token-service.payments-aws-cde-prod.aws.oath.cloud

Issued by Amazon

About this certificate

This digital certificate with serial number 08:c4:65:15:16:b5:9d:0c:22:ae:3c:30:de:d4:14:ba was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=token-service.payments-aws-cde-prod.aws.oath.cloud

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 08:c4:65:15:16:b5:9d:0c:22:ae:3c:30:de:d4:14:ba
Serial Number (int): 11653564344741762241503921734784652474
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 84:6d:34:5a:51:fe:90:b9:b1:07:cd:18:ae:ea:ba:10:6f:81:26:7b
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 34:ba:f1:f7:61:84:3f:aa:5b:55:91:94:af:cc:96:e0:19:c4:67:34
Fingerprint (sha256): 06:cc:16:bd:37:27:7b:e5:64:35:a2:4d:27:78:94:9f:aa:d1:fb:ce:bd:88:b2:ed:b6:8d:a9:0b:d9:25:35:32

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate token-service.payments-aws-cde-prod.aws.oath.cloud

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for token-service.payments-aws-cde-prod.aws.oath.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

token-service.payments-aws-cde-prod.aws.oath.cloud

Other certificates including the domain name oath.cloud

(limited to 100 certificates)
sonar.subscriptions-obi-fe-aws-dev.aws.oath.cloud
token-iws-proxy.payments-aws-stg.aws.oath.cloud
splunk-srch-hd.subscriptions-devops-obi-aws-dev.aws.oath.cloud
tagcache.one-mobile-prod.aws.oath.cloud
*.vpa2.aws.oath.cloud
vp56agpfbf27kfdfk3qfnb6bjgadju44x.public.vespa.oath.cloud
partneradservice.search-web-dm-staging.aws.oath.cloud
*.video-platform-splunk.aws.oath.cloud
*.comms-notifications-prod.aws.oath.cloud
token-service.payments-aws-stg.aws.oath.cloud
demo-ui.payments-aws-services-stg.aws.oath.cloud
ssp-dev-ats-test.one-mobile-dev.aws.oath.cloud
*.video-data-platform-prod.aws.oath.cloud
atlantis.uplynk-inf.aws.oath.cloud
splunk-indexer.ec-horizontal-rewards-tools.aws.oath.cloud
splunk-indexer.ec-horizontal-rewards-dev-tools.aws.oath.cloud
beta1-policies.yahoo.com
one-central-api-qa-mse-eks.mse-dev.aws.oath.cloud
*.video-stage.aws.oath.cloud
partneradservice.aws-oath-domain-match-us-mbst.aws.oath.cloud
*.autos.yahoo.com
member-pulse-push.customer-care-voc-aws-dev.aws.oath.cloud
splunk-srch-hd.subscriptions-lca-content-aws-dev.aws.oath.cloud
abumedia-aws-partner.aws.oath.cloud
*.oath-marketing-verizonmedia-production.aws.oath.cloud
vwok3l4cd6wznlc5iwdglhkdrrwmetgys.public.vespa.oath.cloud
search-ui.payments-aws-services-stg.aws.oath.cloud
*.srs-dev.pcp.aws.oath.cloud
jef-ui-bdp.aolp-ds-dev.aws.oath.cloud
jenkins-master.one-mobile-dev.aws.oath.cloud
*.paranoids-cloudsec-fail.aws.oath.cloud
varfbm5bestuka7uvgajs36qsvm4j3r6z.public.vespa.oath.cloud
inbox-service.payments-aws-cde-stg.aws.oath.cloud
*.home-maudette.aws.oath.cloud
token-iws-proxy.payments-aws-dev.aws.oath.cloud
v6ptdyponqnkh74iz3pigob72xsio3re4.vespa.oath.cloud
*.www.yahoo.com
token-iws-proxy.payments-aws-stg.aws.oath.cloud
id-ds.corp.aol.com
data-collector.payments-aws-services-prod.aws.oath.cloud
id.b2b.oath.com
qa-srs-api.pcp.aws.oath.cloud
*.artifactory-sandbox.aws.oath.cloud
*.global.vespa.yahooapis.com
splunk.ec-horizontal-rewards-tools.aws.oath.cloud
token-iws-proxy.payments-aws-stg.aws.oath.cloud
*.broker.aolp-ds-prd.aws.oath.cloud
vxjzjakdi3o7npascqumixvqycimmqcz4.public-cd.vespa.oath.cloud
*.ivn-vibe-dev.aws.oath.cloud
demo-ui.payments-aws-services-stg.aws.oath.cloud
*.geneva-server.one-mobile-dev.aws.oath.cloud
brana-api.aws-oath-fires-brana-prod.aws.oath.cloud
streamer.finance.yahoo.com
mss-api.mss-dev.aws.oath.cloud
partneradservice.aws-oath-domain-match-us-mbst.aws.oath.cloud
qai-omni-broker.us-east-1b.aolp-ds-dev.aws.oath.cloud
*.video-data-platform-dev.aws.oath.cloud
yho.com
jp.techcrunch.com
sdk.yahooinc.com
qa-jef-api.dmp.us-east-1.aolp-ds-dev.aws.oath.cloud
one4p-data-ingest.cross-platform-analytics-alephd.aws.oath.cloud
chemtrail.home-ccannell.aws.oath.cloud
jenkins-master.one-mobile-dev.aws.oath.cloud
inbox-service.payments-aws-cde-dev.aws.oath.cloud
tls.subscriptions-devops-aws-dev.aws.oath.cloud
*.srs-prod.pcp.aws.oath.cloud
cd.donbot.mortent.global.vespa.oath.cloud
druid-dev-us-east-1.dcs-audience-insights-dev.aws.oath.cloud
staging.autoblog.com
*.alpo.mail.aol.com
stage.tokenmanager.finance.yahooapis.com
*.autos.yahoo.com
sports.yahoo.com
splunk-srch.subscriptions-devops-access-aws-dev.aws.oath.cloud
tls.subscriptions-devops-aws-dev.aws.oath.cloud
splunk-indexer.payments-aws-tools-dev.aws.oath.cloud
internal.ups-prod-vzm.ap-southeast-1.aolp-ds-prd.aws.oath.cloud
redash.pcp-aws-redash.aws.oath.cloud
v7fbrygd6estm3f7uultqjhlvlwrij6qg.vespa.oath.cloud
subs.communications.yahoo.com
id-uat.b2b.yahooinc.com
dmp-off-ingest.aolp-ds-prd.aws.oath.cloud
v6rprg4ffmjfi4zqz2pr32kvrfzqagzuf.vespa.oath.cloud
cdn.payments-aws-obi-cdn.aws.oath.cloud
*.onecreative.aws.oath.cloud
vvpyjwrconn4s3genqpo5wijznctuffmw.vespa.oath.cloud
vlne5srwzhcapsjlcuxw7x3iasz2czp5j.vespa.oath.cloud
bid.oath-exchange-dev.aws.oath.cloud
dmp-off-ingest-qai.aolp-ds-dev.aws.oath.cloud
dtm-origin.aolp-ds-prd.aws.oath.cloud
dooh-location-api.aws-oath-fires-brana-prod.aws.oath.cloud
railplitter.flurry-stg.aws.oath.cloud
grpc.tritonserver.search-web-qlas.aws.oath.cloud
token-service.payments-aws-cde-prod.aws.oath.cloud
ycm-receiver-dev-hx.ycm-aws-devel.aws.oath.cloud
*.c2s-sa-production.aws.oath.cloud
verizon-native-protocol-service.one-mobile-prod.aws.oath.cloud
token-service.payments-aws-stg.aws.oath.cloud
vqfjxpkobwsidxbiqtr5t7bsn2i45zumr.public-cd.vespa.oath.cloud

Certificate

The complete raw certificate details for token-service.payments-aws-cde-prod.aws.oath.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEujCCA6KgAwIBAgIQCMRlFRa1nQwirjww3tQUujANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAyMDEwMDAwMDBaFw0yMTAzMDEx
MjAwMDBaMD0xOzA5BgNVBAMTMnRva2VuLXNlcnZpY2UucGF5bWVudHMtYXdzLWNk
ZS1wcm9kLmF3cy5vYXRoLmNsb3VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMSxDwx0orpVOLcOjbgi3LCrky0FaYSKYXYW+3vzQamx2u5ThHY4Z+ZI
j8JuBRM1PsfyfvG3JhaY0KFrMlCUxXoWjDVaBKcTR77Y/8XKjHLrQ5BQCBQeZBoN
t3JK9Zhiogr7aQDSxRp1JPJ3iOlMWHFzKDoF+byRkXO35mK3OhM3XT7TyB7UIKKb
dBAhYIaM7rumquiAOxvdQZEcMNp2RysczZmfbdASVtMTUd+9j2q/fMkQirJIib/7
9qcyBx3+2CPux0BUccp3VVwlrLB73zMimx1YrSmQnjodCrBStYTxKvtr1Eq53H1Q
ZCR2g4DIyBFugBUI+1I1DY3p2MJcCQIDAQABo4IBqzCCAacwHwYDVR0jBBgwFoAU
WaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFIRtNFpR/pC5sQfNGK7quhBv
gSZ7MD0GA1UdEQQ2MDSCMnRva2VuLXNlcnZpY2UucGF5bWVudHMtYXdzLWNkZS1w
cm9kLmF3cy5vYXRoLmNsb3VkMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5z
Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZI
AYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0
dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0
cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB
/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAAFd
gVIE80jJzfdTlkzZzmkkCofzL1DrFK3rCKdxK+PtYWdkHwc4R7enAgObK0rp2oX2
lUO6IXroogUGkOzZPyukq8BmmvRLVuW0Z1HzpKH6eBUjq6z4uY9A84Ltmyt4aAW7
W81q97orbjSAmGhteYThJPQSxXlgRfIKuuhLix8W74I2z/U2cggLuY4AB4hmQXD3
uEtkhBJV9QR9dkef5kJcbPOfZ1K/iugqbwZXXlqb/bZPmFtlUsEvX49RbX0hxxJr
mVarjvHDf3gzAMS/rChYuADEv79iROpRSDNCAR5Cpj7Pf3cS9cXktmCREh797Dhm
aqvFj/RoAg30NtCUMo4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMSxDwx0orpVOLcOjbgi
3LCrky0FaYSKYXYW+3vzQamx2u5ThHY4Z+ZIj8JuBRM1PsfyfvG3JhaY0KFrMlCU
xXoWjDVaBKcTR77Y/8XKjHLrQ5BQCBQeZBoNt3JK9Zhiogr7aQDSxRp1JPJ3iOlM
WHFzKDoF+byRkXO35mK3OhM3XT7TyB7UIKKbdBAhYIaM7rumquiAOxvdQZEcMNp2
RysczZmfbdASVtMTUd+9j2q/fMkQirJIib/79qcyBx3+2CPux0BUccp3VVwlrLB7
3zMimx1YrSmQnjodCrBStYTxKvtr1Eq53H1QZCR2g4DIyBFugBUI+1I1DY3p2MJc
CQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11653564344741762241503921734784652474
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-01 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'token-service.payments-aws-cde-prod.aws.oath.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22819887154491201536815721804025427256366387929840460099744745649175138131199606788712829607354745916220201248496612541491997745801089194045762999783328701722792421451724950465707770618817411396764647613927549883758346423801243541024677589890892043639392006174389847732829625243189484344183083176981535338975805801637707791148473951409687584231310755116546458993746821031222017638332614442385342203503927829616671143369151844365018748268270393091844968084881330975885151712288403733147487918741245776104104209068784982799308827128776107102439243559584015843785956568226004162644220351854569265179085236060360978619401
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							846d345a51fe90b9b107cd18aeeaba106f81267b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'token-service.payments-aws-cde-prod.aws.oath.cloud'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00015d815204f348c9cdf753964cd9ce69240a87f32f50eb14adeb08a7712be3ed6167641f073847b7a702039b2b4ae9da85f69543ba217ae8a2050690ecd93f2ba4abc0669af44b56e5b46751f3a4a1fa781523abacf8b98f40f382ed9b2b786805bb5bcd6af7ba2b6e348098686d7984e124f412c5796045f20abae84b8b1f16ef8236cff53672080bb98e000788664170f7b84b64841255f5047d76479fe6425c6cf39f6752bf8ae82a6f06575e5a9bfdb64f985b6552c12f5f8f516d7d21c7126b9956ab8ef1c37f783300c4bfac2858b800c4bfbf6244ea51483342011e42a63ecf7f7712f5c5e4b66091121efdec38666aabc58ff468020df436d094328e