drm-proxy-us-1-us-east-1-1.api.hbo.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0c:8d:65:82:61:ef:99:54:33:79:45:5d:35:fb:05:7e was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=drm-proxy-us-1-us-east-1-1.api.hbo.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:8d:65:82:61:ef:99:54:33:79:45:5d:35:fb:05:7eSerial Number (int): 16684908659813200142411011860012402046
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 0f:03:eb:5f:b2:73:19:73:68:03:60:91:c3:2d:7a:d7:69:ba:1c:ce
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 90:f4:1f:8c:ca:57:c7:a7:88:3c:4e:2e:cb:3c:e4:6a:4f:01:65:57
Fingerprint (sha256): 06:20:90:c7:f7:34:39:20:bd:0d:f6:1f:0b:57:02:ed:0a:85:f4:22:67:e3:24:6c:78:55:b1:03:2d:4a:a4:9a
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate drm-proxy-us-1-us-east-1-1.api.hbo.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for drm-proxy-us-1-us-east-1-1.api.hbo.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
drm-proxy-us-1-us-east-1-1.api.hbo.com
*.api.hbo.com
*.api.hbo.com
Other certificates including the domain name hbo.com
(limited to 100 certificates)
dash.pro42.akm.cdn.hbogo.com
enseo-stg.play.codex-int.hbo.com
commerce-emea.api.hbo.com
cyberducktest.microsites.hbo.com
customer-test.ssl.fastly.net
lightning-web.play.codex-int.hbo.com
secure06.lithium.com
test-cert.sandbox.wmdtc.tech
concierge.api.hbo.com
turner.com
www.shop.hbo.com
jira.dp.hbo.com
dmx-web.play.codex-int.hbo.com
origin.mvpdstreaming.hbo.com
secure06.lithium.com
testing.dp.hbo.com
*.lightning-web.apps-dev.codex-int.hbo.com
testing.dp.hbo.com
*.kpn.lightning.codex-int.hbo.com
device-update.api.hbo.com
kpn.play.codex-int.hbo.com
vip.hbo.com
o365.hbo.com
ssodev.homeboxoffice.com
comet-eu-1-eu-central-1.api.hbo.com
dns-vetting1k.map.fastly.net
*.dp.hbo.com
*.dev.security.hbo.com
castle-1-us-west-2-int.staging.staging-api.hbo.com
u2.shared.global.fastly.net
user-comet-1-snp-us-west-2.development.hurley.hbo.com
groot-1-us-east-1-int.latam.api.hbo.com
jenkins.k8s.hurley.hbo.com
youtrack.hbo.com
testing.dp.hbo.com
privacy-processor-latam-1-us-east-1.api.hbo.com
dns-vetting1k.map.fastly.net
*.dev.security.hbo.com
mvpd-authn-manager-eu-1-eu-central-1.api.hbo.com
customer-test.ssl.fastly.net
hbo.map.fastly.net
secure02.stage.lithium.com
b2bmicrositesadmin.hbo.com
u2.shared.global.fastly.net
netbox.development.datacenter.hbo.com
testing.dp.hbo.com
secure06.lithium.com
customer-test.ssl.fastly.net
customer-test.ssl.fastly.net
dash.pro42.akm.cdn.hbogo.com
login-us-1-us-west-2.api.hbo.com
api.hbo.com
screendiff.hadron.hbo.com
alb-redirector-production-us-east-1.api.hbo.com
profiles-eu-1-eu-central-1.api.hbo.com
hurley.hbo.com
mongo.prod-espv4.hbo.com
dns-vetting1k.map.fastly.net
f2.shared.global.fastly.net
concierge.api.hbo.com
hbo.map.fastly.net
fromthevault.hbo.com
drm-proxy-us-1-us-east-1-1.api.hbo.com
jenkins-pi3.mgmt.wmdtc.tech
cdn.hbo.com
profiles-us-1-us-east-2.api.hbo.com
messaging-api-test.micro.hbo.com
alertmanager.staging.datacenter.hbo.com
art-gallery.akm.cdn.hbo.com
dns-vetting1k.map.fastly.net
dns-vetting1k.map.fastly.net
smatrix.hbo.com
u2.shared.global.fastly.net
andreas.caps.codex-int.hbo.com
vizio.play.codex-int.hbo.com
lightning.play.codex-int.hbo.com
testing.dp.hbo.com
dns-vetting1k.map.fastly.net
www.fromthevault.hbo.com
hotd-character-guide.micro.hbo.com
shop.hbo.com
testing.dp.hbo.com
drm-proxy-latam-1-us-east-1.api.hbo.com
dns-vetting1k.map.fastly.net
customer-test.ssl.fastly.net
customer-test.ssl.fastly.net
u2.shared.global.fastly.net
profiles-1-us-east-1-int.latam.api.hbo.com
customer-test.ssl.fastly.net
customer-test.ssl.fastly.net
jenkins.k8s.hurley.hbo.com
customer-test.ssl.fastly.net
splunk.hbo.com
shop.hbo.com
www.fromthevault.hbo.com
eks-service-alb-tftest-1.sandbox.wmdtc.tech
concierge.api.hbo.com
secure02.stage.lithium.com
shared-ingress-public-prod-us-1-us-east-1.api.hbo.com
weichi.caps.codex-int.hbo.com
enseo-stg.play.codex-int.hbo.com
commerce-emea.api.hbo.com
cyberducktest.microsites.hbo.com
customer-test.ssl.fastly.net
lightning-web.play.codex-int.hbo.com
secure06.lithium.com
test-cert.sandbox.wmdtc.tech
concierge.api.hbo.com
turner.com
www.shop.hbo.com
jira.dp.hbo.com
dmx-web.play.codex-int.hbo.com
origin.mvpdstreaming.hbo.com
secure06.lithium.com
testing.dp.hbo.com
*.lightning-web.apps-dev.codex-int.hbo.com
testing.dp.hbo.com
*.kpn.lightning.codex-int.hbo.com
device-update.api.hbo.com
kpn.play.codex-int.hbo.com
vip.hbo.com
o365.hbo.com
ssodev.homeboxoffice.com
comet-eu-1-eu-central-1.api.hbo.com
dns-vetting1k.map.fastly.net
*.dp.hbo.com
*.dev.security.hbo.com
castle-1-us-west-2-int.staging.staging-api.hbo.com
u2.shared.global.fastly.net
user-comet-1-snp-us-west-2.development.hurley.hbo.com
groot-1-us-east-1-int.latam.api.hbo.com
jenkins.k8s.hurley.hbo.com
youtrack.hbo.com
testing.dp.hbo.com
privacy-processor-latam-1-us-east-1.api.hbo.com
dns-vetting1k.map.fastly.net
*.dev.security.hbo.com
mvpd-authn-manager-eu-1-eu-central-1.api.hbo.com
customer-test.ssl.fastly.net
hbo.map.fastly.net
secure02.stage.lithium.com
b2bmicrositesadmin.hbo.com
u2.shared.global.fastly.net
netbox.development.datacenter.hbo.com
testing.dp.hbo.com
secure06.lithium.com
customer-test.ssl.fastly.net
customer-test.ssl.fastly.net
dash.pro42.akm.cdn.hbogo.com
login-us-1-us-west-2.api.hbo.com
api.hbo.com
screendiff.hadron.hbo.com
alb-redirector-production-us-east-1.api.hbo.com
profiles-eu-1-eu-central-1.api.hbo.com
hurley.hbo.com
mongo.prod-espv4.hbo.com
dns-vetting1k.map.fastly.net
f2.shared.global.fastly.net
concierge.api.hbo.com
hbo.map.fastly.net
fromthevault.hbo.com
drm-proxy-us-1-us-east-1-1.api.hbo.com
jenkins-pi3.mgmt.wmdtc.tech
cdn.hbo.com
profiles-us-1-us-east-2.api.hbo.com
messaging-api-test.micro.hbo.com
alertmanager.staging.datacenter.hbo.com
art-gallery.akm.cdn.hbo.com
dns-vetting1k.map.fastly.net
dns-vetting1k.map.fastly.net
smatrix.hbo.com
u2.shared.global.fastly.net
andreas.caps.codex-int.hbo.com
vizio.play.codex-int.hbo.com
lightning.play.codex-int.hbo.com
testing.dp.hbo.com
dns-vetting1k.map.fastly.net
www.fromthevault.hbo.com
hotd-character-guide.micro.hbo.com
shop.hbo.com
testing.dp.hbo.com
drm-proxy-latam-1-us-east-1.api.hbo.com
dns-vetting1k.map.fastly.net
customer-test.ssl.fastly.net
customer-test.ssl.fastly.net
u2.shared.global.fastly.net
profiles-1-us-east-1-int.latam.api.hbo.com
customer-test.ssl.fastly.net
customer-test.ssl.fastly.net
jenkins.k8s.hurley.hbo.com
customer-test.ssl.fastly.net
splunk.hbo.com
shop.hbo.com
www.fromthevault.hbo.com
eks-service-alb-tftest-1.sandbox.wmdtc.tech
concierge.api.hbo.com
secure02.stage.lithium.com
shared-ingress-public-prod-us-1-us-east-1.api.hbo.com
weichi.caps.codex-int.hbo.com
Certificate
The complete raw certificate details for drm-proxy-us-1-us-east-1-1.api.hbo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBzCCBO+gAwIBAgIQDI1lgmHvmVQzeUVdNfsFfjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDMwMjAwMDAwMFoXDTI1MDQwMTIzNTk1OVowMTEv MC0GA1UEAxMmZHJtLXByb3h5LXVzLTEtdXMtZWFzdC0xLTEuYXBpLmhiby5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QUvM4KT5uGs4EELepQHb eVczlJXHR9ZY2ctHpI6Grpwg56f4dNJDa1EDlNaNPdzq0GkQrHoov03imZnNQ7vC Gg0E3eCtR0O1Jd7b+jPTh+w9EqLAQN9rRcR3h82rWNG38kaGJnYpGWjI1NewiCJZ EDmh99OCi0ucQKlrRPuoty95JIXH1V9cCMOsZJpu2sR8ko8fxx0+af3zhA9nm3Q/ aQ8Cil88x9EQWwCtizHb7dTP0/rbANm+Lo5dqrfFAld+hmsRyhIey/nF7Kw3aggx e5QULpcAeSDJzqwoOhTbng1+RAfT7b6Yp581ISOa25iKsad5+uPg4Dk80TOB8XF5 AgMBAAGjggMOMIIDCjAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAd BgNVHQ4EFgQUDwPrX7JzGXNoA2CRwy1612m6HM4wQAYDVR0RBDkwN4ImZHJtLXBy b3h5LXVzLTEtdXMtZWFzdC0xLTEuYXBpLmhiby5jb22CDSouYXBpLmhiby5jb20w EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3Iy bTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgA dwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY39eS2/AAAEAwBI MEYCIQDHgtmvFrVp9UcZUp93q5LK0Son5vyQ9fKZ48G+5ckIcwIhAPFOEnpmS5EP RuaYqGL5IpOMJ61Yz00TcXWDPuGuTyEoAHYAfVkeEuF4KnscYWd8Xv340IdcFKBO lZ65Ay/ZDowuebgAAAGN/XktwQAABAMARzBFAiBy3S/SEMhujH927MsDVnkNMJX/ xbsVByiJ4u4W4zqhewIhAIfpYTo4Ewd6d3Wkt0D7I9svcRpJcFml4mBIpvVwzEwf AHUA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGN/Xkt7QAABAMA RjBEAiAs4HlZyxBoRrM2LPpDOoBxIEx08dGrwSPrZ2+OoEh3CAIgaufX+J4+iblE QYgF8OC4Q37BOukMWfF4PPZ2x3jN8MQwDQYJKoZIhvcNAQELBQADggEBAIF4onY+ /G03RzUxdrVHcyTCEMtTLDzASZhjdEKxsGdXB9ezbfaJyCyVkkph9LZ5ekaTuDsK jiPy8NtdT42pVZcYPrjLilYGEcdWcJTqomCliqLz4zI7NeS1bBx6CM+R6pJC0+Tc TWuoTi9biQpQFR5GohUvX8lDjcY0lnNuv+vNIwQLNFSS+XnMkon7Ms9L4kT7sxbQ cOvk4+Fn8/dKmH8vONP0FFPZYBK3A9FzVmB+xKaG6Qh+Xmry+ZywFo2HfBwbzFsm h33xzKe7wlEyZodrr4tcahrvGvnn1LHYkmq1Ti0Lz4ZpPFb9aAB3Yw7Vt4FAnvaF 7BqZdOqzB1U5v60= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkFLzOCk+bhrOBBC3qUB 23lXM5SVx0fWWNnLR6SOhq6cIOen+HTSQ2tRA5TWjT3c6tBpEKx6KL9N4pmZzUO7 whoNBN3grUdDtSXe2/oz04fsPRKiwEDfa0XEd4fNq1jRt/JGhiZ2KRloyNTXsIgi WRA5offTgotLnECpa0T7qLcveSSFx9VfXAjDrGSabtrEfJKPH8cdPmn984QPZ5t0 P2kPAopfPMfREFsArYsx2+3Uz9P62wDZvi6OXaq3xQJXfoZrEcoSHsv5xeysN2oI MXuUFC6XAHkgyc6sKDoU254NfkQH0+2+mKefNSEjmtuYirGnefrj4OA5PNEzgfFx eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16684908659813200142411011860012402046 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'drm-proxy-us-1-us-east-1-1.api.hbo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23007570208296193129703800527838596433708821931401924344206670846933757222072508306322697264592493770499484637380856127647148252447858944280545636685610218810866832605598130038542435426409554032919272349489495935899071009710938492859901224490252526287351199447823066305282161397550611343325228368711373236845364902053867176385282265843435517300988010988188678086122126469713734265744988203185254080991081081721326072177005074787254860375817716739785250965590949757708855536453328586340447392748602288258921824838502474182748396027679920433255585909802360623880396817402915769461056850623491025104128108735867118514553 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0f03eb5fb273197368036091c32d7ad769ba1cce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drm-proxy-us-1-us-east-1-1.api.hbo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.hbo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dfd792dbf0000040300483046022100c782d9af16b569f54719529f77ab92cad12a27e6fc90f5f299e3c1bee5c90873022100f14e127a664b910f46e698a862f922938c27ad58cf4d137175833ee1ae4f21280076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dfd792dc10000040300473045022072dd2fd210c86e8c7f76eccb0356790d3095ffc5bb15072889e2ee16e33aa17b02210087e9613a3813077a7775a4b740fb23db2f711a497059a5e26048a6f570cc4c1f007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dfd792ded000004030046304402202ce07959cb106846b3362cfa433a8071204c74f1d1abc123eb676f8ea048770802206ae7d7f89e3e89b944418805f0e0b8437ec13ae90c59f1783cf676c778cdf0c4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008178a2763efc6d3747353176b5477324c210cb532c3cc04998637442b1b0675707d7b36df689c82c95924a61f4b6797a4693b83b0a8e23f2f0db5d4f8da95597183eb8cb8a560611c7567094eaa260a58aa2f3e3323b35e4b56c1c7a08cf91ea9242d3e4dc4d6ba84e2f5b890a50151e46a2152f5fc9438dc63496736ebfebcd23040b345492f979cc9289fb32cf4be244fbb316d070ebe4e3e167f3f74a987f2f38d3f41453d96012b703d17356607ec4a686e9087e5e6af2f99cb0168d877c1c1bcc5b26877df1cca7bbc2513266876baf8b5c6a1aef1af9e7d4b1d8926ab54e2d0bcf86693c56fd680077630ed5b781409ef685ec1a9974eab3075539bfad