DV SSL/TLS Certificate for aws.ledgerdomain.com

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M03)

About the aws.ledgerdomain.com DV SSL/TLS Certificate

This certificate with serial number 01:4c:3a:97:3b:f4:e1:25:2d:56:fc:0b:a4:13:45:ec for aws.ledgerdomain.com was issued on by Amazon.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for aws.ledgerdomain.com provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 01:4c:3a:97:3b:f4:e1:25:2d:56:fc:0b:a4:13:45:ec
Serial Number (int): 1725030918798770921172271024460482028
Serial Number Length: 121 bits, 16 octets

Subject Key Identifier: f5:60:b6:4c:89:9b:b9:23:cd:1b:2a:88:98:a7:f3:66:8d:f1:b3:12
Authority Key Identifier: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (SHA-1): e0:c7:9d:34:d3:50:f9:37:d9:0d:9d:71:6f:4d:a7:ba:4f:80:c2:0c
Fingerprint (SHA-256): 79:00:d2:7d:42:9f:0e:b9:ea:e5:c2:2f:89:a9:b4:94:27:11:f7:07:9b:99:fe:59:83:5e:00:c5:65:2f:3d:3b

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation Information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate aws.ledgerdomain.com
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for aws.ledgerdomain.com

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for aws.ledgerdomain.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgIQAUw6lzv04SUtVvwLpBNF7DANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI1MDYwMjAwMDAwMFoXDTI2MDcwMTIzNTk1OVowHzEd
MBsGA1UEAxMUYXdzLmxlZGdlcmRvbWFpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDa1zdtmmJ6SobFAOa9lUk3nXNZetG8TFZGhzklp5qIhCS9
NHIOo1oL5asKgRtA5Qv+HvB/wtRa568HoCArvmpQp7pQqBXB8zvhQKkwt4xf8tOQ
QSHKeJjMOn06LpIyob4nljEPfThWevzIH/TL/VoksnCKdC/OhvOZqDaToz45g3WI
7pU21/2diqRoBew8cEcsn6zcczh+cYzafz5y3CUDqwwIxCP3iMUyZ4gDFUOxk8qI
IojEjuC7DEJaRAcL5la2JNTx7HZZ9rz0Qqn7bUSCUIH15crwFGdbVIb167L4oflF
FPKg9kSo2SRyUpdMZHWVOoyh5gxH9vh4W6zDtv6HAgMBAAGjggMEMIIDADAfBgNV
HSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU9WC2TImbuSPN
GyqImKfzZo3xsxIwNwYDVR0RBDAwLoIUYXdzLmxlZGdlcmRvbWFpbi5jb22CFiou
YXdzLmxlZGdlcmRvbWFpbi5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8E
NDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0w
My5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5y
Mm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJt
MDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYK
KwYBBAHWeQIEAgSCAW0EggFpAWcAdgDYCVU7lE96/8gWGW+UT4WrsPj8XodVJg8V
0S5yu0VLFAAAAZcuLwgFAAAEAwBHMEUCIQD4eT2taO+Yv2euLOeAyEnPbhOaMuqN
GmQzUel9gNKmIgIgU5xBC9/xlZ6xo1lFUiMSLiYZ4lvqBIixqKyB+ETlLXUAdQDC
MX5XRRmjRe5/ON6ykEHrx8IhWiK/f9W1rXaa2Q5SzQAAAZcuLwgDAAAEAwBGMEQC
IExf8q9IGsRQxFmBEjb07vmemrImJqseAF99TFOhqeggAiAlV5NqsEANmSEO5KkK
Tt/PrObl9Iu74Kk70TJGdZAnzQB2AJROQ4f67MHvgfMZJCaoGGUBx9NfOAIBP3Jn
fVU3LhnYAAABly4vCBEAAAQDAEcwRQIhANyAxFfXX776kJhYBDO+LX+S4M7UAxbB
zlvyooKLYxeOAiBAe8xHJq9oJYDKCSM6BuGLVULXdnkPqGs5OlCCyFJwLTANBgkq
hkiG9w0BAQsFAAOCAQEAND2nlvuXhigNwoasKTF2qfyi59c+aC7RMmN/hMnI4RGJ
MbyuWNy6J7nozo02Z7FXjf56M/gg5c0p1saf/jAhQtPnCklkj2Lsm311W6S4a6PT
NdmOI0qmvhqG/aGFPyNtyHnJHBJl1JeR7A+OmI/c5zF8URnPtRmf5LPuW2dWodbv
EKDoqfAcKKpPEpt9nhQZbJLrOpyVGP58fepdQ/eye0x+UFcFeq3vjSTsqqwxA/9G
PRMtXwe97gHihGHSBTjsHRjeVC8234taeSfbs48NMt7C1HxdI79dixLuls8q7c2e
+M+R6Wx1F7Xug5Y2NmVKPCjwReqMWP1YC07JcJYrpg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tc3bZpiekqGxQDmvZVJ
N51zWXrRvExWRoc5JaeaiIQkvTRyDqNaC+WrCoEbQOUL/h7wf8LUWuevB6AgK75q
UKe6UKgVwfM74UCpMLeMX/LTkEEhyniYzDp9Oi6SMqG+J5YxD304Vnr8yB/0y/1a
JLJwinQvzobzmag2k6M+OYN1iO6VNtf9nYqkaAXsPHBHLJ+s3HM4fnGM2n8+ctwl
A6sMCMQj94jFMmeIAxVDsZPKiCKIxI7guwxCWkQHC+ZWtiTU8ex2Wfa89EKp+21E
glCB9eXK8BRnW1SG9euy+KH5RRTyoPZEqNkkclKXTGR1lTqMoeYMR/b4eFusw7b+
hwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1725030918798770921172271024460482028
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-07-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aws.ledgerdomain.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27626077702134940961380903210082632183858485158890624073660392585426408936701126140400466885286786571258425766698294918364863656736937863640219758692400699837322579687532675228141278166503889490434140804734617775826267198570464112849300462130240125369038003887020727672964350852663147198041161609549277247281904346130113142975194585586761113624399529040825104835532614786507618534170818818784752762248555873547951610675100716228865782942281568439097741748208679313524018715031256550967798652614963411096891809803633733545674560079163455529419209307785263948917602026566987235563459600983548792309635117203062041017991
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f560b64c899bb923cd1b2a8898a7f3668df1b312
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws.ledgerdomain.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aws.ledgerdomain.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600d809553b944f7affc816196f944f85abb0f8fc5e8755260f15d12e72bb454b14000001972e2f08050000040300473045022100f8793dad68ef98bf67ae2ce780c849cf6e139a32ea8d1a643351e97d80d2a6220220539c410bdff1959eb1a359455223122e2619e25bea0488b1a8ac81f844e52d75007500c2317e574519a345ee7f38deb29041ebc7c2215a22bf7fd5b5ad769ad90e52cd000001972e2f0803000004030046304402204c5ff2af481ac450c459811236f4eef99e9ab22626ab1e005f7d4c53a1a9e82002202557936ab0400d99210ee4a90a4edfcface6e5f48bbbe0a93bd13246759027cd007600944e4387faecc1ef81f3192426a8186501c7d35f3802013f72677d55372e19d8000001972e2f08110000040300473045022100dc80c457d75fbefa9098580433be2d7f92e0ced40316c1ce5bf2a2828b63178e0220407bcc4726af682580ca09233a06e18b5542d776790fa86b393a5082c852702d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00343da796fb9786280dc286ac293176a9fca2e7d73e682ed132637f84c9c8e1118931bcae58dcba27b9e8ce8d3667b1578dfe7a33f820e5cd29d6c69ffe302142d3e70a49648f62ec9b7d755ba4b86ba3d335d98e234aa6be1a86fda1853f236dc879c91c1265d49791ec0f8e988fdce7317c5119cfb5199fe4b3ee5b6756a1d6ef10a0e8a9f01c28aa4f129b7d9e14196c92eb3a9c9518fe7c7dea5d43f7b27b4c7e5057057aadef8d24ecaaac3103ff463d132d5f07bdee01e28461d20538ec1d18de542f36df8b5a7927dbb38f0d32dec2d47c5d23bf5d8b12ee96cf2aedcd9ef8cf91e96c7517b5ee83963636654a3c28f045ea8c58fd580b4ec970962ba6