tripsfe.production.us1.trips-platform-fe.klarna.net
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 02:1e:ae:9b:49:34:2f:d7:c1:7c:a7:c9:17:4c:90:7d was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tripsfe.production.us1.trips-platform-fe.klarna.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 02:1e:ae:9b:49:34:2f:d7:c1:7c:a7:c9:17:4c:90:7dSerial Number (int): 2817766339617597467084647314899112061
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: a8:3c:a8:8c:4f:ff:0c:e8:e7:1d:f3:d0:e7:e3:36:f3:67:fd:ec:de
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): e3:21:a0:33:61:f3:93:1c:c6:11:84:a3:66:55:ab:91:c8:18:a4:e9
Fingerprint (sha256): 06:d0:f9:ec:18:35:d3:65:59:11:57:cc:65:b8:e6:ce:60:8b:4e:fa:f7:2f:51:4b:10:3d:8a:2f:c6:ae:71:2c
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate tripsfe.production.us1.trips-platform-fe.klarna.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tripsfe.production.us1.trips-platform-fe.klarna.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tripsfe.production.us1.trips-platform-fe.klarna.net
trips.klarna.com
trips.klarna.com
Other certificates including the domain name klarna.net
(limited to 100 certificates)
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
skrapi-kred.nonprod.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
cards-eu.klarna.com
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
ztn-privatelink.nonprod.eu1.ztn.klarna.net
staging.eu2.lulu.klarna.net
*.tools.eu1.starbug.klarna.net
*.production.eu1.bomgar.klarna.net
*.production.ap1.cobrowse.klarna.net
*.production.eu1.moninfra.klarna.net
*.production.eu1.kollect.klarna.net
*.playground.c2c.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
skrapi-kred.nonprod.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
cards-eu.klarna.com
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
ztn-privatelink.nonprod.eu1.ztn.klarna.net
staging.eu2.lulu.klarna.net
*.tools.eu1.starbug.klarna.net
*.production.eu1.bomgar.klarna.net
*.production.ap1.cobrowse.klarna.net
*.production.eu1.moninfra.klarna.net
*.production.eu1.kollect.klarna.net
*.playground.c2c.klarna.net
Certificate
The complete raw certificate details for tripsfe.production.us1.trips-platform-fe.klarna.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJjCCBQ6gAwIBAgIQAh6um0k0L9fBfKfJF0yQfTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMDkyNjAwMDAwMFoXDTI0MTAyNDIzNTk1OVowPjE8 MDoGA1UEAxMzdHJpcHNmZS5wcm9kdWN0aW9uLnVzMS50cmlwcy1wbGF0Zm9ybS1m ZS5rbGFybmEubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jlx Wdmx5W7MypTjTHJwV7+FAU3THCLRoI1HAve3Tjl8DqffWof+7EJ+2Dq8VKql7Xkf looNXstJAmC+Y0HGNZZ6bn76lWmF43kYhdwaXQRmTkTt32kfC/ZbSJ9PUumeBgZH CYwXfYPBsmQuYZsVO4vaUWFsWgJKKi2mDcUJ+SkkP6ctaGU+NaiscaTp0hhPFG+c ivXFGWHgm5NyDXmDTiwt5c+WE84PKX37bQf4tv0/tgkwWQ4Rv4HWb4qmTJQBdxnf NWEsGc6psNRwVsgNqU0aUA4Ko4xfDxu0s02PwHE/jrNt3iJhd36iYpZMde0A6dbY xdQnFXVHEVyu125srQIDAQABo4IDIDCCAxwwHwYDVR0jBBgwFoAUVdkYX9IczAHh WLS+q9lVQgHXLgIwHQYDVR0OBBYEFKg8qIxP/wzo5x3z0OfjNvNn/ezeMFAGA1Ud EQRJMEeCM3RyaXBzZmUucHJvZHVjdGlvbi51czEudHJpcHMtcGxhdGZvcm0tZmUu a2xhcm5hLm5ldIIQdHJpcHMua2xhcm5hLmNvbTATBgNVHSAEDDAKMAgGBmeBDAEC ATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1hem9udHJ1c3Qu Y29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6 Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDov L2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwGA1UdEwEB/wQC MAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AO7N0GTV2xrOxVy3nbTNE6Iy h0Z8vOzew1FIWUZxH7WbAAABitEYKakAAAQDAEcwRQIhAKmsJoX2/jn0IIRE/3R1 Q7T5ulvtkeV/qq8yhkB6x999AiBjjUB7GqPe0Vqof6mh9BnqaYQZrVHKRctpemSx tCqMIAB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABitEYKaAA AAQDAEgwRgIhAPbY8EeyaKwsssMyto5lMyOJt7diersfk2hAMNm8SSfjAiEA9rcc PBwXNcllFeQjF9Nckcm6xJPfzU7Lom+vsCa8t54AdwDatr9rP7W2Ip+bwrtca+hw kXFsu1GEhTS9pD0wSNf7qwAAAYrRGCluAAAEAwBIMEYCIQDc34cp6xmuN8VyGQcI 07LK5guzu/u5WmkeGRYRCCrzaAIhALYjSRlwOpILQhqXZPpCqNdCP4ptV0tpbt60 nAC7pnMEMA0GCSqGSIb3DQEBCwUAA4IBAQAbiMR+X//3pkyIwzCVHfROXDRr4oQR Tc8HKJToLi+2T45K5lsiQxEug6NxMsjMAGpoq5dYuU5KLPTqY17znysI4Q152Q+x VaxkPvTCKhZkdzwfYWfCL3GTDwnznwNGTE67jWCZ3LoRy7/hKtcynXRnlL658ric O4u4ZMgMIpWRJwqWgbslHWC1Asp/yq11mPrMi3WXix2KF1Hfv9xthQUADHgx03Dw lCZLCJgtzvG/NefM6EYAfXIciavaW+4z0YBjIV+d2l62RoPKecbeTbEABpfXQdMj UxGROkdn60OQXPzmbFXHdTpDzbG13FYsEgERcmMzdd0QOrl0sm643X5R -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jlxWdmx5W7MypTjTHJw V7+FAU3THCLRoI1HAve3Tjl8DqffWof+7EJ+2Dq8VKql7XkflooNXstJAmC+Y0HG NZZ6bn76lWmF43kYhdwaXQRmTkTt32kfC/ZbSJ9PUumeBgZHCYwXfYPBsmQuYZsV O4vaUWFsWgJKKi2mDcUJ+SkkP6ctaGU+NaiscaTp0hhPFG+civXFGWHgm5NyDXmD Tiwt5c+WE84PKX37bQf4tv0/tgkwWQ4Rv4HWb4qmTJQBdxnfNWEsGc6psNRwVsgN qU0aUA4Ko4xfDxu0s02PwHE/jrNt3iJhd36iYpZMde0A6dbYxdQnFXVHEVyu125s rQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2817766339617597467084647314899112061 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tripsfe.production.us1.trips-platform-fe.klarna.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29063136231387133010152436580025390957735092175057136000663084156941787001049139235038398132233639935341617017510853609236262176387264035684485542552664362234111926809549103740676058107044583766902132895357795157237586946992461380773746462508848214385566169469447285868632771255646480919441591487502568071865331125116559681014868402877637512016433390541374166541923227885151633882345973955418224160175872122256607249563282614972412575605399981107415242956330261248421743139159879026594524675249801630961236700413030773298210955539925580399222848349566846119831481952832089739732917093108633268120075444002763641351341 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a83ca88c4fff0ce8e71df3d0e7e336f367fdecde . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripsfe.production.us1.trips-platform-fe.klarna.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trips.klarna.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ad11829a90000040300473045022100a9ac2685f6fe39f4208444ff747543b4f9ba5bed91e57faaaf3286407ac7df7d0220638d407b1aa3ded15aa87fa9a1f419ea698419ad51ca45cb697a64b1b42a8c2000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ad11829a00000040300483046022100f6d8f047b268ac2cb2c332b68e65332389b7b7627abb1f93684030d9bc4927e3022100f6b71c3c1c1735c96515e42317d35c91c9bac493dfcd4ecba26fafb026bcb79e007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad118296e0000040300483046022100dcdf8729eb19ae37c572190708d3b2cae60bb3bbfbb95a691e191611082af368022100b6234919703a920b421a9764fa42a8d7423f8a6d574b696edeb49c00bba67304 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001b88c47e5ffff7a64c88c330951df44e5c346be284114dcf072894e82e2fb64f8e4ae65b2243112e83a37132c8cc006a68ab9758b94e4a2cf4ea635ef39f2b08e10d79d90fb155ac643ef4c22a1664773c1f6167c22f71930f09f39f03464c4ebb8d6099dcba11cbbfe12ad7329d746794beb9f2b89c3b8bb864c80c229591270a9681bb251d60b502ca7fcaad7598facc8b75978b1d8a1751dfbfdc6d8505000c7831d370f094264b08982dcef1bf35e7cce846007d721c89abda5bee33d18063215f9dda5eb64683ca79c6de4db1000697d741d3235311913a4767eb43905cfce66c55c7753a43cdb1b5dc562c12011172633375dd103ab974b26eb8dd7e51