www.amazon.co.uk
Issued by DigiCert Global CA G2
About this certificate
This digital certificate with serial number 01:e9:90:b3:e8:6b:11:d6:47:1d:ae:49:a0:a1:55:54 was issued on by DigiCert Inc.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.amazon.co.uk
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:e9:90:b3:e8:6b:11:d6:47:1d:ae:49:a0:a1:55:54Serial Number (int): 2541968084577508178417595759464633684
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: fe:a7:77:47:61:9b:1e:1c:af:9b:09:88:2f:95:9f:75:56:7a:6c:f3
AuthorityKeyId: 24:6e:2b:2d:d0:6a:92:51:51:25:69:01:aa:9a:47:a6:89:e7:40:20
Fingerprint (sha1): ac:51:fa:51:66:f3:42:cf:66:ca:b9:52:4b:af:26:e1:2e:3b:0a:34
Fingerprint (sha256): 02:a0:5e:99:1b:1c:4d:ad:07:f1:e6:79:89:a3:16:c0:f8:e8:54:85:5d:76:08:e2:e5:4d:3b:21:07:ce:f4:8d
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalCAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalCAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalCAG2.crl
Check the revocation status for certificate www.amazon.co.uk
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.amazon.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
p-nt-www-amazon-co-uk-kalias.amazon.co.uk
p-y3-www-amazon-co-uk-kalias.amazon.co.uk
p-yo-www-amazon-co-uk-kalias.amazon.co.uk
static.amazon.co.uk
uedata.amazon.co.uk
www.amazon.co.uk
p-y3-www-amazon-co-uk-kalias.amazon.co.uk
p-yo-www-amazon-co-uk-kalias.amazon.co.uk
static.amazon.co.uk
uedata.amazon.co.uk
www.amazon.co.uk
Other certificates including the domain name amazon.co.uk
(limited to 100 certificates)
aax-eu.amazon.com
*.peg.a2z.com
translate-acx.amazon.co.uk
glimpse-publish-eu.amazon.com
cde-ta-g7g.amazon.com
smile.amazon.co.uk
skills-store-eu.amazon.com
securephotostorageservice-eu-external.amazon.com
dp-gw-na.amazon.com
content-drive.amazon.co.uk
vendorcentral.amazon.co.uk
internal-campfire-eu.amazon.com
services.amazon.co.uk
www.amazonmusic.es
gio-catalog-eu.amazon.com
vendorcentral.amazon.co.uk
authorize.payments-sandbox.amazon.co.uk
sdu.amazon.eu
logistics.amazon.com
api-amazondevices-eu.amazon.com
cscentral.amazon.co.uk
argileto.amazon.com
sdu.amazon.eu
luna.amazon.eu
af-mobile-api.amazon.co.uk
webservices.amazon.eu
*.peg.a2z.com
glimpse-publish-eu.amazon.com
shipping.amazon.co.uk
www.amazon.co.uk
accelerator.amazon.co.uk
fls-eu.amazon.com
www.amazon.co.uk
website-g7g.amazon.co.uk
membership.amazon.com
arap.amazon.co.uk
freight.amazon.co.uk
kindlestore-sha-proxy.amazon.com
arcus-www.amazon.co.uk
brandservices.amazon.com
gio-catalog-eu.amazon.com
ssofaast-aftx.amazon.co.uk
kep.amazon.com
alexa-skills-beta.amazon.com.au
kep.amazon.com
dp-gw-na.amazon.com
d16gars-eu.amazon.co.uk
r.amazon.co.uk
travel.amazon.co.uk
transportation.amazon.co.uk
api-preprod.amazon.co.uk
internal-campfire-eu.amazon.com
sellercentral.amazon.co.uk
www.amazonmusic.es
sharingservice.amazon.co.uk
primenow.amazon.co.uk
tschavari.de
sdu.amazon.eu
track.amazon.co.uk
carriercentral.amazon.eu
local-sfis.amazon.co.uk
account-status.amazon.co.uk
kep-eu.amazon.com
aws.amazon.co.uk
payments-sandbox.amazon.co.uk
ramp.amazon.com
cde-ta-g7g-sha-proxy-preprod.amazon.com
unagi-eu.amazon.com
cde-ta-g7g.amazon.com
gaming.amazon.eu
aax-eu-retail-direct.amazon-adsystem.com
kindle.amazon.com
amazon.is
account-p2k.amazon.com
api-sandbox.amazon.co.uk
www14.amazon.co.uk
kindle-store-proxy-endpoint-na.amazon.com
ddee-preprod-uk.amazon.co.uk
*.peg.a2z.com
skills-store-eu.amazon.com
endeavour.amazon.co.uk
logistics-platform.amazon.co.uk
brandregistry.amazon.co.uk
amzon.co.uk
read.amazon.co.uk
vpbs-eu.amazon.com
translate-acx.amazon.co.uk
ams.amazon.co.uk
skills-store-eu.amazon.com
identity.browserapps.amazon.co.uk
cscentral.amazon.co.uk
dl.amazon.co.uk
akamai-renew-cert-digicert-arcus-www.amazon.com
brandservices.amazon.com
hub.amazon.it
cde-ta-g7g-preprod.amazon.com
af-mobile-api.amazon.co.uk
d16gars-eu.amazon.co.uk
partnercentral.amazon.it
ssofaast-wms.amazon.co.uk
*.peg.a2z.com
translate-acx.amazon.co.uk
glimpse-publish-eu.amazon.com
cde-ta-g7g.amazon.com
smile.amazon.co.uk
skills-store-eu.amazon.com
securephotostorageservice-eu-external.amazon.com
dp-gw-na.amazon.com
content-drive.amazon.co.uk
vendorcentral.amazon.co.uk
internal-campfire-eu.amazon.com
services.amazon.co.uk
www.amazonmusic.es
gio-catalog-eu.amazon.com
vendorcentral.amazon.co.uk
authorize.payments-sandbox.amazon.co.uk
sdu.amazon.eu
logistics.amazon.com
api-amazondevices-eu.amazon.com
cscentral.amazon.co.uk
argileto.amazon.com
sdu.amazon.eu
luna.amazon.eu
af-mobile-api.amazon.co.uk
webservices.amazon.eu
*.peg.a2z.com
glimpse-publish-eu.amazon.com
shipping.amazon.co.uk
www.amazon.co.uk
accelerator.amazon.co.uk
fls-eu.amazon.com
www.amazon.co.uk
website-g7g.amazon.co.uk
membership.amazon.com
arap.amazon.co.uk
freight.amazon.co.uk
kindlestore-sha-proxy.amazon.com
arcus-www.amazon.co.uk
brandservices.amazon.com
gio-catalog-eu.amazon.com
ssofaast-aftx.amazon.co.uk
kep.amazon.com
alexa-skills-beta.amazon.com.au
kep.amazon.com
dp-gw-na.amazon.com
d16gars-eu.amazon.co.uk
r.amazon.co.uk
travel.amazon.co.uk
transportation.amazon.co.uk
api-preprod.amazon.co.uk
internal-campfire-eu.amazon.com
sellercentral.amazon.co.uk
www.amazonmusic.es
sharingservice.amazon.co.uk
primenow.amazon.co.uk
tschavari.de
sdu.amazon.eu
track.amazon.co.uk
carriercentral.amazon.eu
local-sfis.amazon.co.uk
account-status.amazon.co.uk
kep-eu.amazon.com
aws.amazon.co.uk
payments-sandbox.amazon.co.uk
ramp.amazon.com
cde-ta-g7g-sha-proxy-preprod.amazon.com
unagi-eu.amazon.com
cde-ta-g7g.amazon.com
gaming.amazon.eu
aax-eu-retail-direct.amazon-adsystem.com
kindle.amazon.com
amazon.is
account-p2k.amazon.com
api-sandbox.amazon.co.uk
www14.amazon.co.uk
kindle-store-proxy-endpoint-na.amazon.com
ddee-preprod-uk.amazon.co.uk
*.peg.a2z.com
skills-store-eu.amazon.com
endeavour.amazon.co.uk
logistics-platform.amazon.co.uk
brandregistry.amazon.co.uk
amzon.co.uk
read.amazon.co.uk
vpbs-eu.amazon.com
translate-acx.amazon.co.uk
ams.amazon.co.uk
skills-store-eu.amazon.com
identity.browserapps.amazon.co.uk
cscentral.amazon.co.uk
dl.amazon.co.uk
akamai-renew-cert-digicert-arcus-www.amazon.com
brandservices.amazon.com
hub.amazon.it
cde-ta-g7g-preprod.amazon.com
af-mobile-api.amazon.co.uk
d16gars-eu.amazon.co.uk
partnercentral.amazon.it
ssofaast-wms.amazon.co.uk
Certificate
The complete raw certificate details for www.amazon.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgIQAemQs+hrEdZHHa5JoKFVVDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMjMwOTI2MDAwMDAwWhcNMjQwODIxMjM1 OTU5WjAbMRkwFwYDVQQDExB3d3cuYW1hem9uLmNvLnVrMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAhMLXOBMPSBJEv5vWLJNZDZrCP534rDAs1/rQH3qo +y6+xm0CeCLgdkHhNoysyWzh6BDZf8PXUMU3Ew2woH5ICM/PyK5sz4eQUHJbD1YL pM3gG/QuRgtqJv9VxXn5FFZaEDb6ddeDLkP59A0UEs/kNzEsugISzuDnhmeAc5Dw pz/sCEZzYBgLGjy5k3ez/r+Pi77burGIODEyfvqgQGc4foN6Uht8SmSq5wVqun6E uEFy/CZG1MSTM62ONovRPImM06f452di33AdL/7js6bHhfOapCQBBxT+ayYF8LG3 vxu2Y7K34IyiY1moqKsFdlKzGoU9N8xBeyss0Z5cJq36UQIDAQABo4ICkDCCAoww HwYDVR0jBBgwFoAUJG4rLdBqklFRJWkBqppHponnQCAwHQYDVR0OBBYEFP6nd0dh mx4cr5sJiC+Vn3VWemzzMIHIBgNVHREEgcAwgb2CKXAtbnQtd3d3LWFtYXpvbi1j by11ay1rYWxpYXMuYW1hem9uLmNvLnVrgilwLXkzLXd3dy1hbWF6b24tY28tdWst a2FsaWFzLmFtYXpvbi5jby51a4IpcC15by13d3ctYW1hem9uLWNvLXVrLWthbGlh cy5hbWF6b24uY28udWuCE3N0YXRpYy5hbWF6b24uY28udWuCE3VlZGF0YS5hbWF6 b24uY28udWuCEHd3dy5hbWF6b24uY28udWswPgYDVR0gBDcwNTAzBgZngQwBAgEw KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdwYDVR0f BHAwbjA1oDOgMYYvaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv YmFsQ0FHMi5jcmwwNaAzoDGGL2h0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp Q2VydEdsb2JhbENBRzIuY3JsMHQGCCsGAQUFBwEBBGgwZjAkBggrBgEFBQcwAYYY aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2Fj ZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNydDAMBgNVHRMB Af8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAy dxTERXEhYZTILInVLE6nVf/Iy67YUh8yg+obMz7yJ7hU2D+mnoLfA+bOBbDlTIZP ewolC79WCQvMj8Vc759vX8w4Ls+8hwGAeeT7/HNQbOh/zJ81Skbm/Uh3aW4cT+nB tmGx4CBt2BANlezqVqGIeXCGvH8dKatn6wYxaBLIT9w1w5868+cZkYLLFR4k6/wn 0DNlGmw+v4itxZu2qrWMry/3qbgDyITQgtK2BUrrmUib6xoNaG3FQpOtgiEbUh/B KncyHQExjogRVyrnq0miQGgHbovjefP0l4PeDzva/8XNnRObyFEzu+MesV9tBA+V pDB27EvsMwk2vG/YhLDt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMLXOBMPSBJEv5vWLJNZ DZrCP534rDAs1/rQH3qo+y6+xm0CeCLgdkHhNoysyWzh6BDZf8PXUMU3Ew2woH5I CM/PyK5sz4eQUHJbD1YLpM3gG/QuRgtqJv9VxXn5FFZaEDb6ddeDLkP59A0UEs/k NzEsugISzuDnhmeAc5Dwpz/sCEZzYBgLGjy5k3ez/r+Pi77burGIODEyfvqgQGc4 foN6Uht8SmSq5wVqun6EuEFy/CZG1MSTM62ONovRPImM06f452di33AdL/7js6bH hfOapCQBBxT+ayYF8LG3vxu2Y7K34IyiY1moqKsFdlKzGoU9N8xBeyss0Z5cJq36 UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2541968084577508178417595759464633684 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.amazon.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16759535785316260099756608795607454702733294890009819620818881628689109679542067269450472191658015489753869423367786012683078139848677397485369815861150125660249583565261715262541376716519911245245571414863673237342730516117785729015752817871077227950532923689109818984935245934832671012578071921783975918911232883593901792757504694796098144334477712232946088551568327707491272288984333646730923448125696908546542072595717277000865563713238810942805721954332402542417890004370369439498530320090822416849024200813808814716086049911353872020564628909764610637866945500745175822509033013451828761705273776183439591864913 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 246e2b2dd06a925151256901aa9a47a689e74020 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fea77747619b1e1caf9b09882f959f75567a6cf3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (192 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p-nt-www-amazon-co-uk-kalias.amazon.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p-y3-www-amazon-co-uk-kalias.amazon.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p-yo-www-amazon-co-uk-kalias.amazon.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.amazon.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uedata.amazon.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.amazon.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalCAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00327714c44571216194c82c89d52c4ea755ffc8cbaed8521f3283ea1b333ef227b854d83fa69e82df03e6ce05b0e54c864f7b0a250bbf56090bcc8fc55cef9f6f5fcc382ecfbc87018079e4fbfc73506ce87fcc9f354a46e6fd4877696e1c4fe9c1b661b1e0206dd8100d95ecea56a188797086bc7f1d29ab67eb06316812c84fdc35c39f3af3e7199182cb151e24ebfc27d033651a6c3ebf88adc59bb6aab58caf2ff7a9b803c884d082d2b6054aeb99489beb1a0d686dc54293ad82211b521fc12a77321d01318e8811572ae7ab49a24068076e8be379f3f49783de0f3bdaffc5cd9d139bc85133bbe31eb15f6d040f95a43076ec4bec330936bc6fd884b0ed