeMIIB
2jAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUMkpD
3Cl7mAlywbk7V3lbOU1xPjwwfQYDVR0RBHYwdIIaKi5sZWN0dXJhLXByb2QuaWwt
YXBwcy5jb22CHCoubGVjdHVyYS1wcm9kLWFwcC53bmEuY2xvdWSCG3JlYWRpbmcu
aW1hZ2luZWxlYXJuaW5nLmNvbYIbbGVjdHVyYS5pbWFnaW5lbGVhcm5pbmcuY29t
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2Ny
bC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY3JsMHUGCCsGAQUFBwEBBGkw
ZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDMuYW1hem9udHJ1c3QuY29t
MDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAzLmFtYXpvbnRydXN0LmNvbS9y
Mm0wMy5jZXIwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAPmRF//ihzMFXEn87ra9Omd+c8vsBTBrNoPte7hsx8Za4
oNSLwW/ckiyb+TRGTvEaAmFxwNeC/Vm32diJmeTypjrMtRUW64Z+LeAPZjAkkDMh
nD19386YewSJ/+h63R22T6Hd6EjMQYCLaZXsoPOzK3Vx0XIxjL4M+QT5rI8PbeQ9
a8ZsDG8rK0viWkJEgvYOmQNMtWiJdGwjVIIoQPKu7kQZmuYx4Lr8chWYjXOzoRoM
5QujV0Z0e5lVNN14kqhPmkr4zS4sGi6FY/ECVejth0kSW2Sq1l6P+1XWXCNe5IQD
4Ohk31PJ7I0BO7AhbW9c2QIyIGTAIuDVgU3n94jHjQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF1s9eiqTeqgP8HLQAjF
PbHDPzaS7X+jNrjwz1beHG4DqMD/0EgbKjgaVYZuUfOgexp/ouAfjk8TUlfW7QaM
LVuNZzn3WgNs7JKC1ilvVCAS7HadKVsvQo5HdybkCD3dUDYwzz5lzD/0QGFFE/kS
qZdskzm3ySyNk35WWeDm8LMTDHQU+4+mcIUpaI0GsQc1LXXv8Lb0xKgnZd6J+NPR
7O7goATtLBX216Cg5pPvHxNEBSDO0YuCQYCL5tFwR5ifKLPCFv4PgbEGwQaU1Axz
DfbmzOMFnnDCd/ay06FNBuqwJq+3K/A8H1zsnIuaGxgoop5QL+UlM+oRpuGZ+XGw
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16915201503894467125232459178819129327
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-19 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.lectura-prod.il-apps.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25293730887067636084552418679414433536179175744571910118563075919770792400528290742257986536384616820583317144950168267040081880754142234657012230569623482850632406882642831178517958577032554488346568878728008051623948831433284799381572324528154279261005891028397222125136034021895221262596029944068662175776764557599425555784271756360189694532424495588960477497819456927120509409420373101182906514796219187643407878275726791990720934097418025418297808950925330990605524784908531425526618928281136036148547733487814788949819156992873051848264390320153969835961544230482826890184615751622604280533544593013164511178901
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							324a43dc297b980972c1b93b57795b394d713e3c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lectura-prod.il-apps.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lectura-prod-app.wna.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reading.imaginelearning.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lectura.imaginelearning.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003e6445fff8a1ccc157127f3badaf4e99df9cf2fb014c1acda0fb5eee1b31f196b8a0d48bc16fdc922c9bf934464ef11a026171c0d782fd59b7d9d88999e4f2a63accb51516eb867e2de00f6630249033219c3d7ddfce987b0489ffe87add1db64fa1dde848cc41808b6995eca0f3b32b7571d172318cbe0cf904f9ac8f0f6de43d6bc66c0c6f2b2b4be25a424482f60e99034cb56889746c2354822840f2aeee44199ae631e0bafc7215988d73b3a11a0ce50ba35746747b995534dd7892a84f9a4af8cd2e2c1a2e8563f10255e8ed8749125b64aad65e8ffb55d65c235ee48403e0e864df53c9ec8d013bb0216d6f5cd902322064c022e0d5814de7f788c78d