DV SSL/TLS Certificate for qr.kentucky.com

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M02)

About the qr.kentucky.com DV SSL/TLS Certificate

This certificate with serial number 04:aa:ad:2d:32:80:18:db:1c:6c:a1:db:6c:bd:69:54 for qr.kentucky.com was issued on by Amazon.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for qr.kentucky.com provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 04:aa:ad:2d:32:80:18:db:1c:6c:a1:db:6c:bd:69:54
Serial Number (int): 6203114886848439444002604079858411860
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: f6:9c:4b:20:cf:5e:04:da:e7:b5:f3:d5:6a:a6:50:50:bf:19:c3:46
Authority Key Identifier: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (SHA-1): bb:52:26:56:1d:a7:02:ca:67:27:bb:2f:27:f0:ce:1d:78:e0:70:d2
Fingerprint (SHA-256): ec:45:82:8b:d4:1f:53:7b:55:f3:33:7c:90:47:e9:14:81:d2:fa:81:d5:e9:0e:5a:45:ed:cc:66:55:62:e8:a6

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation Information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate qr.kentucky.com
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for qr.kentucky.com

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

qr.kentucky.com

X.509 Certificate

The complete raw X.509 certificate details for qr.kentucky.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIQBKqtLTKAGNscbKHbbL1pVDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI1MDMyMzAwMDAwMFoXDTI2MDQyMDIzNTk1OVowGjEY
MBYGA1UEAxMPcXIua2VudHVja3kuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAw/eUB/QLsdIlDMvJymntBlt7PgNBT3q7oGTbopcf5qceYQhSD1G0
Trr6DnSayiGqSxMf67Z22NVfDm9qPQDoP97nS3/l0nJ4r0zshoAhZ9jRGgs6xPdx
a0vO9onq9tODwpHzHk/KfMX+AEgvx9x5m2sD0Yg/pHlYfuA5L9IVlhmkuvWx7Ouv
/ENQ4rNk5yXNcJYijIFjxlJZDKtO/hgkfIbX4Ign5oegiFtdGLePW+L3dt8uIpIZ
cX2o3Q02vzc9Ft4+lSNbyZz1WNsbOwnnML9HdHQSHW6sCRxBz/tGc9KB29a5XLPW
PmQzxs9l+r5BPnoO7hRjrqHZP8wkEfQ1+QIDAQABo4IC5zCCAuMwHwYDVR0jBBgw
FoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFPacSyDPXgTa57Xz1Wqm
UFC/GcNGMBoGA1UdEQQTMBGCD3FyLmtlbnR1Y2t5LmNvbTATBgNVHSAEDDAKMAgG
BmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9u
dHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG
IWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq
aHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1Ud
EwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AA5XlLzzrqk+Mxss
mQez95Dfm8I9cTIl3SGpJaxhxU4hAAABlcHyPgEAAAQDAEYwRAIgZdRdbfiIc+F7
hiDNbJev2wN5JNitjGL/vHcAlS0w0W0CIGGeOeWI5MuSKMNNTlFjyH1krYeyjuE6
1jKM2pAUpIY+AHYAZBHEbKQS7KeJHKICLgC8q08oB9QeNSer6v7VA8l9zfAAAAGV
wfI+QQAABAMARzBFAiEAgVFZu4Chxc0MNwVRryC/5GTpO/W+3lLUCqEPSHQ4dKYC
IGVtx22uomwFNubaA8AriJtfY8jVS/PHu6Mnwbbl/oV1AHYAlpdkv1VYl633Q4do
NwhCd+nwOtX2pPM2bkakPw/KqcYAAAGVwfI+SQAABAMARzBFAiBe62DddEdmC3wC
AXcBTEfQ0q05s9EVvMtvfvtxMJAW2QIhAPETCxiuGFd5ldsHEk3dW1NHlsjdHcVt
u7v6Txv3Rx0nMA0GCSqGSIb3DQEBCwUAA4IBAQBhL50m9MeNU2Pm1ReDx6xruFBT
WKL5oImwdp1EJRsT9a3zuKAjF/Q5vSMmsluJF7zggzUnBwWZenks9hp0wCsKgDon
zOga5Qr6RX4argCMIwNFSLrdDL4RVVO5t3dmU2VMSpijGGsRAv+SrJosGigmnfpK
wbHFMcD3xUZetCE1p0EIw2SMH2vBftJSKGsGMHgongjNQaw8tUDy38VPKBcltzeb
BjF5dKD3vpruYXuwUzOmPWa56EPsW4CJSfSPhvbHOvoUlfdXxovJvmdeedbmrwKG
wJjcz1CXN5AqxVjEJ37XjGmsaE/yzd4oQUzWOwZ9jxvdoztlB+j9xL7Mq2pO
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/eUB/QLsdIlDMvJymnt
Blt7PgNBT3q7oGTbopcf5qceYQhSD1G0Trr6DnSayiGqSxMf67Z22NVfDm9qPQDo
P97nS3/l0nJ4r0zshoAhZ9jRGgs6xPdxa0vO9onq9tODwpHzHk/KfMX+AEgvx9x5
m2sD0Yg/pHlYfuA5L9IVlhmkuvWx7Ouv/ENQ4rNk5yXNcJYijIFjxlJZDKtO/hgk
fIbX4Ign5oegiFtdGLePW+L3dt8uIpIZcX2o3Q02vzc9Ft4+lSNbyZz1WNsbOwnn
ML9HdHQSHW6sCRxBz/tGc9KB29a5XLPWPmQzxs9l+r5BPnoO7hRjrqHZP8wkEfQ1
+QIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6203114886848439444002604079858411860
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-04-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'qr.kentucky.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24738554851845007033311658294151848560679010356944682024670431084359543465939464573111675315167529562984577194384084262462596839260482753737207189503946983874782304623382372632321903996643416068356550701069587721072814330800358576010994548043780137966695754325252689379333390641155551288502775777081031323172654288184027732594039527050073386538460389983018624492646681942769515414350535716427089370704815190834684949203108107301302011127529810586993788941805331100479229728245658730340365263105712226682389994492378659195991871107276633666152791424537332711849105857549878967986730431033548174619078835275247327131129
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f69c4b20cf5e04dae7b5f3d56aa65050bf19c346
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qr.kentucky.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670075000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e2100000195c1f23e010000040300463044022065d45d6df88873e17b8620cd6c97afdb037924d8ad8c62ffbc7700952d30d16d0220619e39e588e4cb9228c34d4e5163c87d64ad87b28ee13ad6328cda9014a4863e0076006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000195c1f23e410000040300473045022100815159bb80a1c5cd0c370551af20bfe464e93bf5bede52d40aa10f48743874a60220656dc76daea26c0536e6da03c02b889b5f63c8d54bf3c7bba327c1b6e5fe8575007600969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000195c1f23e49000004030047304502205eeb60dd7447660b7c020177014c47d0d2ad39b3d115bccb6f7efb71309016d9022100f1130b18ae18577995db07124ddd5b534796c8dd1dc56dbbbbfa4f1bf7471d27
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00612f9d26f4c78d5363e6d51783c7ac6bb8505358a2f9a089b0769d44251b13f5adf3b8a02317f439bd2326b25b8917bce08335270705997a792cf61a74c02b0a803a27cce81ae50afa457e1aae008c23034548badd0cbe115553b9b7776653654c4a98a3186b1102ff92ac9a2c1a28269dfa4ac1b1c531c0f7c5465eb42135a74108c3648c1f6bc17ed252286b063078289e08cd41ac3cb540f2dfc54f281725b7379b06317974a0f7be9aee617bb05333a63d66b9e843ec5b808949f48f86f6c73afa1495f757c68bc9be675e79d6e6af0286c098dccf509737902ac558c4277ed78c69ac684ff2cdde28414cd63b067d8f1bdda33b6507e8fdc4beccab6a4e