keycloak.oss.champtest.net
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0d:16:2c:46:36:24:2d:f8:e1:ad:d7:5c:f5:1a:e2:00 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=keycloak.oss.champtest.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:16:2c:46:36:24:2d:f8:e1:ad:d7:5c:f5:1a:e2:00Serial Number (int): 17395092464841538184984358329205318144
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: d1:fd:9d:0c:aa:8a:b8:24:8e:5c:dc:aa:89:ce:d8:4d:88:94:cd:ce
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): ce:bb:6a:e2:e8:7e:62:4a:f3:06:9f:6f:d7:bd:6d:88:e6:37:e0:03
Fingerprint (sha256): 0b:38:69:77:91:14:f2:bb:ae:60:85:4a:03:c1:98:84:80:db:dc:ab:c6:d3:e4:58:e1:26:4a:31:b7:5b:8f:9b
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate keycloak.oss.champtest.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for keycloak.oss.champtest.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
keycloak.oss.champtest.net
Other certificates including the domain name champtest.net
(limited to 100 certificates)
*.oss.champtest.net
terraform-aws-vpn.oss.champtest.net
terraform-aws-core.oss.champtest.net
terraform-aws-app-bf13.oss.champtest.net
keycloak-mobjn.oss.champtest.net
terraform-aws-app-ebee.oss.champtest.net
*.oss.champtest.net
terraform-aws-app-960d.oss.champtest.net
*.oss.champtest.net
*.oss.champtest.net
terraform-aws-app.oss.champtest.net
terraform-aws-api-gateway2-atkf1.oss.champtest.net
terraform-aws-api-gateway2-utqep.oss.champtest.net
terraform-aws-core.oss.champtest.net
terraform-aws-acm.oss.champtest.net
keycloak-y1pmu.oss.champtest.net
terraform-aws-api-gateway-taxay.oss.champtest.net
terraform-aws-vpn.oss.champtest.net
keycloak-qzlr2.oss.champtest.net
terraform-aws-metabase.oss.champtest.net
terraform-aws-app-bb04.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
terraform-aws-api-gateway-0pjo3.oss.champtest.net
gemini.oss.champtest.net
terraform-aws-app-77ed.oss.champtest.net
terraform-aws-lambda-375b.oss.champtest.net
terraform-aws-alb.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-lambda-062e.oss.champtest.net
terraform-aws-core.oss.champtest.net
cade.ephemeral.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-api-gateway-rgvk7.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-app-83a3.oss.champtest.net
terraform-aws-lambda-b54c.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-app-2fe1.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-lambda-4942.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
ws-ledger-atrs.ephemeral.champtest.net
tf-r53-health-check.oss.champtest.net
terraform-aws-api-gateway-iguqf.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-core.oss.champtest.net
*.oss.champtest.net
terraform-aws-api-gateway-3st0n.oss.champtest.net
terraform-aws-api-gateway-1java.oss.champtest.net
tf-r53-health-check.oss.champtest.net
lambda-mono-repo-template.ephemeral.champtest.net
ws-ledger-atrs.ephemeral.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-lambda-3477.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-api-gateway-6yph6.oss.champtest.net
terraform-aws-app-0f7f.oss.champtest.net
*.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-lambda-35f1.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-metabase.oss.champtest.net
terraform-aws-core.oss.champtest.net
terraform-aws-api-gateway-nihxj.oss.champtest.net
terraform-aws-lambda.oss.champtest.net
terraform-aws-vpn.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-api-gateway-xous5.oss.champtest.net
terraform-aws-lambda-b614.oss.champtest.net
terraform-aws-lambda-a703.oss.champtest.net
terraform-aws-api-gateway-e9fbg.oss.champtest.net
terraform-aws-app-12e5.oss.champtest.net
keycloak-pab8x.oss.champtest.net
terraform-aws-api-gateway-w453f.oss.champtest.net
keycloak-6k58m.oss.champtest.net
cade.ephemeral.champtest.net
terraform-aws-app-5d7f.oss.champtest.net
terraform-aws-acm.oss.champtest.net
*.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-api-gateway-npx68.oss.champtest.net
keycloak-waj09.oss.champtest.net
terraform-aws-app-6b4a.oss.champtest.net
terraform-aws-api-gateway-tkp0p.oss.champtest.net
*.oss.champtest.net
terraform-aws-metabase.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
*.oss.champtest.net
terraform-aws-lambda-773d.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-app.oss.champtest.net
terraform-aws-lambda-22c9.oss.champtest.net
terraform-aws-vpn.oss.champtest.net
terraform-aws-core.oss.champtest.net
terraform-aws-app-bf13.oss.champtest.net
keycloak-mobjn.oss.champtest.net
terraform-aws-app-ebee.oss.champtest.net
*.oss.champtest.net
terraform-aws-app-960d.oss.champtest.net
*.oss.champtest.net
*.oss.champtest.net
terraform-aws-app.oss.champtest.net
terraform-aws-api-gateway2-atkf1.oss.champtest.net
terraform-aws-api-gateway2-utqep.oss.champtest.net
terraform-aws-core.oss.champtest.net
terraform-aws-acm.oss.champtest.net
keycloak-y1pmu.oss.champtest.net
terraform-aws-api-gateway-taxay.oss.champtest.net
terraform-aws-vpn.oss.champtest.net
keycloak-qzlr2.oss.champtest.net
terraform-aws-metabase.oss.champtest.net
terraform-aws-app-bb04.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
terraform-aws-api-gateway-0pjo3.oss.champtest.net
gemini.oss.champtest.net
terraform-aws-app-77ed.oss.champtest.net
terraform-aws-lambda-375b.oss.champtest.net
terraform-aws-alb.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-lambda-062e.oss.champtest.net
terraform-aws-core.oss.champtest.net
cade.ephemeral.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-api-gateway-rgvk7.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-app-83a3.oss.champtest.net
terraform-aws-lambda-b54c.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-app-2fe1.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-lambda-4942.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
ws-ledger-atrs.ephemeral.champtest.net
tf-r53-health-check.oss.champtest.net
terraform-aws-api-gateway-iguqf.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-core.oss.champtest.net
*.oss.champtest.net
terraform-aws-api-gateway-3st0n.oss.champtest.net
terraform-aws-api-gateway-1java.oss.champtest.net
tf-r53-health-check.oss.champtest.net
lambda-mono-repo-template.ephemeral.champtest.net
ws-ledger-atrs.ephemeral.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-lambda-3477.oss.champtest.net
keycloak.oss.champtest.net
terraform-aws-api-gateway-6yph6.oss.champtest.net
terraform-aws-app-0f7f.oss.champtest.net
*.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-lambda-35f1.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-metabase.oss.champtest.net
terraform-aws-core.oss.champtest.net
terraform-aws-api-gateway-nihxj.oss.champtest.net
terraform-aws-lambda.oss.champtest.net
terraform-aws-vpn.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-api-gateway-xous5.oss.champtest.net
terraform-aws-lambda-b614.oss.champtest.net
terraform-aws-lambda-a703.oss.champtest.net
terraform-aws-api-gateway-e9fbg.oss.champtest.net
terraform-aws-app-12e5.oss.champtest.net
keycloak-pab8x.oss.champtest.net
terraform-aws-api-gateway-w453f.oss.champtest.net
keycloak-6k58m.oss.champtest.net
cade.ephemeral.champtest.net
terraform-aws-app-5d7f.oss.champtest.net
terraform-aws-acm.oss.champtest.net
*.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-cdn.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
terraform-aws-alb.oss.champtest.net
terraform-aws-api-gateway-npx68.oss.champtest.net
keycloak-waj09.oss.champtest.net
terraform-aws-app-6b4a.oss.champtest.net
terraform-aws-api-gateway-tkp0p.oss.champtest.net
*.oss.champtest.net
terraform-aws-metabase.oss.champtest.net
terraform-aws-redirect.oss.champtest.net
*.oss.champtest.net
terraform-aws-lambda-773d.oss.champtest.net
terraform-aws-acm.oss.champtest.net
terraform-aws-app.oss.champtest.net
terraform-aws-lambda-22c9.oss.champtest.net
Certificate
The complete raw certificate details for keycloak.oss.champtest.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEczCCA1ugAwIBAgIQDRYsRjYkLfjhrddc9RriADANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDYwMTAwMDAwMFoXDTI1MDcwMTIzNTk1OVowJTEj MCEGA1UEAxMaa2V5Y2xvYWsub3NzLmNoYW1wdGVzdC5uZXQwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDOEwYyUfNZER8FrqyxEFANOY597kfu3ZmY7Lqy jcb9A07E4TK6rSePs/RfiahCkuzCEkyCk4nH+O8+kvPQ2fS5TsyLdstlafSBCQxa P+CxHjy+S15dV6MWgToH9ZK7JwTP6gKGPf7Dqg2kT8JDY3YD5lURjYFmT7a6500g pIFVL+4QUP0pMfgu9PZTKVee5eOdJ2+Prg+dK7FBGGslkWquYLbx0fKTsndh//XE bds8Y2nYBNNQil45aX77EfGIgcJ8rn4/VYpgZpBUr7xrXIg0PpSPY2Xxr7NqOItE CaMcyekyu7C2ayQj3BOc4e6YNHFS+bVvrlUI1A2kWM7Z6PU5AgMBAAGjggGGMIIB gjAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQU0f2d DKqKuCSOXNyqic7YTYiUzc4wJQYDVR0RBB4wHIIaa2V5Y2xvYWsub3NzLmNoYW1w dGVzdC5uZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipo dHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYB BQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250 cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1 c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8E AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAtlV/zXBuK9N0AcABRxJKL9bKPzgLbmeK9 2jVOSW++KB7bZ5UQ/Y34aMsk761ld6BlZIH84eGFCjuNWhn1yQnvOucj1hXaQVno zm3XSmuL3g5KcWivGkwO2ou3yclDZdK5Ra1H1b+wQJt9D1gU5sVxhkmjAyKS8B3v mMwQ8a1rHSc7me9kposO1J+9Zpb10QnEYMRH1G5W0TZlFDwcLcnOre4x/iFgLKSG ar37SMiLQDyF3eAoHupUD7VMkHDsLHHmDBxqHJkhBsM9u3sbY3IZiiLw5izH67qQ MbWiCWSYgK5GDMJ5sCUpDLleBqxpuh09+KtuQMQcZGVdDgQjpwGm -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhMGMlHzWREfBa6ssRBQ DTmOfe5H7t2ZmOy6so3G/QNOxOEyuq0nj7P0X4moQpLswhJMgpOJx/jvPpLz0Nn0 uU7Mi3bLZWn0gQkMWj/gsR48vkteXVejFoE6B/WSuycEz+oChj3+w6oNpE/CQ2N2 A+ZVEY2BZk+2uudNIKSBVS/uEFD9KTH4LvT2UylXnuXjnSdvj64PnSuxQRhrJZFq rmC28dHyk7J3Yf/1xG3bPGNp2ATTUIpeOWl++xHxiIHCfK5+P1WKYGaQVK+8a1yI ND6Uj2Nl8a+zajiLRAmjHMnpMruwtmskI9wTnOHumDRxUvm1b65VCNQNpFjO2ej1 OQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17395092464841538184984358329205318144 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'keycloak.oss.champtest.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26014472008294947917033445646626583085323205418580921923268576100278778400447435959897196331913027176671455866082742295345283602110976444758831734033321219435888613947679738393508640829395343830439002780483997348955814093359230577143614388997444483746537118907017433385347734033781116550077824387329639251497861103071170648696027102128846211479980111203255048568594948818644770297717949556034613324847919910233124217475520456534045941328877364538847711826767955881579361648932903871531782659062558993478990366758205297048315767235390701601364796436637398537135556571902640779355348373376177975445683784084310461052217 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d1fd9d0caa8ab8248e5cdcaa89ced84d8894cdce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'keycloak.oss.champtest.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002d955ff35c1b8af4dd00700051c4928bf5b28fce02db99e2bdda354e496fbe281edb679510fd8df868cb24efad6577a0656481fce1e1850a3b8d5a19f5c909ef3ae723d615da4159e8ce6dd74a6b8bde0e4a7168af1a4c0eda8bb7c9c94365d2b945ad47d5bfb0409b7d0f5814e6c5718649a3032292f01def98cc10f1ad6b1d273b99ef64a68b0ed49fbd6696f5d109c460c447d46e56d13665143c1c2dc9ceadee31fe21602ca4866abdfb48c88b403c85dde0281eea540fb54c9070ec2c71e60c1c6a1c992106c33dbb7b1b6372198a22f0e62cc7ebba9031b5a209649880ae460cc279b025290cb95e06ac69ba1d3df8ab6e40c41c64655d0e0423a701a6