spark.dev.piaget.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 01:16:80:9d:57:be:ef:b9:dc:2c:7d:e7:00:bb:8b:cb was issued on by Amazon.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=spark.dev.piaget.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:16:80:9d:57:be:ef:b9:dc:2c:7d:e7:00:bb:8b:cbSerial Number (int): 1446067141079488068332799436233870283
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: e1:ea:46:56:9f:56:d0:bf:eb:8b:f1:8c:18:e6:3e:96:c6:f2:28:a7
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): ad:ae:d2:75:b9:1a:d6:91:5e:29:eb:5c:e1:7f:04:96:f7:63:88:8c
Fingerprint (sha256): 02:7c:8e:67:6f:77:eb:7f:54:10:31:f3:55:cb:ef:f9:9e:49:fa:cf:7e:ba:02:83:0c:4c:21:68:47:f9:c7:ea
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate spark.dev.piaget.com
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for spark.dev.piaget.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
spark.dev.piaget.com
spark.dev.baume-et-mercier.com
spark.dev.iwc.com
spark.dev.alange-soehne.com
spark.dev.iwc-schaffhausen.com
spark.dev.rogerdubuis.com
spark.dev.montblanc.com
spark.dev.jaeger-lecoultre.com
spark.dev.vacheron-constantin.com
spark.dev.panerai.com
spark.dev.baume-et-mercier.com
spark.dev.iwc.com
spark.dev.alange-soehne.com
spark.dev.iwc-schaffhausen.com
spark.dev.rogerdubuis.com
spark.dev.montblanc.com
spark.dev.jaeger-lecoultre.com
spark.dev.vacheron-constantin.com
spark.dev.panerai.com
Other certificates including the domain name piaget.com
(limited to 100 certificates)
intranet.richemont.com
intranet.richemont.com
www.piaget.com
www.piaget.com
scan.preprod2.cartier.com
www.seal.piaget.com
intranet.richemont.com
spark.dev.piaget.com
dam.richemont.com
intranet.richemont.com
watch.supplier.piaget.com
watch.supplier.piaget.com
media.richemont.com
admin.www.piaget.com
scan.preprod2.cartier.com
image.email.novartis.es
admin.www.piaget.com
intranet.richemont.com
quality.secure.piaget.com
intranet.richemont.com
linemedia.preprod.richemont.com
dam.richemont.com
linemedia.preprod.richemont.com
scan.dev.cartier.com
pprod.secure.piaget.com
admin.www.piaget.com
intranet.richemont.com
www.quality.alange-soehne.com
www.event-registration.piaget.com
watch.supplier.piaget.com
image.email.novartis.es
linemedia.preprod.richemont.com
scan.preprod2.cartier.com
polo-experience.piaget.com
intranet.preprod.richemont.com
www.quality.alange-soehne.com
media.richemont.com
scan.dev.cartier.com
linemedia.preprod.richemont.com
extranet-pilote.piaget.com
www.quality.alange-soehne.com
cartiercare.preprod2.cartier.com
pressnews.piaget.com
san-2-s50.tlsprovisioning.exacttarget.com
intranet.staging.richemont.com
spark.preprod.piaget.com
admin.www.piaget.com
spark.dev.piaget.com
scan.dev2.cartier.com
intranet.quality.richemont.com
extranet-pilote.piaget.com
admin.www.piaget.com
intranet.dev.richemont.com
scan.cartier.com
www.piaget.com
intranet.staging.richemont.com
scan.preprod.cartier.com
vcs.richemont.com
www.piaget.com
intranet.richemont.com
archiving.piaget.com
linemedia.preprod.richemont.com
admin.www.piaget.com
scan.preprod2.cartier.com
intranet.dev.richemont.com
admin.www.piaget.com
intranet.richemont.com
linemedia.preprod.richemont.com
linemedia.preprod.richemont.com
scan.dev2.cartier.com
dam.richemont.com
scan.dev2.cartier.com
spark.piaget.com
scan.cartier.com
piaget.com
scan.preprod.cartier.com
media.richemont.com
admin.www.piaget.com
www.piaget.com
www.quality.alange-soehne.com
www.ivycoder.com
admin.www.piaget.com
admin.www.piaget.com
image.email.novartis.es
www.piaget.com
presse.piaget.com
intranet.richemont.com
staging.yada.ai
app.dev.trvlbud.com
www.switzerlandetraining.piaget.com
scan.preprod.cartier.com
presse.piaget.com
www.quality.alange-soehne.com
www.piaget.com
polo-experience.piaget.com
scan.dev2.cartier.com
intranet.staging.richemont.com
intranet.richemont.com
www.piaget.com
intranet.richemont.com
intranet.richemont.com
www.piaget.com
www.piaget.com
scan.preprod2.cartier.com
www.seal.piaget.com
intranet.richemont.com
spark.dev.piaget.com
dam.richemont.com
intranet.richemont.com
watch.supplier.piaget.com
watch.supplier.piaget.com
media.richemont.com
admin.www.piaget.com
scan.preprod2.cartier.com
image.email.novartis.es
admin.www.piaget.com
intranet.richemont.com
quality.secure.piaget.com
intranet.richemont.com
linemedia.preprod.richemont.com
dam.richemont.com
linemedia.preprod.richemont.com
scan.dev.cartier.com
pprod.secure.piaget.com
admin.www.piaget.com
intranet.richemont.com
www.quality.alange-soehne.com
www.event-registration.piaget.com
watch.supplier.piaget.com
image.email.novartis.es
linemedia.preprod.richemont.com
scan.preprod2.cartier.com
polo-experience.piaget.com
intranet.preprod.richemont.com
www.quality.alange-soehne.com
media.richemont.com
scan.dev.cartier.com
linemedia.preprod.richemont.com
extranet-pilote.piaget.com
www.quality.alange-soehne.com
cartiercare.preprod2.cartier.com
pressnews.piaget.com
san-2-s50.tlsprovisioning.exacttarget.com
intranet.staging.richemont.com
spark.preprod.piaget.com
admin.www.piaget.com
spark.dev.piaget.com
scan.dev2.cartier.com
intranet.quality.richemont.com
extranet-pilote.piaget.com
admin.www.piaget.com
intranet.dev.richemont.com
scan.cartier.com
www.piaget.com
intranet.staging.richemont.com
scan.preprod.cartier.com
vcs.richemont.com
www.piaget.com
intranet.richemont.com
archiving.piaget.com
linemedia.preprod.richemont.com
admin.www.piaget.com
scan.preprod2.cartier.com
intranet.dev.richemont.com
admin.www.piaget.com
intranet.richemont.com
linemedia.preprod.richemont.com
linemedia.preprod.richemont.com
scan.dev2.cartier.com
dam.richemont.com
scan.dev2.cartier.com
spark.piaget.com
scan.cartier.com
piaget.com
scan.preprod.cartier.com
media.richemont.com
admin.www.piaget.com
www.piaget.com
www.quality.alange-soehne.com
www.ivycoder.com
admin.www.piaget.com
admin.www.piaget.com
image.email.novartis.es
www.piaget.com
presse.piaget.com
intranet.richemont.com
staging.yada.ai
app.dev.trvlbud.com
www.switzerlandetraining.piaget.com
scan.preprod.cartier.com
presse.piaget.com
www.quality.alange-soehne.com
www.piaget.com
polo-experience.piaget.com
scan.dev2.cartier.com
intranet.staging.richemont.com
intranet.richemont.com
www.piaget.com
intranet.richemont.com
Certificate
The complete raw certificate details for spark.dev.piaget.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgIQARaAnVe+77ncLH3nALuLyzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDYwMzAwMDAwMFoXDTI1MDcwMzIzNTk1OVowHzEd MBsGA1UEAxMUc3BhcmsuZGV2LnBpYWdldC5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCbdp0Mq7ZSA2EVfYozLgM1niszlKqgAGbioZreOc2nchPQ 8SeZ+ZSV7f9tN0esOfLv4SBvyeov1iyAugSOcjA3WbP3wval88QD2spdcPGugT5n MII/6vTJildMUCI4dVsmke0b07LrwSIxpSFsOiMMttXJ4SZm6EfuP+6VbDoZmmuA pxbVD+BLThMbEgwk0Pl8cOW9w3go4QTEQQpXFrjVxZtWd99IQUGPtw6wJcJ1td5v Fql27VaOYO+BXhG+LqqFza/RZfLRlGxk0cm0CrmnioqPrjPvIB/TAHN9ND55M5Ef y9RZXJsNimZqqWap8XFzci+8K/HndeU3IBt461CHAgMBAAGjggKEMIICgDAfBgNV HSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU4epGVp9W0L/r i/GMGOY+lsbyKKcwggEhBgNVHREEggEYMIIBFIIUc3BhcmsuZGV2LnBpYWdldC5j b22CHnNwYXJrLmRldi5iYXVtZS1ldC1tZXJjaWVyLmNvbYIRc3BhcmsuZGV2Lml3 Yy5jb22CG3NwYXJrLmRldi5hbGFuZ2Utc29laG5lLmNvbYIec3BhcmsuZGV2Lml3 Yy1zY2hhZmZoYXVzZW4uY29tghlzcGFyay5kZXYucm9nZXJkdWJ1aXMuY29tghdz cGFyay5kZXYubW9udGJsYW5jLmNvbYIec3BhcmsuZGV2LmphZWdlci1sZWNvdWx0 cmUuY29tgiFzcGFyay5kZXYudmFjaGVyb24tY29uc3RhbnRpbi5jb22CFXNwYXJr LmRldi5wYW5lcmFpLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIw MKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNy bDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAz LmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5h bWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHW eQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBACgi371OO7ry0o3DGmmGNl5L c7xAYsLabj8TDIipb9l46qKN4OKwHdVhcj8X5vvTxEpOD5fFQ7zJHqwK2YntB/Mi Qj9Hkj1stKSjrss9Tn38yzNw1EEwjRZHAdf48DuLPAgHWEeJ0ta2Mg7BHuCV58/0 lZL8ntqKVA0cv+ibMoyx0AWv1wP+QH+swdnH3XC8YL0iQb3B5LrahT+sOBjPtflc qvbCBs/pt1UElAqPbKPN/JHRsgh+9/tU0EXa8ts0Sv44cl4TdVKM9iSddoprnSYJ 25BdW38eZJhzwBpAOuE9hmCBvaDuTtHgwxsAyNKUyWRGd43HYYU5XJ/9Q0NeAtE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3adDKu2UgNhFX2KMy4D NZ4rM5SqoABm4qGa3jnNp3IT0PEnmfmUle3/bTdHrDny7+Egb8nqL9YsgLoEjnIw N1mz98L2pfPEA9rKXXDxroE+ZzCCP+r0yYpXTFAiOHVbJpHtG9Oy68EiMaUhbDoj DLbVyeEmZuhH7j/ulWw6GZprgKcW1Q/gS04TGxIMJND5fHDlvcN4KOEExEEKVxa4 1cWbVnffSEFBj7cOsCXCdbXebxapdu1WjmDvgV4Rvi6qhc2v0WXy0ZRsZNHJtAq5 p4qKj64z7yAf0wBzfTQ+eTORH8vUWVybDYpmaqlmqfFxc3IvvCvx53XlNyAbeOtQ hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1446067141079488068332799436233870283 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'spark.dev.piaget.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19625427754029772972320877271497415576408878301267077449227994268384385559577343101121152064841951479789650443134418231393753357710641809577290616230050021406562957296596559109266825007036709854959687761763058022312644705234722137570665383035123716578329604249695951842186340270090065367848959084077246201137091982977055214650742495725314737514211558028086158799886708369362327599903622656491152767790317927589596826735880212620268967945939893723265271638255942999091568679100688893489893007682936055478066163893317322444585486460345885885353641133033783244504383843203439141266812546585588870116321717792352445878407 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e1ea46569f56d0bfeb8bf18c18e63e96c6f228a7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (280 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.piaget.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.baume-et-mercier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.iwc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.alange-soehne.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.iwc-schaffhausen.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.rogerdubuis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.montblanc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.jaeger-lecoultre.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.vacheron-constantin.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spark.dev.panerai.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002822dfbd4e3bbaf2d28dc31a6986365e4b73bc4062c2da6e3f130c88a96fd978eaa28de0e2b01dd561723f17e6fbd3c44a4e0f97c543bcc91eac0ad989ed07f322423f47923d6cb4a4a3aecb3d4e7dfccb3370d441308d164701d7f8f03b8b3c0807584789d2d6b6320ec11ee095e7cff49592fc9eda8a540d1cbfe89b328cb1d005afd703fe407facc1d9c7dd70bc60bd2241bdc1e4bada853fac3818cfb5f95caaf6c206cfe9b75504940a8f6ca3cdfc91d1b2087ef7fb54d045daf2db344afe38725e1375528cf6249d768a6b9d2609db905d5b7f1e649873c01a403ae13d866081bda0ee4ed1e0c31b00c8d294c96446778dc76185395c9ffd43435e02d1