store.discovery.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 08:fb:d3:59:a6:15:47:ef:98:ed:97:0c:66:4d:3f:f7 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=store.discovery.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:fb:d3:59:a6:15:47:ef:98:ed:97:0c:66:4d:3f:f7Serial Number (int): 11941377168904641770344045681442635767
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 6b:12:e3:d4:6d:39:88:f5:da:fb:70:15:cd:40:a4:35:56:79:98:49
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 1a:63:5e:fc:ae:78:9a:0b:a3:5b:74:86:13:c5:4d:8c:c7:25:43:13
Fingerprint (sha256): 05:86:83:00:28:9c:01:cb:a3:d3:00:25:27:63:2d:99:35:48:89:5f:94:93:6e:8b:10:38:c8:63:1c:55:cf:86
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate store.discovery.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for store.discovery.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
store.discovery.com
Other certificates including the domain name discovery.com
(limited to 100 certificates)
tvlistings-qa.discovery.com
insider.discovery.com
indiamail.discovery.com
*.disco-api.com
*.discovery.com
passwordsafe-dev.discovery.com
*.nw.discovery.com
email.discovery.com
AWUZAPONARPRO01.dci.discovery.com
*.infra.discovery.com
iasm.discovery.com
adsalesdesign.discovery.com
deliver-qa.discovery.com
*.qa2.sauce.digitalstudios.discovery.com
creaapcps01.discovery.com
dev-momentum.discovery.com
insider.discovery.com
adsalesdesign.discovery.com
lnmail1.discovery.com
ir.corporate.discovery.com
japan.discovery.com
dtag-jsreport.devops.discovery.com
discovery.com
lync2013.dci.discovery.com
woody.discovery.com
auth.discovery.com
MUMAAPLYNCSBC02.dci.discovery.com
www.mexico.discovery.com
access.discovery.com
sapsanprd.discovery.com
hybridmail.discovery.com
corporate.discovery.com
*.sauce.digitalstudios.discovery.com
screening.discovery.com
dads.discovery.com
oktaadmin.discovery.com
remote.discovery.com
securestore.discovery.com
lnmail1.discovery.com
ssa.discovery.com
*.dev.discovery.com
adsalesdesign.discovery.com
store.discovery.com
cxoqa.discovery.com
inlet.discovery.com
images.dds.discovery.com
www.adsalesevents.discovery.com
api.digitalstudios.discovery.com
tlssyslog.discovery.com
org.discovery.com
games.discovery.com
leapfrog-ssl-4.gcs-web.com
citrix-director.discovery.com
edgepool2013.discovery.com
insider.discovery.com
deliver-uat.discovery.com
gohelp.discovery.com
*.bcqa.discovery.com
hrmobileinboxsba.discovery.com
www.food.com
dgoauth-qa.discovery.com
cloud-qa.discovery.com
access.discovery.com
*.discovery.com
entrada.discovery.com
lync2013.dci.discovery.com
soundfx.discovery.com
*.videogo.sauce.digitalstudios.discovery.com
straapiptv.discovery.com
lync2013.dci.discovery.com
strrapotxt01.discovery.com
*.prod.discovery.com
discovery.com
blacklineqa1.discovery.com
people.discovery.com
preprod.projectcat.discovery.com
gohelp.discovery.com
dtag-api.devops.discovery.com
tkyzaplyncsba01.dci.discovery.com
strzadtraps01.dci.discovery.com
insider.discovery.com
www.consumerproducts.discovery.com
CXO.discovery.com
*.disco-api.com
linkit-stage.dci.discovery.com
gohelp.discovery.com
lnmail5.discovery.com
www.adsalesevents.discovery.com
auth.discovery.com
epak.discovery.com
gohelp.discovery.com
www.food.com
bk.inotes.discovery.com
*.nw.discovery.com
photoassets.discovery.com
leapfrog-ssl-4.gcs-web.com
access.discovery.com
discovery.com
KTCZIPWRKSFT01.dci.discovery.com
discovery.com
insider.discovery.com
indiamail.discovery.com
*.disco-api.com
*.discovery.com
passwordsafe-dev.discovery.com
*.nw.discovery.com
email.discovery.com
AWUZAPONARPRO01.dci.discovery.com
*.infra.discovery.com
iasm.discovery.com
adsalesdesign.discovery.com
deliver-qa.discovery.com
*.qa2.sauce.digitalstudios.discovery.com
creaapcps01.discovery.com
dev-momentum.discovery.com
insider.discovery.com
adsalesdesign.discovery.com
lnmail1.discovery.com
ir.corporate.discovery.com
japan.discovery.com
dtag-jsreport.devops.discovery.com
discovery.com
lync2013.dci.discovery.com
woody.discovery.com
auth.discovery.com
MUMAAPLYNCSBC02.dci.discovery.com
www.mexico.discovery.com
access.discovery.com
sapsanprd.discovery.com
hybridmail.discovery.com
corporate.discovery.com
*.sauce.digitalstudios.discovery.com
screening.discovery.com
dads.discovery.com
oktaadmin.discovery.com
remote.discovery.com
securestore.discovery.com
lnmail1.discovery.com
ssa.discovery.com
*.dev.discovery.com
adsalesdesign.discovery.com
store.discovery.com
cxoqa.discovery.com
inlet.discovery.com
images.dds.discovery.com
www.adsalesevents.discovery.com
api.digitalstudios.discovery.com
tlssyslog.discovery.com
org.discovery.com
games.discovery.com
leapfrog-ssl-4.gcs-web.com
citrix-director.discovery.com
edgepool2013.discovery.com
insider.discovery.com
deliver-uat.discovery.com
gohelp.discovery.com
*.bcqa.discovery.com
hrmobileinboxsba.discovery.com
www.food.com
dgoauth-qa.discovery.com
cloud-qa.discovery.com
access.discovery.com
*.discovery.com
entrada.discovery.com
lync2013.dci.discovery.com
soundfx.discovery.com
*.videogo.sauce.digitalstudios.discovery.com
straapiptv.discovery.com
lync2013.dci.discovery.com
strrapotxt01.discovery.com
*.prod.discovery.com
discovery.com
blacklineqa1.discovery.com
people.discovery.com
preprod.projectcat.discovery.com
gohelp.discovery.com
dtag-api.devops.discovery.com
tkyzaplyncsba01.dci.discovery.com
strzadtraps01.dci.discovery.com
insider.discovery.com
www.consumerproducts.discovery.com
CXO.discovery.com
*.disco-api.com
linkit-stage.dci.discovery.com
gohelp.discovery.com
lnmail5.discovery.com
www.adsalesevents.discovery.com
auth.discovery.com
epak.discovery.com
gohelp.discovery.com
www.food.com
bk.inotes.discovery.com
*.nw.discovery.com
photoassets.discovery.com
leapfrog-ssl-4.gcs-web.com
access.discovery.com
discovery.com
KTCZIPWRKSFT01.dci.discovery.com
discovery.com
Certificate
The complete raw certificate details for store.discovery.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIQCPvTWaYVR++Y7ZcMZk0/9zANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDUyMTAwMDAwMFoXDTI1MDYyMDIzNTk1OVowHjEc MBoGA1UEAxMTc3RvcmUuZGlzY292ZXJ5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAKSsHZQx6zaexqJzOO21q6knXeXsWRbyci0A0BfTwpFFt7kE rjROwKhNSB0vAlWfHcYNdHSYi8pCaSElFOd6c5UVj2vD2HoaZcCyY0bddRzsxFYt uQmSLMO5YqbDw62bsCBKGeOYYOYOQ5nr62ZBIf09ovOVCwwjezMkpsSds2Li2XNN K8n95t2ORLu5UustXHpSGqtRpI39UOSFRUWBoSJrJNKd0V53B3gy9IMFuTKB2lAO Mo7wgtnXMCdg82/78vi++4pvqSuXoKgQ9uzBxOkAWTmMizHGhdM3MIkuiQCSGlCt 0ZZYywsq6fqhpSUuoh70lFT/fpg79HGs2YxdvgUCAwEAAaOCAu8wggLrMB8GA1Ud IwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBRrEuPUbTmI9dr7 cBXNQKQ1VnmYSTAeBgNVHREEFzAVghNzdG9yZS5kaXNjb3ZlcnkuY29tMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0w Mi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggr BgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsG AQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5j ZXIwDAYDVR0TAQH/BAIwADCCAYEGCisGAQQB1nkCBAIEggFxBIIBbQFrAHcATnWj J1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPmYfk8QAABAMASDBGAiEA 4ERdLCsw6fJP+CpsczH9eRsxjIKdteQpDIprIE1jT2cCIQDe7OWZItV3wE7kV1o2 OV46VJ3RRCMeeo2olzxdxiatyAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv 2Q6MLnm4AAABj5mH5IAAAAQDAEgwRgIhALhQmEx99E77pKQpAvJ0ZxBmJNO1svWH pfz+YjNHvh/3AiEApUCfpxlE2cgFYT2XbLcMD7/4wSvkstxj0bU3WqbUBmQAdwDm 0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY+Zh+SQAAAEAwBIMEYC IQCD3AdOMKClCrlpM0y0VEpszJIt8aOCbCqhePBILprGQAIhAO+FTIhM9S0XtmBS 3keJNyibsiwBNsv1UCN0EJWNETVKMA0GCSqGSIb3DQEBCwUAA4IBAQCT7QRVpXqw Je0rW7re8JqSKYmWX17cfMZa0PNxtsrjOAj5mGYVWUtM/G+EpPmChfX3ngvRW/yx GKySR/Pvzx454xDbheE/gUVoIxyiFve0WWCeXbnaZfB76ZO7qfQcygxRZ5eJSS3Y Y//fhRYIQADlnfbvuUH2DAe/zHP5pwvddr6D7ReBhmfCtkZeMB3J3YbwArqaxuwF 7PvN5RCo7yQNiMLN6EBGuFAbAanPqP1zjlui3tOY00igTqjzhzTvYFU+F39IGIcY 89QyjjkvvKrcTwcnKx/6ziaTkRdJk54wPEr0XwzEymYnqT/xINF+qXQ+OGRx0eOQ 4Zbk3wS6Ursq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKwdlDHrNp7GonM47bWr qSdd5exZFvJyLQDQF9PCkUW3uQSuNE7AqE1IHS8CVZ8dxg10dJiLykJpISUU53pz lRWPa8PYehplwLJjRt11HOzEVi25CZIsw7lipsPDrZuwIEoZ45hg5g5DmevrZkEh /T2i85ULDCN7MySmxJ2zYuLZc00ryf3m3Y5Eu7lS6y1celIaq1Gkjf1Q5IVFRYGh Imsk0p3RXncHeDL0gwW5MoHaUA4yjvCC2dcwJ2Dzb/vy+L77im+pK5egqBD27MHE 6QBZOYyLMcaF0zcwiS6JAJIaUK3RlljLCyrp+qGlJS6iHvSUVP9+mDv0cazZjF2+ BQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11941377168904641770344045681442635767 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'store.discovery.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20787955351725870888602642651974809635363618362025853412772608996986310567405572042369285913046692999562641497947775034522105856450316156472208315540165707607548227596854284905554253074003298693129602535431640153478026556075946187454654483102102281003475169375708399519397761968377773751751371959483191745395893132527553138879076201623512864547539788837381325779908895326276214198468998865572681781268085226802391798292949938559766369602215013558373436549928149602353474895986041226150131546968929604681177361685741777762945700522860593611574225863072869342079933293766889136057146924509876760992579140886395696823813 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6b12e3d46d3988f5dafb7015cd40a43556799849 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.discovery.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) 016b0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f9987e4f10000040300483046022100e0445d2c2b30e9f24ff82a6c7331fd791b318c829db5e4290c8a6b204d634f67022100deece59922d577c04ee4575a36395e3a549dd144231e7a8da8973c5dc626adc80077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f9987e4800000040300483046022100b850984c7df44efba4a42902f27467106624d3b5b2f587a5fcfe623347be1ff7022100a5409fa71944d9c805613d976cb70c0fbff8c12be4b2dc63d1b5375aa6d40664007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f9987e490000004030048304602210083dc074e30a0a50ab969334cb4544a6ccc922df1a3826c2aa178f0482e9ac640022100ef854c884cf52d17b66052de478937289bb22c0136cbf550237410958d11354a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0093ed0455a57ab025ed2b5bbadef09a922989965f5edc7cc65ad0f371b6cae33808f9986615594b4cfc6f84a4f98285f5f79e0bd15bfcb118ac9247f3efcf1e39e310db85e13f814568231ca216f7b459609e5db9da65f07be993bba9f41cca0c51679789492dd863ffdf8516084000e59df6efb941f60c07bfcc73f9a70bdd76be83ed17818667c2b6465e301dc9dd86f002ba9ac6ec05ecfbcde510a8ef240d88c2cde84046b8501b01a9cfa8fd738e5ba2ded398d348a04ea8f38734ef60553e177f48188718f3d4328e392fbcaadc4f07272b1fface2693911749939e303c4af45f0cc4ca6627a93ff120d17ea9743e386471d1e390e196e4df04ba52bb2a