*.lexisai.aws.lexis.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 08:ec:b4:73:cb:bc:61:bd:a6:42:7c:39:00:f0:00:27 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.lexisai.aws.lexis.com
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:ec:b4:73:cb:bc:61:bd:a6:42:7c:39:00:f0:00:27Serial Number (int): 11862866032914089360423129444420419623
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 84:eb:c0:22:09:b1:b6:22:1a:fd:10:49:7b:2d:1b:d8:ef:2e:9f:fe
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 25:42:ef:8a:2b:81:58:bd:be:43:53:64:86:6d:9c:a7:97:3e:b5:e1
Fingerprint (sha256): 06:c2:37:a6:f9:f7:e5:ba:94:f3:ed:9b:3b:df:ed:76:d2:47:b9:1a:17:83:d8:ee:3d:ca:d2:43:34:86:05:7f
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.lexisai.aws.lexis.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.lexisai.aws.lexis.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.lexisai.aws.lexis.com
*.lexisai.aws.lexisnexis.com
*.lexisai.aws.lexisnexis.com
Other certificates including the domain name lexis.com
(limited to 100 certificates)
risk.lexis.com
*.product-aws-prod.nl.lexis.com
risk.lexis.com
*.business.aws.lexis.com
*.content.aws.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.ndp.use1-prod1.searchplatform.nl.lexis.com
*.search.fos3.nl.lexis.com
*.prod3-searchplatform.nl.lexis.com
*.lexis.com
analytics.plus.lexis.com
r3.lexisnexis.com
*.lexisai.aws.lexis.com
test.stage.analytics.plus.lexis.com
*.route53.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.globalplatform-nonprod.route53.lexis.com
*.nl.lexis.com
*.monitoring-dev.nl.lexis.com
www.lexis.com
*.monitoring-tr-dev.nl.lexis.com
test.litelytics.analytics.plus.lexis.com
*.content.aws.lexis.com
*.business.aws.lexis.com
*.content.lexis.com
*.monitoring-dev.nl.lexis.com
*.recentactivity.route53.lexis.com
*.route53.lexis.com
r3.lexisnexis.com
*.content.aws.lexis.com
*.lexis.com
*.product-aws-dev.nl.lexis.com
lexmachina.advance.lexis.com
*.messsenger.route53.lexis.com
*.product-aws-prod.nl.lexis.com
*.route53.lexis.com
*.lexisai.aws.lexis.com
lexisnexis.com
*.content.aws.lexis.com
*.tools.aws.lexis.com
*.cert.nucleus.lexis.com
analytics.plus.lexis.com
*.ndp.use1.dev-searchplatform.nl.lexis.com
*.lexisnexis.com
r3.lexisnexis.com
nucleus.lexis.com
*.cdc1c-uk-hotdocs-advance.route53.lexis.com
analytics.plus.lexis.com
*.content.aws.lexis.com
test.stage.analytics.plus.lexis.com
lexmachina.advance.lexis.com
*.globalplatform.route53.lexis.com
guidance.lexis.com
*.content.aws.lexis.com
r3.lexisnexis.com
az-prawebcert.r3.lexis.com
*.content.aws.lexis.com
test.litelytics.analytics.plus.lexis.com
*.business.aws.lexis.com
*.api-dev.route53.lexis.com
*.cdc1c-hotdocs-advance.route53.lexis.com
*.lexis.com
*.ndp.use1-prod2.searchplatform.nl.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.content.aws.lexis.com
nucleus.lexis.com
*.lexisai.aws.lexis.com
*.content.aws.lexis.com
test.stage.analytics.plus.lexis.com
guidance.lexis.com
*.lexisai.aws.lexis.com
*.content.aws.lexis.com
risk.lexis.com
api-prod.route53.lexis.com
origin.lexis.production.ln-production.brightspot.cloud
*.lexisai.aws.lexis.com
*.content.aws.lexis.com
*.business.aws.lexis.com
*.business.aws.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.product-aws-prod.nl.lexis.com
test.stage.analytics.plus.lexis.com
*.search.use1-prod3.fos3.nl.lexis.com
*.courier-deliveryor.route53.lexis.com
*.content.aws.lexis.com
*.rtis.aws.lexis.com
liamattersdev.lexis.com
*.content.aws.lexis.com
*.route53.lexis.com
*.content.aws.lexis.com
risk.lexis.com
analytics.plus.lexis.com
*.lexis360-at.use1-prod1.searchplatform.nl.lexis.com
*.content.aws.lexis.com
argocd.use1-prod1.fos3.nl.lexis.com
*.content.aws.lexis.com
test.litelytics.analytics.plus.lexis.com
*.business.aws.lexis.com
argocd.use1-prod1.fos.nl.lexis.com
sni.cloudflaressl.com
*.product-aws-prod.nl.lexis.com
risk.lexis.com
*.business.aws.lexis.com
*.content.aws.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.ndp.use1-prod1.searchplatform.nl.lexis.com
*.search.fos3.nl.lexis.com
*.prod3-searchplatform.nl.lexis.com
*.lexis.com
analytics.plus.lexis.com
r3.lexisnexis.com
*.lexisai.aws.lexis.com
test.stage.analytics.plus.lexis.com
*.route53.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.globalplatform-nonprod.route53.lexis.com
*.nl.lexis.com
*.monitoring-dev.nl.lexis.com
www.lexis.com
*.monitoring-tr-dev.nl.lexis.com
test.litelytics.analytics.plus.lexis.com
*.content.aws.lexis.com
*.business.aws.lexis.com
*.content.lexis.com
*.monitoring-dev.nl.lexis.com
*.recentactivity.route53.lexis.com
*.route53.lexis.com
r3.lexisnexis.com
*.content.aws.lexis.com
*.lexis.com
*.product-aws-dev.nl.lexis.com
lexmachina.advance.lexis.com
*.messsenger.route53.lexis.com
*.product-aws-prod.nl.lexis.com
*.route53.lexis.com
*.lexisai.aws.lexis.com
lexisnexis.com
*.content.aws.lexis.com
*.tools.aws.lexis.com
*.cert.nucleus.lexis.com
analytics.plus.lexis.com
*.ndp.use1.dev-searchplatform.nl.lexis.com
*.lexisnexis.com
r3.lexisnexis.com
nucleus.lexis.com
*.cdc1c-uk-hotdocs-advance.route53.lexis.com
analytics.plus.lexis.com
*.content.aws.lexis.com
test.stage.analytics.plus.lexis.com
lexmachina.advance.lexis.com
*.globalplatform.route53.lexis.com
guidance.lexis.com
*.content.aws.lexis.com
r3.lexisnexis.com
az-prawebcert.r3.lexis.com
*.content.aws.lexis.com
test.litelytics.analytics.plus.lexis.com
*.business.aws.lexis.com
*.api-dev.route53.lexis.com
*.cdc1c-hotdocs-advance.route53.lexis.com
*.lexis.com
*.ndp.use1-prod2.searchplatform.nl.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.content.aws.lexis.com
nucleus.lexis.com
*.lexisai.aws.lexis.com
*.content.aws.lexis.com
test.stage.analytics.plus.lexis.com
guidance.lexis.com
*.lexisai.aws.lexis.com
*.content.aws.lexis.com
risk.lexis.com
api-prod.route53.lexis.com
origin.lexis.production.ln-production.brightspot.cloud
*.lexisai.aws.lexis.com
*.content.aws.lexis.com
*.business.aws.lexis.com
*.business.aws.lexis.com
storybook-library.lexmachina.plus.lexis.com
*.product-aws-prod.nl.lexis.com
test.stage.analytics.plus.lexis.com
*.search.use1-prod3.fos3.nl.lexis.com
*.courier-deliveryor.route53.lexis.com
*.content.aws.lexis.com
*.rtis.aws.lexis.com
liamattersdev.lexis.com
*.content.aws.lexis.com
*.route53.lexis.com
*.content.aws.lexis.com
risk.lexis.com
analytics.plus.lexis.com
*.lexis360-at.use1-prod1.searchplatform.nl.lexis.com
*.content.aws.lexis.com
argocd.use1-prod1.fos3.nl.lexis.com
*.content.aws.lexis.com
test.litelytics.analytics.plus.lexis.com
*.business.aws.lexis.com
argocd.use1-prod1.fos.nl.lexis.com
sni.cloudflaressl.com
Certificate
The complete raw certificate details for *.lexisai.aws.lexis.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEizCCA3OgAwIBAgIQCOy0c8u8Yb2mQnw5APAAJzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDMyOTAwMDAwMFoXDTI0MDQyNjIzNTk1OVowIjEg MB4GA1UEAwwXKi5sZXhpc2FpLmF3cy5sZXhpcy5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDBnLtrmIQGoa4KeBC89jOrXdY/dTk3KA5YeomV1tqc PTwlrZug1SN1KocigIkk5gGdHWoLCf4lH91tbgUz1RfBG1nWOXO0ExgRDTRNR2ra LeciiV21DHSWPN4w4MEtV1+gkTNoNh4AvSxPipWHp2G/RDlw88ivx75kwKe+UES3 +eMsYnJcqcTchInF3IBEsgx5sdbXRRq1WpqsRLeRzURk2pL4nUg08inUyZIiFwVp OahnAJsv2SV4Hm+nCX4gwBb46tTtlzA1zkzrmLpDl409QwuKbl/OzpruGDaT7tm9 /i+TgGDA/H9kCBlr7sXmr523s3/smaGlREf2v91EF4O9AgMBAAGjggGhMIIBnTAf BgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUhOvAIgmx tiIa/RBJey0b2O8un/4wQAYDVR0RBDkwN4IXKi5sZXhpc2FpLmF3cy5sZXhpcy5j b22CHCoubGV4aXNhaS5hd3MubGV4aXNuZXhpcy5jb20wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAs hipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwEwYD VR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFo dHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0 dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMB Af8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA3 YjEfESdzuyxvX0HarGNOqKHivVO4qtHZY/3DmcUK+1EWdbxVtissVlpnto2G08ou 7PQyViUifypdi+TYmnioya1w9lQSmYLiRXy7y3yNaq1gSXxi/fnL0clSCczLv9UF f3Rv6cxe0jKhnzRD/4KLKq47p+P+V+XvhPSpntKsGbkIVFeUGsDnXmPIrpmkXqiR qlJBdc9yg5WL4ZVhCNHMd0XSefDgoWVsiwZiqx+m2sHEK8sLuYQDTVyeW1COmdcS EKgawouwzKASXXc/v12OoRgogF3d3VCg1mOxXoovc9CKOuMueYJq/Pl6RzJi7YUQ +3K6F84NnW7OhIIGgZLb -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZy7a5iEBqGuCngQvPYz q13WP3U5NygOWHqJldbanD08Ja2boNUjdSqHIoCJJOYBnR1qCwn+JR/dbW4FM9UX wRtZ1jlztBMYEQ00TUdq2i3nIoldtQx0ljzeMODBLVdfoJEzaDYeAL0sT4qVh6dh v0Q5cPPIr8e+ZMCnvlBEt/njLGJyXKnE3ISJxdyARLIMebHW10UatVqarES3kc1E ZNqS+J1INPIp1MmSIhcFaTmoZwCbL9kleB5vpwl+IMAW+OrU7ZcwNc5M65i6Q5eN PUMLim5fzs6a7hg2k+7Zvf4vk4BgwPx/ZAgZa+7F5q+dt7N/7JmhpURH9r/dRBeD vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11862866032914089360423129444420419623 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.lexisai.aws.lexis.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24441280342696173085034949503177507604918223770411173864489742411752729965927156803282958157947144789182943477156450284724805701856136975721457857144351822690935181334811481435510120219693511806467401628311936085387799161814169642717400153421848475921198628677497527260051635538899645839856484574304940455446682028902750288186691766066773380118099879026068257621191930026109423179463524556195365380394448164333168566147382542492147864522399816830639592683567769062473237586309062919917721243755286094445820198521219000464824180913865784271054991362101936146121047989891031089308751194243985600382913013224626649007037 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 84ebc02209b1b6221afd10497b2d1bd8ef2e9ffe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lexisai.aws.lexis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lexisai.aws.lexisnexis.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003762311f112773bb2c6f5f41daac634ea8a1e2bd53b8aad1d963fdc399c50afb511675bc55b62b2c565a67b68d86d3ca2eecf4325625227f2a5d8be4d89a78a8c9ad70f654129982e2457cbbcb7c8d6aad60497c62fdf9cbd1c95209cccbbfd5057f746fe9cc5ed232a19f3443ff828b2aae3ba7e3fe57e5ef84f4a99ed2ac19b9085457941ac0e75e63c8ae99a45ea891aa524175cf7283958be1956108d1cc7745d279f0e0a1656c8b0662ab1fa6dac1c42bcb0bb984034d5c9e5b508e99d71210a81ac28bb0cca0125d773fbf5d8ea11828805ddddd50a0d663b15e8a2f73d08a3ae32e79826afcf97a473262ed8510fb72ba17ce0d9d6ece8482068192db