one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud

Issued by Amazon

About this certificate

This digital certificate with serial number 05:34:bb:db:1b:8a:62:8d:a3:3b:dc:5e:0f:a6:37:ef was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:34:bb:db:1b:8a:62:8d:a3:3b:dc:5e:0f:a6:37:ef
Serial Number (int): 6919949585655256320413440680948807663
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 45:14:b6:b7:ff:e8:e0:48:dd:64:11:b2:7d:2d:5c:e6:07:eb:e9:70
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): ca:6b:5a:a4:67:db:0a:cf:ba:fb:9d:ea:0f:34:07:42:fe:d8:18:dc
Fingerprint (sha256): 04:57:48:88:33:c0:90:43:02:c5:c4:65:f2:f8:91:4f:6e:9f:09:bf:0f:8e:6f:a6:b9:05:6d:30:b5:72:09:50

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud
one4p-data-ingest-us-west-1.cross-platform-analytics-alephd.aws.oath.cloud

Other certificates including the domain name oath.cloud

(limited to 100 certificates)
sonar.subscriptions-obi-fe-aws-dev.aws.oath.cloud
token-iws-proxy.payments-aws-stg.aws.oath.cloud
splunk-srch-hd.subscriptions-devops-obi-aws-dev.aws.oath.cloud
tagcache.one-mobile-prod.aws.oath.cloud
*.vpa2.aws.oath.cloud
vp56agpfbf27kfdfk3qfnb6bjgadju44x.public.vespa.oath.cloud
partneradservice.search-web-dm-staging.aws.oath.cloud
*.video-platform-splunk.aws.oath.cloud
*.comms-notifications-prod.aws.oath.cloud
token-service.payments-aws-stg.aws.oath.cloud
demo-ui.payments-aws-services-stg.aws.oath.cloud
ssp-dev-ats-test.one-mobile-dev.aws.oath.cloud
*.video-data-platform-prod.aws.oath.cloud
atlantis.uplynk-inf.aws.oath.cloud
splunk-indexer.ec-horizontal-rewards-tools.aws.oath.cloud
splunk-indexer.ec-horizontal-rewards-dev-tools.aws.oath.cloud
beta1-policies.yahoo.com
one-central-api-qa-mse-eks.mse-dev.aws.oath.cloud
*.video-stage.aws.oath.cloud
partneradservice.aws-oath-domain-match-us-mbst.aws.oath.cloud
*.autos.yahoo.com
member-pulse-push.customer-care-voc-aws-dev.aws.oath.cloud
splunk-srch-hd.subscriptions-lca-content-aws-dev.aws.oath.cloud
abumedia-aws-partner.aws.oath.cloud
*.oath-marketing-verizonmedia-production.aws.oath.cloud
vwok3l4cd6wznlc5iwdglhkdrrwmetgys.public.vespa.oath.cloud
search-ui.payments-aws-services-stg.aws.oath.cloud
*.srs-dev.pcp.aws.oath.cloud
jef-ui-bdp.aolp-ds-dev.aws.oath.cloud
jenkins-master.one-mobile-dev.aws.oath.cloud
*.paranoids-cloudsec-fail.aws.oath.cloud
varfbm5bestuka7uvgajs36qsvm4j3r6z.public.vespa.oath.cloud
inbox-service.payments-aws-cde-stg.aws.oath.cloud
*.home-maudette.aws.oath.cloud
token-iws-proxy.payments-aws-dev.aws.oath.cloud
v6ptdyponqnkh74iz3pigob72xsio3re4.vespa.oath.cloud
*.www.yahoo.com
token-iws-proxy.payments-aws-stg.aws.oath.cloud
id-ds.corp.aol.com
data-collector.payments-aws-services-prod.aws.oath.cloud
id.b2b.oath.com
qa-srs-api.pcp.aws.oath.cloud
*.artifactory-sandbox.aws.oath.cloud
*.global.vespa.yahooapis.com
splunk.ec-horizontal-rewards-tools.aws.oath.cloud
token-iws-proxy.payments-aws-stg.aws.oath.cloud
*.broker.aolp-ds-prd.aws.oath.cloud
vxjzjakdi3o7npascqumixvqycimmqcz4.public-cd.vespa.oath.cloud
*.ivn-vibe-dev.aws.oath.cloud
demo-ui.payments-aws-services-stg.aws.oath.cloud
*.geneva-server.one-mobile-dev.aws.oath.cloud
brana-api.aws-oath-fires-brana-prod.aws.oath.cloud
streamer.finance.yahoo.com
mss-api.mss-dev.aws.oath.cloud
partneradservice.aws-oath-domain-match-us-mbst.aws.oath.cloud
qai-omni-broker.us-east-1b.aolp-ds-dev.aws.oath.cloud
*.video-data-platform-dev.aws.oath.cloud
yho.com
jp.techcrunch.com
sdk.yahooinc.com
qa-jef-api.dmp.us-east-1.aolp-ds-dev.aws.oath.cloud
one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud
chemtrail.home-ccannell.aws.oath.cloud
jenkins-master.one-mobile-dev.aws.oath.cloud
inbox-service.payments-aws-cde-dev.aws.oath.cloud
tls.subscriptions-devops-aws-dev.aws.oath.cloud
*.srs-prod.pcp.aws.oath.cloud
cd.donbot.mortent.global.vespa.oath.cloud
druid-dev-us-east-1.dcs-audience-insights-dev.aws.oath.cloud
staging.autoblog.com
*.alpo.mail.aol.com
stage.tokenmanager.finance.yahooapis.com
*.autos.yahoo.com
sports.yahoo.com
splunk-srch.subscriptions-devops-access-aws-dev.aws.oath.cloud
tls.subscriptions-devops-aws-dev.aws.oath.cloud
splunk-indexer.payments-aws-tools-dev.aws.oath.cloud
internal.ups-prod-vzm.ap-southeast-1.aolp-ds-prd.aws.oath.cloud
redash.pcp-aws-redash.aws.oath.cloud
v7fbrygd6estm3f7uultqjhlvlwrij6qg.vespa.oath.cloud
subs.communications.yahoo.com
id-uat.b2b.yahooinc.com
dmp-off-ingest.aolp-ds-prd.aws.oath.cloud
v6rprg4ffmjfi4zqz2pr32kvrfzqagzuf.vespa.oath.cloud
cdn.payments-aws-obi-cdn.aws.oath.cloud
*.onecreative.aws.oath.cloud
vvpyjwrconn4s3genqpo5wijznctuffmw.vespa.oath.cloud
vlne5srwzhcapsjlcuxw7x3iasz2czp5j.vespa.oath.cloud
bid.oath-exchange-dev.aws.oath.cloud
dmp-off-ingest-qai.aolp-ds-dev.aws.oath.cloud
dtm-origin.aolp-ds-prd.aws.oath.cloud
dooh-location-api.aws-oath-fires-brana-prod.aws.oath.cloud
railplitter.flurry-stg.aws.oath.cloud
grpc.tritonserver.search-web-qlas.aws.oath.cloud
token-service.payments-aws-cde-prod.aws.oath.cloud
ycm-receiver-dev-hx.ycm-aws-devel.aws.oath.cloud
*.c2s-sa-production.aws.oath.cloud
verizon-native-protocol-service.one-mobile-prod.aws.oath.cloud
token-service.payments-aws-stg.aws.oath.cloud
vqfjxpkobwsidxbiqtr5t7bsn2i45zumr.public-cd.vespa.oath.cloud

Certificate

The complete raw certificate details for one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIQBTS72xuKYo2jO9xeD6Y37zANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAzMTEwMDAwMDBaFw0yMDA0MTEx
MjAwMDBaMEsxSTBHBgNVBAMTQG9uZTRwLWRhdGEtaW5nZXN0LmNyb3NzLXBsYXRm
b3JtLWFuYWx5dGljcy1hbGVwaGQuYXdzLm9hdGguY2xvdWQwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDU1SzYJxX6b7Cb67baUDfqB1aZvIeYYXj06AzO
QJACG7JyeYuhvP+JbDNnqt5V+2l1fMOqRhToqrh1jv5V/rlr0PuPzMKPawtH6Nmk
JUSu0xjxaskUAmAsURDiF+ezAhlQ+urtOsnkJhks+EeVbWMIa8oFgcrqEpd+VIll
JQItpuZGdAQ9uKtSIVLTTeKs6V5gjHiA0tib6Q7aVih2GG7yO9Ai0Kq7aR45tnSt
ylNuIiLpFnKmrjap9JJdTpGJJ6pd5mkiFz5Bb4GERzVeiuYLnXNTqSxZVASbp8no
YRykR8elwVJcRH5in+e3wHb0301ik3JQdT9boNR1njbLzJ0PAgMBAAGjggIIMIIC
BDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQURRS2
t//o4EjdZBGyfS1c5gfr6XAwgZkGA1UdEQSBkTCBjoJAb25lNHAtZGF0YS1pbmdl
c3QuY3Jvc3MtcGxhdGZvcm0tYW5hbHl0aWNzLWFsZXBoZC5hd3Mub2F0aC5jbG91
ZIJKb25lNHAtZGF0YS1pbmdlc3QtdXMtd2VzdC0xLmNyb3NzLXBsYXRmb3JtLWFu
YWx5dGljcy1hbGVwaGQuYXdzLm9hdGguY2xvdWQwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipo
dHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcmwwIAYDVR0g
BBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggr
BgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29tMDYGCCsG
AQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5j
cnQwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0B
AQsFAAOCAQEAs/iSz1LTa0c+aY7NkBxRMehiDZO1295+BT5aSTEwsMj3wFTawhvf
sBDMCl/mpzlz/pKIvD4XY39NlAqjNvK4htylW5rM2l2aKA7jIXaM6tEivC1KOYNu
GO1mWJxKpkwsCC2rQf6Ly+51kaJQgzctnMJiQ1AdDuvYzAuKIwZiKbSYyOzpNK5f
MrPKKqcJIxoxvo4FLP3vwCOMLRlpTcRwF8SAnfvq2x4oBCoev9D+aJsvbwgh2URo
P8DnQwkqXNJFLLSev2LTTPmJYEQ6kOj46PcKfWoBTj0IO2NlGOJigmfLGcIlgabq
YY+xXyd1CxBQtniCq5wLiFt6a77Nf8TcLw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NUs2CcV+m+wm+u22lA3
6gdWmbyHmGF49OgMzkCQAhuycnmLobz/iWwzZ6reVftpdXzDqkYU6Kq4dY7+Vf65
a9D7j8zCj2sLR+jZpCVErtMY8WrJFAJgLFEQ4hfnswIZUPrq7TrJ5CYZLPhHlW1j
CGvKBYHK6hKXflSJZSUCLabmRnQEPbirUiFS003irOleYIx4gNLYm+kO2lYodhhu
8jvQItCqu2keObZ0rcpTbiIi6RZypq42qfSSXU6RiSeqXeZpIhc+QW+BhEc1Xorm
C51zU6ksWVQEm6fJ6GEcpEfHpcFSXER+Yp/nt8B29N9NYpNyUHU/W6DUdZ42y8yd
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6919949585655256320413440680948807663
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-11 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26867641248621481788983403228198214074749975290256378592069641632221926976166790118498664138307607008517343375094261464881178943852458928214524235942135601670484041846848345898548113776998404822605722553411196425155011315398205829207019397809863197033372433465768633750480387149137098776453045290539332466962514995961823979495899775064127777944333783238533507754997096624949406390502691865331523998244622994423492864944007345068266266361433616116720276386554750449884263596791572643741630586280302243661036377461243391973216145271478215445061322646707172567243615890884717006338026232511680318064875598212897692228879
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4514b6b7ffe8e048dd6411b27d2d5ce607ebe970
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (145 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'one4p-data-ingest-us-west-1.cross-platform-analytics-alephd.aws.oath.cloud'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b3f892cf52d36b473e698ecd901c5131e8620d93b5dbde7e053e5a493130b0c8f7c054dac21bdfb010cc0a5fe6a73973fe9288bc3e17637f4d940aa336f2b886dca55b9accda5d9a280ee321768cead122bc2d4a39836e18ed66589c4aa64c2c082dab41fe8bcbee7591a25083372d9cc26243501d0eebd8cc0b8a23066229b498c8ece934ae5f32b3ca2aa709231a31be8e052cfdefc0238c2d19694dc47017c4809dfbeadb1e28042a1ebfd0fe689b2f6f0821d944683fc0e743092a5cd2452cb49ebf62d34cf98960443a90e8f8e8f70a7d6a014e3d083b636518e2628267cb19c22581a6ea618fb15f27750b1050b67882ab9c0b885b7a6bbecd7fc4dc2f