feature-testfe.wcpsandbox.imdserve.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 08:1a:fa:fe:db:fb:37:ed:80:07:46:99:3f:69:64:a8 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=feature-testfe.wcpsandbox.imdserve.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 08:1a:fa:fe:db:fb:37:ed:80:07:46:99:3f:69:64:a8
Serial Number (int): 10773914479036345685178150218715718824
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: a1:d3:b0:43:a4:44:6a:a2:67:60:ac:24:a3:9c:b3:00:fd:a9:9f:4e
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 7d:30:09:3a:21:41:f9:34:d7:05:ff:a3:ee:77:7f:15:e3:96:86:d4
Fingerprint (sha256): 00:c6:36:cc:b2:81:78:e4:c6:4d:4b:04:ce:84:34:41:d5:7a:96:b8:cd:9c:4c:60:8c:b9:a8:75:1b:57:e3:1d

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate feature-testfe.wcpsandbox.imdserve.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for feature-testfe.wcpsandbox.imdserve.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

feature-testfe.wcpsandbox.imdserve.com
*.feature-testfe.wcpsandbox.imdserve.com

Other certificates including the domain name imdserve.com

(limited to 100 certificates)
feature-fab-15033.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
feature-testfe.wcpsandbox.imdserve.com
feature-fab-17849.wcpsandbox.imdserve.com
*.220triathlon.com
*.production.rdrct-serv.imdserve.com
feature-fab-24416-d.wcpsandbox.imdserve.com
feature-fab-19581.wcpsandbox.imdserve.com
feature-fab-15971.wcpsandbox.imdserve.com
feature-fab-11961.wcpsandbox.imdserve.com
feature-fab-24182.wcpsandbox.imdserve.com
feature-fab-19356.wcpsandbox.imdserve.com
feature-fab-14892.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
feature-fix-gen.wcpsandbox.imdserve.com
feature-fab-21257.wcpsandbox.imdserve.com
production.wcp.imdserve.com
bugfix-fab-17311.wcpsandbox.imdserve.com
feature-fab-17851.wcpsandbox.imdserve.com
feature-fab-21390.wcpsandbox.imdserve.com
feature-fab-14892.wcpsandbox.imdserve.com
feature-fab-19966.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
feature-loadtest.wcpsandbox.imdserve.com
feature-bazinga.wcpsandbox.imdserve.com
feature-fab-21390-n.wcpsandbox.imdserve.com
develop.wcpsandbox.imdserve.com
feature-fab-24738.wcpsandbox.imdserve.com
feature-fab-14892.wcpsandbox.imdserve.com
feature-fab-17105.wcpsandbox.imdserve.com
feature-fab-26720.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
immediate.map.fastly.net
feature-fab-14892.wcpsandbox.imdserve.com
feature-fab-15033.wcpsandbox.imdserve.com
immediate.map.fastly.net
*.preproduction.burda-int.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
feature-fab-24182.wcpsandbox.imdserve.com
feature-fab-14574.wcpsandbox.imdserve.com
immediate.map.fastly.net
immediate.map.fastly.net
migration-madeformums.wcpsandbox.imdserve.com
migration.wcpstaging.imdserve.com
feature-fab-23041.wcpsandbox.imdserve.com
feature-br-demo.wcpsandbox.imdserve.com
feature-fab-21226.wcpsandbox.imdserve.com
feature-fab-26234.wcpsandbox.imdserve.com
feature-br-demo.wcpsandbox.imdserve.com
feature-fetest.wcpsandbox.imdserve.com
feature-stv-1001.wcpsandbox.imdserve.com
feature-fab-17849.wcpsandbox.imdserve.com
feature-fab-17849.wcpsandbox.imdserve.com
feature-fab-20932.wcpsandbox.imdserve.com
feature-sktestbld.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
immediate.map.fastly.net
feature-wordpress-5-2.wcpsandbox.imdserve.com
bugfix-currentprod.wcpsandbox.imdserve.com
feature-fab-15883.wcpsandbox.imdserve.com
patch-hide-scm-checkout.wcpsandbox.imdserve.com
feature-fab-20964.wcpsandbox.imdserve.com
feature-fab-24915.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
migration.wcpstaging.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
feature-fab-17829.wcpsandbox.imdserve.com
fe-domain-alias-fix.wcpsandbox.imdserve.com
feature-fab-24182.wcpsandbox.imdserve.com
immediate.map.fastly.net
feature-template.wcpsandbox.imdserve.com
feature-airship.wcpsandbox.imdserve.com
fix-slack-wh.wcpsandbox.imdserve.com
feature-fab-18965.wcpsandbox.imdserve.com
feature-fab-18330.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
feature-fab-17849.wcpsandbox.imdserve.com
feature-fab-14892.wcpsandbox.imdserve.com
feature-wordpress-5-beta.wcpsandbox.imdserve.com
feature-fab-27407.wcpsandbox.imdserve.com
feature-postmantsts.wcpsandbox.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
immediate.map.fastly.net
feature-fab-21308.wcpsandbox.imdserve.com
feature-fab-21997.wcpsandbox.imdserve.com
feature-fab-24182.wcpsandbox.imdserve.com
feature-fab-16503.wcpsandbox.imdserve.com
immediate.map.fastly.net
feature-dummy-sitemap.wcpsandbox.imdserve.com
feature-fab-17849.wcpsandbox.imdserve.com
feature-fab-22885-i.wcpsandbox.imdserve.com
feature-fab-17849.wcpsandbox.imdserve.com
feature-fab-15033.wcpsandbox.imdserve.com
migration.wcpstaging.imdserve.com
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
feature-fab-17949.wcpsandbox.imdserve.com
feature-fab-19648.wcpsandbox.imdserve.com
feature-fab-24416.wcpsandbox.imdserve.com

Certificate

The complete raw certificate details for feature-testfe.wcpsandbox.imdserve.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEtTCCA52gAwIBAgIQCBr6/tv7N+2AB0aZP2lkqDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIxMzAwMDAwMFoXDTI1MDExMDIzNTk1OVowMTEv
MC0GA1UEAxMmZmVhdHVyZS10ZXN0ZmUud2Nwc2FuZGJveC5pbWRzZXJ2ZS5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFVX+CdMHIU3tY7KHBtU1J
G8C5/zrpaxXXtHodOKxnSbtCrQ5YuKy3ysLaiXWawPvKXCScdOcsa8+V+5bCSkbB
TfXl7+g9Mxii9VBXmfl/JgJHTlJHAP21oq7mLdjvJ+JH+W+w/GVnZ8IBU67B/kJz
x1AvE9qMS0T5RWalvF9jllKKGtQNbrSmmPdVFkS3HCKMTubtu4frZdkCkBnzrw8v
GFfqjb/K+aV5ByD4Etw7PdOYj2OHyOHlEurDeJIf7sq9/HAFAy6HcRiegDSpQ1TH
p7JY9cGIsmOngGNQ218lE2mdXd22aEz2MiSkO0G4rOJ5hJE2WVjasrjwkI4uQQgD
AgMBAAGjggG8MIIBuDAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAd
BgNVHQ4EFgQUodOwQ6REaqJnYKwko5yzAP2pn04wWwYDVR0RBFQwUoImZmVhdHVy
ZS10ZXN0ZmUud2Nwc2FuZGJveC5pbWRzZXJ2ZS5jb22CKCouZmVhdHVyZS10ZXN0
ZmUud2Nwc2FuZGJveC5pbWRzZXJ2ZS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7
BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNv
bS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v
b2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j
cnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAA
MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAUkM5h/0Tx
SCF6AwvMMdcKD90thUXqnMNc5HJ3Cyh1Y3M1kzG3S0Wua5MefYtuyltqVvDpM42N
doH5DwPrDZkkY5vuPs3r7NF2GZfavbhNKAXfP2/s9YrPDhNsbWQ3m/0s592wU2tc
GOOPeP1dCaK4+Hq98z/hIl9Y0ubDitlmnBHhYZM898mrLL1hMlr6M+ELeCOi4aOw
OcP9tfuM+YE6PMOSDQK0wdTaEbndT3m2ZL9gXrUxSTN6mNccfxK+1dvIr+GwjO/F
1DgbSJ9yR5VRZzIuuz3YWrxlSsEmocqKkhQTl4yQCaG5tUw23qEU/5fOLbVxw/5y
cjVf9MUj2rWu
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVV/gnTByFN7WOyhwbVN
SRvAuf866WsV17R6HTisZ0m7Qq0OWList8rC2ol1msD7ylwknHTnLGvPlfuWwkpG
wU315e/oPTMYovVQV5n5fyYCR05SRwD9taKu5i3Y7yfiR/lvsPxlZ2fCAVOuwf5C
c8dQLxPajEtE+UVmpbxfY5ZSihrUDW60ppj3VRZEtxwijE7m7buH62XZApAZ868P
LxhX6o2/yvmleQcg+BLcOz3TmI9jh8jh5RLqw3iSH+7KvfxwBQMuh3EYnoA0qUNU
x6eyWPXBiLJjp4BjUNtfJRNpnV3dtmhM9jIkpDtBuKzieYSRNllY2rK48JCOLkEI
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10773914479036345685178150218715718824
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'feature-testfe.wcpsandbox.imdserve.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24911106755057379857899562756397026607652688881983916353719057788576202024900845894007793924451317123091467245205659635178493230406046778210313407833626851253886781351651826804574708376389165293146945780077223817551264543710360467475013490583178844151596913337208387356299962757660373855242978535218649996526149384703980818213139321897096853917236743452390859513772283903659581471073486112855989124028131309577724444720776389900169458310833996061985028709256592184735710148108235779197932712919001000797594796046065254281745819061441580285950570408807394398998191717089764184908636040134127761433464616032970546939907
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a1d3b043a4446aa26760ac24a39cb300fda99f4e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feature-testfe.wcpsandbox.imdserve.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.feature-testfe.wcpsandbox.imdserve.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001490ce61ff44f148217a030bcc31d70a0fdd2d8545ea9cc35ce472770b28756373359331b74b45ae6b931e7d8b6eca5b6a56f0e9338d8d7681f90f03eb0d9924639bee3ecdebecd1761997dabdb84d2805df3f6fecf58acf0e136c6d64379bfd2ce7ddb0536b5c18e38f78fd5d09a2b8f87abdf33fe1225f58d2e6c38ad9669c11e161933cf7c9ab2cbd61325afa33e10b7823a2e1a3b039c3fdb5fb8cf9813a3cc3920d02b4c1d4da11b9dd4f79b664bf605eb53149337a98d71c7f12bed5dbc8afe1b08cefc5d4381b489f7247955167322ebb3dd85abc654ac126a1ca8a921413978c9009a1b9b54c36dea114ff97ce2db571c3fe7272355ff4c523dab5ae