internal.espn.com
Issued by Amazon
About this certificate
This digital certificate with serial number 01:1d:b9:1d:1c:a4:83:db:55:41:4c:81:6c:4f:5b:87 was issued on by Amazon.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=internal.espn.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:1d:b9:1d:1c:a4:83:db:55:41:4c:81:6c:4f:5b:87Serial Number (int): 1483559156940281132229356568412380039
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: d7:54:44:4b:51:42:08:1c:14:c5:2e:34:a7:33:33:13:ea:96:23:b1
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): d9:42:c9:56:fc:e5:89:58:1c:a1:c0:56:a3:d1:5a:0b:7a:4a:a0:28
Fingerprint (sha256): 06:1b:17:7b:f7:32:12:06:bb:1e:ea:20:a3:cf:e3:5a:ea:0a:00:30:0f:6a:4e:bc:cf:4e:4f:47:8b:fe:0c:54
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate internal.espn.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for internal.espn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
internal.espn.com
*.sdp.espn.com
*.internal.espn.com
*.us-east-1.aws.sdp.espn.com
*.espn.com
*.geo.sdp.espn.com
*.sdp.espn.com
*.internal.espn.com
*.us-east-1.aws.sdp.espn.com
*.espn.com
*.geo.sdp.espn.com
Other certificates including the domain name espn.com
(limited to 100 certificates)
video.disney.com
espn.com
www.aws.espn.com
1927-the-diary-of-myles-thomas.espn.com
insider.espn.com
cert-00003-cdnedge-bluemix.akamaized.net
video.disney.com
UCwebn7ext.disney.com
tredire.perf.go.com
cert-00003-cdnedge-bluemix.akamaized.net
assets.espncdn.com
www.aws.espn.com
support.espn.com
cdn.secure.espn.go.com
cert-00003-cdnedge-bluemix.akamaized.net
cert-00003-cdnedge-bluemix.akamaized.net
www.espnqa.com
site.api.espn.com
fillmore.espn.com
watch.video.api.qa.espn.com
fantasyfc.espn.com
*.media.plus.espn.com
fantasy.espn.com
email.axioshq.espn.com
support.espn.com
*.media.plus.espn.com
espn.com
btlink.web.plus.espn.com
internal.espn.com
media.video-cdn.espn.com
assets.espncdn.com
tredir.espn.com
support.espn.com
affiliates.espn.com
1927-the-diary-of-myles-thomas.espn.com
*.svcs.plus.espn.com
pro.creativearchive.espn.com
affiliates.espn.com
mft.espn.com
beta-shortstop.espn.com
cdn.espnqa.com
iptvhmg026.espn.com
log.go.com
cdn.espnqa.com
www.aws.espn.com
mft.espn.com
editions.espn.com
espnqa.com
assets.espncdn.com
video.disney.com
studioc.espn.com
mobileapp.espn.com
www.espn.com
media.plus.espn.com
affiliates.espn.com
web.plus.espn.com
fantasy.espn.com
go.web.plus.espn.com
cert-00003-cdnedge-bluemix.akamaized.net
UCAEN7.Disney.com
www.espn.com
eventcenter.espn.com
ESPNLMProdCluster01.aws.hosted.espn.com
fantasyfc.espn.com
cdn.secure.espn.go.com
editions.espn.com
dcs7soccernet.us-west-2.aws.internal.espn.com
cdn.espnqa.com
cert-00003-cdnedge-bluemix.akamaized.net
wirelessreg.espn.com
affiliates.espn.com
video.disney.com
channelfinder.espn.com
cert-00003-cdnedge-bluemix.akamaized.net
dcs7deportes.geo.hosted.espn.com
affiliates.espn.com
email.axioshq.espn.com
go.web.plus.espn.com
dcs7deportes.geo.hosted.espn.com
outlook.espn.com
fan.api.espn.com
espn.com
*.media.plus.espn.com
media.video-cdn.espn.com
dmzexpe29d01v.espn.com
fan.core.api.espn.com
media.video-cdn.espn.com
assets.espncdn.com
tredir.espn.com
espn.com
insider.espn.com
log.go.com
sigmgr03.espn.com
*.cms.internal.espn.com
timekeeper.espn.com
aws.dp.hosted.espn.com
watch.video.api.qa.espn.com
espn.com
mft.espn.com
affiliate.disney.espn.com
espn.com
www.aws.espn.com
1927-the-diary-of-myles-thomas.espn.com
insider.espn.com
cert-00003-cdnedge-bluemix.akamaized.net
video.disney.com
UCwebn7ext.disney.com
tredire.perf.go.com
cert-00003-cdnedge-bluemix.akamaized.net
assets.espncdn.com
www.aws.espn.com
support.espn.com
cdn.secure.espn.go.com
cert-00003-cdnedge-bluemix.akamaized.net
cert-00003-cdnedge-bluemix.akamaized.net
www.espnqa.com
site.api.espn.com
fillmore.espn.com
watch.video.api.qa.espn.com
fantasyfc.espn.com
*.media.plus.espn.com
fantasy.espn.com
email.axioshq.espn.com
support.espn.com
*.media.plus.espn.com
espn.com
btlink.web.plus.espn.com
internal.espn.com
media.video-cdn.espn.com
assets.espncdn.com
tredir.espn.com
support.espn.com
affiliates.espn.com
1927-the-diary-of-myles-thomas.espn.com
*.svcs.plus.espn.com
pro.creativearchive.espn.com
affiliates.espn.com
mft.espn.com
beta-shortstop.espn.com
cdn.espnqa.com
iptvhmg026.espn.com
log.go.com
cdn.espnqa.com
www.aws.espn.com
mft.espn.com
editions.espn.com
espnqa.com
assets.espncdn.com
video.disney.com
studioc.espn.com
mobileapp.espn.com
www.espn.com
media.plus.espn.com
affiliates.espn.com
web.plus.espn.com
fantasy.espn.com
go.web.plus.espn.com
cert-00003-cdnedge-bluemix.akamaized.net
UCAEN7.Disney.com
www.espn.com
eventcenter.espn.com
ESPNLMProdCluster01.aws.hosted.espn.com
fantasyfc.espn.com
cdn.secure.espn.go.com
editions.espn.com
dcs7soccernet.us-west-2.aws.internal.espn.com
cdn.espnqa.com
cert-00003-cdnedge-bluemix.akamaized.net
wirelessreg.espn.com
affiliates.espn.com
video.disney.com
channelfinder.espn.com
cert-00003-cdnedge-bluemix.akamaized.net
dcs7deportes.geo.hosted.espn.com
affiliates.espn.com
email.axioshq.espn.com
go.web.plus.espn.com
dcs7deportes.geo.hosted.espn.com
outlook.espn.com
fan.api.espn.com
espn.com
*.media.plus.espn.com
media.video-cdn.espn.com
dmzexpe29d01v.espn.com
fan.core.api.espn.com
media.video-cdn.espn.com
assets.espncdn.com
tredir.espn.com
espn.com
insider.espn.com
log.go.com
sigmgr03.espn.com
*.cms.internal.espn.com
timekeeper.espn.com
aws.dp.hosted.espn.com
watch.video.api.qa.espn.com
espn.com
mft.espn.com
affiliate.disney.espn.com
Certificate
The complete raw certificate details for internal.espn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgIQAR25HRykg9tVQUyBbE9bhzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAyMjgwMDAwMDBaFw0yMzAzMjky MzU5NTlaMBwxGjAYBgNVBAMTEWludGVybmFsLmVzcG4uY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9aOVymwWEl7NBDextMuvlyMYVTe7vau7THH 99QzSNo+m3eiXWdXAyvFQxg5GDraII3IdxXQvKcuGjVf+gQBqbqE5kzy7ALtPben aBSg279cdOxzDQluN10vYEdBjp2cL89y9S6HrN1RLyzgDGBFDs5mmMS0ii+R34aZ wo6av0xYGV+PeLBoa1eQAo6t4TNOEg76hwWu1gfyzcE1WiCWQkZKCGBlO/JAWAIT vG5D0K5qKqyuPEzMrJVva0uCxPTr3LySriIz4vk+hUItwX3wAF5Qy15Djqf4j+mb sK3WqBadD6G3llRo1zAjj7bxAQFDwMQOzB2I+eZwH2V6eY58PQIDAQABo4IB4jCC Ad4wHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFNdU REtRQggcFMUuNKczMxPqliOxMH8GA1UdEQR4MHaCEWludGVybmFsLmVzcG4uY29t gg4qLnNkcC5lc3BuLmNvbYITKi5pbnRlcm5hbC5lc3BuLmNvbYIcKi51cy1lYXN0 LTEuYXdzLnNkcC5lc3BuLmNvbYIKKi5lc3BuLmNvbYISKi5nZW8uc2RwLmVzcG4u Y29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVz dC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUH AQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVz dC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3Qu Y29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUA MA0GCSqGSIb3DQEBCwUAA4IBAQAqJr3DqH4IOE8tJ5gSBqxJzR2KE+DX9eCr01YV 1R0FU7nMQTUFQ1mqILmzULvw/3moELYmNJqZIKmgqLNn2kXmgM3jMi0Sr4GmCOf5 yNt/FTEvLZho3JjeNmHtKy7sZqQqcB8ya+tu35N7rB3+j0yYIs/cpDx7F4XPkmMs BsacNFk2c7peXgjeS6mbY7Yasx8l9lwVwekn9SrVHEuRKz95mCKjuumDBtFPhD8q Q6kwbuYnJNITqrXJE9xCiGDs8HncS/OPkYrXYbPsUxiNjYhLdPCljTve0OK1CjHL 55TY9DUyeeKErTmdcJm5E8YHD0g9GES5F5AxCi+lnxKIBStM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9aOVymwWEl7NBDextMu vlyMYVTe7vau7THH99QzSNo+m3eiXWdXAyvFQxg5GDraII3IdxXQvKcuGjVf+gQB qbqE5kzy7ALtPbenaBSg279cdOxzDQluN10vYEdBjp2cL89y9S6HrN1RLyzgDGBF Ds5mmMS0ii+R34aZwo6av0xYGV+PeLBoa1eQAo6t4TNOEg76hwWu1gfyzcE1WiCW QkZKCGBlO/JAWAITvG5D0K5qKqyuPEzMrJVva0uCxPTr3LySriIz4vk+hUItwX3w AF5Qy15Djqf4j+mbsK3WqBadD6G3llRo1zAjj7bxAQFDwMQOzB2I+eZwH2V6eY58 PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1483559156940281132229356568412380039 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'internal.espn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24217317764022683410468826716854461482259142017891558896896800903712215102429869507807494851638568966936689719926485496537781493977620657796717340099855881605949190796968433990155649842008725461746088098474894858626287805411508482831808935506359588656462386535743360473797993259516297960600462417375095669823200236694474745527220323856775226615436102922773676624435684340262029867737525963357289908277753464796354351438014303014458292318841678696054817461669281859880133225915852605104340907093670563373010187097528797703911726801438239219261576542223172755209483104953898698207188434682210559056002961366440362277949 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d754444b5142081c14c52e34a7333313ea9623b1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.espn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sdp.espn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.internal.espn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.us-east-1.aws.sdp.espn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.espn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.geo.sdp.espn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002a26bdc3a87e08384f2d27981206ac49cd1d8a13e0d7f5e0abd35615d51d0553b9cc4135054359aa20b9b350bbf0ff79a810b626349a9920a9a0a8b367da45e680cde3322d12af81a608e7f9c8db7f15312f2d9868dc98de3661ed2b2eec66a42a701f326beb6edf937bac1dfe8f4c9822cfdca43c7b1785cf92632c06c69c34593673ba5e5e08de4ba99b63b61ab31f25f65c15c1e927f52ad51c4b912b3f799822a3bae98306d14f843f2a43a9306ee62724d213aab5c913dc428860ecf079dc4bf38f918ad761b3ec53188d8d884b74f0a58d3bded0e2b50a31cbe794d8f4353279e284ad399d7099b913c6070f483d1844b91790310a2fa59f1288052b4c