*.playground.c2c.klarna.net
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0e:c7:f7:e0:96:c0:7e:5a:3b:80:dd:44:22:3e:b4:a7 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.playground.c2c.klarna.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0e:c7:f7:e0:96:c0:7e:5a:3b:80:dd:44:22:3e:b4:a7Serial Number (int): 19647486564773219989776450987728221351
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: fb:df:00:1d:db:e8:7f:f2:47:79:72:c8:00:26:08:b2:b5:c6:38:f0
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 55:02:60:7d:e9:8a:64:9f:3c:6c:24:89:5e:50:b2:30:9a:cc:31:e6
Fingerprint (sha256): 00:2a:b9:c3:5b:b1:36:86:f5:4b:68:23:3e:89:27:30:b3:1d:be:13:3d:40:d7:be:05:f1:33:e9:39:b2:b2:27
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.playground.c2c.klarna.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.playground.c2c.klarna.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.playground.c2c.klarna.net
app-api-closest.playground.eu1.klapp.klarna.net
app-api-closest.playground.eu1.klapp.klarna.net
Other certificates including the domain name klarna.net
(limited to 100 certificates)
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
*.playground.c2c.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
ewallet.klarna.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.production.c2c.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
cms.performance.us1.klarna-web.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
san1.kep.nonprod.klarna.net
*.production.us1.custom-solutions.klarna.net
skrapi-kred.nonprod.klarna.net
*.production.eu1.shopify-osmp.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.kleco-staging.nonprod.eu1.bitbucket.klarna.net
*.production.eu1.core-banking.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
production.eu1.kcpslackbot.influencer-platform.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
*.playground.c2c.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
ewallet.klarna.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.production.c2c.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
cms.performance.us1.klarna-web.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
san1.kep.nonprod.klarna.net
*.production.us1.custom-solutions.klarna.net
skrapi-kred.nonprod.klarna.net
*.production.eu1.shopify-osmp.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.kleco-staging.nonprod.eu1.bitbucket.klarna.net
*.production.eu1.core-banking.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
production.eu1.kcpslackbot.influencer-platform.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
Certificate
The complete raw certificate details for *.playground.c2c.klarna.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEpjCCA46gAwIBAgIQDsf34JbAflo7gN1EIj60pzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIxOTAwMDAwMFoXDTI1MDExNzIzNTk1OVowJjEk MCIGA1UEAwwbKi5wbGF5Z3JvdW5kLmMyYy5rbGFybmEubmV0MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tEWFQEdTjQFOC7WKpknpI5QVVuUnckhfeJB +ifrJK1+hklfVqoxkZLl+ASYbpjL9OfxVOqG9IbBz/6VJWkoo43nCYoSiXfJ5hTj h/584ED1/9sdPV7w92OP7WbFrqbo7gJpMSQ/5z0yXgR8bd++NcumzVTIRBPZ6f/L 8OcWqGCD+6H5OrrOTEw1WPRbwDca+0q7R5aoriFllW6D1SZpZMQLgnALYzlNS8Q3 0l+AGxhMNcs7RHSzUxMJCX+McrV2llYPDfpnDs3i3W47YzKl/XzEbsUF1vlw9CDd VlHOudaQctwT0gv10sFhwW7ctU5HKEpqXJ0pMPrsNS7ZkuNqkwIDAQABo4IBuDCC AbQwHwYDVR0jBBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFPvf AB3b6H/yR3lyyAAmCLK1xjjwMFcGA1UdEQRQME6CGyoucGxheWdyb3VuZC5jMmMu a2xhcm5hLm5ldIIvYXBwLWFwaS1jbG9zZXN0LnBsYXlncm91bmQuZXUxLmtsYXBw LmtsYXJuYS5uZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAs hipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYI KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6 b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9u dHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMB Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCx8ZKqoPY0jWUbiW87jklt8E3oU9MD NSiYm3xhm66AYY/NjBDOm93G/dZ3M4BiSIXaFxO9oMYaAyKiewB7ZsjYkZ4qXSgR H37bEklVu4WcF4csCBe8g/S/6kv5XiVTTWLYFdONtCi2VOxDFJg6A+xNh13LLZcC SusrgO7M2SYAeA8Y3ja5R+u1TAsv7lwehLLHobLZC/00K5g+V9nCNKi7SGK/GZ1p F5QcXXdR1E3dx59fuL6cVU3KOCHzhSMORMmIcXVLZMRlScp+RKJafnET5Bdc2/iK weJ1rKp73Jr+X5schUo3T1mK1RKargQU6XKNiJlZUpLHirOUvR3sSKaa -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tEWFQEdTjQFOC7WKpkn pI5QVVuUnckhfeJB+ifrJK1+hklfVqoxkZLl+ASYbpjL9OfxVOqG9IbBz/6VJWko o43nCYoSiXfJ5hTjh/584ED1/9sdPV7w92OP7WbFrqbo7gJpMSQ/5z0yXgR8bd++ NcumzVTIRBPZ6f/L8OcWqGCD+6H5OrrOTEw1WPRbwDca+0q7R5aoriFllW6D1SZp ZMQLgnALYzlNS8Q30l+AGxhMNcs7RHSzUxMJCX+McrV2llYPDfpnDs3i3W47YzKl /XzEbsUF1vlw9CDdVlHOudaQctwT0gv10sFhwW7ctU5HKEpqXJ0pMPrsNS7ZkuNq kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19647486564773219989776450987728221351 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.playground.c2c.klarna.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29137914418762787894380447189784966322894450466991099556534586723282465476449845435347149761606453062553812146734549600012076049658847674317991602201930858981997031861911498423820965820475149994228809783701901735464025565687423704512084481098198074504965406191363200149507513490147639874711319078455287717705646970618553649670059219506834508340188829432318311037497680897678287570886184703210179014937231328970520443614349915238410099674003546165361719879317066508695044262339012530432919444125023353020459558986450189743734375519051020557546058040982609248886993373575168371865712632184645843548200989018313613077139 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fbdf001ddbe87ff2477972c8002608b2b5c638f0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.playground.c2c.klarna.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app-api-closest.playground.eu1.klapp.klarna.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b1f192aaa0f6348d651b896f3b8e496df04de853d3033528989b7c619bae80618fcd8c10ce9bddc6fdd6773380624885da1713bda0c61a0322a27b007b66c8d8919e2a5d28111f7edb124955bb859c17872c0817bc83f4bfea4bf95e25534d62d815d38db428b654ec4314983a03ec4d875dcb2d97024aeb2b80eeccd92600780f18de36b947ebb54c0b2fee5c1e84b2c7a1b2d90bfd342b983e57d9c234a8bb4862bf199d6917941c5d7751d44dddc79f5fb8be9c554dca3821f385230e44c98871754b64c46549ca7e44a25a7e7113e4175cdbf88ac1e275acaa7bdc9afe5f9b1c854a374f598ad5129aae0414e9728d8899595292c78ab394bd1dec48a69a