playground.rokt.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 06:29:6b:fc:19:7d:c9:46:5f:87:60:b1:7b:41:b8:e3 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=playground.rokt.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 06:29:6b:fc:19:7d:c9:46:5f:87:60:b1:7b:41:b8:e3Serial Number (int): 8190442337123158960345202834310019299
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 35:b1:d8:c8:d7:37:85:15:e0:c0:95:b7:87:e1:bc:a9:b4:de:5e:0e
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 7d:95:bd:fe:7b:c6:23:ae:d2:a7:58:51:07:5d:c2:26:ba:be:af:29
Fingerprint (sha256): 0c:e4:b1:e3:71:e3:a5:d0:16:3e:a6:05:20:6c:f2:0f:c8:9e:94:97:0e:af:58:34:ba:4b:8e:0f:77:1f:5e:24
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate playground.rokt.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for playground.rokt.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
playground.rokt.com
*.playground.rokt.com
*.playground.rokt.com
Other certificates including the domain name rokt.com
(limited to 100 certificates)
rokt.com
customerstatus.eye-share.com
beta2-status.netsuite.com
docs.rokt.com
info.rokt.com
policies.rokt.com
herbalife.status.polaris.synopsys.com
es.rokt.com
customerstatus.eye-share.com
links.ecommerce.rokt.com
herbalife.status.polaris.synopsys.com
smb-ecommerce-api-eu-west-1.rokt.com
publishers.rokt.com
beta2-status.netsuite.com
rokt.com
beta2-status.netsuite.com
publishers.rokt.com
fr.rokt.com
smb-help.rokt.com
get.rokt.com
customerstatus.eye-share.com
smb-bigcommerce-app.rokt.com
cdn.dev.smb.rokt.com
es.rokt.com
playground.stage.rokt.com
compliance.rokt.com
rokt.com
rokt.com
cross-sell-proddemo.stage.smb.rokt.com
playground.uat.rokt.com
help.rokt.com
playground.rokt.com
smb-ecommerce-app.rokt.com
uts.rokt.com
cdn.stage.smb.rokt.com
build.rokt.com
publishers.rokt.com
customerstatus.eye-share.com
herbalife.status.polaris.synopsys.com
beta2-status.netsuite.com
es.rokt.com
my.stage.rokt.com
beta2-status.netsuite.com
customerstatus.eye-share.com
api.stage.smb.rokt.com
beta2-status.netsuite.com
jwks.stage.rokt.com
rokt.com
ideas.rokt.com
docs.rokt.com
stageeng.rokt.com
publishers.rokt.com
customerstatus.eye-share.com
fr.rokt.com
smb-bigcommerce-api.stage.rokt.com
customerstatus.eye-share.com
wordpress-test-qa2.stage.rokt.com
customerstatus.eye-share.com
get.rokt.com
rokt.com
fr.rokt.com
login.stage.rokt.com
build.rokt.com
herbalife.status.polaris.synopsys.com
stage.rokt.com
publishers.rokt.com
developers.rokt.com
rokt.com
smb-ecommerce-api-ap-southeast-2.rokt.com
api.rokt.com
rokt.com
ecomm-apps-status.rokt.com
auth-api.build.rokt.com
es.rokt.com
smb-bigcommerce-app.stage.rokt.com
customerstatus.eye-share.com
es.rokt.com
developer.rokt.com
build.rokt.com
rokt.com
rokt.com
get.rokt.com
login.rokt.com
help.rokt.com
info.rokt.com
wordpress-test-qa3.stage.rokt.com
get.rokt.com
stage.rokt.com
rokt.com
cdn.alpha.smb.rokt.com
get.rokt.com
build.rokt.com
api.dev.smb.rokt.com
stage.rokt.com
help.rokt.com
customerstatus.eye-share.com
ecomm-apps-status.rokt.com
smb-bigcommerce-api.stage.rokt.com
publishers.rokt.com
rokt.com
customerstatus.eye-share.com
beta2-status.netsuite.com
docs.rokt.com
info.rokt.com
policies.rokt.com
herbalife.status.polaris.synopsys.com
es.rokt.com
customerstatus.eye-share.com
links.ecommerce.rokt.com
herbalife.status.polaris.synopsys.com
smb-ecommerce-api-eu-west-1.rokt.com
publishers.rokt.com
beta2-status.netsuite.com
rokt.com
beta2-status.netsuite.com
publishers.rokt.com
fr.rokt.com
smb-help.rokt.com
get.rokt.com
customerstatus.eye-share.com
smb-bigcommerce-app.rokt.com
cdn.dev.smb.rokt.com
es.rokt.com
playground.stage.rokt.com
compliance.rokt.com
rokt.com
rokt.com
cross-sell-proddemo.stage.smb.rokt.com
playground.uat.rokt.com
help.rokt.com
playground.rokt.com
smb-ecommerce-app.rokt.com
uts.rokt.com
cdn.stage.smb.rokt.com
build.rokt.com
publishers.rokt.com
customerstatus.eye-share.com
herbalife.status.polaris.synopsys.com
beta2-status.netsuite.com
es.rokt.com
my.stage.rokt.com
beta2-status.netsuite.com
customerstatus.eye-share.com
api.stage.smb.rokt.com
beta2-status.netsuite.com
jwks.stage.rokt.com
rokt.com
ideas.rokt.com
docs.rokt.com
stageeng.rokt.com
publishers.rokt.com
customerstatus.eye-share.com
fr.rokt.com
smb-bigcommerce-api.stage.rokt.com
customerstatus.eye-share.com
wordpress-test-qa2.stage.rokt.com
customerstatus.eye-share.com
get.rokt.com
rokt.com
fr.rokt.com
login.stage.rokt.com
build.rokt.com
herbalife.status.polaris.synopsys.com
stage.rokt.com
publishers.rokt.com
developers.rokt.com
rokt.com
smb-ecommerce-api-ap-southeast-2.rokt.com
api.rokt.com
rokt.com
ecomm-apps-status.rokt.com
auth-api.build.rokt.com
es.rokt.com
smb-bigcommerce-app.stage.rokt.com
customerstatus.eye-share.com
es.rokt.com
developer.rokt.com
build.rokt.com
rokt.com
rokt.com
get.rokt.com
login.rokt.com
help.rokt.com
info.rokt.com
wordpress-test-qa3.stage.rokt.com
get.rokt.com
stage.rokt.com
rokt.com
cdn.alpha.smb.rokt.com
get.rokt.com
build.rokt.com
api.dev.smb.rokt.com
stage.rokt.com
help.rokt.com
customerstatus.eye-share.com
ecomm-apps-status.rokt.com
smb-bigcommerce-api.stage.rokt.com
publishers.rokt.com
rokt.com
Certificate
The complete raw certificate details for playground.rokt.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgIQBilr/Bl9yUZfh2Cxe0G44zANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTEwODAwMDAwMFoXDTI0MTIwNTIzNTk1OVowHjEc MBoGA1UEAxMTcGxheWdyb3VuZC5yb2t0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALLi8K+n85QzDd5cwI81lSqQQIfidw9uPivVzecOT/3SsB53 AlLVh+CCuVZvu6KuoYNoalmK3yJcLQM24jzNDQd/n+eabZvOt7N38Gz3CPiv0B1n +8rbRQKXUqnp1ZYcrfmjHT6Qf90DtLg2h+al5omg6otKCG94EwRE29DrDKINM49O tKJIXKBlRRuRMswAoEhp/UkEzpB3tVrti9Q1oKoq1mcNFnfA2OeTUTtIsvIRPQA1 PzOl5MRvRUtRssRc4HzGsPP31qZrJFy4M5BZ1EG7aUO3+BeIzb//O2tLOYZnWZqn JK3pgM528UOuoeb0/pTIgzuzMjFlzc6D2NUnOPsCAwEAAaOCAwQwggMAMB8GA1Ud IwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBQ1sdjI1zeFFeDA lbeH4byptN5eDjA1BgNVHREELjAsghNwbGF5Z3JvdW5kLnJva3QuY29tghUqLnBs YXlncm91bmQucm9rdC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy MDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5j cmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0w My5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMu YW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYB BAHWeQIEAgSCAW8EggFrAWkAdQDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAYutS9eMAAAEAwBGMEQCIBBEeKShrFYWNV9nBfhvN5Mno33h/Rw6DnOV aaLwQ5C1AiByAUxblJHxUqfyFzcxgnpq6rp9JWS87YcWEQnWMvTjogB3AEiw42va pkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi61L14QAAAQDAEgwRgIhANBz ZBYCXc3l3x9CSmQ5EGocnJA7l61+MDpiH+a/stW0AiEAs9IS0dGcVj4BSJ7f4gkv xGmX2rUCXCejk04Z5/uMNLwAdwA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF 7PhkbgAAAYutS9fFAAAEAwBIMEYCIQCEw6+Igt9PFYbNcEWf6TKfUeY59+odjblC NTWKiZHnVwIhAP0ZEpXqmBWmNXBgN5zvEOXK9ozELa66iHsSc4y8iPPQMA0GCSqG SIb3DQEBCwUAA4IBAQBVeD2s3b2ms906SOlLIRuqgCQe5lGLlfN3YqYdxiZhv6h4 BXxNFWlNy0vPBaQle4iSy2Cgqa3D7WfC+mQ9v2qa9fqlnumPR2z3UV6F6aOtpbsO cW6Jsnmur4xC7qPlfUDWlWmwfLxRtHWSQ4kIslZpXbxE7vQgvfRQo2tQGa6Af81W s1sxg8Q7gCdc9/hIgONED7M7SmDi46y0ouF00TimdzOz71snwXyDYt1maF3ZByXQ eYXhHVe23521qCFRL0XgSKoO8VKmprGzqYElhKO4ULVW3/j26S6u4CZgwDRg+N4q YOHzxezdmWto3IF1SZo9e0bSLL/IyEE/ghLb57ZR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuLwr6fzlDMN3lzAjzWV KpBAh+J3D24+K9XN5w5P/dKwHncCUtWH4IK5Vm+7oq6hg2hqWYrfIlwtAzbiPM0N B3+f55ptm863s3fwbPcI+K/QHWf7yttFApdSqenVlhyt+aMdPpB/3QO0uDaH5qXm iaDqi0oIb3gTBETb0OsMog0zj060okhcoGVFG5EyzACgSGn9SQTOkHe1Wu2L1DWg qirWZw0Wd8DY55NRO0iy8hE9ADU/M6XkxG9FS1GyxFzgfMaw8/fWpmskXLgzkFnU QbtpQ7f4F4jNv/87a0s5hmdZmqckremAznbxQ66h5vT+lMiDO7MyMWXNzoPY1Sc4 +wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8190442337123158960345202834310019299 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'playground.rokt.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22582326657745969889803802562634612175696597418929225998480760317465819324293494576436353452275181943291537044998087803008751276544583409511190921415472604025872529463254600167027197446024064147675642714220575181487461817929850301997695384612557475008222234082077416245241298545843294603725734571723171536240838431771905456646677785107249216478957620813695562409291791286421404013436065145933660798711840168499812155132085856267351455160309268662714250876636035631452295131844548441172837946863185837819912499720692286762969628553796456584198922244944278736416868864618899030983905435529114501110449416828650294556923 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 35b1d8c8d7378515e0c095b787e1bca9b4de5e0e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'playground.rokt.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.playground.rokt.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bad4bd78c00000403004630440220104478a4a1ac5616355f6705f86f379327a37de1fd1c3a0e739569a2f04390b5022072014c5b9491f152a7f2173731827a6aeaba7d2564bced87161109d632f4e3a200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bad4bd7840000040300483046022100d0736416025dcde5df1f424a6439106a1c9c903b97ad7e303a621fe6bfb2d5b4022100b3d212d1d19c563e01489edfe2092fc46997dab5025c27a3934e19e7fb8c34bc0077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bad4bd7c5000004030048304602210084c3af8882df4f1586cd70459fe9329f51e639f7ea1d8db94235358a8991e757022100fd191295ea9815a6357060379cef10e5caf68cc42daeba887b12738cbc88f3d0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0055783dacddbda6b3dd3a48e94b211baa80241ee6518b95f37762a61dc62661bfa878057c4d15694dcb4bcf05a4257b8892cb60a0a9adc3ed67c2fa643dbf6a9af5faa59ee98f476cf7515e85e9a3ada5bb0e716e89b279aeaf8c42eea3e57d40d69569b07cbc51b47592438908b256695dbc44eef420bdf450a36b5019ae807fcd56b35b3183c43b80275cf7f84880e3440fb33b4a60e2e3acb4a2e174d138a67733b3ef5b27c17c8362dd66685dd90725d07985e11d57b6df9db5a821512f45e048aa0ef152a6a6b1b3a9812584a3b850b556dff8f6e92eaee02660c03460f8de2a60e1f3c5ecdd996b68dc8175499a3d7b46d22cbfc8c8413f8212dbe7b651