corp.kaltura.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0d:e7:11:32:cc:8b:8b:ce:24:8f:f0:bd:72:dd:9b:65 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=corp.kaltura.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:e7:11:32:cc:8b:8b:ce:24:8f:f0:bd:72:dd:9b:65Serial Number (int): 18479733345200482225639937759657171813
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: b6:b1:d4:11:6d:83:be:79:11:37:1e:8b:b9:15:a5:a5:51:42:22:e0
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 5e:b9:da:97:45:e3:f9:dc:2f:84:c2:e0:8b:ad:d3:4f:cd:a2:1b:43
Fingerprint (sha256): 06:d1:db:e4:a8:19:76:65:a7:5f:9c:74:d2:23:01:2a:65:87:d4:4e:12:b3:c0:ca:54:a7:b7:c0:e9:64:1e:9c
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate corp.kaltura.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for corp.kaltura.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
corp.kaltura.com
*.corp.kaltura.com
*.kaltura.com
*.corp.kaltura.com
*.kaltura.com
Other certificates including the domain name kaltura.com
(limited to 100 certificates)
clarity.status.broadcom.com
nagra-drm-proxy-vpn-orp1.ott.kaltura.com
u2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ez.fukuoka.status.ricoh.com
rest-vfs1.ott.kaltura.com
*.ott.kaltura.com
u2.shared.global.fastly.net
incapsula.com
cms-corp.kaltura.com
canada.status.coconutsoftware.com
newrelic.kstars.org
ez.fukuoka.status.ricoh.com
prospective.shared.global.fastly.net
prospective.shared.global.fastly.net
gij.gitkrakenstatus.com
images-nl.ott.kaltura.com
status.activtrak.com
u2.shared.global.fastly.net
u2.shared.global.fastly.net
rest-vfs1.ott.kaltura.com
u2.shared.global.fastly.net
us-east-1-san4.blackboard.com
u2.shared.global.fastly.net
impactstatus.validic.com
impactstatus.validic.com
canada.status.coconutsoftware.com
covid-19-status.anexia.com
u2.shared.global.fastly.net
newrelic.kstars.org
prospective.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
apicdn.sg.kaltura.com
canada.status.coconutsoftware.com
university.kaltura.com
pingdom-check.acmeapi.co
incapsula.com
rest-vfp1.ott.kaltura.com
estado.medios.com.ar
u2.shared.global.fastly.net
vpaas.kaltura.com
*.ott.kaltura.com
estado.medios.com.ar
newrelic.kstars.org
u2.shared.global.fastly.net
u2.shared.global.fastly.net
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
*.eu.kaltura.com
impactstatus.validic.com
leapfrog-ssl-42.gcs-web.com
dns-vetting1-jeffg-noah.map.fastly.net
us-east-1-san4.blackboard.com
mediaspace.kaltura.com
chat.nvp1.ovp.kaltura.com
u2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
impactstatus.validic.com
u2.shared.global.fastly.net
canvas.kaltura.com
u2.shared.global.fastly.net
dev.mw.smart-integration.status.ricoh.com
*.here.tv
dns-vetting1-jeffg-noah.map.fastly.net
corp.kaltura.com
6bd21a3c.status.cleafy.cloud
drm-vfp1.ott.kaltura.com
u2.shared.global.fastly.net
prospective.shared.global.fastly.net
prospective.shared.global.fastly.net
u2.shared.global.fastly.net
ez.fukuoka.status.ricoh.com
prospective.shared.global.fastly.net
u2.shared.global.fastly.net
drm-vfp1.ott.kaltura.com
clarity.status.broadcom.com
*.ott.kaltura.com
canada.status.coconutsoftware.com
prospective.shared.global.fastly.net
connect.kaltura.com
impactstatus.validic.com
u2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
leapfrog-ssl-42.gcs-web.com
ez.fukuoka.status.ricoh.com
u2.shared.global.fastly.net
canada.status.coconutsoftware.com
static-vfp1.ott.kaltura.com
newrelic.kstars.org
drm-vfp1.ott.kaltura.com
prospective.shared.global.fastly.net
u2.shared.global.fastly.net
compass.status.atlassian.com
canada.status.coconutsoftware.com
estado.medios.com.ar
estado.medios.com.ar
statuspage.io
cms-corp.kaltura.com
tvpapi-vfp1.ott.kaltura.com
tvpapi-vfp1.ott.kaltura.com
nagra-drm-proxy-vpn-orp1.ott.kaltura.com
u2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ez.fukuoka.status.ricoh.com
rest-vfs1.ott.kaltura.com
*.ott.kaltura.com
u2.shared.global.fastly.net
incapsula.com
cms-corp.kaltura.com
canada.status.coconutsoftware.com
newrelic.kstars.org
ez.fukuoka.status.ricoh.com
prospective.shared.global.fastly.net
prospective.shared.global.fastly.net
gij.gitkrakenstatus.com
images-nl.ott.kaltura.com
status.activtrak.com
u2.shared.global.fastly.net
u2.shared.global.fastly.net
rest-vfs1.ott.kaltura.com
u2.shared.global.fastly.net
us-east-1-san4.blackboard.com
u2.shared.global.fastly.net
impactstatus.validic.com
impactstatus.validic.com
canada.status.coconutsoftware.com
covid-19-status.anexia.com
u2.shared.global.fastly.net
newrelic.kstars.org
prospective.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
apicdn.sg.kaltura.com
canada.status.coconutsoftware.com
university.kaltura.com
pingdom-check.acmeapi.co
incapsula.com
rest-vfp1.ott.kaltura.com
estado.medios.com.ar
u2.shared.global.fastly.net
vpaas.kaltura.com
*.ott.kaltura.com
estado.medios.com.ar
newrelic.kstars.org
u2.shared.global.fastly.net
u2.shared.global.fastly.net
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
*.eu.kaltura.com
impactstatus.validic.com
leapfrog-ssl-42.gcs-web.com
dns-vetting1-jeffg-noah.map.fastly.net
us-east-1-san4.blackboard.com
mediaspace.kaltura.com
chat.nvp1.ovp.kaltura.com
u2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
impactstatus.validic.com
u2.shared.global.fastly.net
canvas.kaltura.com
u2.shared.global.fastly.net
dev.mw.smart-integration.status.ricoh.com
*.here.tv
dns-vetting1-jeffg-noah.map.fastly.net
corp.kaltura.com
6bd21a3c.status.cleafy.cloud
drm-vfp1.ott.kaltura.com
u2.shared.global.fastly.net
prospective.shared.global.fastly.net
prospective.shared.global.fastly.net
u2.shared.global.fastly.net
ez.fukuoka.status.ricoh.com
prospective.shared.global.fastly.net
u2.shared.global.fastly.net
drm-vfp1.ott.kaltura.com
clarity.status.broadcom.com
*.ott.kaltura.com
canada.status.coconutsoftware.com
prospective.shared.global.fastly.net
connect.kaltura.com
impactstatus.validic.com
u2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
leapfrog-ssl-42.gcs-web.com
ez.fukuoka.status.ricoh.com
u2.shared.global.fastly.net
canada.status.coconutsoftware.com
static-vfp1.ott.kaltura.com
newrelic.kstars.org
drm-vfp1.ott.kaltura.com
prospective.shared.global.fastly.net
u2.shared.global.fastly.net
compass.status.atlassian.com
canada.status.coconutsoftware.com
estado.medios.com.ar
estado.medios.com.ar
statuspage.io
cms-corp.kaltura.com
tvpapi-vfp1.ott.kaltura.com
tvpapi-vfp1.ott.kaltura.com
Certificate
The complete raw certificate details for corp.kaltura.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8TCCBNmgAwIBAgIQDecRMsyLi84kj/C9ct2bZTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDQyODAwMDAwMFoXDTI1MDUyODIzNTk1OVowGzEZ MBcGA1UEAxMQY29ycC5rYWx0dXJhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAODk7pTaWAwApB9P9jBotRSjllFQRX6xcXzHAYVrpLSVQGuye610 IY32MH9owe0vUcvREt6P51vlqmndCUiGuTHQvOmAdBiV37ffX7VcrYURYApa8Tar gNiL8g/t3TaNS8O349qaRc25zXshoSJ2tEFM8A01D0CQVwSxRGbMmhIQ2CeDZCc0 bc7mA3+L8GZ0s5nFnQZHRqTo8Czk/4KgmFlREdnHLtGIgzG5ME1xb6UcpLpWWyYe k6X/0BPxzmU2My2+mEyweDuC4EBU6dwTPVYtmxVfmx4DSgstQS7gNre/vhUcpntL rIWqY7vG2+I1xz5tZCRMRUyZPO1G//0jeDkCAwEAAaOCAw4wggMKMB8GA1UdIwQY MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBS2sdQRbYO+eRE3Hou5 FaWlUUIi4DA+BgNVHREENzA1ghBjb3JwLmthbHR1cmEuY29tghIqLmNvcnAua2Fs dHVyYS5jb22CDSoua2FsdHVyYS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNV HR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9y Mm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2Nz cC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQu cjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIB gAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuN acCx+mSxYpo53wAAAY8ix5y4AAAEAwBHMEUCIHmU0FE7gb+J27fLEwsuw8dWZIZW UUjbZhx4ZmvAp3KAAiEAnie2P7CaMGgf2a9UC7pzn1Cqms1ucQu9yXnCQ1nqVGwA dwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY8ix5yVAAAEAwBI MEYCIQDTth6AApUnS3Vx5RpTU9kBvfHyGI7uFaYRs0kBWYKMkAIhAJhYiBLMXKAk BS28z0fJq/FK7zmc4IsUNKBMYIFCTGkIAHcA5tIxY0B3jMEQQQbXcbnOwdJA9paE hvu6hzId/R43jlAAAAGPIsecqQAABAMASDBGAiEA7NQOoqBPvxoaliCI9W0e4sV2 6Zo4po5A1lAS3NvJ+lgCIQDE+ZbvglXyP9AIGnISCpGUTAkTuwXvDFuvT11ct8sC nDANBgkqhkiG9w0BAQsFAAOCAQEAdmZa7Y+E0uREZvsu26s+yzJKYTCoAesZcHwz XFC5mYydmUuG8I0bOlbOfAQOCtCkjiJvVF6zqUeXbgB13FZ4SU1Q5roZNVXnVzga lJbECNFTJp9IJsr+n9dcCZvxyJ77oaQzte8GRZp5L18peS0qh3qK7vMQWCLgUdYx Fjyds9nougwqjbGBi/BdczJTm8MkkSozRbaB6v2LMU4LeksXEkKdbWMdSgTI2t2u uH4e3V10gbFBhwLjQs7hd5Py2Qjik8U2maAIaIRZwTUYOwQpDePk9O2DYXisIjpM 1muT4Jfq/JiQXIqqi2eJxyLNEDniKENXXvAN21IaMLb17t8JMA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OTulNpYDACkH0/2MGi1 FKOWUVBFfrFxfMcBhWuktJVAa7J7rXQhjfYwf2jB7S9Ry9ES3o/nW+Wqad0JSIa5 MdC86YB0GJXft99ftVythRFgClrxNquA2IvyD+3dNo1Lw7fj2ppFzbnNeyGhIna0 QUzwDTUPQJBXBLFEZsyaEhDYJ4NkJzRtzuYDf4vwZnSzmcWdBkdGpOjwLOT/gqCY WVER2ccu0YiDMbkwTXFvpRykulZbJh6Tpf/QE/HOZTYzLb6YTLB4O4LgQFTp3BM9 Vi2bFV+bHgNKCy1BLuA2t7++FRyme0ushapju8bb4jXHPm1kJExFTJk87Ub//SN4 OQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18479733345200482225639937759657171813 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'corp.kaltura.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28390270868777510242246475931329045376037006196881476028919185260566888109861620111835033690574980854118406393614172431863972446901450203213592980395929374788240117470273458325933523508407165482927878309658763026468166036185152345210085643471594437513384615266125876343406393583027485426275235508002112306357461986008439022246040999088532029456871242613050179597546264522710292826603723936438885321240694251474848816621283646518964757320306255876027031879383586255078581930710755217132984518550180552358486411240166297791927573084189727362328554439221554189154322982180035979915997660132860211965329892248624749049913 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b6b1d4116d83be7911371e8bb915a5a5514222e0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corp.kaltura.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.corp.kaltura.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kaltura.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f22c79cb8000004030047304502207994d0513b81bf89dbb7cb130b2ec3c7566486565148db661c78666bc0a772800221009e27b63fb09a30681fd9af540bba739f50aa9acd6e710bbdc979c24359ea546c0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f22c79c950000040300483046022100d3b61e800295274b7571e51a5353d901bdf1f2188eee15a611b3490159828c9002210098588812cc5ca024052dbccf47c9abf14aef399ce08b1434a04c6081424c6908007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f22c79ca90000040300483046022100ecd40ea2a04fbf1a1a962088f56d1ee2c576e99a38a68e40d65012dcdbc9fa58022100c4f996ef8255f23fd0081a72120a91944c0913bb05ef0c5baf4f5d5cb7cb029c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0076665aed8f84d2e44466fb2edbab3ecb324a6130a801eb19707c335c50b9998c9d994b86f08d1b3a56ce7c040e0ad0a48e226f545eb3a947976e0075dc5678494d50e6ba193555e757381a9496c408d153269f4826cafe9fd75c099bf1c89efba1a433b5ef06459a792f5f29792d2a877a8aeef3105822e051d631163c9db3d9e8ba0c2a8db1818bf05d7332539bc324912a3345b681eafd8b314e0b7a4b1712429d6d631d4a04c8daddaeb87e1edd5d7481b1418702e342cee17793f2d908e293c53699a008688459c135183b04290de3e4f4ed836178ac223a4cd66b93e097eafc98905c8aaa8b6789c722cd1039e22843575ef00ddb521a30b6f5eedf0930