partner.sonnen.de

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 0b:f1:18:05:48:cf:64:20:5d:96:22:51:33:e4:ae:35 was issued on by Amazon.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=partner.sonnen.de

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:f1:18:05:48:cf:64:20:5d:96:22:51:33:e4:ae:35
Serial Number (int): 15873338693045909457314375714944101941
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 19:40:57:d1:85:03:4d:a0:da:13:0a:64:ed:b3:03:f5:b8:44:e4:84
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 01:18:d4:19:5a:ea:a9:6f:7f:5d:d8:ae:0a:cf:86:90:c3:e7:f5:4a
Fingerprint (sha256): 04:55:a4:8d:dc:12:7c:fe:14:2c:6e:33:e6:df:87:d3:3e:b1:24:6f:70:58:b6:08:82:7c:ed:90:ad:fa:10:4d

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate partner.sonnen.de

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for partner.sonnen.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

partner.sonnen.de
partner.sonnenusa.com
www.partner.sonnengroup.com
partner.sonnen.com.au
partner.sonnen.it
www.partner.sonnen.com.au
www.partner.sonnen.de
www.service.sonnen.de
partner.sonnengroup.com
www.partner.sonnenusa.com
service.sonnen.de
www.partner.sonnen.it

Other certificates including the domain name sonnen.de

(limited to 100 certificates)
partner.sonnen.de
*.staging.sonnen.de
my.dev.sonnen.de
centralsystem.ocppdev.sonnen.de
*.account.sonnen.de
admin.ocppdev.sonnen.de
*.sonnen.de
my.sonnen.de
partner.dev.sonnen.de
enos-api-dev.sonnen.de
apigw.sonnen.de
fleetview-dev.sonnen.de
*.sonnen.de
timeseries.iot.sonnen.de
gateway.ocpp.sonnen.de
atlantis.internal.sonnen.de
my.sonnen.de
preview.sonnen.de
storybook.sonnen.de
*.sonnen.de
*.sonnen.de
admin.ocppdev.sonnen.de
my.dev.sonnen.de
eservices-api.sonnen.de
*.sales.staging.sonnen.de
dp-contract.sonnen.de
my.sonnen.de
*.sonnen.de
admin.ocppdev.sonnen.de
service-dev.sonnen.de
*.eservices-api.sonnen.de
www.my-dev.sonnen.de
*.analytics.sonnen.de
enos-api-dev.sonnen.de
wiki.sonnenbatterie.de
my.dev.sonnen.de
my-api.sonnen.de
my.staging.sonnen.de
*.analytics.sonnen.de
service.sonnen.de
my-staging.sonnen.de
my-dev.sonnen.de
my.sonnen.de
free.sonnen.de
gateway.ocppdev.sonnen.de
gateway.ocpptest.sonnen.de
partner.dev.sonnen.de
vault.sonnen.de
partner.preprod.sonnen.de
gateway.ocppdev.sonnen.de
*.sonnen.de
documents.sonnen.de
fleetview.sonnen.de
partner.preprod.sonnen.de
bitwarden.sonnen.de
*.analytics.sonnen.de
centralsystem.ocpp.sonnen.de
partner.dev.sonnen.de
*.account.sonnen.de
gateway.ocppdev.sonnen.de
preview.sonnen.de
fleetview.sonnen.de
*.analytics.sonnen.de
live.komplett.sonnen.ims.de
components.sonnen.de
timeseries-dev.iot.sonnen.de
vault.sonnen.de
centralsystem.ocpp.sonnen.de
documents.sonnen.de
gateway.ocpp.sonnen.de
dp-billing.sonnen.de
analytics.sonnen.de
my.preprod.sonnen.de
service.sonnen.de
*.sales.sonnen.de
*.sales.staging.sonnen.de
preview.sonnen.de
centarlsystem.ocpptest.sonnen.de
dev.dlm.iot.sonnen.de
centralsystem.ocpp.sonnen.de
centarlsystem.ocpptest.sonnen.de
my.sonnen.de
dev.dp-billing.sonnen.de
*.staging.sonnen.de
live.komplett.sonnen.ims.de
jobs.sonnen.de
my.dev.sonnen.de
partner.dev.sonnen.de
account.sonnen.de
admin.ocppdev.sonnen.de
enos-api.sonnen.de
fleetview.sonnen.de
*.sonnen.de
admin.ocpp.sonnen.de
*.staging.sonnen.de
staging.dp-contract.sonnen.de
my.dev.sonnen.de
partner.dev.sonnen.de
gateway.ocppdev.sonnen.de
my-dev2.sonnen.de

Certificate

The complete raw certificate details for partner.sonnen.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG2zCCBcOgAwIBAgIQC/EYBUjPZCBdliJRM+SuNTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMDkyMDAwMDAwMFoXDTI0MTAxOTIzNTk1OVowHDEa
MBgGA1UEAxMRcGFydG5lci5zb25uZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCRwEeC89CsMJ3vdhkhcGJqTGR+6JqOjdV8k5ciT3GPkiudhxB
J7vRsjkkvkXMywmE38gqdUL3bcB/ofw8XmvQOg1rqTRDHXZ2doxK5IotjKmWCtrJ
NmH4YJ8a6G+acXYaId9xi5plFVaFAmTJjAj4KJRPbPxlV12/CchK6uEQnbetaZgN
r17LpBhwvLd9sCNmTybYtjVQptPt1rQCQ1BG+3U2EuPDgo/xl/Ypu2ZNUAnJa7Yz
Ly0JvIAUKhTN5hNzDIpHSrXPHzs/xfg086J8DnHqYApwXAex10LCw/W0XsGoha3B
aHMG/zxU9QNmhXmczGBRY1iFoy7qynIHQyJXAgMBAAGjggP3MIID8zAfBgNVHSME
GDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUGUBX0YUDTaDaEwpk
7bMD9bhE5IQwggElBgNVHREEggEcMIIBGIIRcGFydG5lci5zb25uZW4uZGWCFXBh
cnRuZXIuc29ubmVudXNhLmNvbYIbd3d3LnBhcnRuZXIuc29ubmVuZ3JvdXAuY29t
ghVwYXJ0bmVyLnNvbm5lbi5jb20uYXWCEXBhcnRuZXIuc29ubmVuLml0ghl3d3cu
cGFydG5lci5zb25uZW4uY29tLmF1ghV3d3cucGFydG5lci5zb25uZW4uZGWCFXd3
dy5zZXJ2aWNlLnNvbm5lbi5kZYIXcGFydG5lci5zb25uZW5ncm91cC5jb22CGXd3
dy5wYXJ0bmVyLnNvbm5lbnVzYS5jb22CEXNlcnZpY2Uuc29ubmVuLmRlghV3d3cu
cGFydG5lci5zb25uZW4uaXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy
MDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5j
cmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0w
My5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMu
YW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBgAYKKwYB
BAHWeQIEAgSCAXAEggFsAWoAdwB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+Zn
TFo6dAAAAYqw+UcmAAAEAwBIMEYCIQC6KscYyq3ZN/YxCyFGKwtDr+qPMkR8mo0A
Je9dRCgJXgIhAJsvlQZsgm7yri3a1oEI4rrZ1mVaZ8mtfa4eqm0BYt21AHcASLDj
a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGKsPlHGwAABAMASDBGAiEA
2iOQNNVWTlKTywMvdE5d8WyydDUKKqphRGFX3A17okMCIQCu98Th357tmDtvvzRL
KOl6pcS6rN1Kl3Nwjrrvge/TuQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k
PTBI1/urAAABirD5R2kAAAQDAEcwRQIhAOi6R2F1TtO8CW4ls7QfeVsV8NHEOo7H
Tk0VjnoNNWlUAiBvfIyIbCRAEXxX7lpPv1oj40iCad79jNrLZcfCdL+AxzANBgkq
hkiG9w0BAQsFAAOCAQEAr191oY9FuJ1N/IHnalSfJ+TwG0duDn2+2SGtAj5KUhpG
aTViIrKaRl1xIzvTZiImMMFo7W+YfmVg0F817dUdEMjJRKcMK2RQr+eiGX8/uZzb
172N0SPDexdXn/uegGdWUrG7mFO2+YHLuzAsYso6ytIqAhLRbqFOdjOWF4qlLe52
wrM9Drnj8NVsfYMIwuMWe+CzLZSTUojhYMR1Ga9RgoIr1PUgP3m+5Wpq1KYJCJpH
owPqxl31/sDjDR7szUUe1ReKmS/2Nmv9C7O7QWsGoCfkAd2Pb+ALqAQFjhQtZKfA
kp6zEhz73cy8F44BREZh1/pTF+/2w3lQqLbUeaJJ1g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkcBHgvPQrDCd73YZIXB
iakxkfuiajo3VfJOXIk9xj5IrnYcQSe70bI5JL5FzMsJhN/IKnVC923Af6H8PF5r
0DoNa6k0Qx12dnaMSuSKLYyplgrayTZh+GCfGuhvmnF2GiHfcYuaZRVWhQJkyYwI
+CiUT2z8ZVddvwnISurhEJ23rWmYDa9ey6QYcLy3fbAjZk8m2LY1UKbT7da0AkNQ
Rvt1NhLjw4KP8Zf2KbtmTVAJyWu2My8tCbyAFCoUzeYTcwyKR0q1zx87P8X4NPOi
fA5x6mAKcFwHsddCwsP1tF7BqIWtwWhzBv88VPUDZoV5nMxgUWNYhaMu6spyB0Mi
VwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15873338693045909457314375714944101941
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-19 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'partner.sonnen.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24525244720630759681300715390870647668349844585062299173233943979347659458940346638356196621155155991767095922199656403919219057636313712541218278711714554214990832561267747305201020089486209664883086696113660952315192492819109191007630329609342803209750980455933039979442016345163376231998787165888726459934600277590754313884361836183141205885986636053186746229099962719161469182861509905428832087933565174073881210781713664354717503196902882978886324580348881498443680461777459078711954167330143220412049059918907870055275079141967339996650041772823404343009800428990595211983280635981027262699038390264418774753879
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							194057d185034da0da130a64edb303f5b844e484
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (284 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partner.sonnen.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partner.sonnenusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.sonnengroup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partner.sonnen.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partner.sonnen.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.sonnen.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.sonnen.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.service.sonnen.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partner.sonnengroup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.sonnenusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'service.sonnen.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.sonnen.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ab0f947260000040300483046022100ba2ac718caadd937f6310b21462b0b43afea8f32447c9a8d0025ef5d4428095e0221009b2f95066c826ef2ae2ddad68108e2bad9d6655a67c9ad7dae1eaa6d0162ddb500770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ab0f9471b0000040300483046022100da239034d5564e5293cb032f744e5df16cb274350a2aaa61446157dc0d7ba243022100aef7c4e1df9eed983b6fbf344b28e97aa5c4baacdd4a9773708ebaef81efd3b9007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ab0f947690000040300473045022100e8ba4761754ed3bc096e25b3b41f795b15f0d1c43a8ec74e4d158e7a0d35695402206f7c8c886c2440117c57ee5a4fbf5a23e3488269defd8cdacb65c7c274bf80c7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00af5f75a18f45b89d4dfc81e76a549f27e4f01b476e0e7dbed921ad023e4a521a4669356222b29a465d71233bd366222630c168ed6f987e6560d05f35edd51d10c8c944a70c2b6450afe7a2197f3fb99cdbd7bd8dd123c37b17579ffb9e80675652b1bb9853b6f981cbbb302c62ca3acad22a0212d16ea14e763396178aa52dee76c2b33d0eb9e3f0d56c7d8308c2e3167be0b32d94935288e160c47519af5182822bd4f5203f79bee56a6ad4a609089a47a303eac65df5fec0e30d1eeccd451ed5178a992ff6366bfd0bb3bb416b06a027e401dd8f6fe00ba804058e142d64a7c0929eb3121cfbddccbc178e01444661d7fa5317eff6c37950a8b6d479a249d6