DV SSL/TLS Certificate for wheatstalk.ca

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M02)

About the wheatstalk.ca DV SSL/TLS Certificate

This certificate with serial number 06:b7:a7:3d:40:95:5e:d8:89:cd:cd:f8:f8:4d:87:c1 for wheatstalk.ca was issued on by Amazon.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for wheatstalk.ca provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:b7:a7:3d:40:95:5e:d8:89:cd:cd:f8:f8:4d:87:c1
Serial Number (int): 8928950315130710365093908623028750273
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: bf:94:8f:48:15:c4:d3:f6:0c:66:8c:29:1b:05:57:67:47:c3:a6:62
Authority Key Identifier: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (SHA-1): ec:5f:91:c7:22:62:da:eb:1a:64:9a:58:19:80:ab:57:75:53:6c:d4
Fingerprint (SHA-256): 99:4e:d4:6d:7b:e7:c3:1b:07:88:d2:88:43:31:5f:c6:80:4c:60:7e:33:fe:b2:41:cf:e8:d5:a9:1f:00:6a:8d

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation Information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate wheatstalk.ca
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for wheatstalk.ca

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for wheatstalk.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgIQBrenPUCVXtiJzc34+E2HwTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MTIyMzAwMDAwMFoXDTI2MDEyMDIzNTk1OVowGDEW
MBQGA1UEAxMNd2hlYXRzdGFsay5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBALJ3NlpmAwYydfUO+L6xmx9DdnuDKlr7o3tBlf07sZozIxCIxvttZkSn
H367e8maOTsJNgRJInsXqoFagU6rHPFq+iIwDF/mR6naJ13gqXyeoUuB31KqCGds
LuB1iNI8SMUpPq8VOaqCdlrfzA986gIALbyK369OO8N8FdNsWz5BQhfFWcUyYaSO
w1aBC+kC4b2l/MSJgIZN9i7e8pW9tHG68olCVu1HnW5Yy1dMmXs2CdGh44PPhDKb
pZJPRsjNhmni4355KTiAnpFSlUVagjPcU84rmN099UYCVRVHzQHxUU5RBtUxsqj1
/V/uPZt0uhhXJtg/phB3rHZtgv0ai3ECAwEAAaOCAvgwggL0MB8GA1UdIwQYMBaA
FMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBS/lI9IFcTT9gxmjCkbBVdn
R8OmYjArBgNVHREEJDAigg13aGVhdHN0YWxrLmNhghF3d3cud2hlYXRzdGFsay5j
YTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j
cmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRp
MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNv
bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20v
cjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkB
ZwB2AA5XlLzzrqk+MxssmQez95Dfm8I9cTIl3SGpJaxhxU4hAAABk/KNeAUAAAQD
AEcwRQIhAJzJnHAaRN/vHFDvs8j5G525/mFodLqwKlSktQVgsdXYAiA4LPnB2b8J
d2MDbaR8ao1QC/82V4AudpSoFvktIH0TPQB2AGQRxGykEuyniRyiAi4AvKtPKAfU
HjUnq+r+1QPJfc3wAAABk/KNd6YAAAQDAEcwRQIgawmfb4P9MnWTP9jncGEwdvPC
uoFgohax9KBrBCQUafQCIQClASY+u5n/s9JPzydar87NesVONL+K38sG+Jay/NF2
rAB1AEmcm2neHXzs/DbezYdkprhbrwqHgBnRVVL76esp3fjDAAABk/KNd8IAAAQD
AEYwRAIgVeqa4yQYQb7AP4d6Fc1Av/2h3+DDQgwIkZ4YdsUpqYcCICT7BMW2iY7g
C65NAWqxDFJe2WtW+sCNjBeFcBJxaSqHMA0GCSqGSIb3DQEBCwUAA4IBAQCJVYs/
va+K68zeK2aZVxRjOoFFrzWelqprpPEZ+Y330sFAQUDjrCwKeXB9A21/LCdbP+yg
vdHMuzlz58f3XlyTPi/eZDF/U26+cK164WUOZcHGRafTzW3XYl3a+IDW7XURDGPw
JxwrKIxYCzXdAEM5rdYD7TEUK/wxATpmYcHiZl+rkEBRETCzM4QjNx/hnJZXUfSX
jT7zeXUZc/Xn/1fxV89Vpm1nqeJCkP9OmwTlu2QPFJocPNfzq/08UfOC3bQ8jgy4
5GaOJXzZ+MJ608VznWkNMS29JKNdvv+AXhzHGGvcDHnOi2BH1psyWHR/DUU8HWR6
R/U+eyQ9gWXsIPFl
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnc2WmYDBjJ19Q74vrGb
H0N2e4MqWvuje0GV/TuxmjMjEIjG+21mRKcffrt7yZo5Owk2BEkiexeqgVqBTqsc
8Wr6IjAMX+ZHqdonXeCpfJ6hS4HfUqoIZ2wu4HWI0jxIxSk+rxU5qoJ2Wt/MD3zq
AgAtvIrfr047w3wV02xbPkFCF8VZxTJhpI7DVoEL6QLhvaX8xImAhk32Lt7ylb20
cbryiUJW7UedbljLV0yZezYJ0aHjg8+EMpulkk9GyM2GaeLjfnkpOICekVKVRVqC
M9xTziuY3T31RgJVFUfNAfFRTlEG1TGyqPX9X+49m3S6GFcm2D+mEHesdm2C/RqL
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8928950315130710365093908623028750273
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-01-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'wheatstalk.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22529204068383908946233895869730526426231019378078541412353579435197400946112247294044573887918263277235005679843881329623040273849931383217757593656271283187133766909717820021549727385665608435309837492736463118829945859476786934810915254031191733825570482172391386156651189207995479207677697191276784091520181896852656878087558963814951914739576118144857408325680057582904716248189898519446677195219055360789882250580068001877193535560742167010175822290726270910556584613764785525007103914746137837028987945112106580494509669568290541621536214812282921809192815706949982191703007574976846159850473329294145465518961
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bf948f4815c4d3f60c668c291b05576747c3a662
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wheatstalk.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wheatstalk.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e2100000193f28d780500000403004730450221009cc99c701a44dfef1c50efb3c8f91b9db9fe616874bab02a54a4b50560b1d5d80220382cf9c1d9bf097763036da47c6a8d500bff3657802e7694a816f92d207d133d0076006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000193f28d77a6000004030047304502206b099f6f83fd3275933fd8e770613076f3c2ba8160a216b1f4a06b04241469f4022100a501263ebb99ffb3d24fcf275aafcecd7ac54e34bf8adfcb06f896b2fcd176ac007500499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c300000193f28d77c20000040300463044022055ea9ae3241841bec03f877a15cd40bffda1dfe0c3420c08919e1876c529a987022024fb04c5b6898ee00bae4d016ab10c525ed96b56fac08d8c1785701271692a87
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0089558b3fbdaf8aebccde2b66995714633a8145af359e96aa6ba4f119f98df7d2c1404140e3ac2c0a79707d036d7f2c275b3feca0bdd1ccbb3973e7c7f75e5c933e2fde64317f536ebe70ad7ae1650e65c1c645a7d3cd6dd7625ddaf880d6ed75110c63f0271c2b288c580b35dd004339add603ed31142bfc31013a6661c1e2665fab9040511130b3338423371fe19c965751f4978d3ef379751973f5e7ff57f157cf55a66d67a9e24290ff4e9b04e5bb640f149a1c3cd7f3abfd3c51f382ddb43c8e0cb8e4668e257cd9f8c27ad3c5739d690d312dbd24a35dbeff805e1cc7186bdc0c79ce8b6047d69b3258747f0d453c1d647a47f53e7b243d8165ec20f165