brand.digitalocean.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 08:e3:b0:73:36:03:1d:2c:71:b1:36:2d:62:bb:8d:e2 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=brand.digitalocean.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:e3:b0:73:36:03:1d:2c:71:b1:36:2d:62:bb:8d:e2Serial Number (int): 11816054185211619765588925950071639522
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f7:53:05:12:c3:2d:3f:80:7e:a9:49:95:b5:35:a8:74:6e:eb:f0:5c
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): d0:3a:ce:be:fd:f7:cb:71:a7:f1:79:47:bd:52:1a:fe:7e:98:4a:18
Fingerprint (sha256): 08:45:51:a9:04:3a:ac:3e:d4:59:30:dd:14:cd:f7:d0:98:7d:62:f5:8a:23:86:e6:fc:3e:29:e0:d9:24:39:58
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate brand.digitalocean.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for brand.digitalocean.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
brand.digitalocean.com
Other certificates including the domain name digitalocean.com
(limited to 100 certificates)
www.demo-tourismconnects.ca
india.polo-development.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ideas.digitalocean.com
tsunami.digitalocean.com
digitalocean.com
investors.digitalocean.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
betastatus.digitalocean.com
pages.support.digitalocean.com
www.demo-tourismconnects.ca
p.ssl.fastly.net
p.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dctrack01.nyc3.internal.digitalocean.com
go.rescuevocations.org
m.ssl.fastly.net
groove.digitalocean.com
trinityu.trinityconsultants.com
email.comms.digitalocean.com
investor.digitalocean.com
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.visitor-friendlyalberta.ca
anchor.digitalocean.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
groove.digitalocean.com
rewards.digitalocean.com
www.visitor-friendlyalberta.ca
m.ssl.fastly.net
au.lakeshore.com
dns-vetting1k.map.fastly.net
www.frailtycertification.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.trainwithpassion.ca
www.visitorfriendlyalberta.ca
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
brand.digitalocean.com
ssl3926.cloudflare.com
www.visitor-friendlyalberta.ca
investors.digitalocean.com
p.ssl.fastly.net
emss.goldfin.ca
www.ekgguy.com
www.learn-rto8.com
www.demo-tourismconnects.ca
dns-vetting2.map.fastly.net
p.ssl.fastly.net
www.visitor-friendlyalberta.ca
www.digitalocean.com
m.ssl.fastly.net
www.visitorfriendlyalberta.ca
ssl503536.cloudflaressl.com
dns-vetting1-mims-pawel.map.fastly.net
m.ssl.fastly.net
www.digitalocean.com
www.visitor-friendlyalberta.ca
b-0.hexagon-cdn.com
events.digitalocean.com
awesome-actions.com
digitalocean.com
www.visitor-friendlyalberta.ca
www.visitorfriendlyalberta.ca
rewards.digitalocean.com
dns-vetting2.map.fastly.net
www.visitorfriendlyalberta.ca
www.digitalocean.com
*.internal.digitalocean.com
m.ssl.fastly.net
dns-vetting2.map.fastly.net
ideas.digitalocean.com
prod-codd-admin.sfo3.internal.digitalocean.com
marketplace-frontend-nyc1.digitalocean.com
www.visitorfriendlyalberta.ca
dns-vetting1k.map.fastly.net
anchor.digitalocean.com
www.trainwithpassion.ca
m.ssl.fastly.net
www.eatandlearnnm.com
www.learn-rto8.com
betastatus.digitalocean.com
ssl503536.cloudflaressl.com
m.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dns-vetting1k.map.fastly.net
www.pathwaylearningnetwork.com
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
india.polo-development.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ideas.digitalocean.com
tsunami.digitalocean.com
digitalocean.com
investors.digitalocean.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
betastatus.digitalocean.com
pages.support.digitalocean.com
www.demo-tourismconnects.ca
p.ssl.fastly.net
p.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dctrack01.nyc3.internal.digitalocean.com
go.rescuevocations.org
m.ssl.fastly.net
groove.digitalocean.com
trinityu.trinityconsultants.com
email.comms.digitalocean.com
investor.digitalocean.com
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.visitor-friendlyalberta.ca
anchor.digitalocean.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
groove.digitalocean.com
rewards.digitalocean.com
www.visitor-friendlyalberta.ca
m.ssl.fastly.net
au.lakeshore.com
dns-vetting1k.map.fastly.net
www.frailtycertification.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.trainwithpassion.ca
www.visitorfriendlyalberta.ca
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
brand.digitalocean.com
ssl3926.cloudflare.com
www.visitor-friendlyalberta.ca
investors.digitalocean.com
p.ssl.fastly.net
emss.goldfin.ca
www.ekgguy.com
www.learn-rto8.com
www.demo-tourismconnects.ca
dns-vetting2.map.fastly.net
p.ssl.fastly.net
www.visitor-friendlyalberta.ca
www.digitalocean.com
m.ssl.fastly.net
www.visitorfriendlyalberta.ca
ssl503536.cloudflaressl.com
dns-vetting1-mims-pawel.map.fastly.net
m.ssl.fastly.net
www.digitalocean.com
www.visitor-friendlyalberta.ca
b-0.hexagon-cdn.com
events.digitalocean.com
awesome-actions.com
digitalocean.com
www.visitor-friendlyalberta.ca
www.visitorfriendlyalberta.ca
rewards.digitalocean.com
dns-vetting2.map.fastly.net
www.visitorfriendlyalberta.ca
www.digitalocean.com
*.internal.digitalocean.com
m.ssl.fastly.net
dns-vetting2.map.fastly.net
ideas.digitalocean.com
prod-codd-admin.sfo3.internal.digitalocean.com
marketplace-frontend-nyc1.digitalocean.com
www.visitorfriendlyalberta.ca
dns-vetting1k.map.fastly.net
anchor.digitalocean.com
www.trainwithpassion.ca
m.ssl.fastly.net
www.eatandlearnnm.com
www.learn-rto8.com
betastatus.digitalocean.com
ssl503536.cloudflaressl.com
m.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dns-vetting1k.map.fastly.net
www.pathwaylearningnetwork.com
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
Certificate
The complete raw certificate details for brand.digitalocean.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgIQCOOwczYDHSxxsTYtYruN4jANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTAyNjAwMDAwMFoXDTI0MTEyMjIzNTk1OVowITEf MB0GA1UEAxMWYnJhbmQuZGlnaXRhbG9jZWFuLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBALLbyoD7qB27hPObIqZgcWTKSfriJDARsghtAKynuPns 4qFtp7yOCRQ8GudKoz1TV0nNxtOJX5jWyHHq14lc2KzLbnbe1g/JhtC9tZy3m0+c 5uob6rZvGsZeFHuWYCAamINKubAyMTEtRO8K0ojYm+PbL+Com4KdMJPpbikJrbvj JXRJw5fKh3/lld68p01L0u4XljRxFOkjtYyYHbGO0Q+VEwTCvbjwgpTpfbQqKPQ0 AN5Bui5wq62SklEak8Xwn8omefndY23tXZWHFoB68hIK0Zr/4bg8t/u9AW/qBiDy 7n3zbe2Rh4BXLBJQbB6gtN8xJtYy9ef6c05tR+oZ8tECAwEAAaOCAu8wggLrMB8G A1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBT3UwUSwy0/ gH6pSZW1Nah0buvwXDAhBgNVHREEGjAYghZicmFuZC5kaWdpdGFsb2NlYW4uY29t MBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2Ny bC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkw ZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29t MDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9y Mm0wMi5jZXIwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo AHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGLarjF9gAABAMA RjBEAiAmCM+nERVpCd7+LCPuHGYzpNM6/mUk7I9Ud9gs/C8mmQIgfsIVgo4TsUNA /HkjWqNNhnq1lGDfnt5fKSyYQw5By70AdgBIsONr2qZHNA/lagL6nTDrHFIBy1bd LIHZu7+rOdiEcwAAAYtquMWvAAAEAwBHMEUCIF6GhWbj59RZMFNdF1EasDTm6CA8 ZMSGlTTXQfhHHxAiAiEArAGQvZij5lQscrgsKIPMtTGdBNH5U0su1GN/V6eOZEIA dwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYtquMWTAAAEAwBI MEYCIQCYW/9pF2HDsu7dYDYQrSyzZsg6CnCtR78OFJvaJNPv1gIhAN7/E6heKeS7 H8Jma7CdIwEAMNcV0Z/m+RlvXZ7Vnf6DMA0GCSqGSIb3DQEBCwUAA4IBAQAZVL1a TosEgK/S3SNTa60c/zmo36qqpH6c4W+0FiLISP701LmvTbBZpIqwdxcb6xuY4k4O X0evTToAujuI1hQPHMjWl9i+N0iFyAvGE7mgXukYVvSb85fMcJGK6Invmq9ZR0n0 lK8i44aEXWYYgOModuWUfvsMpwjHDBG4Hcf3W83Ox4cVdAGKkFnDjWvkZv+AVurL t8uGpgzDHQkDUrEbkaVo9TtOnT6/qmLz42P6rUmvT7Yk9K0VW4q5XCTmbkbMhejk r6YuqiCVX6cBR6t9oahGq5uW7Ro2XtlbrYNZhMXoFq/qP1BhlvHIg+9bjwRS221d 4qOD5vmOwCmuxsHd -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstvKgPuoHbuE85sipmBx ZMpJ+uIkMBGyCG0ArKe4+ezioW2nvI4JFDwa50qjPVNXSc3G04lfmNbIcerXiVzY rMtudt7WD8mG0L21nLebT5zm6hvqtm8axl4Ue5ZgIBqYg0q5sDIxMS1E7wrSiNib 49sv4Kibgp0wk+luKQmtu+MldEnDl8qHf+WV3rynTUvS7heWNHEU6SO1jJgdsY7R D5UTBMK9uPCClOl9tCoo9DQA3kG6LnCrrZKSURqTxfCfyiZ5+d1jbe1dlYcWgHry EgrRmv/huDy3+70Bb+oGIPLuffNt7ZGHgFcsElBsHqC03zEm1jL15/pzTm1H6hny 0QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11816054185211619765588925950071639522 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'brand.digitalocean.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22578801280649182890251288790567395258104852588026315049660797886352577039257624311894289406295150474631328672570725341730844731657757744854626007223011472451469044559649629746296192515561293019202749602130176496327131847166419634489052591124239518587246893832176706300982851644612442346991107759163201610623767210172228159387259973025662436236959472833457976548809140943059321455438290092913389128755056891798941077485098975940734879740785457742611556755057189721267007713649011080673285562211161661619875811464761481543004256894049973024896174481143746385651102680190218188948707995113371789936118077479187560133329 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f7530512c32d3f807ea94995b535a8746eebf05c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brand.digitalocean.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 016800750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b6ab8c5f6000004030046304402202608cfa711156909defe2c23ee1c6633a4d33afe6524ec8f5477d82cfc2f269902207ec215828e13b14340fc79235aa34d867ab59460df9ede5f292c98430e41cbbd00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b6ab8c5af000004030047304502205e868566e3e7d45930535d17511ab034e6e8203c64c4869534d741f8471f1022022100ac0190bd98a3e6542c72b82c2883ccb5319d04d1f9534b2ed4637f57a78e6442007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b6ab8c5930000040300483046022100985bff691761c3b2eedd603610ad2cb366c83a0a70ad47bf0e149bda24d3efd6022100deff13a85e29e4bb1fc2666bb09d23010030d715d19fe6f9196f5d9ed59dfe83 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001954bd5a4e8b0480afd2dd23536bad1cff39a8dfaaaaa47e9ce16fb41622c848fef4d4b9af4db059a48ab077171beb1b98e24e0e5f47af4d3a00ba3b88d6140f1cc8d697d8be374885c80bc613b9a05ee91856f49bf397cc70918ae889ef9aaf594749f494af22e386845d661880e32876e5947efb0ca708c70c11b81dc7f75bcdcec7871574018a9059c38d6be466ff8056eacbb7cb86a60cc31d090352b11b91a568f53b4e9d3ebfaa62f3e363faad49af4fb624f4ad155b8ab95c24e66e46cc85e8e4afa62eaa20955fa70147ab7da1a846ab9b96ed1a365ed95bad835984c5e816afea3f506196f1c883ef5b8f0452db6d5de2a383e6f98ec029aec6c1dd