*.playground.c2c.klarna.net

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0b:64:dd:5e:f6:3f:f9:56:44:33:1f:4b:80:94:95:8b was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.playground.c2c.klarna.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:64:dd:5e:f6:3f:f9:56:44:33:1f:4b:80:94:95:8b
Serial Number (int): 15145227575667892928081492884185191819
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 7f:3f:b8:f3:ea:d1:77:b6:47:2d:c2:75:28:09:8c:5f:f4:ee:98:02
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): d2:49:c4:66:9a:6d:16:2d:b5:5f:0c:c8:e5:2e:e6:d1:bf:2d:f7:1d
Fingerprint (sha256): 08:ca:66:ff:64:00:c4:8a:9a:a6:33:05:3b:49:a7:ee:db:2e:48:19:91:89:d9:92:bd:bd:f5:a7:1c:2b:a4:cf

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.playground.c2c.klarna.net

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.playground.c2c.klarna.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.playground.c2c.klarna.net
na.playground.klarnaevt.com
evt-na.playground.klarnaservices.com
us.playground.klarnaevt.com

Other certificates including the domain name klarna.net

(limited to 100 certificates)
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
*.playground.c2c.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
ewallet.klarna.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
cms.performance.us1.klarna-web.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
san1.kep.nonprod.klarna.net
skrapi-kred.nonprod.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
production.eu1.kcpslackbot.influencer-platform.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
cards-eu.klarna.com
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
ztn-privatelink.nonprod.eu1.ztn.klarna.net
staging.eu2.lulu.klarna.net
*.tools.eu1.starbug.klarna.net

Certificate

The complete raw certificate details for *.playground.c2c.klarna.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgIQC2TdXvY/+VZEMx9LgJSVizANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDczMDAwMDAwMFoXDTI0MDgyODIzNTk1OVowJjEk
MCIGA1UEAwwbKi5wbGF5Z3JvdW5kLmMyYy5rbGFybmEubmV0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqCl6xWJ/SYIWd4UEpNXqUgidu/Sk+c3jWAO
qPNi2zcoNHC4Y5lP9BBzJP05AH7mnxBOpymuOgwgBiXvqsrWDxAleSZ3yKOu2xCQ
5bkrgrOIwgnltPlV/Gw1oGEjb/2Tz/1NoIR6zIU4Pp/awKxQocQPqyjZEzl282Wk
AE4dsa17K5yrLEZBtsA18UpImUfj64Mw8XGOmNmiRIy4cc4GtkR0Bdp8edrS3noA
PXQMnd990DdOOEpnJVb8kcgUPdOl1gpJ+Ac9u72u92U+jwcAr6cbxxdgQtApfcIg
GRaCEQfekdTzoJuTZRy88Ew6g+7MO6z0f0dclHJBPZ+/M+KhiwIDAQABo4IDUzCC
A08wHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFH8/
uPPq0Xe2Ry3CdSgJjF/07pgCMIGGBgNVHREEfzB9ghsqLnBsYXlncm91bmQuYzJj
LmtsYXJuYS5uZXSCG25hLnBsYXlncm91bmQua2xhcm5hZXZ0LmNvbYIkZXZ0LW5h
LnBsYXlncm91bmQua2xhcm5hc2VydmljZXMuY29tght1cy5wbGF5Z3JvdW5kLmts
YXJuYWV2dC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFt
YXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYI
KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6
b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9u
dHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfAYKKwYBBAHWeQIE
AgSCAWwEggFoAWYAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA
AYmlVvpYAAAEAwBHMEUCICvD2DukrarhJuLn4SBk+vhnArr283gc2ra1Te2fl1cu
AiEA6Lfj+P1+quOFYqKMAMv6wnplwhe7UMF+1fkRTnThoC8AdQBIsONr2qZHNA/l
agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYmlVvpxAAAEAwBGMEQCIEHqT9r+fN9/
xclr1MGKEO0G7lbLYk6KSSYB/hM1mbvyAiBo9/k4gQkLgPlE8SCaqJel/ocgvQuf
VCfMMIGzse0L6wB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAAB
iaVW+k4AAAQDAEYwRAIgVSmcD4m6J4+zqjs11B2arbXUax0qtJeP227HDkLjCPEC
IEF7ifnPs+DApIzFW0tIEvN8p4yoU1JI18qPw4DERSQjMA0GCSqGSIb3DQEBCwUA
A4IBAQCeSVZUeE1XDrRVyj/9BAaove0hkspTCJvHbfGxVNAD8UGC+h+LnEE8gzVB
KCxVj0XUlJOLb40gdFs1M9skIt4MPQSs3KUAGr8rJkgMF7irTiHqgOYTHLAQNApv
JXFD5ZGP+Cb5FX6nXTYa1FOaUbCY4eWAAy6T1CgC4W3SQasAbhxms21ObEzroCIb
pVV0NFkFSXmc50TM568pe4+tuPgI3vEaMmYPqNCLkjMk0mfE0OuyJUcg+RgjXjpN
tjPqu6AedB8PNxcwdMoUMhveY6EsTml9rxhvgFXLezPyxv6LNlwQyzyPRwtU0IgU
VUTtZS8DkqSVmR4AR7TH5WmcDwhM
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqCl6xWJ/SYIWd4UEpNX
qUgidu/Sk+c3jWAOqPNi2zcoNHC4Y5lP9BBzJP05AH7mnxBOpymuOgwgBiXvqsrW
DxAleSZ3yKOu2xCQ5bkrgrOIwgnltPlV/Gw1oGEjb/2Tz/1NoIR6zIU4Pp/awKxQ
ocQPqyjZEzl282WkAE4dsa17K5yrLEZBtsA18UpImUfj64Mw8XGOmNmiRIy4cc4G
tkR0Bdp8edrS3noAPXQMnd990DdOOEpnJVb8kcgUPdOl1gpJ+Ac9u72u92U+jwcA
r6cbxxdgQtApfcIgGRaCEQfekdTzoJuTZRy88Ew6g+7MO6z0f0dclHJBPZ+/M+Kh
iwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15145227575667892928081492884185191819
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.playground.c2c.klarna.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19519917504446452688622552667978884719067367382180730344351971308232601720433001695674947834522624926333858482167630537955150258597691775884730777029182555000225016472165397360149387707099391625937279502851328359027579495549047994939194758440799502116889412271433521644731252161480413427214549314369650169419310220341807823676128977320483322710306383450518189820178837376080452268640549983085306402926795878570067532708211158807940449316812223420173197047121013209974682283518944040852397945273084014510984151156195177659170330199727229541364436786818185081531955982036656902329894146159424419958709999477342590902667
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7f3fb8f3ead177b6472dc27528098c5ff4ee9802
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.playground.c2c.klarna.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na.playground.klarnaevt.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'evt-na.playground.klarnaservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.playground.klarnaevt.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000189a556fa58000004030047304502202bc3d83ba4adaae126e2e7e12064faf86702baf6f3781cdab6b54ded9f97572e022100e8b7e3f8fd7eaae38562a28c00cbfac27a65c217bb50c17ed5f9114e74e1a02f00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000189a556fa710000040300463044022041ea4fdafe7cdf7fc5c96bd4c18a10ed06ee56cb624e8a492601fe133599bbf2022068f7f93881090b80f944f1209aa897a5fe8720bd0b9f5427cc3081b3b1ed0beb007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000189a556fa4e0000040300463044022055299c0f89ba278fb3aa3b35d41d9aadb5d46b1d2ab4978fdb6ec70e42e308f10220417b89f9cfb3e0c0a48cc55b4b4812f37ca78ca8535248d7ca8fc380c4452423
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009e495654784d570eb455ca3ffd0406a8bded2192ca53089bc76df1b154d003f14182fa1f8b9c413c833541282c558f45d494938b6f8d20745b3533db2422de0c3d04acdca5001abf2b26480c17b8ab4e21ea80e6131cb010340a6f257143e5918ff826f9157ea75d361ad4539a51b098e1e580032e93d42802e16dd241ab006e1c66b36d4e6c4ceba0221ba5557434590549799ce744cce7af297b8fadb8f808def11a32660fa8d08b923324d267c4d0ebb2254720f918235e3a4db633eabba01e741f0f37173074ca14321bde63a12c4e697daf186f8055cb7b33f2c6fe8b365c10cb3c8f470b54d088145544ed652f0392a495991e0047b4c7e5699c0f084c