iknowchurch.co.uk
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0a:85:24:74:e0:9c:74:08:11:52:7a:e6:40:84:26:89 was issued on by Amazon.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=iknowchurch.co.uk
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:85:24:74:e0:9c:74:08:11:52:7a:e6:40:84:26:89Serial Number (int): 13983594866760656489606387756939093641
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: bb:cd:47:98:d4:42:72:b1:6b:06:31:fc:43:f6:42:39:3d:38:90:a3
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 17:5d:11:9b:71:dd:ed:3d:c3:18:ad:05:ec:79:58:b7:da:37:d8:57
Fingerprint (sha256): 07:21:2d:cb:1b:ed:df:9b:06:e0:c7:70:88:a8:29:1b:5d:9d:6e:48:30:30:41:c2:6c:33:cd:c8:b3:55:0f:2f
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate iknowchurch.co.uk
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for iknowchurch.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
iknowchurch.co.uk
www.support.iknowchurch.co.uk
support.iknowchurch.co.uk
www.iknowchurch.co.uk
www.support.iknowchurch.co.uk
support.iknowchurch.co.uk
www.iknowchurch.co.uk
Other certificates including the domain name iknowchurch.co.uk
(limited to 100 certificates)
systemstatus.rrc.ca
status.hpiinc.com
status.digitary.net
systemstatus.rrc.ca
status.stability.ai
status.dutchmillerauto.com
healthstatus.clinicmaster.com
status.cofh.org
iknowchurch.co.uk
healthstatus.clinicmaster.com
statusp.dotdigital.com
stg.dotdigitalstatus.com
statuspage.vantage.online
support.iknowchurch.co.uk
status.fmgsuite.com
site-status.motor.com
iknowchurch.co.uk
systemstatus.rrc.ca
systemstatus.rrc.ca
status.esafetysystems.com
status-salus-eu.uleeco.com
iknowchurch.co.uk
status.bairdwarner.com
status.ssactivewear.com
healthstatus.clinicmaster.com
status.reliancenetwork.com
systemstatus.rrc.ca
status.iknowchurch.co.uk
systemstatus.rrc.ca
status.crewbuilder.ca
status.bairdwarner.com
caloes-status.ravemobilesafety.com
status.c9cg.com
iknowchurch.co.uk
status.esafetysystems.com
systemstatus.rrc.ca
status.ssactivewear.com
wobily.noc.cloudi.cloud
systemstatus.rrc.ca
status.stability.ai
status.crewbuilder.ca
support.iknowchurch.co.uk
status.reliancenetwork.com
stg.dotdigitalstatus.com
systemstatus.rrc.ca
status.internal.clear.co
status.sabbagradiologos.com
status.clear.co
systemstatus.rrc.ca
status.platform.creditxpert.com
status.myfundingchoices.com
systemstatus.rrc.ca
statusp.dotdigital.com
status-ca-gtassurancetool.gtil.gt.com
status.daydev.lol
status.mojeek.com
iknowchurch.co.uk
status.explaineverything.com
www.iknowchurch.co.uk
systemstatus.rrc.ca
status.dornerworks.com
status.powerdmarc.com
status.cofh.org
wobily.noc.cloudi.cloud
status.daydev.lol
site-status.motor.com
status.fmgsuite.com
status.snapcraft.io
status.powerdmarc.com
systemstatus.rrc.ca
status.myfundingchoices.com
systemstatus.rrc.ca
status.mojeek.com
status.statusiq.com
status.stability.ai
status.clear.co
status.digitary.net
systemstatus.rrc.ca
iknowchurch.co.uk
systemstatus.rrc.ca
www.iknowchurch.co.uk
status.hpiinc.com
healthstatus.clinicmaster.com
status.iknowchurch.co.uk
status.dornerworks.com
status-salus-eu.uleeco.com
systemstatus.rrc.ca
systemstatus.rrc.ca
statusp.dotdigital.com
iknowchurch.co.uk
status.esafetysystems.com
systemstatus.rrc.ca
status.snapcraft.io
support.iknowchurch.co.uk
iknowchurch.co.uk
stg.dotdigitalstatus.com
systemstatus.rrc.ca
support.iknowchurch.co.uk
netops.townofdewitt.com
healthstatus.clinicmaster.com
status.hpiinc.com
status.digitary.net
systemstatus.rrc.ca
status.stability.ai
status.dutchmillerauto.com
healthstatus.clinicmaster.com
status.cofh.org
iknowchurch.co.uk
healthstatus.clinicmaster.com
statusp.dotdigital.com
stg.dotdigitalstatus.com
statuspage.vantage.online
support.iknowchurch.co.uk
status.fmgsuite.com
site-status.motor.com
iknowchurch.co.uk
systemstatus.rrc.ca
systemstatus.rrc.ca
status.esafetysystems.com
status-salus-eu.uleeco.com
iknowchurch.co.uk
status.bairdwarner.com
status.ssactivewear.com
healthstatus.clinicmaster.com
status.reliancenetwork.com
systemstatus.rrc.ca
status.iknowchurch.co.uk
systemstatus.rrc.ca
status.crewbuilder.ca
status.bairdwarner.com
caloes-status.ravemobilesafety.com
status.c9cg.com
iknowchurch.co.uk
status.esafetysystems.com
systemstatus.rrc.ca
status.ssactivewear.com
wobily.noc.cloudi.cloud
systemstatus.rrc.ca
status.stability.ai
status.crewbuilder.ca
support.iknowchurch.co.uk
status.reliancenetwork.com
stg.dotdigitalstatus.com
systemstatus.rrc.ca
status.internal.clear.co
status.sabbagradiologos.com
status.clear.co
systemstatus.rrc.ca
status.platform.creditxpert.com
status.myfundingchoices.com
systemstatus.rrc.ca
statusp.dotdigital.com
status-ca-gtassurancetool.gtil.gt.com
status.daydev.lol
status.mojeek.com
iknowchurch.co.uk
status.explaineverything.com
www.iknowchurch.co.uk
systemstatus.rrc.ca
status.dornerworks.com
status.powerdmarc.com
status.cofh.org
wobily.noc.cloudi.cloud
status.daydev.lol
site-status.motor.com
status.fmgsuite.com
status.snapcraft.io
status.powerdmarc.com
systemstatus.rrc.ca
status.myfundingchoices.com
systemstatus.rrc.ca
status.mojeek.com
status.statusiq.com
status.stability.ai
status.clear.co
status.digitary.net
systemstatus.rrc.ca
iknowchurch.co.uk
systemstatus.rrc.ca
www.iknowchurch.co.uk
status.hpiinc.com
healthstatus.clinicmaster.com
status.iknowchurch.co.uk
status.dornerworks.com
status-salus-eu.uleeco.com
systemstatus.rrc.ca
systemstatus.rrc.ca
statusp.dotdigital.com
iknowchurch.co.uk
status.esafetysystems.com
systemstatus.rrc.ca
status.snapcraft.io
support.iknowchurch.co.uk
iknowchurch.co.uk
stg.dotdigitalstatus.com
systemstatus.rrc.ca
support.iknowchurch.co.uk
netops.townofdewitt.com
healthstatus.clinicmaster.com
Certificate
The complete raw certificate details for iknowchurch.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGITCCBQmgAwIBAgIQCoUkdOCcdAgRUnrmQIQmiTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDEwNTAwMDAwMFoXDTI1MDIwMzIzNTk1OVowHDEa MBgGA1UEAxMRaWtub3djaHVyY2guY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCn/eapGP9gnqeUIvmp60Kl07yH8xKpL9b7AHJCI2L0S6c2m5uL LDMy30iDCeTpgMawTSdZOWSxT8bjxJDa3iQPoYWzc1DMzuOsvpTThNbjrSx+TwA3 GNTbVcPymsh0yzuxYqWubub2lNpZa+5QjznHOXxWxm/5BJE+fO4Y0b9EOxyjpUZx pKptwuWKUr/JG3LlXy0klSphF0qzvUpxBR0jcA+Sgs8AOwnAi7B0brZt2VnyQNkT ZKSnqcsJf4xt/gR67cXjTWfhMQZpdc7D3wGo9EXSAAoN9+qq2yBDopc4snm6tux4 uwna9/Xnjaw2EXIxyngeveZ6eMMeW04m7DqJAgMBAAGjggM9MIIDOTAfBgNVHSME GDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUu81HmNRCcrFrBjH8 Q/ZCOT04kKMwbQYDVR0RBGYwZIIRaWtub3djaHVyY2guY28udWuCHXd3dy5zdXBw b3J0Lmlrbm93Y2h1cmNoLmNvLnVrghlzdXBwb3J0Lmlrbm93Y2h1cmNoLmNvLnVr ghV3d3cuaWtub3djaHVyY2guY28udWswEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNV HR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9y Mm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2Nz cC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQu cjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIB gAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuN acCx+mSxYpo53wAAAYzW/XBUAAAEAwBIMEYCIQCzisrF79wacGsCAEDWuHmBaYcc 28U9uFcGCslMhbqQIwIhAItu8lLi/Z9Gq1k2s1Gfbw1NoHPAW2FWBEptQM92bgmf AHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGM1v1wigAABAMA SDBGAiEAmpzlXE3q5MTQU8qMc1c7/I6Oiyzjfvwyv/OEgtBL0/0CIQDaB/mlpLyH SGL5dxDyw+EZGldKmCSS58Z0krrUeC3USAB2AObSMWNAd4zBEEEG13G5zsHSQPaW hIb7uocyHf0eN45QAAABjNb9cK4AAAQDAEcwRQIgBs+rThQ2t6UChuwgAnyVVJa0 xm8NWyLUs1ZoX5s75LECIQCvVKPKMBXSoFMn6Nq668dw1odRGHia0KIPBlTOldS7 6jANBgkqhkiG9w0BAQsFAAOCAQEAU77EEUq0yKtfEcxRnHf7r5MM1RymQk8Zwd2n Mn46+U86btXFtGryuuFIFMbh0a3m3Ch6acwdHwwaQwBelpqhZlF+HYHzz6tGHM6z D9+M5twineaCbrT3YQCKgeoAO25a5vIhbV85BVbFSM6fbp+5h5eFo/coMNsTwKtX nRncNpY9RDQaYuZyqeBlhloaMH+JDBy4ljrcAp6AyDO6qDmTo9W52/4bIqfXwAZ4 Bc/mHyxwMaUmvy2hErgUda0xm0K1nIkO0nIxm7E78rOTPKGxWf1+jrrcnHFWjCjR 16MbhuWEr5zeL33S1DAfUXvuJDeNShFqJB160SMTisDFrNH8Tw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/3mqRj/YJ6nlCL5qetC pdO8h/MSqS/W+wByQiNi9EunNpubiywzMt9Igwnk6YDGsE0nWTlksU/G48SQ2t4k D6GFs3NQzM7jrL6U04TW460sfk8ANxjU21XD8prIdMs7sWKlrm7m9pTaWWvuUI85 xzl8VsZv+QSRPnzuGNG/RDsco6VGcaSqbcLlilK/yRty5V8tJJUqYRdKs71KcQUd I3APkoLPADsJwIuwdG62bdlZ8kDZE2Skp6nLCX+Mbf4Eeu3F401n4TEGaXXOw98B qPRF0gAKDffqqtsgQ6KXOLJ5urbseLsJ2vf1542sNhFyMcp4Hr3menjDHltOJuw6 iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13983594866760656489606387756939093641 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iknowchurch.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21207000187561485021200752036873122202136841607050764960179389385284228512091715115054981323934620951505251764392256858817397422372810046595198434987898219496455909216055040143626145924027371353180188097094886003245961514405348932175225365290226414914278113510678480138054182280634049178374405550329201116654815888710778674974887550296535372410709088263378617591195515393299696463843400285150241595152399785625887858910842604304785605539079448811076885167117307696172355938577616227683611105930614677333611741371816490613524739009397379172314041827795950896086946386739342486047929929124585611014486811364564449114761 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bbcd4798d44272b16b0631fc43f642393d3890a3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iknowchurch.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.support.iknowchurch.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'support.iknowchurch.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iknowchurch.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cd6fd70540000040300483046022100b38acac5efdc1a706b020040d6b8798169871cdbc53db857060ac94c85ba90230221008b6ef252e2fd9f46ab5936b3519f6f0d4da073c05b6156044a6d40cf766e099f0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018cd6fd708a00000403004830460221009a9ce55c4deae4c4d053ca8c73573bfc8e8e8b2ce37efc32bff38482d04bd3fd022100da07f9a5a4bc874862f97710f2c3e1191a574a982492e7c67492bad4782dd448007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018cd6fd70ae0000040300473045022006cfab4e1436b7a50286ec20027c955496b4c66f0d5b22d4b356685f9b3be4b1022100af54a3ca3015d2a05327e8dabaebc770d6875118789ad0a20f0654ce95d4bbea . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0053bec4114ab4c8ab5f11cc519c77fbaf930cd51ca6424f19c1dda7327e3af94f3a6ed5c5b46af2bae14814c6e1d1ade6dc287a69cc1d1f0c1a43005e969aa166517e1d81f3cfab461cceb30fdf8ce6dc229de6826eb4f761008a81ea003b6e5ae6f2216d5f390556c548ce9f6e9fb9879785a3f72830db13c0ab579d19dc36963d44341a62e672a9e065865a1a307f890c1cb8963adc029e80c833baa83993a3d5b9dbfe1b22a7d7c0067805cfe61f2c7031a526bf2da112b81475ad319b42b59c890ed272319bb13bf2b3933ca1b159fd7e8ebadc9c71568c28d1d7a31b86e584af9cde2f7dd2d4301f517bee24378d4a116a241d7ad123138ac0c5acd1fc4f