*.uat.unifipp.dealertrack.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 08:8c:aa:c0:ce:fc:59:7d:ca:b2:33:36:33:2d:75:a5 was issued on by Amazon.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.uat.unifipp.dealertrack.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:8c:aa:c0:ce:fc:59:7d:ca:b2:33:36:33:2d:75:a5Serial Number (int): 11364208811973010314755363132335289765
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 59:60:e8:3d:c9:0b:86:f3:6e:ee:9b:82:34:a7:3a:8f:34:fb:c3:95
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 65:82:0d:ef:ad:97:8b:d7:25:95:98:c3:48:09:52:a3:84:0d:36:10
Fingerprint (sha256): 0a:cc:29:3c:aa:d5:3c:12:8e:66:e1:51:b1:ff:a3:27:9d:59:b3:a6:f0:54:35:04:6b:18:cd:8b:e5:c2:01:92
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate *.uat.unifipp.dealertrack.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.uat.unifipp.dealertrack.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.uat.unifipp.dealertrack.com
*.uat-west.unifipp.dealertrack.com
uat1.dealertrack.com
*.uat1.dealertrack.com
*.uat-east.unifipp.dealertrack.com
*.uat-west.unifipp.dealertrack.com
uat1.dealertrack.com
*.uat1.dealertrack.com
*.uat-east.unifipp.dealertrack.com
Other certificates including the domain name dealertrack.com
(limited to 100 certificates)
akamai-san38.exacttarget.com
qa.digitalservices.dealertrack.com
appsvc.qa.dealertrack.com
dmshealth.dealertrack.com
dms03a.dms.dealertrack.com
*.uat1.dealertrack.com
clr-bridge.dealertrack.com
dmshealth.dealertrack.com
encrypt.dealertrack.com
*.dtdrs.dealertrack.com
dealertrack.com
*.pa1.dealertrack.com
ibmwebspheremqgctwndc5.dds.dealertrack.com
amosstatus.ifsleasing.com
blog.dealertrack.com
*.dealertrack.com
integration.dealertrack.com
complianceguide.dealertrack.com
www.dealertrack.com
dt-client-auth.dealertrack.com
partners.qa.dealertrack.com
akamai-san38.exacttarget.com
amosstatus.ifsleasing.com
inventoryplus.dealertrack.com
services.qa.dealertrack.com
sso-saml-np.dealertrack.com
amr.dealertrack.com
cwpstorage.status.symantec.com
*.qat1.dealertrack.com
sign.uat1.dealertrack.com
beta.qa.dealertrack.com
nyvpn.dealertrack.com
*.dtdrs.dealertrack.com
dds.dealertrack.com
ww2.dealertrack.com
akamai-san38.exacttarget.com
amosstatus.ifsleasing.com
encrypt.uat1.dealertrack.com
dds.dealertrack.com
us-dr.dealertrack.com
*.dtdrs.dealertrack.com
appsvc.dealertrack.com
ibmwebspheremqgcpwndc4.dds.dealertrack.com
sign.dealertrack.com
ddstsg.dealertrack.com
dmshealth.dealertrack.com
cwpstorage.status.symantec.com
www.dealertrack.com
*.dvt1.aws.dealertrack.com
amosstatus.ifsleasing.com
*.uat.unifipp.dealertrack.com
blog.dealertrack.com
complianceguide.dealertrack.com
mobile.dealertrack.com
my.qa.dealertrack.com
dmshealth.dealertrack.com
customervoice.acumatica.com
clr-bridge.dealertrack.com
fni-static-np.dealertrack.com
*.dr.dealertrack.com
cwpstorage.status.symantec.com
amosstatus.ifsleasing.com
dms06.dms.dealertrack.com
ebusiness.cdn1.dealertrack.com
dealertrack.com
*.qa1.dealertrack.com
*.api.dealertrack.com
piforceqa.dealertrack.com
*.ua2.dealertrack.com
*.uat2.dealertrack.com
amosstatus.ifsleasing.com
*.uat1.dealertrack.com
amosstatus.ifsleasing.com
dmshealth.dealertrack.com
*.dtdrs.dealertrack.com
complianceguide.dealertrack.com
dtlpi.uat1.dealertrack.com
mobile.dealertrack.com
*.uat1.dealertrack.com
gmaccessories.dealertrack.com
*.dtdrs.dealertrack.com
dmshealth.dealertrack.com
dmshealth.dealertrack.com
dmshealth.dealertrack.com
login.dealertrack.com
dms360.dealertrack.com
*.dms.dealertrack.com
amosstatus.ifsleasing.com
www.uat1.dealertrack.com
ww2.qa1.dealertrack.com
san3166.cdntwrk.com
webservices.qa.dealertrack.com
*.my.dealertrack.com
drs.dealertrack.com
customervoice.acumatica.com
dmshealth.dealertrack.com
encrypt-np.dealertrack.com
2016complianceguide.dealertrack.com
amosstatus.ifsleasing.com
blog.dealertrack.com
qa.digitalservices.dealertrack.com
appsvc.qa.dealertrack.com
dmshealth.dealertrack.com
dms03a.dms.dealertrack.com
*.uat1.dealertrack.com
clr-bridge.dealertrack.com
dmshealth.dealertrack.com
encrypt.dealertrack.com
*.dtdrs.dealertrack.com
dealertrack.com
*.pa1.dealertrack.com
ibmwebspheremqgctwndc5.dds.dealertrack.com
amosstatus.ifsleasing.com
blog.dealertrack.com
*.dealertrack.com
integration.dealertrack.com
complianceguide.dealertrack.com
www.dealertrack.com
dt-client-auth.dealertrack.com
partners.qa.dealertrack.com
akamai-san38.exacttarget.com
amosstatus.ifsleasing.com
inventoryplus.dealertrack.com
services.qa.dealertrack.com
sso-saml-np.dealertrack.com
amr.dealertrack.com
cwpstorage.status.symantec.com
*.qat1.dealertrack.com
sign.uat1.dealertrack.com
beta.qa.dealertrack.com
nyvpn.dealertrack.com
*.dtdrs.dealertrack.com
dds.dealertrack.com
ww2.dealertrack.com
akamai-san38.exacttarget.com
amosstatus.ifsleasing.com
encrypt.uat1.dealertrack.com
dds.dealertrack.com
us-dr.dealertrack.com
*.dtdrs.dealertrack.com
appsvc.dealertrack.com
ibmwebspheremqgcpwndc4.dds.dealertrack.com
sign.dealertrack.com
ddstsg.dealertrack.com
dmshealth.dealertrack.com
cwpstorage.status.symantec.com
www.dealertrack.com
*.dvt1.aws.dealertrack.com
amosstatus.ifsleasing.com
*.uat.unifipp.dealertrack.com
blog.dealertrack.com
complianceguide.dealertrack.com
mobile.dealertrack.com
my.qa.dealertrack.com
dmshealth.dealertrack.com
customervoice.acumatica.com
clr-bridge.dealertrack.com
fni-static-np.dealertrack.com
*.dr.dealertrack.com
cwpstorage.status.symantec.com
amosstatus.ifsleasing.com
dms06.dms.dealertrack.com
ebusiness.cdn1.dealertrack.com
dealertrack.com
*.qa1.dealertrack.com
*.api.dealertrack.com
piforceqa.dealertrack.com
*.ua2.dealertrack.com
*.uat2.dealertrack.com
amosstatus.ifsleasing.com
*.uat1.dealertrack.com
amosstatus.ifsleasing.com
dmshealth.dealertrack.com
*.dtdrs.dealertrack.com
complianceguide.dealertrack.com
dtlpi.uat1.dealertrack.com
mobile.dealertrack.com
*.uat1.dealertrack.com
gmaccessories.dealertrack.com
*.dtdrs.dealertrack.com
dmshealth.dealertrack.com
dmshealth.dealertrack.com
dmshealth.dealertrack.com
login.dealertrack.com
dms360.dealertrack.com
*.dms.dealertrack.com
amosstatus.ifsleasing.com
www.uat1.dealertrack.com
ww2.qa1.dealertrack.com
san3166.cdntwrk.com
webservices.qa.dealertrack.com
*.my.dealertrack.com
drs.dealertrack.com
customervoice.acumatica.com
dmshealth.dealertrack.com
encrypt-np.dealertrack.com
2016complianceguide.dealertrack.com
amosstatus.ifsleasing.com
blog.dealertrack.com
Certificate
The complete raw certificate details for *.uat.unifipp.dealertrack.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXzCCBUegAwIBAgIQCIyqwM78WX3KsjM2My11pTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMTAxMDAwMDAwMFoXDTI0MTEwNzIzNTk1OVowKDEm MCQGA1UEAwwdKi51YXQudW5pZmlwcC5kZWFsZXJ0cmFjay5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4UVr4vi2HE43DYrEpIibRskyBEtKMCvLe jswkrEybLn9hemyQvDx6ET0SdQOz01VbiE2C7c2ftcz/hrCVop46juF+rFHx0pRr ORnU6SFJoW/MZ4EoBowpmSXxam4Wvd2ANWV0oZq88xaBIXDScZgv4BL6fZkIRNsB wdsLwoYcXKnfq+Q2HJNaX6fkYhTDtdav7y7MdmyV+VyBsdwMaRAjI5LL1IhsMnil na0N0f9AFG9V+rJhIkfxWqsf22w6y/c+Ggo1MSaCZ7fuambBO/ULJm8Fb1n9196F efUEEjV0SC7+8itGpLg6m1pkMDfpjHIePRv7cPIXx0guku7G3tz9AgMBAAGjggNv MIIDazAfBgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNVHQ4EFgQU WWDoPckLhvNu7puCNKc6jzT7w5UwgaAGA1UdEQSBmDCBlYIdKi51YXQudW5pZmlw cC5kZWFsZXJ0cmFjay5jb22CIioudWF0LXdlc3QudW5pZmlwcC5kZWFsZXJ0cmFj ay5jb22CFHVhdDEuZGVhbGVydHJhY2suY29tghYqLnVhdDEuZGVhbGVydHJhY2su Y29tgiIqLnVhdC1lYXN0LnVuaWZpcHAuZGVhbGVydHJhY2suY29tMBMGA1UdIAQM MAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMS5h bWF6b250cnVzdC5jb20vcjJtMDEuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEF BQcwAYYhaHR0cDovL29jc3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUF BzAChipodHRwOi8vY3J0LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIw DAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA7s3QZNXb Gs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLGE2PGAAABAMASDBGAiEAkBSk AN81o/d4B4TX7boiJ0qTHkTUNa5WZWlmrtQkI4kCIQCWREdaJqYkLBIWmic83/fY brlpk2rideiWW6PgplZimwB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s5 2IRzAAABixhNjzwAAAQDAEcwRQIhAJzQKl5nc5mERdQ9gtC1YybXefkWWCUnRgGs s/lVajYmAiAUP/989VhG/UjcJFOrrO5KBdZ6Ctn5okFE/0RbuzYbYQB1ANq2v2s/ tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABixhNjyEAAAQDAEYwRAIgG//q NRnjEl5AVMpjg5rvDPLR+0Oe7oxts19A2+eCqtUCICgJctLCA39lvCcVQ0UrK9Pk Yn9iW1utML2z83I6rIAQMA0GCSqGSIb3DQEBCwUAA4IBAQDC0CiZtaldw6GMIFyJ /riELy4oHEEOK55Jf6n6KdVnNVjxEfmRHU8HADpTGLYqMdcCD4B/jKMGbAVrnTSG KM1znELH/h9fq1OAg2BvFIlhQIi3KnkKA5H6SZXSQ0GDuYtEDEq4wcpxQhvw7eqb ipLEfFim1/TVgVVLMpQPSgSZJk5udCDrSiEModRdLDk16Jw65PMupx1nJaEv6sEI zM76sCziONaDKmdrG8I5LAH9VL1DlakGIsTxtePiYUj8t88UNNs5M6WcoaPZDch8 eEiJIFs1i47EyZL7lnmSkrSoZnHGZVfFaN/0qs8Vg7bp9wjvJ/Tj/sTuqvNlIl5x 7By3 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFFa+L4thxONw2KxKSIm 0bJMgRLSjAry3o7MJKxMmy5/YXpskLw8ehE9EnUDs9NVW4hNgu3Nn7XM/4awlaKe Oo7hfqxR8dKUazkZ1OkhSaFvzGeBKAaMKZkl8WpuFr3dgDVldKGavPMWgSFw0nGY L+AS+n2ZCETbAcHbC8KGHFyp36vkNhyTWl+n5GIUw7XWr+8uzHZslflcgbHcDGkQ IyOSy9SIbDJ4pZ2tDdH/QBRvVfqyYSJH8VqrH9tsOsv3PhoKNTEmgme37mpmwTv1 CyZvBW9Z/dfehXn1BBI1dEgu/vIrRqS4OptaZDA36YxyHj0b+3DyF8dILpLuxt7c /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11364208811973010314755363132335289765 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.uat.unifipp.dealertrack.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23267965936003778458861108862007836101302201456056157675419744514288884738783001257464910782123013195936120943817314113152331699510318464241913666024220246457826212528442524607430683604618194929031697568295493988162106765315262097299656913577304257673180269363040851468977881332546649537262231031947904630429388852483692740386643673126647254613411181220392678621376763287483511985580588581736537380452233761475808542485668127649147576050293646920316262365597749517007445373052933259664195395960455610736114894002099737650356154664653534127170808614210644390791594333660286317483436906758200402847178877014314084916477 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5960e83dc90b86f36eee9b8234a73a8f34fbc395 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uat.unifipp.dealertrack.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uat-west.unifipp.dealertrack.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat1.dealertrack.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uat1.dealertrack.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uat-east.unifipp.dealertrack.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b184d8f1800000403004830460221009014a400df35a3f7780784d7edba22274a931e44d435ae56656966aed42423890221009644475a26a6242c12169a273cdff7d86eb969936ae275e8965ba3e0a656629b00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b184d8f3c00000403004730450221009cd02a5e6773998445d43d82d0b56326d779f9165825274601acb3f9556a36260220143fff7cf55846fd48dc2453abacee4a05d67a0ad9f9a24144ff445bbb361b61007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b184d8f21000004030046304402201bffea3519e3125e4054ca63839aef0cf2d1fb439eee8c6db35f40dbe782aad50220280972d2c2037f65bc271543452b2bd3e4627f625b5bad30bdb3f3723aac8010 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00c2d02899b5a95dc3a18c205c89feb8842f2e281c410e2b9e497fa9fa29d5673558f111f9911d4f07003a5318b62a31d7020f807f8ca3066c056b9d348628cd739c42c7fe1f5fab538083606f1489614088b72a790a0391fa4995d2434183b98b440c4ab8c1ca71421bf0edea9b8a92c47c58a6d7f4d581554b32940f4a0499264e6e7420eb4a210ca1d45d2c3935e89c3ae4f32ea71d6725a12feac108cccefab02ce238d6832a676b1bc2392c01fd54bd4395a90622c4f1b5e3e26148fcb7cf1434db3933a59ca1a3d90dc87c784889205b358b8ec4c992fb96799292b4a86671c66557c568dff4aacf1583b6e9f708ef27f4e3fec4eeaaf365225e71ec1cb7