screening.discovery.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0b:5c:87:41:33:ee:0f:89:c0:a2:4e:88:63:ff:a2:61 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=screening.discovery.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:5c:87:41:33:ee:0f:89:c0:a2:4e:88:63:ff:a2:61Serial Number (int): 15101942555817868368994664525292610145
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 9b:90:60:19:78:d5:8f:65:40:2d:f3:30:89:70:96:23:70:1a:a0:e7
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): b5:8e:57:6f:1f:d9:6c:dc:45:3b:c7:1c:57:6a:20:99:57:74:af:48
Fingerprint (sha256): 03:ee:90:6b:9b:77:c6:9c:47:07:c3:27:4d:be:93:4c:7c:7d:26:cd:98:d4:3f:1d:3b:64:01:30:8f:32:7b:ea
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate screening.discovery.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for screening.discovery.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
screening.discovery.com
Other certificates including the domain name discovery.com
(limited to 100 certificates)
tvlistings-qa.discovery.com
insider.discovery.com
indiamail.discovery.com
*.disco-api.com
*.discovery.com
passwordsafe-dev.discovery.com
*.nw.discovery.com
email.discovery.com
AWUZAPONARPRO01.dci.discovery.com
*.infra.discovery.com
iasm.discovery.com
adsalesdesign.discovery.com
deliver-qa.discovery.com
blacklineqa1.discovery.com
*.qa2.sauce.digitalstudios.discovery.com
creaapcps01.discovery.com
dev-momentum.discovery.com
insider.discovery.com
adsalesdesign.discovery.com
lnmail1.discovery.com
ir.corporate.discovery.com
japan.discovery.com
dtag-jsreport.devops.discovery.com
discovery.com
lync2013.dci.discovery.com
woody.discovery.com
auth.discovery.com
MUMAAPLYNCSBC02.dci.discovery.com
www.mexico.discovery.com
access.discovery.com
sapsanprd.discovery.com
hybridmail.discovery.com
corporate.discovery.com
*.sauce.digitalstudios.discovery.com
screening.discovery.com
dads.discovery.com
oktaadmin.discovery.com
remote.discovery.com
securestore.discovery.com
lnmail1.discovery.com
ssa.discovery.com
*.dev.discovery.com
adsalesdesign.discovery.com
store.discovery.com
cxoqa.discovery.com
inlet.discovery.com
images.dds.discovery.com
www.adsalesevents.discovery.com
api.digitalstudios.discovery.com
tlssyslog.discovery.com
org.discovery.com
games.discovery.com
leapfrog-ssl-4.gcs-web.com
citrix-director.discovery.com
edgepool2013.discovery.com
insider.discovery.com
deliver-uat.discovery.com
gohelp.discovery.com
*.bcqa.discovery.com
hrmobileinboxsba.discovery.com
www.food.com
dgoauth-qa.discovery.com
cloud-qa.discovery.com
access.discovery.com
*.discovery.com
entrada.discovery.com
lync2013.dci.discovery.com
soundfx.discovery.com
*.videogo.sauce.digitalstudios.discovery.com
straapiptv.discovery.com
lync2013.dci.discovery.com
strrapotxt01.discovery.com
*.prod.discovery.com
discovery.com
blacklineqa1.discovery.com
people.discovery.com
preprod.projectcat.discovery.com
gohelp.discovery.com
dtag-api.devops.discovery.com
tkyzaplyncsba01.dci.discovery.com
strzadtraps01.dci.discovery.com
insider.discovery.com
www.consumerproducts.discovery.com
CXO.discovery.com
*.disco-api.com
linkit-stage.dci.discovery.com
gohelp.discovery.com
lnmail5.discovery.com
www.adsalesevents.discovery.com
auth.discovery.com
epak.discovery.com
gohelp.discovery.com
www.food.com
bk.inotes.discovery.com
*.nw.discovery.com
photoassets.discovery.com
leapfrog-ssl-4.gcs-web.com
access.discovery.com
discovery.com
KTCZIPWRKSFT01.dci.discovery.com
insider.discovery.com
indiamail.discovery.com
*.disco-api.com
*.discovery.com
passwordsafe-dev.discovery.com
*.nw.discovery.com
email.discovery.com
AWUZAPONARPRO01.dci.discovery.com
*.infra.discovery.com
iasm.discovery.com
adsalesdesign.discovery.com
deliver-qa.discovery.com
blacklineqa1.discovery.com
*.qa2.sauce.digitalstudios.discovery.com
creaapcps01.discovery.com
dev-momentum.discovery.com
insider.discovery.com
adsalesdesign.discovery.com
lnmail1.discovery.com
ir.corporate.discovery.com
japan.discovery.com
dtag-jsreport.devops.discovery.com
discovery.com
lync2013.dci.discovery.com
woody.discovery.com
auth.discovery.com
MUMAAPLYNCSBC02.dci.discovery.com
www.mexico.discovery.com
access.discovery.com
sapsanprd.discovery.com
hybridmail.discovery.com
corporate.discovery.com
*.sauce.digitalstudios.discovery.com
screening.discovery.com
dads.discovery.com
oktaadmin.discovery.com
remote.discovery.com
securestore.discovery.com
lnmail1.discovery.com
ssa.discovery.com
*.dev.discovery.com
adsalesdesign.discovery.com
store.discovery.com
cxoqa.discovery.com
inlet.discovery.com
images.dds.discovery.com
www.adsalesevents.discovery.com
api.digitalstudios.discovery.com
tlssyslog.discovery.com
org.discovery.com
games.discovery.com
leapfrog-ssl-4.gcs-web.com
citrix-director.discovery.com
edgepool2013.discovery.com
insider.discovery.com
deliver-uat.discovery.com
gohelp.discovery.com
*.bcqa.discovery.com
hrmobileinboxsba.discovery.com
www.food.com
dgoauth-qa.discovery.com
cloud-qa.discovery.com
access.discovery.com
*.discovery.com
entrada.discovery.com
lync2013.dci.discovery.com
soundfx.discovery.com
*.videogo.sauce.digitalstudios.discovery.com
straapiptv.discovery.com
lync2013.dci.discovery.com
strrapotxt01.discovery.com
*.prod.discovery.com
discovery.com
blacklineqa1.discovery.com
people.discovery.com
preprod.projectcat.discovery.com
gohelp.discovery.com
dtag-api.devops.discovery.com
tkyzaplyncsba01.dci.discovery.com
strzadtraps01.dci.discovery.com
insider.discovery.com
www.consumerproducts.discovery.com
CXO.discovery.com
*.disco-api.com
linkit-stage.dci.discovery.com
gohelp.discovery.com
lnmail5.discovery.com
www.adsalesevents.discovery.com
auth.discovery.com
epak.discovery.com
gohelp.discovery.com
www.food.com
bk.inotes.discovery.com
*.nw.discovery.com
photoassets.discovery.com
leapfrog-ssl-4.gcs-web.com
access.discovery.com
discovery.com
KTCZIPWRKSFT01.dci.discovery.com
Certificate
The complete raw certificate details for screening.discovery.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2zCCBMOgAwIBAgIQC1yHQTPuD4nAok6IY/+iYTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTAwMTAwMDAwMFoXDTI0MTAyOTIzNTk1OVowIjEg MB4GA1UEAxMXc2NyZWVuaW5nLmRpc2NvdmVyeS5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQC0vSPDPyBvbx4vKt2hy0dWtKZtCAPEKyAHFoIIiQxr QTnadpxSDDxR4gr6729rFHVw4nz19x6AEYtxHaTU1K9x4zAV+G2djQHwDVFXuWVh 71saTUUhFmX8oGv4gCRCCdm6uLzJ115488IST1hpnqfHInl3zVcAzMfKAcI8zoMp aKU4G5tiUCxvX7Y/cxOiOUUz7TQlgt84RSP2XnDYU+9urK7w3pqnmgu9whImyKXH 2JZTdPh4OIJTfSFcPJfNkxc1SeAFv5lBZU+ZmMrEzwqM3KqCCgYsJV1KACl5RXIQ Uh7QgEsRiR3GX/V0q5H5rDVKLjgTLSb+pEW44+M7D7ANAgMBAAGjggLxMIIC7TAf BgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUm5BgGXjV j2VALfMwiXCWI3AaoOcwIgYDVR0RBBswGYIXc2NyZWVuaW5nLmRpc2NvdmVyeS5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v Y3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29t L3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFr AWkAdwB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYrpykXiAAAE AwBIMEYCIQD+P77ubExWstwslPqn92V151qfusIS//6XEaARYOn4mAIhAMbrXdO7 ++9U2yKiRIhkcTOsyAIaTBteRHjFzeKR7xnMAHYASLDja9qmRzQP5WoC+p0w6xxS ActW3SyB2bu/qznYhHMAAAGK6cpGAgAABAMARzBFAiBPh2CarojvJfEhZh6efWjb kQn6ORL7LWE2tCjEXUSwWgIhAP+HVXMJJ3EQZ6ayv0/kMOLdEmTXAgFpS9TIHbHH pQeuAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGK6cpF1AAA BAMARzBFAiEAx4iAG34uuQyQ4DxkF2o6wlOrC+USapH/RIn5+2H0siYCIFgHelyl +P/5FT6nktrTgHQEhaew8OC2zHyJaK1HFQrNMA0GCSqGSIb3DQEBCwUAA4IBAQCw eryIjBPI2zM1qCGWArYVH2sNzsISh0iJOQl/U1yUwwCXpldLGs8YAsVcs1Xkn1Gy TY2L8bdlIQRL7cuoeDzSwV9WZUwXFfiWnFzsoqfIXFzEfY3Qgtb8zfml+y43UL6m xAcFOJ53pTdh2vwZopJsOSRSmw5GnX5KdtIyMh8TB2ack6OeTOSndpdPH9DhzwGt 3/I6e/afQQTWTMX1JLA0gEXb5aXzeID93TWmXzaMVWV3rEhmGePli9V9/Ub1zkew pN+DI7eAHGWatJ55FHaZ2zp48EYKlj7TFavz/ThRAMuDCrCUtmdGiqUXRwqU0Bnp xRlCwW812FTYppzJwsi0 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL0jwz8gb28eLyrdoctH VrSmbQgDxCsgBxaCCIkMa0E52nacUgw8UeIK+u9vaxR1cOJ89fcegBGLcR2k1NSv ceMwFfhtnY0B8A1RV7llYe9bGk1FIRZl/KBr+IAkQgnZuri8yddeePPCEk9YaZ6n xyJ5d81XAMzHygHCPM6DKWilOBubYlAsb1+2P3MTojlFM+00JYLfOEUj9l5w2FPv bqyu8N6ap5oLvcISJsilx9iWU3T4eDiCU30hXDyXzZMXNUngBb+ZQWVPmZjKxM8K jNyqggoGLCVdSgApeUVyEFIe0IBLEYkdxl/1dKuR+aw1Si44Ey0m/qRFuOPjOw+w DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15101942555817868368994664525292610145 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'screening.discovery.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22816163155118470405337699455977842364530963761914583229822854973558460061697263264966227744202429093594149110605532861330669187374212241871219651549739993229748920208246925463383106888717427840092774605601418677149789939890517991446103946914239578701332722943050265389916956043811794606308307443292200531148624729463887215512809836586638305532908225737049752715814720209111422805741094890709453012152027393532276794197363023692230509935917448270102238489038886875933502998634819403288664255311445226598266982985138768310674495049943563556317453817981006163267816156679729481122517175113251086049341455135819674136589 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9b90601978d58f65402df33089709623701aa0e7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'screening.discovery.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ae9ca45e20000040300483046022100fe3fbeee6c4c56b2dc2c94faa7f76575e75a9fbac212fffe9711a01160e9f898022100c6eb5dd3bbfbef54db22a24488647133acc8021a4c1b5e4478c5cde291ef19cc00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ae9ca4602000004030047304502204f87609aae88ef25f121661e9e7d68db9109fa3912fb2d6136b428c45d44b05a022100ff8755730927711067a6b2bf4fe430e2dd1264d70201694bd4c81db1c7a507ae007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ae9ca45d40000040300473045022100c788801b7e2eb90c90e03c64176a3ac253ab0be5126a91ff4489f9fb61f4b226022058077a5ca5f8fff9153ea792dad380740485a7b0f0e0b6cc7c8968ad47150acd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b07abc888c13c8db3335a8219602b6151f6b0dcec21287488939097f535c94c30097a6574b1acf1802c55cb355e49f51b24d8d8bf1b76521044bedcba8783cd2c15f56654c1715f8969c5ceca2a7c85c5cc47d8dd082d6fccdf9a5fb2e3750bea6c40705389e77a53761dafc19a2926c3924529b0e469d7e4a76d232321f1307669c93a39e4ce4a776974f1fd0e1cf01addff23a7bf69f4104d64cc5f524b0348045dbe5a5f37880fddd35a65f368c556577ac486619e3e58bd57dfd46f5ce47b0a4df8323b7801c659ab49e79147699db3a78f0460a963ed315abf3fd385100cb830ab094b667468aa517470a94d019e9c51942c16f35d854d8a69cc9c2c8b4