monitoring.nonprod.tech.disney.com

Issued by Amazon

About this certificate

This digital certificate with serial number 01:69:0f:29:e3:5c:d0:58:a2:ee:4d:5b:47:bf:ba:5e was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=monitoring.nonprod.tech.disney.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:69:0f:29:e3:5c:d0:58:a2:ee:4d:5b:47:bf:ba:5e
Serial Number (int): 1874726720795092925925907909205539422
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 82:f1:71:87:4e:d4:65:0f:97:93:dc:b0:ef:d8:70:f4:7b:37:0b:20
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): a0:eb:df:e0:e7:ad:c5:44:4a:b7:e2:a8:35:5b:93:b2:09:8d:8c:4f
Fingerprint (sha256): 00:a0:a5:3c:b2:35:c6:ca:ba:cb:d5:b5:cf:f6:d3:ec:11:5e:55:32:48:80:d1:fb:25:b4:f2:dd:80:b9:d0:da

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate monitoring.nonprod.tech.disney.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for monitoring.nonprod.tech.disney.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

monitoring.nonprod.tech.disney.com
*.monitoring.nonprod.tech.disney.com

Other certificates including the domain name disney.com

(limited to 100 certificates)
sf-prod-dr-az.media.disney.com
ppm-dev.disney.com
studiocloseup.disney.com
dev1.tbx-gim-rest-inv-dlr.wdprapps.disney.com
zenoss.disid.disney.com
shtktefafc-qa.apac.wdpr.disney.com
load.origin.castmeas-api.wdprapps.disney.com
productpoller.dahetd.studio.disney.com
stage.enttl-devicemgmt.wdprapps.disney.com
dc00011131n0616.corp.disney.com
stage.dlp-content.wdprapps.disney.com
*.studio.disney.com
latest.dvc-si-rsapi.wdprapps.disney.com
latest.sched-activity-order-svc.dlp.wdprapps.disney.com
*.stg.ensemble.disney.com
use1lq401.edp.disney.com
fas.wdprapps.disney.com
stage.tbx-core-api-roomrate.dlr.wdprapps.disney.com
DCLLABPOSRPTX.dcl.wdpr.disney.com
ocportal.disney.com
VWMS.shanghaidisneyresort.com.cn
airflow-flower.wdprapps.disney.com
vs-frmv-wa255.emea.wdpr.disney.com
ahws-agent.wdprapps.disney.com
video.disney.com
latest.cappiiapi.wdprapps.disney.com
mportal.intl.disney.com
testraadpmt-rmq-latest.wdpr.disney.com
latest.routing-svc.wdprapps.disney.com
latest.tbx-client-setup-dlp-use1.wdprapps.disney.com
load.tbx-supplier-setup.dlr.wdprapps.disney.com
test.dccr.disney.com
ngeapi-web.wdprapps.disney.com
shotguntools.fas.fa.disney.com
weekly.disney.com
latest.rrms-spa.wdprapps.disney.com
latest.origin-commerce-binding-web.shanghaidisneyresort.com
payment-reference-svc.dlp.wdprapps.disney.com
riley.disney.com
Booksdev.disney.com
viki.disney.com
heydis-storage-public.wdprapps.disney.com
crf.disney.com
simba-gg.wdprapps.disney.com
redirect.disneyinternational.com
video.disney.com
felix.disneyanimation.com
ops.nonprod.tech.disney.com
dlp-microservice-latest.wdprapps.disney.com
latest.quote-svc-internal.dlp.wdprapps.disney.com
stage.member-dvc.wdprapps.disney.com
origin.latest.wdw.nap7.wdpro.disney.com
entl-pkg-order-svc.dlp.wdprapps.disney.com
destiny.minio-operator.dcl.wdpr.disney.com
origin.load.product.service.wdprapps.disney.com
sandbox.sb-acm-test.wdpr-sandbox.disney.com
latest.tbx-api-shop-dlp-use1.wdprapps.disney.com
nemo0-ec-pa.wdw.attractions.disney.com
dmcqa.disney.com
eeudlp-gni-c9800-wlc.net.disney.com
*.spa.studio.disney.com
monitoring.nonprod.tech.disney.com
prod.merch-backend.wdprapps.disney.com
shadow.tbx-document-setup.dlr.wdprapps.disney.com
iscdml.disney.com
load.origin.arrwui-api-dlr.wdprapps.disney.com
stage.core-sales-validator.wdprapps.disney.com
raportal-k8s.ra-sandbox.disney.com
latest.pmaevntjb.wdprapps.disney.com
stage.rmdp-reference-data-slave.wdprapps.disney.com
heeuddjap01.wds.disney.com
latest.tbx-recommendation.wdw.wdprapps.disney.com
load.non-disney-addon-adapter-wdw.wdprapps.disney.com
stage.use1.mobile-notification-ha.gam-test.wdprapps.disney.com
load.csbspa.wdprapps.disney.com
vault-euw1.wdprapps.disney.com
shtktefw-qa-ro.apac.wdpr.disney.com
latest.dme-svc.wdprapps.disney.com
latest.tbx-master-setup.wdprapps.disney.com
dcpclmqa.disney.com
UCwebn7ext.disney.com
xbms-fin-batch.wdprapps.disney.com
stage.anonymizer-batch.wdprapps.disney.com
latest.pms-psl-tbx-su.wdprapps.disney.com
latest.01323-notifysvc.wdprapps.disney.com
bespin.disney.com
matchinggifts.disney.com
latest.tbx-flight-setup-dlp-use1.wdprapps.disney.com
stage.ssl-automation.wdprapps.disney.com
stage.tdls.studiotech.disney.com
stage.event-broker-service.wdw.wdprapps.disney.com
latest.tim-svc.wdprapps.disney.com
contentsecurity.disney.com
f5.disneyanimation.com
laod.dlp-is.wdprapps.disney.com
latest.internal.pbcsmodel.wdprapps.disney.com
latest.ore-m.wdprapps.disney.com
www.espnwwos.com
load.wdw-photopass-ui.wdprapps.disney.com
SPP1-DEV.disney.com

Certificate

The complete raw certificate details for monitoring.nonprod.tech.disney.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgIQAWkPKeNc0Fii7k1bR7+6XjANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA5MjcwMDAwMDBaFw0yMjEwMjUy
MzU5NTlaMC0xKzApBgNVBAMTIm1vbml0b3Jpbmcubm9ucHJvZC50ZWNoLmRpc25l
eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5XxowOIsu4A2L
4989QAEaMd92zvN83BcituxZPqJ/fejPSNABnn/BHCP79SZNSVsZ3ZKZyY55N+17
AWTV/pZQaoGwaWttIIpiavrpdw0YUPQzos9W6/yQF435Nkgcd8FI5Za/ETnsOXyq
naPh9Gl46xKZF7HgQnmUej8Tb53k3sFDIqS1d82ZMIHtIfs5xjTlgcV1fZbTdujP
ijGY70PiQ4hLwo3rOtBryCF0HqFb+W+JrYACY59gsA/s7/Zbesswijo6i82YB9m5
UA/ggaFfHDsPXnqywvbfUOqkSIsvxrOofYnyzQs50jkKmhFv6D1X4lfXYeQ4dQAB
VqO+iVUtAgMBAAGjggMlMIIDITAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0
W/k90DAdBgNVHQ4EFgQUgvFxh07UZQ+Xk9yw79hw9Hs3CyAwUwYDVR0RBEwwSoIi
bW9uaXRvcmluZy5ub25wcm9kLnRlY2guZGlzbmV5LmNvbYIkKi5tb25pdG9yaW5n
Lm5vbnByb2QudGVjaC5kaXNuZXkuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDov
L2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAww
CjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v
b2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j
cnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAA
MIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwApeb7wnjk5IfBWc59jpXflvld9
nGAK+PlNXSZcJV3HhAAAAXwko7ybAAAEAwBIMEYCIQCHpMSXLhkAugc7v9N3p++B
VAkMZbgcdt/9j357zQ4UAgIhAKFTJiCDGGGcbUj7ZemeYpkxMwfeL29iP8rKtSrb
rJWLAHYAUaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN/tSLBeUAAAF8JKO85QAA
BAMARzBFAiB7IK9vmtQN7GBavg4sxAq6bntHN6+lgKK0eSkvY38LMwIhAN7Y5eJY
HFLD7foNxuyUlyNo73TyFa+Z4GXMBO0Tqf7GAHcAQcjKsd8iRkoQxqE6CUKHXk4x
ixsD6+tLx2jwkGKWBvYAAAF8JKO8agAABAMASDBGAiEAxCw2JrHS2d5M+L4pOeAT
tR8Xln8WgSwturip2p6CJ1YCIQCwLJSKo0OnaQEflANYRqRyTzDG6+7Rpr0emzG4
yFY5MzANBgkqhkiG9w0BAQsFAAOCAQEACWJoqVHJgVRfe7caBdBeZRZHitKQaLgS
aXW1kG8w/lFLx39K3TNACmnvfqWwpxjfiDtk/Ii17Do+on4C7+fx+E7Cyz+dH2Jp
A4LxcJP7S2akBn4Zu2AUdcx5qwHQWjCe0p2tfou7jx7APYIvaQIhgd2FeXW1oJN8
XkEnmIK9qq9ulsVmlhw4UQt8RcYbm//KEeyhXpGxzYxfyBEx1xk3qhLcxrWyMn7D
yQRw+/bxrsjJm7Wmmxy27Tpm2Wuoa3RLvuMTSTNgc3uJ89200SkWqZmS6Evo1PRF
hWPtg2pvVSBdxzSXPCUJjCFppkLJeH53XfdQ6H/aq/+2Sjg2oD26Tg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+V8aMDiLLuANi+PfPUAB
GjHfds7zfNwXIrbsWT6if33oz0jQAZ5/wRwj+/UmTUlbGd2SmcmOeTftewFk1f6W
UGqBsGlrbSCKYmr66XcNGFD0M6LPVuv8kBeN+TZIHHfBSOWWvxE57Dl8qp2j4fRp
eOsSmRex4EJ5lHo/E2+d5N7BQyKktXfNmTCB7SH7OcY05YHFdX2W03boz4oxmO9D
4kOIS8KN6zrQa8ghdB6hW/lvia2AAmOfYLAP7O/2W3rLMIo6OovNmAfZuVAP4IGh
Xxw7D156ssL231DqpEiLL8azqH2J8s0LOdI5CpoRb+g9V+JX12HkOHUAAVajvolV
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1874726720795092925925907909205539422
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'monitoring.nonprod.tech.disney.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31480234627700067244968709224759413635598763539190368286653586461884701805008800138447968723097758750680122492058076826002572526522224102389084981540624575127844686695215575098193113355566504653840683749932542363510973957405575081827769196833552448302682542163715812624314211930716102330727363354758156510491281206374668654389349453742352658621525502355454640307105597023563249063827971385069734062464191979546569043103722391940894349102983454931142156426078139859534492155691148708200900725640123193017688049847967724515933049924662537292277562216012422769515060826750073199350525907725742466177387289530557304231213
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							82f171874ed4650f9793dcb0efd870f47b370b20
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monitoring.nonprod.tech.disney.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.monitoring.nonprod.tech.disney.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a0077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017c24a3bc9b000004030048304602210087a4c4972e1900ba073bbfd377a7ef8154090c65b81c76dffd8f7e7bcd0e1402022100a15326208318619c6d48fb65e99e6299313307de2f6f623fcacab52adbac958b00760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017c24a3bce5000004030047304502207b20af6f9ad40dec605abe0e2cc40aba6e7b4737afa580a2b479292f637f0b33022100ded8e5e2581c52c3edfa0dc6ec94972368ef74f215af99e065cc04ed13a9fec600770041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017c24a3bc6a0000040300483046022100c42c3626b1d2d9de4cf8be2939e013b51f17967f16812c2dbab8a9da9e822756022100b02c948aa343a769011f94035846a4724f30c6ebeed1a6bd1e9b31b8c8563933
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00096268a951c981545f7bb71a05d05e6516478ad29068b8126975b5906f30fe514bc77f4add33400a69ef7ea5b0a718df883b64fc88b5ec3a3ea27e02efe7f1f84ec2cb3f9d1f62690382f17093fb4b66a4067e19bb601475cc79ab01d05a309ed29dad7e8bbb8f1ec03d822f69022181dd857975b5a0937c5e41279882bdaaaf6e96c566961c38510b7c45c61b9bffca11eca15e91b1cd8c5fc81131d71937aa12dcc6b5b2327ec3c90470fbf6f1aec8c99bb5a69b1cb6ed3a66d96ba86b744bbee313493360737b89f3ddb4d12916a99992e84be8d4f4458563ed836a6f55205dc734973c25098c2169a642c9787e775df750e87fdaabffb64a3836a03dba4e