DV SSL/TLS Certificate for ping.democratsabroad.org

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M02)

About the ping.democratsabroad.org DV SSL/TLS Certificate

This certificate with serial number 01:2d:ec:aa:08:0c:cd:ed:89:c7:bf:15:7a:c0:c7:2c for ping.democratsabroad.org was issued on by Amazon.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for ping.democratsabroad.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 01:2d:ec:aa:08:0c:cd:ed:89:c7:bf:15:7a:c0:c7:2c
Serial Number (int): 1567681474364431990686705697733789484
Serial Number Length: 121 bits, 16 octets

Subject Key Identifier: a4:fe:7d:75:b8:95:e9:fc:87:9e:86:6c:53:70:22:71:00:de:47:ec
Authority Key Identifier: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (SHA-1): 6f:04:66:8b:5f:b8:d2:24:c5:e5:94:8f:43:e2:14:33:e5:b7:84:27
Fingerprint (SHA-256): ff:45:e3:5b:c9:83:57:1a:67:1a:07:fc:7a:ed:e3:a0:71:31:1a:6a:e2:b8:36:fd:69:ac:3d:5b:7e:45:ed:f4

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation Information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate ping.democratsabroad.org
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ping.democratsabroad.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for ping.democratsabroad.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgIQAS3sqggMze2Jx78VesDHLDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MTAwMzAwMDAwMFoXDTI1MTEwMTIzNTk1OVowIzEh
MB8GA1UEAxMYcGluZy5kZW1vY3JhdHNhYnJvYWQub3JnMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAu5otbEa6pk+R/D9Va7R6eHJmPBVkMwCLSHi8j5+7
6Kdm3abyv8DsWznFE9iF8nDV1e6XiqpAiRcex875L0qOHF891AH/KDgTRcrbYpIz
Sw+4V3vhQB4+gvio5IDlLBkgUY486nehie8SOno8YE9ufShje/cBwkyEf3FJKiMz
xRE7ImE6u1wP0GIR2z+coJR92QGFv10knCKE82SZPq2HEhN9+c5uxTVjW/B/5RgZ
2BQHO61jTk+HeNReeRhQ10Kzl5o1p/SRMpzAzFejbplpiuUF84jdD+nXWbfllN/7
fnMjeUs5605qhmgFqPCg51JFqPau4LyQ+zBzwUEir+K4twIDAQABo4IDRzCCA0Mw
HwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFKT+fXW4
len8h56GbFNwInEA3kfsMHcGA1UdEQRwMG6CGHBpbmcuZGVtb2NyYXRzYWJyb2Fk
Lm9yZ4Icd3d3LnBpbmcuZGVtb2NyYXRzYWJyb2FkLm9yZ4Ibd3d3LnBpbmcudm90
ZWZyb21hYnJvYWQub3JnghdwaW5nLnZvdGVmcm9tYWJyb2FkLm9yZzATBgNVHSAE
DDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIu
YW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYB
BQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF
BQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2Vy
MAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3AN3cyjSV
1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABklB0vRcAAAQDAEgwRgIhAKNK
PSuPMKvTzQBQBZg0KQsaKahHht8PNTplIY1hfY2lAiEA+CKaeCtWChksvnntDDnj
UPhB4eO/KV3dH+CUDaaMJwMAdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kO
jC55uAAAAZJQdLy9AAAEAwBHMEUCIQDNZMhnQJ7RZHucqDxarZsx0Uzf8a/jiB+X
+aG8+jKkYgIgFy3WdOnGWejYMcKQbgiWg/s3b/CNX1MQOHQYyrkc5B0AdwDm0jFj
QHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAZJQdLzVAAAEAwBIMEYCIQCc
LHEllazyYLB+gDcXC6sNM/RKFwsSgg41HcVgw0fWAQIhAIzCJTXNybDKR1FUY4vN
E02XVcSKP1yKhypznHdnugG2MA0GCSqGSIb3DQEBCwUAA4IBAQBaZQBRTqxqxNd8
ugB90G/iP3oi8WpcDmne42PwJmf6h9fYAgenCf6t+hmUG9IKv4yC4RFBxa4OlehK
1iO5cgXZdV6FukOJd517GyJm2AytFe4XzymGV79IFktohiTC3MgsYFCb29J+tjm3
jJAZmyVepv/MXWfCGVWtxiVV7YOS//nAj/Ug8Rcff19xDjKWLRq2KPBKmFq9KMoD
Bia3MWU/59XhF6s3cWQ1LBUMcyCfQ9Y7M1M53RcYuPEKNQjcCgy8jts5QMfQXQvj
NBJPJ9b4mzo/9muyrUMTNyssJ3+W8xLxJbf23DcdkF8JzAQ8C5N+dW19lV8XZBXK
Nta7VBb3
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5otbEa6pk+R/D9Va7R6
eHJmPBVkMwCLSHi8j5+76Kdm3abyv8DsWznFE9iF8nDV1e6XiqpAiRcex875L0qO
HF891AH/KDgTRcrbYpIzSw+4V3vhQB4+gvio5IDlLBkgUY486nehie8SOno8YE9u
fShje/cBwkyEf3FJKiMzxRE7ImE6u1wP0GIR2z+coJR92QGFv10knCKE82SZPq2H
EhN9+c5uxTVjW/B/5RgZ2BQHO61jTk+HeNReeRhQ10Kzl5o1p/SRMpzAzFejbplp
iuUF84jdD+nXWbfllN/7fnMjeUs5605qhmgFqPCg51JFqPau4LyQ+zBzwUEir+K4
twIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1567681474364431990686705697733789484
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-11-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ping.democratsabroad.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23682590754662052889409095953896585343606643874012656035934750462485038837437411017332254653316131578958712335825880366233856227953247386570911117251850170842170843660350412540829264635840531081505851300715289486807907551823278186858162466140484343396611336877257392850449367881661493063137462330541224525521229037175379107307818144652224367370477371870829613165450501996429312333573327727912469048232653062334927794031746290657859106114171493859061861227535499237063296512446853611701646490332220337150617553506727532615440292777573544531099611602975979436403094486635322527075378762707175711252208986028782280423607
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a4fe7d75b895e9fc879e866c5370227100de47ec
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ping.democratsabroad.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ping.democratsabroad.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ping.votefromabroad.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ping.votefromabroad.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a000001925074bd170000040300483046022100a34a3d2b8f30abd3cd0050059834290b1a29a84786df0f353a65218d617d8da5022100f8229a782b560a192cbe79ed0c39e350f841e1e3bf295ddd1fe0940da68c27030076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b8000001925074bcbd0000040300473045022100cd64c867409ed1647b9ca83c5aad9b31d14cdff1afe3881f97f9a1bcfa32a4620220172dd674e9c659e8d831c2906e089683fb376ff08d5f5310387418cab91ce41d007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e50000001925074bcd500000403004830460221009c2c712595acf260b07e8037170bab0d33f44a170b12820e351dc560c347d6010221008cc22535cdc9b0ca475154638bcd134d9755c48a3f5c8a872a739c7767ba01b6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005a6500514eac6ac4d77cba007dd06fe23f7a22f16a5c0e69dee363f02667fa87d7d80207a709feadfa19941bd20abf8c82e11141c5ae0e95e84ad623b97205d9755e85ba4389779d7b1b2266d80cad15ee17cf298657bf48164b688624c2dcc82c60509bdbd27eb639b78c90199b255ea6ffcc5d67c21955adc62555ed8392fff9c08ff520f1171f7f5f710e32962d1ab628f04a985abd28ca030626b731653fe7d5e117ab377164352c150c73209f43d63b335339dd1718b8f10a3508dc0a0cbc8edb3940c7d05d0be334124f27d6f89b3a3ff66bb2ad4313372b2c277f96f312f125b7f6dc371d905f09cc043c0b937e756d7d955f176415ca36d6bb5416f7