token-service.payments-aws-stg.aws.oath.cloud

Issued by Amazon

About this certificate

This digital certificate with serial number 05:fa:35:9b:45:c8:37:92:6c:5d:78:89:39:f8:7e:4e was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=token-service.payments-aws-stg.aws.oath.cloud

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:fa:35:9b:45:c8:37:92:6c:5d:78:89:39:f8:7e:4e
Serial Number (int): 7945301463228982793941913616078372430
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: cd:30:88:c0:dc:cc:be:bb:8f:16:db:63:15:b6:3b:d8:f4:dd:19:31
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): a0:5f:28:8d:fd:0f:32:5d:b1:82:ba:35:f5:a1:62:51:89:c3:ad:66
Fingerprint (sha256): 00:ba:32:5a:9d:87:9d:51:34:98:32:b9:5e:a5:44:b9:4c:45:26:3a:2f:52:ac:0d:72:83:b9:18:6a:44:99:ac

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate token-service.payments-aws-stg.aws.oath.cloud

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for token-service.payments-aws-stg.aws.oath.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

token-service.payments-aws-stg.aws.oath.cloud

Other certificates including the domain name oath.cloud

(limited to 100 certificates)
sonar.subscriptions-obi-fe-aws-dev.aws.oath.cloud
token-iws-proxy.payments-aws-stg.aws.oath.cloud
splunk-srch-hd.subscriptions-devops-obi-aws-dev.aws.oath.cloud
tagcache.one-mobile-prod.aws.oath.cloud
*.vpa2.aws.oath.cloud
vp56agpfbf27kfdfk3qfnb6bjgadju44x.public.vespa.oath.cloud
partneradservice.search-web-dm-staging.aws.oath.cloud
*.video-platform-splunk.aws.oath.cloud
*.comms-notifications-prod.aws.oath.cloud
token-service.payments-aws-stg.aws.oath.cloud
demo-ui.payments-aws-services-stg.aws.oath.cloud
ssp-dev-ats-test.one-mobile-dev.aws.oath.cloud
*.video-data-platform-prod.aws.oath.cloud
atlantis.uplynk-inf.aws.oath.cloud
splunk-indexer.ec-horizontal-rewards-tools.aws.oath.cloud
splunk-indexer.ec-horizontal-rewards-dev-tools.aws.oath.cloud
beta1-policies.yahoo.com
one-central-api-qa-mse-eks.mse-dev.aws.oath.cloud
*.video-stage.aws.oath.cloud
partneradservice.aws-oath-domain-match-us-mbst.aws.oath.cloud
*.autos.yahoo.com
member-pulse-push.customer-care-voc-aws-dev.aws.oath.cloud
splunk-srch-hd.subscriptions-lca-content-aws-dev.aws.oath.cloud
abumedia-aws-partner.aws.oath.cloud
*.oath-marketing-verizonmedia-production.aws.oath.cloud
vwok3l4cd6wznlc5iwdglhkdrrwmetgys.public.vespa.oath.cloud
search-ui.payments-aws-services-stg.aws.oath.cloud
*.srs-dev.pcp.aws.oath.cloud
jef-ui-bdp.aolp-ds-dev.aws.oath.cloud
jenkins-master.one-mobile-dev.aws.oath.cloud
*.paranoids-cloudsec-fail.aws.oath.cloud
varfbm5bestuka7uvgajs36qsvm4j3r6z.public.vespa.oath.cloud
inbox-service.payments-aws-cde-stg.aws.oath.cloud
*.home-maudette.aws.oath.cloud
token-iws-proxy.payments-aws-dev.aws.oath.cloud
v6ptdyponqnkh74iz3pigob72xsio3re4.vespa.oath.cloud
*.www.yahoo.com
token-iws-proxy.payments-aws-stg.aws.oath.cloud
id-ds.corp.aol.com
data-collector.payments-aws-services-prod.aws.oath.cloud
id.b2b.oath.com
qa-srs-api.pcp.aws.oath.cloud
*.artifactory-sandbox.aws.oath.cloud
*.global.vespa.yahooapis.com
splunk.ec-horizontal-rewards-tools.aws.oath.cloud
token-iws-proxy.payments-aws-stg.aws.oath.cloud
*.broker.aolp-ds-prd.aws.oath.cloud
vxjzjakdi3o7npascqumixvqycimmqcz4.public-cd.vespa.oath.cloud
*.ivn-vibe-dev.aws.oath.cloud
demo-ui.payments-aws-services-stg.aws.oath.cloud
*.geneva-server.one-mobile-dev.aws.oath.cloud
brana-api.aws-oath-fires-brana-prod.aws.oath.cloud
streamer.finance.yahoo.com
mss-api.mss-dev.aws.oath.cloud
partneradservice.aws-oath-domain-match-us-mbst.aws.oath.cloud
qai-omni-broker.us-east-1b.aolp-ds-dev.aws.oath.cloud
*.video-data-platform-dev.aws.oath.cloud
yho.com
jp.techcrunch.com
sdk.yahooinc.com
qa-jef-api.dmp.us-east-1.aolp-ds-dev.aws.oath.cloud
one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud
chemtrail.home-ccannell.aws.oath.cloud
jenkins-master.one-mobile-dev.aws.oath.cloud
inbox-service.payments-aws-cde-dev.aws.oath.cloud
tls.subscriptions-devops-aws-dev.aws.oath.cloud
*.srs-prod.pcp.aws.oath.cloud
cd.donbot.mortent.global.vespa.oath.cloud
druid-dev-us-east-1.dcs-audience-insights-dev.aws.oath.cloud
staging.autoblog.com
*.alpo.mail.aol.com
stage.tokenmanager.finance.yahooapis.com
*.autos.yahoo.com
sports.yahoo.com
splunk-srch.subscriptions-devops-access-aws-dev.aws.oath.cloud
tls.subscriptions-devops-aws-dev.aws.oath.cloud
splunk-indexer.payments-aws-tools-dev.aws.oath.cloud
internal.ups-prod-vzm.ap-southeast-1.aolp-ds-prd.aws.oath.cloud
redash.pcp-aws-redash.aws.oath.cloud
v7fbrygd6estm3f7uultqjhlvlwrij6qg.vespa.oath.cloud
subs.communications.yahoo.com
id-uat.b2b.yahooinc.com
dmp-off-ingest.aolp-ds-prd.aws.oath.cloud
v6rprg4ffmjfi4zqz2pr32kvrfzqagzuf.vespa.oath.cloud
cdn.payments-aws-obi-cdn.aws.oath.cloud
*.onecreative.aws.oath.cloud
vvpyjwrconn4s3genqpo5wijznctuffmw.vespa.oath.cloud
vlne5srwzhcapsjlcuxw7x3iasz2czp5j.vespa.oath.cloud
bid.oath-exchange-dev.aws.oath.cloud
dmp-off-ingest-qai.aolp-ds-dev.aws.oath.cloud
dtm-origin.aolp-ds-prd.aws.oath.cloud
dooh-location-api.aws-oath-fires-brana-prod.aws.oath.cloud
railplitter.flurry-stg.aws.oath.cloud
grpc.tritonserver.search-web-qlas.aws.oath.cloud
token-service.payments-aws-cde-prod.aws.oath.cloud
ycm-receiver-dev-hx.ycm-aws-devel.aws.oath.cloud
*.c2s-sa-production.aws.oath.cloud
verizon-native-protocol-service.one-mobile-prod.aws.oath.cloud
token-service.payments-aws-stg.aws.oath.cloud
vqfjxpkobwsidxbiqtr5t7bsn2i45zumr.public-cd.vespa.oath.cloud

Certificate

The complete raw certificate details for token-service.payments-aws-stg.aws.oath.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIQBfo1m0XIN5JsXXiJOfh+TjANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAyMDcwMDAwMDBaFw0yMDAzMDcx
MjAwMDBaMDgxNjA0BgNVBAMTLXRva2VuLXNlcnZpY2UucGF5bWVudHMtYXdzLXN0
Zy5hd3Mub2F0aC5jbG91ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJ+OzFq3RYv+bQTOEBBGXaqnDiK0wOHYZC4k8R2Q1Q9iaPnjaq5mcR11Ylql6dW7
jQZOHgjuDqP3ippeNtQJ8snQhB/GCoEOpWe1dwf+Vlhbzj5q+RGabSmhoe9WQs95
9kbaZdkfQnIMfSrLK1+fpfNA1/QOjZAiV9VEZRV/nyW9U8In5yb/ynEz7b8F66lM
vLdIqPNgd2PD6bfR+61WcC6e61xBOUDqdWEiWAmyS1MJMFey1yOEQNghAL0EhzPo
0RZmH/y4gqz5bqDQVzt5psUC0kgRVfRazBOIb7SC79Ku9B4A8CvDG3D4+EEyZ4RH
frFNOW6WTT3x+af0Ey0yzCkCAwEAAaOCAaYwggGiMB8GA1UdIwQYMBaAFFmkZgZS
oHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBTNMIjA3My+u48W22MVtjvY9N0ZMTA4
BgNVHREEMTAvgi10b2tlbi1zZXJ2aWNlLnBheW1lbnRzLWF3cy1zdGcuYXdzLm9h
dGguY2xvdWQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpv
bnRydXN0LmNvbS9zY2ExYi5jcmwwIAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYG
Z4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au
c2NhMWIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNj
YTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADATBgor
BgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdZcz0Y5jHO3VNjf+
rHooeHmB0K9MnFRUagWbqAoCyNnzdTeHTceZ2syTyss/yIlHIMNf8UzVMomZ++hj
pSvyJ/gmos9AbfL+v4gVifVSBOHlJmSY+iub0elxtsqtE/uTzFY2ZdTzulUMJRa3
z9BdNzOK/zdcnrRYpTo3GsiBxoWCDfBHt9DM/+C9V9x6zCnaLI9/GHJ21tciDBzA
BvUVf66uc6zVPKlZ5MvSgv47500zuYiCY5DBFdtu5xxV/VpqW4xgQKsiZEKETGio
7HcApzFtwXwkcT5d58owm8Bw0sPeLBdIvmoPyc32QEmLEqFwLUyRjUi4WAZU24eA
2S7iLQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn47MWrdFi/5tBM4QEEZd
qqcOIrTA4dhkLiTxHZDVD2Jo+eNqrmZxHXViWqXp1buNBk4eCO4Oo/eKml421Any
ydCEH8YKgQ6lZ7V3B/5WWFvOPmr5EZptKaGh71ZCz3n2Rtpl2R9Ccgx9KssrX5+l
80DX9A6NkCJX1URlFX+fJb1TwifnJv/KcTPtvwXrqUy8t0io82B3Y8Ppt9H7rVZw
Lp7rXEE5QOp1YSJYCbJLUwkwV7LXI4RA2CEAvQSHM+jRFmYf/LiCrPluoNBXO3mm
xQLSSBFV9FrME4hvtILv0q70HgDwK8MbcPj4QTJnhEd+sU05bpZNPfH5p/QTLTLM
KQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7945301463228982793941913616078372430
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-07 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'token-service.payments-aws-stg.aws.oath.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20142306935679053626304450352469784423468259955443275744576640919300011165838720028857721254791884117064501697945874200489083025364517108107251397170745172308086727501111028464927909961915265914927551307586552419177377438433839739753993247826194084459098286486562188143322151087964727130099242825730130978076877622443077704261485378112142078935443789256145137632208512634362338604404401854599280931309939980489561399994286354528199243689733978470854582202099434090967708461199324393797047613208027103383471643145374450932854739518618433941812729188064582252941265013951460958950098278549417188921206354853724853292073
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cd3088c0dcccbebb8f16db6315b63bd8f4dd1931
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'token-service.payments-aws-stg.aws.oath.cloud'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00759733d18e631cedd53637feac7a28787981d0af4c9c54546a059ba80a02c8d9f37537874dc799dacc93cacb3fc8894720c35ff14cd5328999fbe863a52bf227f826a2cf406df2febf881589f55204e1e5266498fa2b9bd1e971b6caad13fb93cc563665d4f3ba550c2516b7cfd05d37338aff375c9eb458a53a371ac881c685820df047b7d0ccffe0bd57dc7acc29da2c8f7f187276d6d7220c1cc006f5157faeae73acd53ca959e4cbd282fe3be74d33b988826390c115db6ee71c55fd5a6a5b8c6040ab226442844c68a8ec7700a7316dc17c24713e5de7ca309bc070d2c3de2c1748be6a0fc9cdf640498b12a1702d4c918d48b8580654db8780d92ee22d