nd-ga.gettyimages.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 08:3f:9d:e0:4d:b7:a0:37:7b:42:8c:3b:ee:d5:05:0c was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nd-ga.gettyimages.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:3f:9d:e0:4d:b7:a0:37:7b:42:8c:3b:ee:d5:05:0cSerial Number (int): 10964140777835533414619104655485240588
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 26:99:0a:91:cb:ac:40:cc:67:55:a1:6c:23:63:51:41:ef:74:fb:0a
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): ca:a7:b2:ae:48:67:1e:db:8d:52:3a:38:f6:0e:ed:38:d1:5b:9d:86
Fingerprint (sha256): 06:6e:84:78:f0:f2:d3:e0:4c:c8:4e:6f:64:9f:fe:8e:33:95:bf:4c:7a:c3:d9:98:a7:b5:ef:ec:59:68:13:e2
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate nd-ga.gettyimages.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nd-ga.gettyimages.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nd-ga.gettyimages.com
Other certificates including the domain name gettyimages.com
(limited to 100 certificates)
api-us-east-1.nd.nudatasecurity.com
*.gettyimages.com
embed.gettyimages.com
labs.gettyimages.com
k3.shared.global.fastly.net
foto.gettyimages.com
www.labs.gettyimages.com
embed-cdn.gettyimages.com
ews.gettyimages.com
embed-cdn.gettyimages.com
k3.shared.global.fastly.net
studio.gettyimages.com
ceros3.map.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
firstdata.gettyimages.com
smetrics.gettyimages.com
brookfield.gettyimages.com
mmpart.gettyimages.com
apply.gettyimages.com
sitemaps.gettyimages.com
labs.gettyimages.com
stories.gettyimages.com
k3.shared.global.fastly.net
workbench.gettyimages.com
api-prod.vizual.ai
mixer.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
workbench.gettyimages.com
services.gettyimages.com
hexion.gettyimages.com
mixer.gettyimages.com
*.dam.gettyimages.com
*.pinterestceros.com
k3.shared.global.fastly.net
view.ceros.com
developers.gettyimages.com
ceros3.map.fastly.net
remotetest.gettyimages.com
k3.shared.global.fastly.net
nd-ga.gettyimages.com
customcontent.gettyimages.com
esp.gettyimages.com
k3.shared.global.fastly.net
ceros.map.fastly.net
k3.shared.global.fastly.net
studioportfolios.gettyimages.com
legacycreative.gettyimages.com
servicestest.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
briefs-middleware.custom-content.usw2.prod-getty.cloud
k3.shared.global.fastly.net
events.gettyimages.com
www.gettyimages.com
licensecompliance.gettyimages.com
labs.gettyimages.com
mm.gettyimages.com
foto.gettyimages.com
communityassignments.gettyimages.com
stg-mm.lower-getty.cloud
k3.shared.global.fastly.net
stg-in.lower-getty.cloud
delivery.stage-gettyimages.com
services.gettyimages.com
copyrightcompliance.gettyimages.com
damhelp.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
ceros3.map.fastly.net
api-us-east-1.nd.nudatasecurity.com
k3.shared.global.fastly.net
communityassignments.gettyimages.com
essilormediamanager.gettyimages.com
mmx.gettyimages.com
view.ceros.com
www.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
mmpart.gettyimages.com
yearinfocus.gettyimages.com
secondary-prod-mm.prod-getty.cloud
affiliates.gettyimages.com
pdn.gettyimages.com
joinus.gettyimages.com
media.gettyimages.com
fashion.gettyimages.com
ceros3.map.fastly.net
unisys.gettyimages.com
ceros3.map.fastly.net
ceros3.map.fastly.net
k3.shared.global.fastly.net
api-us-east-1.nd.nudatasecurity.com
firstpartycookie.gettyimages.com
*.pinterestceros.com
mmx.gettyimages.com
k3.shared.global.fastly.net
*.gettyimages.com
embed.gettyimages.com
labs.gettyimages.com
k3.shared.global.fastly.net
foto.gettyimages.com
www.labs.gettyimages.com
embed-cdn.gettyimages.com
ews.gettyimages.com
embed-cdn.gettyimages.com
k3.shared.global.fastly.net
studio.gettyimages.com
ceros3.map.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
firstdata.gettyimages.com
smetrics.gettyimages.com
brookfield.gettyimages.com
mmpart.gettyimages.com
apply.gettyimages.com
sitemaps.gettyimages.com
labs.gettyimages.com
stories.gettyimages.com
k3.shared.global.fastly.net
workbench.gettyimages.com
api-prod.vizual.ai
mixer.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
workbench.gettyimages.com
services.gettyimages.com
hexion.gettyimages.com
mixer.gettyimages.com
*.dam.gettyimages.com
*.pinterestceros.com
k3.shared.global.fastly.net
view.ceros.com
developers.gettyimages.com
ceros3.map.fastly.net
remotetest.gettyimages.com
k3.shared.global.fastly.net
nd-ga.gettyimages.com
customcontent.gettyimages.com
esp.gettyimages.com
k3.shared.global.fastly.net
ceros.map.fastly.net
k3.shared.global.fastly.net
studioportfolios.gettyimages.com
legacycreative.gettyimages.com
servicestest.gettyimages.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
k3.shared.global.fastly.net
briefs-middleware.custom-content.usw2.prod-getty.cloud
k3.shared.global.fastly.net
events.gettyimages.com
www.gettyimages.com
licensecompliance.gettyimages.com
labs.gettyimages.com
mm.gettyimages.com
foto.gettyimages.com
communityassignments.gettyimages.com
stg-mm.lower-getty.cloud
k3.shared.global.fastly.net
stg-in.lower-getty.cloud
delivery.stage-gettyimages.com
services.gettyimages.com
copyrightcompliance.gettyimages.com
damhelp.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
k3.shared.global.fastly.net
ceros3.map.fastly.net
api-us-east-1.nd.nudatasecurity.com
k3.shared.global.fastly.net
communityassignments.gettyimages.com
essilormediamanager.gettyimages.com
mmx.gettyimages.com
view.ceros.com
www.gettyimages.com
leapfrog-ssl-35.gcs-web.com
k3.shared.global.fastly.net
mmpart.gettyimages.com
yearinfocus.gettyimages.com
secondary-prod-mm.prod-getty.cloud
affiliates.gettyimages.com
pdn.gettyimages.com
joinus.gettyimages.com
media.gettyimages.com
fashion.gettyimages.com
ceros3.map.fastly.net
unisys.gettyimages.com
ceros3.map.fastly.net
ceros3.map.fastly.net
k3.shared.global.fastly.net
api-us-east-1.nd.nudatasecurity.com
firstpartycookie.gettyimages.com
*.pinterestceros.com
mmx.gettyimages.com
k3.shared.global.fastly.net
Certificate
The complete raw certificate details for nd-ga.gettyimages.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIQCD+d4E23oDd7Qow77tUFDDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDIyNzAwMDAwMFoXDTI1MDMyNzIzNTk1OVowIDEe MBwGA1UEAxMVbmQtZ2EuZ2V0dHlpbWFnZXMuY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAs8WdVYJqwFybfHySJWl4ZB+HsNOH0vojDbvyImfAzbw2 IL+awPWpRsk8vPSK8ZYFRX+cns234xDO8WAMa1ZTQXnWY0YyyoMp6GmKLfreVB57 FdBu7yWQQoHcVjQXiFKWdPk7ExQqJ9UAn4FiJfzikZBMEMokNTuOHGGUbW5e49/l X4JD1luktbnWkg2y91+dSdTl+e5V4hz2m8LDy1NvVyq31xgEYYWkxpG6pjb/2tig liEC2UBPjrsrCqOM2HPpoOmj9OsO4LN7Uu89sZBXJIYYQvdyhcz7IIAm9ztxDI/p niCWe+8d4L6uV+OLvYGdXEjYEYgSJNbV0Wm+xuSixQIDAQABo4IC7DCCAugwHwYD VR0jBBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFCaZCpHLrEDM Z1WhbCNjUUHvdPsKMCAGA1UdEQQZMBeCFW5kLWdhLmdldHR5aW1hZ2VzLmNvbTAT BgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu cjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcw LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2 BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJt MDMuY2VyMAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB1 AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjeqRKvgAAAQDAEYw RAIgR8GjUHCFuyMTBGiLr41Z9nv6Jjvu/gtAXzJ+Nq1EH70CIFMkESk1aa6IpTk3 hNJ7nSERakbsanSCs9fCVzYjDerOAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65 Ay/ZDowuebgAAAGN6pErLwAABAMARzBFAiBR1YA8iYYxglpE+z5bonyfEkII42tX aLXxnz9QkpgpOwIhAL273HEzPk02M88mruM080YlQVyhIusuL0XIlS07j3C4AHUA 5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGN6pErVQAABAMARjBE AiAdaPExoh2xOoRzWq7k1Fq4w9qmmZUo48o7U/PTc/WKxgIgILeEzizdGUCRXyCm PQGmfPscd8RBxus4UVbqJBxvl1owDQYJKoZIhvcNAQELBQADggEBAAO5YWbmy0fS KbYFBFNDbkRqjYfHifIV8xQbngl0SUYgcSy8z5phTmPufD9VqVDrOea8hQOGfZSo 4MXogUowoFjfbYZs1mQOaFvY899TNumUXWEvVfAMCIKM0WTnzWLBNQPthwH8+HE4 nM92riiBAhzq5UtK4ixeurWYLDvFH72vRv7YOvxR6WoX7+VPvt9ZbfsFXgSVREMV Amjnd3LTWVEfAWMBAg55Zpz2v2yea2pWU5uTjNyusesRoGHZ4G2FbvMy4CSqgqNe AP8H32MWgtv716cPj7Kxl3NnSnJ6A+9D6kbUcPzGGeONnbrS4h3zyQKwKqpmUGYE IAfMS36L67c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8WdVYJqwFybfHySJWl4 ZB+HsNOH0vojDbvyImfAzbw2IL+awPWpRsk8vPSK8ZYFRX+cns234xDO8WAMa1ZT QXnWY0YyyoMp6GmKLfreVB57FdBu7yWQQoHcVjQXiFKWdPk7ExQqJ9UAn4FiJfzi kZBMEMokNTuOHGGUbW5e49/lX4JD1luktbnWkg2y91+dSdTl+e5V4hz2m8LDy1Nv Vyq31xgEYYWkxpG6pjb/2tigliEC2UBPjrsrCqOM2HPpoOmj9OsO4LN7Uu89sZBX JIYYQvdyhcz7IIAm9ztxDI/pniCWe+8d4L6uV+OLvYGdXEjYEYgSJNbV0Wm+xuSi xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10964140777835533414619104655485240588 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nd-ga.gettyimages.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22694103973204965970847805446212205230554226657184712599646523395756588684686417466303166904153545278986185332419622543331227159831206080046047895999336123991895261370859006272801686817359415422933255467122275781315699461960053975229366287565191101826470501161346222314452833362255533122679537846076950795849448892263731592761144015322477470450447977303935341365316816093270702652452460008152399983724153925191020618049956202960927109402845892695340184354276836757300825337893675270355527063781876714202258468620457993454667292918398161972713208520317636871883226613890666997961864677962018390159018433155584967877317 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 26990a91cbac40cc6755a16c23635141ef74fb0a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nd-ga.gettyimages.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 01660075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dea912af80000040300463044022047c1a3507085bb231304688baf8d59f67bfa263beefe0b405f327e36ad441fbd0220532411293569ae88a5393784d27b9d21116a46ec6a7482b3d7c25736230deace0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dea912b2f0000040300473045022051d5803c898631825a44fb3e5ba27c9f124208e36b5768b5f19f3f509298293b022100bdbbdc71333e4d3633cf26aee334f34625415ca122eb2e2f45c8952d3b8f70b8007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dea912b55000004030046304402201d68f131a21db13a84735aaee4d45ab8c3daa6999528e3ca3b53f3d373f58ac6022020b784ce2cdd1940915f20a63d01a67cfb1c77c441c6eb385156ea241c6f975a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0003b96166e6cb47d229b6050453436e446a8d87c789f215f3141b9e0974494620712cbccf9a614e63ee7c3f55a950eb39e6bc8503867d94a8e0c5e8814a30a058df6d866cd6640e685bd8f3df5336e9945d612f55f00c08828cd164e7cd62c13503ed8701fcf871389ccf76ae2881021ceae54b4ae22c5ebab5982c3bc51fbdaf46fed83afc51e96a17efe54fbedf596dfb055e04954443150268e77772d359511f016301020e79669cf6bf6c9e6b6a56539b938cdcaeb1eb11a061d9e06d856ef332e024aa82a35e00ff07df631682dbfbd7a70f8fb2b19773674a727a03ef43ea46d470fcc619e38d9dbad2e21df3c902b02aaa665066042007cc4b7e8bebb7