*.dgwmail.mod.uk
Issued by Amazon
About this certificate
This digital certificate with serial number 0f:71:40:c4:5e:6a:6f:d1:85:e4:f3:b3:da:70:f4:5e was issued on by Amazon.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.dgwmail.mod.uk
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:71:40:c4:5e:6a:6f:d1:85:e4:f3:b3:da:70:f4:5eSerial Number (int): 20526463113942925226081154292190868574
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 1a:28:08:38:d8:9d:5a:82:d9:53:da:85:ee:f2:79:16:21:ad:02:cf
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 47:4e:71:30:bd:7a:30:be:56:c5:87:83:82:1f:68:15:3f:d0:d6:c6
Fingerprint (sha256): 00:31:07:ec:08:f3:0a:22:5c:c5:eb:4f:1f:0c:86:f1:86:7b:21:62:02:d2:0a:96:02:a6:d1:be:5c:a2:53:f8
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate *.dgwmail.mod.uk
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.dgwmail.mod.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.dgwmail.mod.uk
*.armymail.mod.uk
*.royalnavymail.mod.uk
*.csmail.mod.uk
*.defencegateway.mod.uk
*.cadetmail.mod.uk
*.rafmail.mod.uk
*.armymail.mod.uk
*.royalnavymail.mod.uk
*.csmail.mod.uk
*.defencegateway.mod.uk
*.cadetmail.mod.uk
*.rafmail.mod.uk
Other certificates including the domain name mod.uk
(limited to 100 certificates)
*.dgwmail.mod.uk
test.asems.mod.uk
indirect.public.mod.uk
helpdesk.defencegateway.mod.uk
staging-recruitment.raf.mod.uk
api.ocp1.azure.dso.digital.mod.uk
admin-app.conor.fieldreport.digital.mod.uk
sba.mod.uk
ems.ahe.mod.uk
api.ocp3.azure.dso.digital.mod.uk
asems.mod.uk
www.armynet.mod.uk
www.raf.mod.uk
vle.rmasandhurst.mod.uk
jive.defencegateway.mod.uk
dc.mod.uk
mod.uk
*.defencegateway.mod.uk
mta-sts.rafac.mod.uk
testfotoweb.royalnavy.mod.uk
mod.uk
tfs.royalnavy.mod.uk
qbp.army.mod.uk
api.ocp4.azure.dso.digital.mod.uk
clms.mod.uk
vle.rmasandhurst.mod.uk
chatbot-frontend-staging.royalnavy.mod.uk
www.mafis.mod.uk
atga.mod.uk
bader.mod.uk
*.defencegateway.mod.uk
www.da.mod.uk
monitoring.stage.r2d2.alpha.digital.mod.uk
emsgw.mod.uk
www.asems.mod.uk
mod.uk
*.bader.mod.uk
armycms.mod.uk
www.asems.mod.uk
dcdc.mod.uk
www.defenceshare.mod.uk
staging.cgo.mod.uk
*.apps.ocp1.azure.dso.digital.mod.uk
api.ocp2.azure.dso.digital.mod.uk
*.dasa.service.mod.uk
sni.cloudflaressl.com
www.defencebrandportal.mod.uk
www.dne-careerhub.defencegateway.mod.uk
des.mod.uk
dle.mod.uk
api.ocp4.azure.dso.digital.mod.uk
t.recruitment-campaigns.mod.uk
www.atga.mod.uk
sba.mod.uk
mod.uk
www.atga.mod.uk
mod.uk
vle.rmasandhurst.mod.uk
backoffice.tom.fieldreport.digital.mod.uk
api.ocp3.azure.dso.digital.mod.uk
doctrine.mod.uk
qbp.army.mod.uk
armymail.mod.uk
testcontracts.mod.uk
api.ocp3.azure.dso.digital.mod.uk
staging-recruitment.raf.mod.uk
rcds-extranet.mod.uk
foundry.digital.mod.uk
api.ocp2.azure.dso.digital.mod.uk
www.armynet.mod.uk
mod.uk
intpg1.recruitment.mod.uk
register.byod.da.mod.uk
design-system.digital.mod.uk
asems.mod.uk
*.apps.ocp3.azure.dso.digital.mod.uk
www.armynet.mod.uk
army.mod.uk
jobs.raf.mod.uk
monitoring.stage.r2d2.alpha.digital.mod.uk
asems.mod.uk
design-system.navy.digital.mod.uk
www.asems.mod.uk
webexuser.learn.mod.uk
design-system.navy.digital.mod.uk
sni.cloudflaressl.com
mod.uk
hybrid.mod.gov.uk
www.nsv.mod.uk
www.bdfl.mod.uk
alumni.raf.mod.uk
cms.raf.mod.uk
dtt.cms.dlp.mod.uk
*.corpserv.mod.uk
monitoring.stage.r2d2.alpha.digital.mod.uk
*.defencegateway.mod.uk
mod.uk
api.alan.fieldreport.digital.mod.uk
mod.uk
servicemanual.digital.mod.uk
test.asems.mod.uk
indirect.public.mod.uk
helpdesk.defencegateway.mod.uk
staging-recruitment.raf.mod.uk
api.ocp1.azure.dso.digital.mod.uk
admin-app.conor.fieldreport.digital.mod.uk
sba.mod.uk
ems.ahe.mod.uk
api.ocp3.azure.dso.digital.mod.uk
asems.mod.uk
www.armynet.mod.uk
www.raf.mod.uk
vle.rmasandhurst.mod.uk
jive.defencegateway.mod.uk
dc.mod.uk
mod.uk
*.defencegateway.mod.uk
mta-sts.rafac.mod.uk
testfotoweb.royalnavy.mod.uk
mod.uk
tfs.royalnavy.mod.uk
qbp.army.mod.uk
api.ocp4.azure.dso.digital.mod.uk
clms.mod.uk
vle.rmasandhurst.mod.uk
chatbot-frontend-staging.royalnavy.mod.uk
www.mafis.mod.uk
atga.mod.uk
bader.mod.uk
*.defencegateway.mod.uk
www.da.mod.uk
monitoring.stage.r2d2.alpha.digital.mod.uk
emsgw.mod.uk
www.asems.mod.uk
mod.uk
*.bader.mod.uk
armycms.mod.uk
www.asems.mod.uk
dcdc.mod.uk
www.defenceshare.mod.uk
staging.cgo.mod.uk
*.apps.ocp1.azure.dso.digital.mod.uk
api.ocp2.azure.dso.digital.mod.uk
*.dasa.service.mod.uk
sni.cloudflaressl.com
www.defencebrandportal.mod.uk
www.dne-careerhub.defencegateway.mod.uk
des.mod.uk
dle.mod.uk
api.ocp4.azure.dso.digital.mod.uk
t.recruitment-campaigns.mod.uk
www.atga.mod.uk
sba.mod.uk
mod.uk
www.atga.mod.uk
mod.uk
vle.rmasandhurst.mod.uk
backoffice.tom.fieldreport.digital.mod.uk
api.ocp3.azure.dso.digital.mod.uk
doctrine.mod.uk
qbp.army.mod.uk
armymail.mod.uk
testcontracts.mod.uk
api.ocp3.azure.dso.digital.mod.uk
staging-recruitment.raf.mod.uk
rcds-extranet.mod.uk
foundry.digital.mod.uk
api.ocp2.azure.dso.digital.mod.uk
www.armynet.mod.uk
mod.uk
intpg1.recruitment.mod.uk
register.byod.da.mod.uk
design-system.digital.mod.uk
asems.mod.uk
*.apps.ocp3.azure.dso.digital.mod.uk
www.armynet.mod.uk
army.mod.uk
jobs.raf.mod.uk
monitoring.stage.r2d2.alpha.digital.mod.uk
asems.mod.uk
design-system.navy.digital.mod.uk
www.asems.mod.uk
webexuser.learn.mod.uk
design-system.navy.digital.mod.uk
sni.cloudflaressl.com
mod.uk
hybrid.mod.gov.uk
www.nsv.mod.uk
www.bdfl.mod.uk
alumni.raf.mod.uk
cms.raf.mod.uk
dtt.cms.dlp.mod.uk
*.corpserv.mod.uk
monitoring.stage.r2d2.alpha.digital.mod.uk
*.defencegateway.mod.uk
mod.uk
api.alan.fieldreport.digital.mod.uk
mod.uk
servicemanual.digital.mod.uk
Certificate
The complete raw certificate details for *.dgwmail.mod.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVzCCBT+gAwIBAgIQD3FAxF5qb9GF5POz2nD0XjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAxMjYwMDAwMDBaFw0yMzAyMjUy MzU5NTlaMBsxGTAXBgNVBAMMECouZGd3bWFpbC5tb2QudWswggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCtWcUBDJWP2zZ+yBFbhvUzjjbJHQnRbpQYT7jU sr+fNySSoqFhTnRJKqBGAw8g8Jp9Nu6BN7ORLqUOmJpGskSnffS+x9cQNEzGWlsQ eHlUbH41qtzhTuFA7zpEIZIzTx4xMLl4KCS6eq6dDVhkic+cK4IGg4gp3Z+MWOZm dfUGGlIZS38snkfxMhRpM1k4rOHY9+B4pdmRHwbDfGzyhROEr84VyM4G6jBZNS2C XjbBlKly6qOlJilQstLzXRGgD0LGYBmYtmzPcLGJFDtRxQ8UrLBZsTHvDLDLUH0G Kd5AQOBiI/EHRsD5AvXFDb+A80+ciOKvJa8T9cbQpnMVOeedAgMBAAGjggNqMIID ZjAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUGigI ONidWoLZU9qF7vJ5FiGtAs8wgZgGA1UdEQSBkDCBjYIQKi5kZ3dtYWlsLm1vZC51 a4IRKi5hcm15bWFpbC5tb2QudWuCFioucm95YWxuYXZ5bWFpbC5tb2QudWuCDyou Y3NtYWlsLm1vZC51a4IXKi5kZWZlbmNlZ2F0ZXdheS5tb2QudWuCEiouY2FkZXRt YWlsLm1vZC51a4IQKi5yYWZtYWlsLm1vZC51azAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0 dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLTEuY3JsMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0 cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRw Oi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/ BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYA6D7Q2j71BjUy51covIlr yQPTy9ERa+zraeF3fW0GvW4AAAF+lQ5SiQAABAMARzBFAiBLMTVPeCO6UOXvbcXg TypIxrCpiudqw5ZnvJby3oTEoAIhAJmp0urvVq3Igw8hKoKcdHPHcMJ2dcFqbDdh x+dFz0Q9AHYANc8ZG7+xbFe/D61MbULLu7YnICZR6j/hKu+oA8M71kwAAAF+lQ5S pQAABAMARzBFAiEA1+3E0JSE5UPr3FDDUWOiKMOAj0f0N7dVfLnNEFToiMACIFa+ Wua6hP0WU6u87og4P78c26MXkoiyUh6ToSnNpK38AHcAs3N3B+GEUPhjhtYFqdwR CUp5LbFnDAuH3PADDnk2pZoAAAF+lQ5SxAAABAMASDBGAiEAuWFF2SxwwVopcP86 +7TAcYTATQK5kJs1YAsfI9n5Fx4CIQC8hL86wORyAHfVrSinIF1lJm6h1LwTz+H8 v+t7pV+pezANBgkqhkiG9w0BAQsFAAOCAQEADfK7il7vjLSG51ywKZ4uB26JoHcw yr37MfIst3cXfo62CGUD0QcxC9x04+9ZpimtcI9JNPZg/XiniQDwFmorgNt3XPQm QCqI4KZbGbLV0C2Mm2RskmA5thDJZAwff2zu7ixtjSolteB65Qk87n5R2qZ+AZOo BQcfLtQEitZDHmUamN9YEq48ZLjkpZNs/dobLhxQN3SLmZQizAQI0DwPyA/dZ/nt b10ljILHTL+CwWvCsLvTs/9O+2fOkhW2XPIMEvdFhn7pWh0YeYBRqsoT7CwtHKbg lvh+/TBqOcmIhKGG7j46d1HwdGQQMkKCOG90ReH9rM3U7LbQFVWUMZ67lQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVnFAQyVj9s2fsgRW4b1 M442yR0J0W6UGE+41LK/nzckkqKhYU50SSqgRgMPIPCafTbugTezkS6lDpiaRrJE p330vsfXEDRMxlpbEHh5VGx+Narc4U7hQO86RCGSM08eMTC5eCgkunqunQ1YZInP nCuCBoOIKd2fjFjmZnX1BhpSGUt/LJ5H8TIUaTNZOKzh2PfgeKXZkR8Gw3xs8oUT hK/OFcjOBuowWTUtgl42wZSpcuqjpSYpULLS810RoA9CxmAZmLZsz3CxiRQ7UcUP FKywWbEx7wywy1B9BineQEDgYiPxB0bA+QL1xQ2/gPNPnIjiryWvE/XG0KZzFTnn nQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20526463113942925226081154292190868574 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.dgwmail.mod.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21883493772735680382778974959261771886506737615072344124014499456576845717921067811785402162530738752128731800487269176907332303483456271652920292851837332521191157935712419226549197947096706447256572494123455750337303444750368707120164411621322570971251050794337175743833255574504968701819241648655989848548669931031947047852640572864487216142409230666716798259064363650714073537682504685165013778404925752311117726550397902353251030134586884418771324939820887441347203197627328779809236322766198890299259037835645796823297388676467814482286216678825596437418162683829747575755760488627294895492526311313000273405853 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1a280838d89d5a82d953da85eef2791621ad02cf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (144 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dgwmail.mod.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.armymail.mod.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.royalnavymail.mod.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.csmail.mod.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.defencegateway.mod.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cadetmail.mod.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rafmail.mod.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017e950e5289000004030047304502204b31354f7823ba50e5ef6dc5e04f2a48c6b0a98ae76ac39667bc96f2de84c4a002210099a9d2eaef56adc8830f212a829c7473c770c27675c16a6c3761c7e745cf443d00760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017e950e52a50000040300473045022100d7edc4d09484e543ebdc50c35163a228c3808f47f437b7557cb9cd1054e888c0022056be5ae6ba84fd1653abbcee88383fbf1cdba3179288b2521e93a129cda4adfc007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017e950e52c40000040300483046022100b96145d92c70c15a2970ff3afbb4c07184c04d02b9909b35600b1f23d9f9171e022100bc84bf3ac0e4720077d5ad28a7205d65266ea1d4bc13cfe1fcbfeb7ba55fa97b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000df2bb8a5eef8cb486e75cb0299e2e076e89a07730cabdfb31f22cb777177e8eb6086503d107310bdc74e3ef59a629ad708f4934f660fd78a78900f0166a2b80db775cf426402a88e0a65b19b2d5d02d8c9b646c926039b610c9640c1f7f6ceeee2c6d8d2a25b5e07ae5093cee7e51daa67e0193a805071f2ed4048ad6431e651a98df5812ae3c64b8e4a5936cfdda1b2e1c5037748b999422cc0408d03c0fc80fdd67f9ed6f5d258c82c74cbf82c16bc2b0bbd3b3ff4efb67ce9215b65cf20c12f745867ee95a1d18798051aaca13ec2c2d1ca6e096f87efd306a39c98884a186ee3e3a7751f0746410324282386f7445e1fdaccdd4ecb6d0155594319ebb95