*.smartitconcierge.ricoh.com

Issued by Amazon

About this certificate

This digital certificate with serial number 04:38:b8:7e:f7:5a:63:88:75:2b:ae:49:47:7c:80:d1 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.smartitconcierge.ricoh.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:38:b8:7e:f7:5a:63:88:75:2b:ae:49:47:7c:80:d1
Serial Number (int): 5611422629885233324597059392643039441
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 89:db:a4:7b:b2:f9:17:74:fa:a3:d5:ee:48:d1:9e:92:b6:61:3c:8c
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): c0:76:6b:b0:e1:b6:1e:45:8c:7a:61:33:64:79:49:b0:0e:e2:b4:77
Fingerprint (sha256): 02:aa:e0:de:8d:10:e1:2d:ad:3b:7a:a3:b8:3c:f3:56:55:89:8d:b3:19:d2:90:72:85:69:8b:58:65:d8:a6:f5

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.smartitconcierge.ricoh.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.smartitconcierge.ricoh.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.smartitconcierge.ricoh.com

Other certificates including the domain name ricoh.com

(limited to 100 certificates)
stapp-dev-5.in-house.ac03.dev-md.digital.ricoh.com
health.vmpower.io
extapi-dev-a.ac02.dev-md.digital.ricoh.com
gtl01.rcc.ricoh.com
dc-dev1.rinfra.ricoh.com
allow.sterda.com
*.start.ricoh.com
ez.fukuoka.status.ricoh.com
rxdom.g-tas.ricoh.com
remote-concierge.beta.csp.ricoh.com
stapp-dev-05.in-house.ac03.dev-md.digital.ricoh.com
www.na.inst.ricoh.com
eu.iwb-add-on-service.status.ricoh.com
capco-status.polaris.synopsys.com
app-status.cloudsign.jp
*.devu.smart-integration.ricoh.com
drco1i.cubic.ricoh.com
changes.carta.com
*.iot.deve.smart-integration.ricoh.com
*.na.smart-integration.ricoh.com
*.scrap.smart-integration.ricoh.com
eu.iwb-add-on-service.status.ricoh.com
pcont-dev-1.ac01.dev-md.digital.ricoh.com
*.io-ext-devu-dev.rinfra.ricoh.com
en.riws.status.ricoh.com
connect-status.instacart.com
ssl.cdngc.net
abrsonline.atostatus.com.au
abrsonline.atostatus.com.au
ez.fukuoka.status.ricoh.com
contents.ap1-dev.cdf.ricoh.com
test.procfs.ricoh.com
edge-api.ft.dm.deve.smart-integration.ricoh.com
eu1-status.mulesoft.com
na.smart-integration.status.ricoh.com
na.smart-integration.status.ricoh.com
advantagestatus.paradox.ai
contents.dev.cdf.ricoh.com
d4.specialcounsel.technology
*.rdata.ricoh.com
app-status.cloudsign.jp
*.smartitconcierge.ricoh.com
up.ja.stage.amspf.ricoh.com
changes.carta.com
12a10fad.status.cleafy.cloud
api-dev-06.ac03.dev-md.digital.ricoh.com
bare-metal-servers.status-ovhcloud.com
advantagestatus.paradox.ai
ricoh.com
*.sav.ex.start.ricoh.com
pcont-dev-ds.ac02.dev-md.digital.ricoh.com
*.scrap.accounts.ricoh.com
drco2i.cubic.ricoh.com
cwpstorage.status.symantec.com
jt.inst.ricoh.com
bare-metal-servers.status-ovhcloud.com
appstatus.justworks.com
*.ric.ricoh.com
cs.status.ricoh.com
cogver1.rcog.ricoh.com
na.smart-integration.status.ricoh.com
people.ohrengineering.com
eu1-status.mulesoft.com
na.srs.status.ricoh.com
d4.specialcounsel.technology
status.dev.rkaizen.ricoh.com
abrsonline.atostatus.com.au
oa.aresflare.com
ja.riws.status.ricoh.com
bare-metal-servers.status-ovhcloud.com
*.na.smart-integration.ricoh.com
abrsonline.atostatus.com.au
alerts.illinoisstate.edu
alerts.illinoisstate.edu
api-dev-5.ac03.dev-md.digital.ricoh.com
eaa.status.akamai.com
na.smart-integration.status.ricoh.com
bare-metal-servers.status-ovhcloud.com
12a10fad.status.cleafy.cloud
www.cost-visualizer.ricoh.com
dc-scrap.rinfra.ricoh.com
*.cent7.smart-integration.ricoh.com
bare-metal-servers.status-ovhcloud.com
*.ric.ricoh.com
en.riws.status.ricoh.com
*.example-dev1.rinfra.ricoh.com
cwa.status.symantec.com
mgmt.cons1.os5.unics.ricoh.com
processing.azurepai.pfu-us.ricoh.com
*.pf-info-dev.rinfra.ricoh.com
cwpstorage.status.symantec.com
eu.iwb-add-on-service.status.ricoh.com
www.inst.ricoh.com
eaa.status.akamai.com
dev2.ap-northeast-1.rita.cip.ricoh.com
industry.ricoh.com
*.dev.bss.ricoh.com
eu.iwb-add-on-service.status.ricoh.com
bare-metal-servers.status-ovhcloud.com
na.srs.status.ricoh.com

Certificate

The complete raw certificate details for *.smartitconcierge.ricoh.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIQBDi4fvdaY4h1K65JR3yA0TANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODEyMTkwMDAwMDBaFw0yMDAxMTkx
MjAwMDBaMCcxJTAjBgNVBAMMHCouc21hcnRpdGNvbmNpZXJnZS5yaWNvaC5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDas1y8xZgA3qvnizZ8w6ah
u5tpAxkpe0rMctl41WYqfdfDfFG02oR51pIES9PAIq5l0zHUKgx8ZOBh4cxrlpIn
5QlqBjmAZDSQLTBb8FxVbo7QCox/yPe3z3Kdel9DUYFT4o25mTLMbHDxs5a1Gq3i
70m/Mw4Ei4cs+00/JiNFOMlcz2O818BUeXqEK+0nSnMB1jsaaneLPvbD96QYMaQS
gnvfQBKNPhvfXw3nSEj63dAkHXx/vUdPoniAMj+EGISSqwKam4Vw+aoUJV1tzbj+
adQGgM/1AZHS9UxSlcySgH3sjohoTLtpc38DH94McfMP5IdrIPw/CuyBhktJXn/D
AgMBAAGjggKHMIICgzAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAd
BgNVHQ4EFgQUiduke7L5F3T6o9XuSNGekrZhPIwwJwYDVR0RBCAwHoIcKi5zbWFy
dGl0Y29uY2llcmdlLnJpY29oLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j
cmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsG
CWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzAB
hiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKG
Kmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNV
HRMBAf8EAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYA7ku9t3XOYLrhQmkf
q+GeZqMPfl+wctiDAMR7iXqo/csAAAFnxMIf6gAABAMARzBFAiEAvvQSDh89cnXS
AWBRTjJwni1FPehT48Al4mPLYSDs/64CIDcob2PYLC5nKphAHmfyrSiKGDEKYIFd
pG2YsRpbJ/ufAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFn
xMIgvgAABAMARjBEAiBM7SLg79A3PqKTCbF1mH4tt4JPukw9TZujq0ySfWNx8QIg
awIlh7vLKjFCFsPcLoqyExz9Y3HyXA1Ppj7fSM1/Y+cwDQYJKoZIhvcNAQELBQAD
ggEBAJig94lQxKeS2H8y7s/NV55R0ViwNUMIQ7pA2eFbS17Fxv+VrSPC3R/SKV8H
fI+2k+M2JpgHFsgbAMBSOfnE1rbKPHUCA4d20TiqLnUT8Skjj6vOJe2BSHTUu2HN
nqYbQ1K8ES5jhV1Vgf80cy86jPqxS65Y2/re3uiMwm9PHuZRDtYJ080fi2uLSLch
LMGVOHEKeu15FI6oyf7GgoBKswai9C9zM8o9D6ZGh48ioiIAjWjPuCqirTlj9G5r
rq31nbUwi1mkkz7nY9MNKyJA0MsOXJdP1mlLf6Sgh0b5FtJDh2MRJXNsww+Mwusc
TDgFiLFZQ47uQLG2BM2sJKXSQK4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rNcvMWYAN6r54s2fMOm
obubaQMZKXtKzHLZeNVmKn3Xw3xRtNqEedaSBEvTwCKuZdMx1CoMfGTgYeHMa5aS
J+UJagY5gGQ0kC0wW/BcVW6O0AqMf8j3t89ynXpfQ1GBU+KNuZkyzGxw8bOWtRqt
4u9JvzMOBIuHLPtNPyYjRTjJXM9jvNfAVHl6hCvtJ0pzAdY7Gmp3iz72w/ekGDGk
EoJ730ASjT4b318N50hI+t3QJB18f71HT6J4gDI/hBiEkqsCmpuFcPmqFCVdbc24
/mnUBoDP9QGR0vVMUpXMkoB97I6IaEy7aXN/Ax/eDHHzD+SHayD8PwrsgYZLSV5/
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5611422629885233324597059392643039441
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-19 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.smartitconcierge.ricoh.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27608397307211535457554266214003219772064998993825432932398264741829307017286934995273866052311565065828373380128738342535006510197120136718126743919175777264816346447247419881755346028734758255477724635693429368855261054492393394707643351393519653793695500760421155207458377016185229826657493482229795980407472498572946511267669406423924362103522092660859545069040386649761784823695515693233440832793160174736332007284607486720602412902036089185089016828943098920928035624835071364610634648497805783093103010263213944061126822850989903660856905089556594405322191370254023475209785734474348638381018740189252439408579
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							89dba47bb2f91774faa3d5ee48d19e92b6613c8c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.smartitconcierge.ricoh.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000167c4c21fea0000040300473045022100bef4120e1f3d7275d20160514e32709e2d453de853e3c025e263cb6120ecffae022037286f63d82c2e672a98401e67f2ad288a18310a60815da46d98b11a5b27fb9f0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000167c4c220be000004030046304402204ced22e0efd0373ea29309b175987e2db7824fba4c3d4d9ba3ab4c927d6371f102206b022587bbcb2a314216c3dc2e8ab2131cfd6371f25c0d4fa63edf48cd7f63e7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0098a0f78950c4a792d87f32eecfcd579e51d158b035430843ba40d9e15b4b5ec5c6ff95ad23c2dd1fd2295f077c8fb693e33626980716c81b00c05239f9c4d6b6ca3c7502038776d138aa2e7513f129238fabce25ed814874d4bb61cd9ea61b4352bc112e63855d5581ff34732f3a8cfab14bae58dbfadedee88cc26f4f1ee6510ed609d3cd1f8b6b8b48b7212cc19538710a7aed79148ea8c9fec682804ab306a2f42f7333ca3d0fa646878f22a222008d68cfb82aa2ad3963f46e6baeadf59db5308b59a4933ee763d30d2b2240d0cb0e5c974fd6694b7fa4a08746f916d24387631125736cc30f8cc2eb1c4c380588b159438eee40b1b604cdac24a5d240ae