sslcertificate2.queue-it.net

Issued by Amazon

About this certificate

This digital certificate with serial number 0a:d9:bd:fe:a6:24:8c:0a:73:24:de:42:f5:a2:3b:18 was issued on by Amazon.

With 28 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=sslcertificate2.queue-it.net

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:d9:bd:fe:a6:24:8c:0a:73:24:de:42:f5:a2:3b:18
Serial Number (int): 14422861926938279397202514435622714136
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: f7:bf:dd:8d:68:0b:2a:b6:de:8d:bf:9d:ff:58:b2:7e:45:f9:6c:c2
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 0b:c8:3e:ad:a6:05:bd:ba:b6:a9:33:37:c3:4f:70:ef:fc:8f:d1:fc
Fingerprint (sha256): 05:3b:63:43:7f:3c:55:4f:77:51:6a:90:fb:d2:3b:48:e8:ad:13:ce:90:4e:22:49:ab:a8:b0:f9:16:df:29:ce

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate sslcertificate2.queue-it.net

28

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sslcertificate2.queue-it.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sslcertificate2.queue-it.net
queue.hakuapp.com
queue.stage.amctheatres.com
queue.hlg.uhuu.com
queue.sky.ch
storequeue.wizards.com
go.aspiraconnect.com
queue.tkt.ge
harrypotterqueue.travelcircus.de
queue.atgtickets.com
queue.ticketarena.co.uk
queue.ticketania.com
waiting.seaworldparks.com
queue.fanfares.cathaypacific.com
line.universe.com
dragoiscoming.tieks.com
wait.loud-project.com
queue.hkairportshop.com
queue.uhuu.com
queue.smtickets.com
wait.thepga.com
queue.fairphone.com
queue.amctheatres.com
q.axs.nu
getinline.ticketfairy.com
queue.scandlines.com
wait.fenty.com
stg-queue.hakuapp.com

Other certificates including the domain name queue-it.net

(limited to 100 certificates)
sslcertificate3.queue-it.net
*.test.queue-it.net
hd-dtc.com
dashboard.internal.queue-it.net
sslcertificate1.queue-it.net

sslcertificate1.queue-it.net
api2.test.queue-it.net
sslcertificate4.queue-it.net
sslcertificate4.queue-it.net
sslcertificate1.queue-it.net
go.test.queue-it.net
sslcertificate1.test.queue-it.net
tomo.okos.uno

sslcertificate2.queue-it.net
sslcertificate2.queue-it.net
sa-east-1-logging.test.queue-it.net
*.test.queue-it.net
*.queue-it.net
dashboard.internal.queue-it.net
*.queue-it.net

api2.queue-it.net
sslcertificate4.queue-it.net
sslcertificate2.queue-it.net

sslcertificate4.queue-it.net
*.test.queue-it.net
vpn.test.queue-it.net
sa-east-1-logging.test.queue-it.net
*.queue-it.net
*.queue-it.net
dashboard.internal.queue-it.net
*.queue-it.net
api2.test.queue-it.net
api2.test.queue-it.net
sslcertificate1.queue-it.net
www.queue-it.net
sslcertificate4.queue-it.net
sa-east-1-logging.test.queue-it.net
*.queue-it.net
electronicarts.queue-it.net
go.queue-it.net
sslcertificate4.queue-it.net
sslcertificate2.queue-it.net
sslcertificate1.queue-it.net
go.queue-it.net
*.queue-it.net
sslcertificate3.queue-it.net
go.test.queue-it.net
sslcertificate3.queue-it.net
portal.childrens-mercy.darivault.com
dashboard.internal.queue-it.net
sslcertificate1.queue-it.net
sslcertificate4.queue-it.net
*.queue-it.net
sslcertificate1.queue-it.net
*.queue-it.net
go.queue-it.net
api2.queue-it.net


sslcertificate2.queue-it.net
sslcertificate3.queue-it.net
*.test.queue-it.net
api2.queue-it.net
*.queue-it.net
sslcertificate3.queue-it.net
sslcertificate1.queue-it.net
sslcertificate5.queue-it.net
*.test.queue-it.net
api2.queue-it.net
sslcertificate2.queue-it.net
*.queue-it.net
cf.go.queue-it.net
sslcertificate2.queue-it.net
sslcertificate2.queue-it.net
sslcertificate4.queue-it.net
vpn.test.queue-it.net
*.test.queue-it.net
sslcertificate1.test.queue-it.net
go.queue-it.net
*.queue-it.net
*.queue-it.net
sslcertificate3.queue-it.net
go.queue-it.net
sslcertificate2.queue-it.net
wazuh.internal.queue-it.net
api2.test.queue-it.net
herning.citytilbud.dk
sslcertificate5.queue-it.net
dashboard.internal.queue-it.net
sslcertificate1.queue-it.net
api2.test.queue-it.net
sslcertificate2.queue-it.net

api2.queue-it.net
sslcertificate2.queue-it.net
*.queue-it.net

Certificate

The complete raw certificate details for sslcertificate2.queue-it.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG5jCCBc6gAwIBAgIQCtm9/qYkjApzJN5C9aI7GDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDA2MDIwMDAwMDBaFw0yMTA3MDIx
MjAwMDBaMCcxJTAjBgNVBAMTHHNzbGNlcnRpZmljYXRlMi5xdWV1ZS1pdC5uZXQw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzpm9B2FImgzj5ktmWa6mc
ykEwBe0F9tU3tzwEhwSAMWVwCsOG+IDJNvwjDA48ikJPHzZ8YUEflLw/Ecq2xRR1
zg/0tG4ccnlcrCTEZVDBmyMJ1sl11/ANSitgJEtKxqNgLPpfjNWeCtIwlzzgrGaX
s4U2KxTqr+/wUKyr7+VdcQ7u7gzta/pHlEOykwirOtlPudPuoBl7ykVjxygoBuWy
Wk1Zgc4MzutOc/X9Yjz6IWlVkTJroVA4RfPKkNIyK5mJ6wxw2Hw53vbfRbYVlbeS
4ufTpMAuWil6f0AGMLTJNIqrcdnmihxn2Scvb8HDEGmZOME8fd4FEp+4zvh1cPQd
AgMBAAGjggPtMIID6TAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAd
BgNVHQ4EFgQU97/djWgLKrbejb+d/1iyfkX5bMIwggJ9BgNVHREEggJ0MIICcIIc
c3NsY2VydGlmaWNhdGUyLnF1ZXVlLWl0Lm5ldIIRcXVldWUuaGFrdWFwcC5jb22C
G3F1ZXVlLnN0YWdlLmFtY3RoZWF0cmVzLmNvbYIScXVldWUuaGxnLnVodXUuY29t
ggxxdWV1ZS5za3kuY2iCFnN0b3JlcXVldWUud2l6YXJkcy5jb22CFGdvLmFzcGly
YWNvbm5lY3QuY29tggxxdWV1ZS50a3QuZ2WCIGhhcnJ5cG90dGVycXVldWUudHJh
dmVsY2lyY3VzLmRlghRxdWV1ZS5hdGd0aWNrZXRzLmNvbYIXcXVldWUudGlja2V0
YXJlbmEuY28udWuCFHF1ZXVlLnRpY2tldGFuaWEuY29tghl3YWl0aW5nLnNlYXdv
cmxkcGFya3MuY29tgiBxdWV1ZS5mYW5mYXJlcy5jYXRoYXlwYWNpZmljLmNvbYIR
bGluZS51bml2ZXJzZS5jb22CF2RyYWdvaXNjb21pbmcudGlla3MuY29tghV3YWl0
LmxvdWQtcHJvamVjdC5jb22CF3F1ZXVlLmhrYWlycG9ydHNob3AuY29tgg5xdWV1
ZS51aHV1LmNvbYITcXVldWUuc210aWNrZXRzLmNvbYIPd2FpdC50aGVwZ2EuY29t
ghNxdWV1ZS5mYWlycGhvbmUuY29tghVxdWV1ZS5hbWN0aGVhdHJlcy5jb22CCHEu
YXhzLm51ghlnZXRpbmxpbmUudGlja2V0ZmFpcnkuY29tghRxdWV1ZS5zY2FuZGxp
bmVzLmNvbYIOd2FpdC5mZW50eS5jb22CFXN0Zy1xdWV1ZS5oYWt1YXBwLmNvbTAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG
A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29t
L3NjYTFiLmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYI
KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6
b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9u
dHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA8qTr7meGVKB6D0TY1psxHm+jLxeST
Gg88DfWKa7gndA296Nm2yrJeTyWRCBfWNymjjtkLPMO8IGD63cV4OPA6+/kF60DS
Z0EB8nJqhkt+3FLf/y+iQIvwps96S41JirZMUC1phB+RvAzGg+fOk3AHOecUDrCH
dtzLnmRgT5qnVC5Ph3DpXmCAyv36eUleP06J8BFo54cBFhDIflSOY3LvBJdwl8mO
oFOxy8eg36aftmhbBk4EZPPPn6o3gIz0iMPcDD/llenL9048Knl+SmqHq6utfvcM
zx0NXrTsxEWdMPC5YLg8mwKuQ7o/1pF3gYgjGKApbc3j3eCXJTsI40cc
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6ZvQdhSJoM4+ZLZlmup
nMpBMAXtBfbVN7c8BIcEgDFlcArDhviAyTb8IwwOPIpCTx82fGFBH5S8PxHKtsUU
dc4P9LRuHHJ5XKwkxGVQwZsjCdbJddfwDUorYCRLSsajYCz6X4zVngrSMJc84Kxm
l7OFNisU6q/v8FCsq+/lXXEO7u4M7Wv6R5RDspMIqzrZT7nT7qAZe8pFY8coKAbl
slpNWYHODM7rTnP1/WI8+iFpVZEya6FQOEXzypDSMiuZiesMcNh8Od7230W2FZW3
kuLn06TALlopen9ABjC0yTSKq3HZ5oocZ9knL2/BwxBpmTjBPH3eBRKfuM74dXD0
HQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14422861926938279397202514435622714136
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-02 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sslcertificate2.queue-it.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22678728548291409950832675847146675256570273742364778832646092068612141324270436491754828514207161393807574920288079176755110147514377304200867185590543373352081175115876283513276320147770638445668742678901737914692413626850013012300141637395863499743532164290015685745635024121744165224513788213906146130956972056316783784597698694394646730509433995230313590964827148920980184756240707812766028390043303709858347740045246949789111230150588660579873410827305536616533599809986707076231292919548857309123201786190841651439402253641725822465764987357417830014298231202115518752892923932166423034506887639817039887004701
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f7bfdd8d680b2ab6de8dbf9dff58b27e45f96cc2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (628 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sslcertificate2.queue-it.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.hakuapp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.stage.amctheatres.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.hlg.uhuu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.sky.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'storequeue.wizards.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'go.aspiraconnect.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.tkt.ge'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'harrypotterqueue.travelcircus.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.atgtickets.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.ticketarena.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.ticketania.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waiting.seaworldparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.fanfares.cathaypacific.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'line.universe.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dragoiscoming.tieks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wait.loud-project.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.hkairportshop.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.uhuu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.smtickets.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wait.thepga.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.fairphone.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.amctheatres.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'q.axs.nu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'getinline.ticketfairy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.scandlines.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wait.fenty.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-queue.hakuapp.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003ca93afb99e195281e83d13635a6cc479be8cbc5e4931a0f3c0df58a6bb827740dbde8d9b6cab25e4f25910817d63729a38ed90b3cc3bc2060faddc57838f03afbf905eb40d2674101f2726a864b7edc52dfff2fa2408bf0a6cf7a4b8d498ab64c502d69841f91bc0cc683e7ce93700739e7140eb08776dccb9e64604f9aa7542e4f8770e95e6080cafdfa79495e3f4e89f01168e787011610c87e548e6372ef04977097c98ea053b1cbc7a0dfa69fb6685b064e0464f3cf9faa37808cf488c3dc0c3fe595e9cbf74e3c2a797e4a6a87ababad7ef70ccf1d0d5eb4ecc4459d30f0b960b83c9b02ae43ba3fd6917781882318a0296dcde3dde097253b08e3471c