*.carmen.sncf.fr
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 09:63:c1:56:1f:89:b1:fc:8e:e2:34:97:37:87:9c:7b was issued on by Amazon.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.carmen.sncf.fr
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 09:63:c1:56:1f:89:b1:fc:8e:e2:34:97:37:87:9c:7bSerial Number (int): 12481010679495170449975362895005326459
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 9e:ee:71:73:88:2b:67:14:1f:b7:76:a1:de:21:f5:42:aa:df:c6:19
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): c7:33:f6:8e:82:f0:4f:ff:32:81:9d:bb:2c:69:d9:7f:99:c5:ff:66
Fingerprint (sha256): 00:8b:56:18:99:2f:8a:ba:28:23:a9:23:61:2f:c0:12:4e:a5:d8:d1:9c:63:b3:cc:f1:8c:71:25:8f:7c:7f:a2
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.carmen.sncf.fr
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.carmen.sncf.fr
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.carmen.sncf.fr
wdi-vsct.com
*.calendar.voyages-sncf.com
transilien.mobi
www.sav-cui.sncf.com
*.acces-client.sncf.com
*.transilien.com
www.transilien.mobi
transilien.com
*.mediatheque.sncf.com
wdi-vsct.com
*.calendar.voyages-sncf.com
transilien.mobi
www.sav-cui.sncf.com
*.acces-client.sncf.com
*.transilien.com
www.transilien.mobi
transilien.com
*.mediatheque.sncf.com
Other certificates including the domain name sncf.fr
(limited to 100 certificates)
pre-atlas-travaux.sso.reseau.sncf.fr
*.carmen.sncf.fr
octave-api-dev.sncf.fr
www.EME-portailSSO-sncf.com
*.apps.eul.sncf.fr
vdixenpilote.sncf.fr
cert00089-azurecdn.akamaized.net
formtractiontv.sncf.fr
*.sncfconnect.com
rhobs-archives-dev.sncf.fr
smartoffice.sncf.fr
seminaire-rh-2017.sncf.fr
seminaire-rh-2017.sncf.fr
postprod-pcs-reponse.reseau.sncf.fr
test-slan.sncf.fr
resultats-labo-paris.sncf.fr
cypres-api-int.sncf.fr
matomo.fd.sncf.fr
sncf.com
pmad.reseau.sncf.com
int.auth.sso.reseau.sncf.fr
sncf.com
mattv.sncf.fr
sts.commun.ad.sncf.fr
alerte-transilien.sncf.fr
dev-prospectus.sncf.fr
orion-connect-form.sncf.fr
accessibilite.sncf.com
sources.fd.sncf.fr
monacademie.sncf.fr
pdvf-rec.sncf.fr
cert00089-azurecdn.akamaized.net
robustest-cerbere.dgexsol.sncf.fr
postprod-fit.reseau.sncf.fr
s2if-gie.sncf.com
cert00089-azurecdn.akamaized.net
preprod-pcs-reponse.reseau.sncf.fr
mestrainsdhier.fd.sncf.fr
monacademie.sncf.fr
*.fret.sncf.com
localiter.sncf.fr
bonneannee.sncf.fr
test-slan.sncf.fr
catalogue-formation-fret.sncf.fr
resultats-labo-lyon.sncf.fr
preprod-apies-np.sncf.fr
netkin.eu
laboutiqueeco.sncf.fr
quizrh.sncf.fr
cashsolutions.sncf.fr
enquete-client.dgii.sncf.fr
form-papact.prevention.sncf.fr
*.ase-01-e2-pr.cloud.sncf.fr
poc.portail-citrix.reseau.sncf.fr
moter-recette.sncf.fr
netkin.eu
recette1.ticketing-sncf.vsct.fr
mon-assistant-visuel-int.sncf.fr
veillesst.prevention.sncf.fr
sncfcontact.sncf.fr
form.prevention.sncf.fr
www.srtpf.fr
siph.sso.reseau.sncf.fr
viveletrain-forumemploi.sncf.fr
www.tech.sncf.fr
declic-for.infra.sncf.fr
*.api-np.sncf.fr
*.accessly.divadigital.sncf.fr
int-auth.sso.reseau.sncf.fr
contact-contravention-integration.sncf.fr
recette1.ticketing-sncf.vsct.fr
diva.sncf.fr
dev-apies-np.sncf.fr
matomo.fd.sncf.fr
*.dashboardly.divadigital.sncf.fr
preprod-apies-np.sncf.fr
netkin.eu
hospitalite-france2019.sncf.fr
themis-regles-dev.sncf.fr
design-bootstrap.sncf.fr
mestrainsdhier.fd.sncf.fr
netkin.eu
g11-ref-optimum.sncf.fr
snr.infra.eva.sncf.fr
preprod-stockfds-webapi.prevention.sncf.fr
dev-salto-iamapp.sncf.fr
recette1.ticketing-sncf.vsct.fr
myuds.sncf.fr
*.staging.aks.eul.sncf.fr
ouranos-int.sncf.fr
laboutiqueeco.sncf.fr
oui.sncf
webstats.sncf.fr
cert00089-azurecdn.akamaized.net
e-logement.sncf.fr
rec-beb.basic-ng.exp.reseau.sncf.fr
*.sncfconnect.com
formation-dsdm.reseau.sncf.fr
banque-des-preuves-rse.sncf.fr
sources.fd.sncf.fr
*.carmen.sncf.fr
octave-api-dev.sncf.fr
www.EME-portailSSO-sncf.com
*.apps.eul.sncf.fr
vdixenpilote.sncf.fr
cert00089-azurecdn.akamaized.net
formtractiontv.sncf.fr
*.sncfconnect.com
rhobs-archives-dev.sncf.fr
smartoffice.sncf.fr
seminaire-rh-2017.sncf.fr
seminaire-rh-2017.sncf.fr
postprod-pcs-reponse.reseau.sncf.fr
test-slan.sncf.fr
resultats-labo-paris.sncf.fr
cypres-api-int.sncf.fr
matomo.fd.sncf.fr
sncf.com
pmad.reseau.sncf.com
int.auth.sso.reseau.sncf.fr
sncf.com
mattv.sncf.fr
sts.commun.ad.sncf.fr
alerte-transilien.sncf.fr
dev-prospectus.sncf.fr
orion-connect-form.sncf.fr
accessibilite.sncf.com
sources.fd.sncf.fr
monacademie.sncf.fr
pdvf-rec.sncf.fr
cert00089-azurecdn.akamaized.net
robustest-cerbere.dgexsol.sncf.fr
postprod-fit.reseau.sncf.fr
s2if-gie.sncf.com
cert00089-azurecdn.akamaized.net
preprod-pcs-reponse.reseau.sncf.fr
mestrainsdhier.fd.sncf.fr
monacademie.sncf.fr
*.fret.sncf.com
localiter.sncf.fr
bonneannee.sncf.fr
test-slan.sncf.fr
catalogue-formation-fret.sncf.fr
resultats-labo-lyon.sncf.fr
preprod-apies-np.sncf.fr
netkin.eu
laboutiqueeco.sncf.fr
quizrh.sncf.fr
cashsolutions.sncf.fr
enquete-client.dgii.sncf.fr
form-papact.prevention.sncf.fr
*.ase-01-e2-pr.cloud.sncf.fr
poc.portail-citrix.reseau.sncf.fr
moter-recette.sncf.fr
netkin.eu
recette1.ticketing-sncf.vsct.fr
mon-assistant-visuel-int.sncf.fr
veillesst.prevention.sncf.fr
sncfcontact.sncf.fr
form.prevention.sncf.fr
www.srtpf.fr
siph.sso.reseau.sncf.fr
viveletrain-forumemploi.sncf.fr
www.tech.sncf.fr
declic-for.infra.sncf.fr
*.api-np.sncf.fr
*.accessly.divadigital.sncf.fr
int-auth.sso.reseau.sncf.fr
contact-contravention-integration.sncf.fr
recette1.ticketing-sncf.vsct.fr
diva.sncf.fr
dev-apies-np.sncf.fr
matomo.fd.sncf.fr
*.dashboardly.divadigital.sncf.fr
preprod-apies-np.sncf.fr
netkin.eu
hospitalite-france2019.sncf.fr
themis-regles-dev.sncf.fr
design-bootstrap.sncf.fr
mestrainsdhier.fd.sncf.fr
netkin.eu
g11-ref-optimum.sncf.fr
snr.infra.eva.sncf.fr
preprod-stockfds-webapi.prevention.sncf.fr
dev-salto-iamapp.sncf.fr
recette1.ticketing-sncf.vsct.fr
myuds.sncf.fr
*.staging.aks.eul.sncf.fr
ouranos-int.sncf.fr
laboutiqueeco.sncf.fr
oui.sncf
webstats.sncf.fr
cert00089-azurecdn.akamaized.net
e-logement.sncf.fr
rec-beb.basic-ng.exp.reseau.sncf.fr
*.sncfconnect.com
formation-dsdm.reseau.sncf.fr
banque-des-preuves-rse.sncf.fr
sources.fd.sncf.fr
Certificate
The complete raw certificate details for *.carmen.sncf.fr in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGijCCBXKgAwIBAgIQCWPBVh+JsfyO4jSXN4ecezANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDgyMTAwMDAwMFoXDTI0MDkxODIzNTk1OVowGzEZ MBcGA1UEAwwQKi5jYXJtZW4uc25jZi5mcjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALfiKrvQnZENQXnTChwd8PIzuY41CD9RQ4532UXJvQiDCSyrO5Qt YOXygcaTdRdnWxP+CnnK7inuxQL8Ui/oe4gFpXKcG0DyMOl/bp8TaHq4XfMWmEnW 4jHOH/QS31YE6MaaDnm7py9Unsi0MaR/gDzzFcvCZn2r8pv/S85xeynhCb8TpU2e RROElupjtjfNhGyRTE99nOoSWtO9JtYKz538sAZzVfNQIFRqIsnlZqqVBgN0iGK9 aTnVpVAueRk7a2wXHhc8VlCqXdQywzOAaDIeWvaQfH4eQVjZwZ4ZZQi5d1dfG7JV I/LlPHibZdnmyqi8Cws+zkfiThNtBdE4aosCAwEAAaOCA6cwggOjMB8GA1UdIwQY MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSe7nFziCtnFB+3dqHe IfVCqt/GGTCB1wYDVR0RBIHPMIHMghAqLmNhcm1lbi5zbmNmLmZyggx3ZGktdnNj dC5jb22CGyouY2FsZW5kYXIudm95YWdlcy1zbmNmLmNvbYIPdHJhbnNpbGllbi5t b2JpghR3d3cuc2F2LWN1aS5zbmNmLmNvbYIXKi5hY2Nlcy1jbGllbnQuc25jZi5j b22CECoudHJhbnNpbGllbi5jb22CE3d3dy50cmFuc2lsaWVuLm1vYmmCDnRyYW5z aWxpZW4uY29tghYqLm1lZGlhdGhlcXVlLnNuY2YuY29tMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6g LIYqaHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMBMG A1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYh aHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipo dHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0T AQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcAdv+IPwq2+5VRwmHM 9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGKF4xXdgAABAMASDBGAiEA3Vo0tYn00CEP qQRxFIR0HvWWEOW1iIHL33dkliNN0JMCIQDT0lKhKTkfHHGoiOZ1gqaUEQ2cvsEd E3yf5iC8rAksaAB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB iheMV0cAAAQDAEcwRQIgMPgII5V6N3RdMDX5mBet/ysqP5ZNcZ6FqrCPlCQrQHoC IQD2S+frqBvYLNCOVWCrjXkASBwq2zdf5R1oqOF5M9pU6gB2ANq2v2s/tbYin5vC u1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiheMVw0AAAQDAEcwRQIgYA6xDcPv89HN jL9YnYtRyhtvNbjZb4qkyf7F1345a0YCIQDFmJclkK45bKmRoUptGMZVrDW0h26P K39yH8A1E0huVzANBgkqhkiG9w0BAQsFAAOCAQEAZI6c68qMNwYElWU4gDIhMRcv 5HNqmF0+gP3MrV4FUElN1alBbgL31QegsJzXjXgcCnQM9mahtCNXNYeYE1r4jTqi nFSdm6V10CUknJ4jnJCz8xQMtL8X0VCwJ9i/CbiqdKfM4ZBaw6x+Dj+KUdGHYs6X GJDigVR3m/D2FSacY9D8DZj+ZyNF3c5lLNCpHvnOZLJ5v3OGtEFA7xS9L+3QoSiB ouL1IYCM5PLQxMkpNX/8R5/mwCAE2GcTi+LBfuH5VFQji2WehI9FcuO0w1XjHrRE F/8Pjeqw0K3gntNpnbk8EragZ5QJDlE1JKBoO2C3Nv58NfWDdBS7Yw1OBEUajA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+Iqu9CdkQ1BedMKHB3w 8jO5jjUIP1FDjnfZRcm9CIMJLKs7lC1g5fKBxpN1F2dbE/4KecruKe7FAvxSL+h7 iAWlcpwbQPIw6X9unxNoerhd8xaYSdbiMc4f9BLfVgToxpoOebunL1SeyLQxpH+A PPMVy8Jmfavym/9LznF7KeEJvxOlTZ5FE4SW6mO2N82EbJFMT32c6hJa070m1grP nfywBnNV81AgVGoiyeVmqpUGA3SIYr1pOdWlUC55GTtrbBceFzxWUKpd1DLDM4Bo Mh5a9pB8fh5BWNnBnhllCLl3V18bslUj8uU8eJtl2ebKqLwLCz7OR+JOE20F0Thq iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12481010679495170449975362895005326459 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.carmen.sncf.fr' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23213136877818054780155270863044603137080498263549166006429790427380673380031413681019074125517666241934336438021066799851575161680580892619731887413559785153149444889407106689708564486451625653997456236508657531605056596321578925780710605703002976539492341230335762630747989385286463778824019419537938648581187042885932996892601402022775154223921796498431135670553369786898094327402604352958106941164765276841810481882669812448796842683636021713636502225835048956012435279170642187448612807831708994580505952109231222802978632862734761839074923087393262305583566065689300643716781344203550603582436209875463217638027 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9eee7173882b67141fb776a1de21f542aadfc619 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (207 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.carmen.sncf.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wdi-vsct.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.calendar.voyages-sncf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transilien.mobi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sav-cui.sncf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.acces-client.sncf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.transilien.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.transilien.mobi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transilien.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mediatheque.sncf.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018a178c57760000040300483046022100dd5a34b589f4d0210fa904711484741ef59610e5b58881cbdf776496234dd093022100d3d252a129391f1c71a888e67582a694110d9cbec11d137c9fe620bcac092c6800760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a178c57470000040300473045022030f80823957a37745d3035f99817adff2b2a3f964d719e85aab08f94242b407a022100f64be7eba81bd82cd08e5560ab8d7900481c2adb375fe51d68a8e17933da54ea007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a178c570d00000403004730450220600eb10dc3eff3d1cd8cbf589d8b51ca1b6f35b8d96f8aa4c9fec5d77e396b46022100c598972590ae396ca991a14a6d18c655ac35b4876e8f2b7f721fc03513486e57 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00648e9cebca8c37060495653880322131172fe4736a985d3e80fdccad5e0550494dd5a9416e02f7d507a0b09cd78d781c0a740cf666a1b42357358798135af88d3aa29c549d9ba575d025249c9e239c90b3f3140cb4bf17d150b027d8bf09b8aa74a7cce1905ac3ac7e0e3f8a51d18762ce971890e28154779bf0f615269c63d0fc0d98fe672345ddce652cd0a91ef9ce64b279bf7386b44140ef14bd2fedd0a12881a2e2f521808ce4f2d0c4c929357ffc479fe6c02004d867138be2c17ee1f95454238b659e848f4572e3b4c355e31eb44417ff0f8deab0d0ade09ed3699db93c12b6a06794090e513524a0683b60b736fe7c35f5837414bb630d4e04451a8c