DV SSL/TLS Certificate for *.finally.sg

Certificate is witin its validity period

Issued by Amazon (Amazon RSA 2048 M02)

About the *.finally.sg DV SSL/TLS Certificate

This certificate with serial number 08:8e:43:7f:f2:89:83:ab:f3:51:67:c9:06:26:0f:7c for *.finally.sg was issued on by Amazon.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.finally.sg provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Amazon

Organization: Amazon
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 08:8e:43:7f:f2:89:83:ab:f3:51:67:c9:06:26:0f:7c
Serial Number (int): 11372499178672973495959178100517244796
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: 04:01:aa:9e:73:5c:29:81:82:da:9b:b6:0b:bd:ef:df:e9:38:a1:6b
Authority Key Identifier: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (SHA-1): 53:d5:84:79:9c:4c:29:3f:39:8d:26:29:cf:f0:a9:2b:06:15:97:3b
Fingerprint (SHA-256): 8c:b6:a1:55:ae:9c:e2:26:40:40:cf:ef:db:a2:df:2d:aa:88:35:7f:48:56:d2:62:a4:e3:d2:dd:e2:01:af:8f

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation Information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.finally.sg
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.finally.sg

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.finally.sg in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIQCI5Df/KJg6vzUWfJBiYPfDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MTAwOTAwMDAwMFoXDTI1MTEwODIzNTk1OVowFzEV
MBMGA1UEAwwMKi5maW5hbGx5LnNnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnHtHF8LFxCHUUhb+4aNVhnXIt3LMctSgUy+bMssGlovSkJ1hRw5kIkPz
Mp7tORlUvE7r7Rm2RuLpQnRTF489NpJ5bL9VGxYbRqcWCogXwu62WFrzGVQ1Yr10
FjpmBj31vOkB10r1E0AR6O/Q4e5U5GSdcZFh8agED88kyhdWH5wXax5lKlyS35/P
efHWXcAFAtqPAg5P7aRa7e0D2r4OeerPLxquoyJYSdrry7MeApvvWdvrCzphZGC3
QLSODKm5SG1mFqAse+LwFNRqwnCjMNUBPLLQ69xYQhqUYihWSCpjRh/2H77VqkQP
1kUmK4g/GooksvxUN2vfbs0KdVynJQIDAQABo4IC8TCCAu0wHwYDVR0jBBgwFoAU
wDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFAQBqp5zXCmBgtqbtgu979/p
OKFrMCMGA1UdEQQcMBqCDCouZmluYWxseS5zZ4IKZmluYWxseS5zZzATBgNVHSAE
DDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIu
YW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYB
BQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF
BQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2Vy
MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1ABLxTjS9
U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABkm9b8FoAAAQDAEYwRAIgMez+
rSI2fWmOXiRdbWSWBHncdir+ZB8gfF5j5DCxfjECIAyT7yziX/ghOBK5zc5V0EAT
n27s1ztd6ODAEye2MdIFAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowu
ebgAAAGSb1vwAgAABAMARzBFAiEA9gZ8CtoOjpUVV1Ep/q5TM+LCQCGtFxN1RpcL
MUXQ7zcCIBtOaFpbUepw50Q5wC6EqewY8FZ5NQNdO56KjBjWii25AHcA5tIxY0B3
jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGSb1vwIQAABAMASDBGAiEAxy0l
H0MFPS8LvTixbT6Z2t4FukwdSGOA5T1+a54+oIgCIQC5b6+yv8Phs+DBQuhUiFW2
gjqiP+tSTHI2+U9NXLKYHjANBgkqhkiG9w0BAQsFAAOCAQEAUQym1nK+fksSkYZK
2LpVv6OM8xT5GIFH5mGyfQ+HwryLbgMNKXzrF4N1e3P1xz+FR6nhoUYHIkINiVde
y/EsweUBHBsdSk1r4KiDdN5TSblXLBlR32k7nldP9RR3jHRE/9tl8xT5/BlKoriV
w8HJNITwvZq5ynsnOEWZSPEGkVRWI3NtzBZ292W12TWCT4RZQ6fNEz+RJrtEEq+e
nV8Y5bcsO8hxkfJH+I41z6UIEevpkEG3s0I2er4hbOvmFl1XvGccDzteVRDRsdVD
IVxQTZqMN77cGE5MmeD18YQ5jRhNdaAYuiDmwnhQ1fCgv2tzLU0b7lvKwTs0jMqN
Ug57xQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHtHF8LFxCHUUhb+4aNV
hnXIt3LMctSgUy+bMssGlovSkJ1hRw5kIkPzMp7tORlUvE7r7Rm2RuLpQnRTF489
NpJ5bL9VGxYbRqcWCogXwu62WFrzGVQ1Yr10FjpmBj31vOkB10r1E0AR6O/Q4e5U
5GSdcZFh8agED88kyhdWH5wXax5lKlyS35/PefHWXcAFAtqPAg5P7aRa7e0D2r4O
eerPLxquoyJYSdrry7MeApvvWdvrCzphZGC3QLSODKm5SG1mFqAse+LwFNRqwnCj
MNUBPLLQ69xYQhqUYihWSCpjRh/2H77VqkQP1kUmK4g/GooksvxUN2vfbs0KdVyn
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11372499178672973495959178100517244796
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-11-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.finally.sg'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19753966077380405948972080980496957225792630084950370926184078793585046330718372667470168528576952695159672281481564820085971820645482409734922248437862041719299565092328705004002814094889146430566041051825861667676121558471665964951257165198857536828593732052462647702752009476872133681243249239392361992370512598615199289857715968710217152260619679013765092906596198843061330419904909674721553401576254673199429119314576280865335125749546257329968281196979392585272427150453812635028386347904884492062670277837131630500322393916048345940801067367423951586827176312208125149430894118385143952737742102992571904861989
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0401aa9e735c298182da9bb60bbdefdfe938a16b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.finally.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finally.sg'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a000001926f5bf05a0000040300463044022031ecfead22367d698e5e245d6d64960479dc762afe641f207c5e63e430b17e3102200c93ef2ce25ff8213812b9cdce55d040139f6eecd73b5de8e0c01327b631d2050076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b8000001926f5bf0020000040300473045022100f6067c0ada0e8e9515575129feae5333e2c24021ad17137546970b3145d0ef3702201b4e685a5b51ea70e74439c02e84a9ec18f0567935035d3b9e8a8c18d68a2db9007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e50000001926f5bf0210000040300483046022100c72d251f43053d2f0bbd38b16d3e99dade05ba4c1d486380e53d7e6b9e3ea088022100b96fafb2bfc3e1b3e0c142e8548855b6823aa23feb524c7236f94f4d5cb2981e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00510ca6d672be7e4b1291864ad8ba55bfa38cf314f9188147e661b27d0f87c2bc8b6e030d297ceb1783757b73f5c73f8547a9e1a1460722420d89575ecbf12cc1e5011c1b1d4a4d6be0a88374de5349b9572c1951df693b9e574ff514778c7444ffdb65f314f9fc194aa2b895c3c1c93484f0bd9ab9ca7b2738459948f10691545623736dcc1676f765b5d935824f845943a7cd133f9126bb4412af9e9d5f18e5b72c3bc87191f247f88e35cfa50811ebe99041b7b342367abe216cebe6165d57bc671c0f3b5e5510d1b1d543215c504d9a8c37bedc184e4c99e0f5f184398d184d75a018ba20e6c27850d5f0a0bf6b732d4d1bee5bcac13b348cca8d520e7bc5