*.production.c2c.klarna.net
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 01:80:17:94:4b:82:6a:ec:90:20:2e:c1:07:8a:13:40 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.production.c2c.klarna.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:80:17:94:4b:82:6a:ec:90:20:2e:c1:07:8a:13:40Serial Number (int): 1994320238235350936712344893928379200
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 78:28:8a:e1:af:fd:47:d5:7a:1c:29:72:e8:08:bf:d5:ed:36:93:85
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 48:94:87:4f:ca:aa:63:9f:d0:5d:f4:5e:9d:e9:60:8e:dd:83:ba:13
Fingerprint (sha256): 04:80:b6:fe:4b:b5:6a:7c:18:33:a1:67:72:8e:9a:71:f0:82:7f:3d:04:11:9d:8e:83:3c:57:06:7a:f7:e3:41
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.production.c2c.klarna.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.production.c2c.klarna.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.production.c2c.klarna.net
app-web-closest.production.eu1.klapp.klarna.net
app-web-closest.production.eu1.klapp.klarna.net
Other certificates including the domain name klarna.net
(limited to 100 certificates)
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
ewallet.klarna.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
cms.performance.us1.klarna-web.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
skrapi-kred.nonprod.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
cards-eu.klarna.com
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
ztn-privatelink.nonprod.eu1.ztn.klarna.net
staging.eu2.lulu.klarna.net
*.tools.eu1.starbug.klarna.net
*.production.eu1.bomgar.klarna.net
*.production.ap1.cobrowse.klarna.net
*.production.eu1.moninfra.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
ewallet.klarna.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
cms.performance.us1.klarna-web.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
skrapi-kred.nonprod.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
cards-eu.klarna.com
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
ztn-privatelink.nonprod.eu1.ztn.klarna.net
staging.eu2.lulu.klarna.net
*.tools.eu1.starbug.klarna.net
*.production.eu1.bomgar.klarna.net
*.production.ap1.cobrowse.klarna.net
*.production.eu1.moninfra.klarna.net
Certificate
The complete raw certificate details for *.production.c2c.klarna.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGEjCCBPqgAwIBAgIQAYAXlEuCauyQIC7BB4oTQDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIyMTAwMDAwMFoXDTI1MDExODIzNTk1OVowJjEk MCIGA1UEAwwbKi5wcm9kdWN0aW9uLmMyYy5rbGFybmEubmV0MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJWiDQDJ5Mh2gRgb40fkPiYexYxJp/2ANgtD txvZzMBLTtbTrlq4lBOGfbGTncs8DP0T7Qb+BZ8hosthVq+MYtAYHrxpDQVlZROI wdkhUYR9I+TjMW/bllZeGxL4XJNMh1JYUtQVxUMGTMOt/5rJLxEBnwC6Kn7mCQ3R 3Kc3cXNgSZ7CUJZkptyPWV9fyjDeYBYv7ZnSj0lPn9Wi/2ggeuP6VPBSJGzIsOwG 8O3VLbSgLZdMytbwSZRJsbj9kjrmZfI4SKb91YCdRFNA96jeTpMXzp/OLjlm7dGv HW6x8CZsHYJt4FQz9P3qn33dobA7Jq5CmX6fPP+dSxy3Pp/R8wIDAQABo4IDJDCC AyAwHwYDVR0jBBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFHgo iuGv/UfVehwpcugIv9XtNpOFMFcGA1UdEQRQME6CGyoucHJvZHVjdGlvbi5jMmMu a2xhcm5hLm5ldIIvYXBwLXdlYi1jbG9zZXN0LnByb2R1Y3Rpb24uZXUxLmtsYXBw LmtsYXJuYS5uZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAs hipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYI KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6 b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9u dHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIE AgSCAW0EggFpAWcAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAA AYyLQMNZAAAEAwBHMEUCIBON33jkZVxflPAi9DoUkiyPtZTylaa4JcNMwGdd8g0K AiEA9EUd+F6w/WT8E9gZO23m/j5yzuCeYnKvlrObirkiO50AdQA/F0tP1yJHWJQd ZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYyLQMNFAAAEAwBGMEQCICqhibtVNojT TKAlc/hnyUp48089oSqnEpQpZ1QxMhJSAiAiOfYL885g5IzsDUzobvLZnbmWs4rW hmG9KfA6NEOT3wB2AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAAB jItAwzUAAAQDAEcwRQIhAJXHXnNgEPpe8oBaYNkyBOsM2g+WionilQXTtTec/VU1 AiA49c1ucAx/w4kM9O5agqkwpCRmu2Mhfeztcb1dBU2hSzANBgkqhkiG9w0BAQsF AAOCAQEAUval6kQeIiiuFB+MS54PAW3awQDCKedjLiPZUO2hrtTWFwZpNFIQC/rt pj8txj0wzGvMxn12Kh62KJlbl15DQ36h1A9VruChZo4cq6e/zS3jsAQdr3zkEkuC kRIpLoAQ8Rdd4y13qJ7ef4SXT5pXg5XQjIesbSBGZc+n1vvcg4xUFkoew5sv1AwW 5xbATVQ3W9UKimPLHTtg36XFv5A0H5T6tW9PDIaW2eJ+b6te/fu0MJriwUwHywx6 ApEbuaLEXVoPvPoLFi/7QHQKD8BLYZVpOoqcQB8W5J/gFEF7hNAtP7bJrDhdWWD+ 0BnzSDAP3ykHPjPTFLi7nFsP0ciX9w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJWiDQDJ5Mh2gRgb40fk PiYexYxJp/2ANgtDtxvZzMBLTtbTrlq4lBOGfbGTncs8DP0T7Qb+BZ8hosthVq+M YtAYHrxpDQVlZROIwdkhUYR9I+TjMW/bllZeGxL4XJNMh1JYUtQVxUMGTMOt/5rJ LxEBnwC6Kn7mCQ3R3Kc3cXNgSZ7CUJZkptyPWV9fyjDeYBYv7ZnSj0lPn9Wi/2gg euP6VPBSJGzIsOwG8O3VLbSgLZdMytbwSZRJsbj9kjrmZfI4SKb91YCdRFNA96je TpMXzp/OLjlm7dGvHW6x8CZsHYJt4FQz9P3qn33dobA7Jq5CmX6fPP+dSxy3Pp/R 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1994320238235350936712344893928379200 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.production.c2c.klarna.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24311541341234840746555394656898282347915573726859794930701672353831002004234476718187785377446384481443284615016190531601425494730559179255763786342500777952683401956570350913326293294797182654549545608895380618200423720829299562086118389483417713070828771322094993239546371874674229795107764721742580996657378364838242028298782670996351479605720789537766673567627807928173983387768359674021299443866738589770160376995224025826212537968616193751770082162299709315300032638525810546629926203493144381298434853498394709602647491224378610416422174807550080416916932439682538147587619505573402543335536185746797361091059 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 78288ae1affd47d57a1c2972e808bfd5ed369385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.production.c2c.klarna.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app-web-closest.production.eu1.klapp.klarna.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c8b40c35900000403004730450220138ddf78e4655c5f94f022f43a14922c8fb594f295a6b825c34cc0675df20d0a022100f4451df85eb0fd64fc13d8193b6de6fe3e72cee09e6272af96b39b8ab9223b9d0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c8b40c345000004030046304402202aa189bb553688d34ca02573f867c94a78f34f3da12aa712942967543132125202202239f60bf3ce60e48cec0d4ce86ef2d99db996b38ad68661bd29f03a344393df0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c8b40c335000004030047304502210095c75e736010fa5ef2805a60d93204eb0cda0f968a89e29505d3b5379cfd5535022038f5cd6e700c7fc3890cf4ee5a82a930a42466bb63217deced71bd5d054da14b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0052f6a5ea441e2228ae141f8c4b9e0f016ddac100c229e7632e23d950eda1aed4d61706693452100bfaeda63f2dc63d30cc6bccc67d762a1eb628995b975e43437ea1d40f55aee0a1668e1caba7bfcd2de3b0041daf7ce4124b829112292e8010f1175de32d77a89ede7f84974f9a578395d08c87ac6d204665cfa7d6fbdc838c54164a1ec39b2fd40c16e716c04d54375bd50a8a63cb1d3b60dfa5c5bf90341f94fab56f4f0c8696d9e27e6fab5efdfbb4309ae2c14c07cb0c7a02911bb9a2c45d5a0fbcfa0b162ffb40740a0fc04b6195693a8a9c401f16e49fe014417b84d02d3fb6c9ac385d5960fed019f348300fdf29073e33d314b8bb9c5b0fd1c897f7