www.huffingtonpost.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 02:ed:bd:c1:be:5f:ca:41:c8:65:9d:71:d3:7f:75:58 was issued on by Amazon.
With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.huffingtonpost.com
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:ed:bd:c1:be:5f:ca:41:c8:65:9d:71:d3:7f:75:58Serial Number (int): 3892879072410996262923601516259407192
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 7e:e5:b3:42:3b:36:a5:e6:6e:7a:11:12:3f:ee:2c:b1:f7:7f:9e:93
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 35:71:8d:94:73:2a:2f:c5:24:bf:c2:dc:8f:c2:91:31:11:c3:07:ff
Fingerprint (sha256): 0d:c8:73:ae:d5:95:ac:39:b9:18:0e:4e:cc:ee:87:5f:a5:fa:f9:2d:e4:b5:82:76:96:ad:28:cc:6b:a8:00:0f
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate www.huffingtonpost.com
12
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.huffingtonpost.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.huffingtonpost.com
preview.m.huffpost.com
*.huffpo.net
*.use1.huffpo.net
*.preview.www.huffingtonpost.com
*.mapi.huffpost.com
*.www.huffingtonpost.com
*.preview.m.huffpost.com
preview.www.huffingtonpost.com
m.huffpost.com
mapi.huffpost.com
*.m.huffpost.com
preview.m.huffpost.com
*.huffpo.net
*.use1.huffpo.net
*.preview.www.huffingtonpost.com
*.mapi.huffpost.com
*.www.huffingtonpost.com
*.preview.m.huffpost.com
preview.www.huffingtonpost.com
m.huffpost.com
mapi.huffpost.com
*.m.huffpost.com
Other certificates including the domain name huffingtonpost.com
(limited to 100 certificates)
qa5.add.my.aol.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
*.aol.com
*.add.my.aol.com
pr.huffingtonpost.com
img.huffingtonpost.com
www.huffingtonpost.com
*.contributor.huffingtonpost.com
content.huffingtonpost.com
staging-userapi.huffingtonpost.com
img.staging.huffingtonpost.com
accounts.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
beta-origin-cambria-alb.huffpo.net
staging.www.huffingtonpost.com
*.aol.com
stage.guce.oath.com
production-kraken-valencia-preview.use1.huffpo.net
accounts.huffingtonpost.com
*.search.yahoo.com
secure.huffingtonpost.com
b.aol.com
*.aol.com
huffingtonpost.com
athena.huffingtonpost.com
huffingtonpost.com
src1.yahoo.com
*.search.yahoo.com
trunk.guce.oath.com
trunk.guce.oath.com
qa.preview.www.huffpost.com
staging.www.huffingtonpost.com
www.huffpost.com
huffingtonpost.com
accounts.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
*.search.yahoo.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
stage.guce.oath.com
www.huffingtonpost.com
*.assets.huffingtonpost.com
origin-img.huffingtonpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
*.prod.buzzfeed.io
ifthisartcouldvote.huffingtonpost.com
origin-kraken.huffpo.net
src5.yahoo.com
staging-athena-mongo-cms.huffpost.net
ifthisartcouldvote.huffingtonpost.com
news.huffingtonpost.com
*.assets.huffingtonpost.com
stage.guce.oath.com
*.prod.buzzfeed.io
content.staging.huffingtonpost.com
dev.search.yahoo.com
ifthisartcouldvote.huffingtonpost.com
*.search.yahoo.com
guce.oath.com
www.huffingtonpost.com
editorial.huffingtonpost.com
src1.yahoo.com
staging.www.huffingtonpost.com
qa.preview.www.huffpost.com
*.search.yahoo.com
editorial.huffingtonpost.com
*.stage.buzzfeed.io
src6.yahoo.com
accounts.huffingtonpost.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
src1.yahoo.com
src6.yahoo.com
*.preview.www.huffpost.com
staging.preview.www.huffpost.com
secure.huffingtonpost.com
secure.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
*.app-west.buzzfeed.io
huffingtonpost.com
ws.huffingtonpost.com
qa.mapi.huffpost.com
secure.huffingtonpost.com
*.add.my.aol.com
preview.www.huffpost.com
origin-kraken.huffpo.net
trunk.guce.oath.com
sp.huffingtonpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
*.aol.com
*.add.my.aol.com
pr.huffingtonpost.com
img.huffingtonpost.com
www.huffingtonpost.com
*.contributor.huffingtonpost.com
content.huffingtonpost.com
staging-userapi.huffingtonpost.com
img.staging.huffingtonpost.com
accounts.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
beta-origin-cambria-alb.huffpo.net
staging.www.huffingtonpost.com
*.aol.com
stage.guce.oath.com
production-kraken-valencia-preview.use1.huffpo.net
accounts.huffingtonpost.com
*.search.yahoo.com
secure.huffingtonpost.com
b.aol.com
*.aol.com
huffingtonpost.com
athena.huffingtonpost.com
huffingtonpost.com
src1.yahoo.com
*.search.yahoo.com
trunk.guce.oath.com
trunk.guce.oath.com
qa.preview.www.huffpost.com
staging.www.huffingtonpost.com
www.huffpost.com
huffingtonpost.com
accounts.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
*.search.yahoo.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
stage.guce.oath.com
www.huffingtonpost.com
*.assets.huffingtonpost.com
origin-img.huffingtonpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
*.prod.buzzfeed.io
ifthisartcouldvote.huffingtonpost.com
origin-kraken.huffpo.net
src5.yahoo.com
staging-athena-mongo-cms.huffpost.net
ifthisartcouldvote.huffingtonpost.com
news.huffingtonpost.com
*.assets.huffingtonpost.com
stage.guce.oath.com
*.prod.buzzfeed.io
content.staging.huffingtonpost.com
dev.search.yahoo.com
ifthisartcouldvote.huffingtonpost.com
*.search.yahoo.com
guce.oath.com
www.huffingtonpost.com
editorial.huffingtonpost.com
src1.yahoo.com
staging.www.huffingtonpost.com
qa.preview.www.huffpost.com
*.search.yahoo.com
editorial.huffingtonpost.com
*.stage.buzzfeed.io
src6.yahoo.com
accounts.huffingtonpost.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
src1.yahoo.com
src6.yahoo.com
*.preview.www.huffpost.com
staging.preview.www.huffpost.com
secure.huffingtonpost.com
secure.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
*.app-west.buzzfeed.io
huffingtonpost.com
ws.huffingtonpost.com
qa.mapi.huffpost.com
secure.huffingtonpost.com
*.add.my.aol.com
preview.www.huffpost.com
origin-kraken.huffpo.net
trunk.guce.oath.com
sp.huffingtonpost.com
Certificate
The complete raw certificate details for www.huffingtonpost.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG1jCCBb6gAwIBAgIQAu29wb5fykHIZZ1x0391WDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDMwNDAwMDAwMFoXDTI0MDQwMTIzNTk1OVowITEf MB0GA1UEAxMWd3d3Lmh1ZmZpbmd0b25wb3N0LmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBALZ5kI3sMuMp8+1UNX0EiRLqLCR/LtQCEJ+zY7kgZxGR H+7R1ohLu84yAZbdxI4gQ4k6cTcLuv06Ya5Ynp68fD9DS9+aHib4bG9JJIl1KTOG xgXzar6qaeSa64Uxtj149Els3giQr8W6CQAL5oF+YebE3+WgS2H/PbwUhwH9lT/9 N5HHh3lU47R+gJNQTgLsLwKbco8XGmmGM4FYhtc6w1uzupZjvtnni+kmC4e8NdJ8 yO43oK5GhwJvHjqqDE5ikUaCUF6OIgXUsRtrrwpLMhpccUgi9DAkoYK1uLpKYE0M DWbnrdOm40OfIVe0froQtNNa44RDIieI27zhMVRAhk0CAwEAAaOCA+0wggPpMB8G A1UdIwQYMBaAFIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBR+5bNCOzal 5m56ERI/7iyx93+ekzCCAR4GA1UdEQSCARUwggERghZ3d3cuaHVmZmluZ3RvbnBv c3QuY29tghZwcmV2aWV3Lm0uaHVmZnBvc3QuY29tggwqLmh1ZmZwby5uZXSCESou dXNlMS5odWZmcG8ubmV0giAqLnByZXZpZXcud3d3Lmh1ZmZpbmd0b25wb3N0LmNv bYITKi5tYXBpLmh1ZmZwb3N0LmNvbYIYKi53d3cuaHVmZmluZ3RvbnBvc3QuY29t ghgqLnByZXZpZXcubS5odWZmcG9zdC5jb22CHnByZXZpZXcud3d3Lmh1ZmZpbmd0 b25wb3N0LmNvbYIObS5odWZmcG9zdC5jb22CEW1hcGkuaHVmZnBvc3QuY29tghAq Lm0uaHVmZnBvc3QuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0w MS5hbWF6b250cnVzdC5jb20vcjJtMDEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIB MHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDEu YW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAxLmFt YXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB 1nkCBAIEggFtBIIBaQFnAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEf tZsAAAGGqr7vaQAABAMARzBFAiAjMYzac8DYCFTR538mCAChO5hfGjJD/hOkK+Wj pMEupQIhAOd+FlY/BQq7b+AaqmqDTHjLbdCnTLYVpG3ZqH3Z+MPvAHUAc9meiRtM lnigIH1HneayxhzQUV5xGSqMa4AQesF3crUAAAGGqr7v0AAABAMARjBEAiBsu1Sm 4lENQbPUn9AH4jS1VZIIlAZMpjlQMQeDEAuklQIgVG5qnxrDh2hAzi61LoeWQUaJ wzdD/XduCGZ8LCyPelQAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE cwAAAYaqvu+UAAAEAwBHMEUCIQDqIXtdWbL5rKx+WNWNEnBApaHynH5cucWI+Q35 a8dPzQIgSsUZDOsNBReIVF8dQbKAajtOHBHfcBjysqXQfUhyd0UwDQYJKoZIhvcN AQELBQADggEBACWK2ClHlY7bpLmUdV6EM1Ia2pQ5ySOFxD+ZGvY1Ljdvc8uOJiKT enaTGNlKVOpznTVZqnY8iqFGsAwmdWocB6Q5Gok13g3+/3kWlGBPvP4FY+MCqFLJ IngnYUab9inWQTcZ5s5orFuj9MIK3grq/VAZISJD5sZbHwxc/LQfHoNwDi7WJpGw bEeDT1Hc9lD2AOAB8a3inO7DftkWvJ3fq0pz7ysYxWytUBgOHofhFXDEEXokraoi nxt6sFMfV8v9pcpwp2XXsbhmWRXLnbOLi3he/XnMWr1NhKL0WXUOb9jquI7b6RAm q0F47YQZLWK4hbx9safKMRJDvDWk4Rm/SKw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnmQjewy4ynz7VQ1fQSJ EuosJH8u1AIQn7NjuSBnEZEf7tHWiEu7zjIBlt3EjiBDiTpxNwu6/Tphrlienrx8 P0NL35oeJvhsb0kkiXUpM4bGBfNqvqpp5JrrhTG2PXj0SWzeCJCvxboJAAvmgX5h 5sTf5aBLYf89vBSHAf2VP/03kceHeVTjtH6Ak1BOAuwvAptyjxcaaYYzgViG1zrD W7O6lmO+2eeL6SYLh7w10nzI7jegrkaHAm8eOqoMTmKRRoJQXo4iBdSxG2uvCksy GlxxSCL0MCShgrW4ukpgTQwNZuet06bjQ58hV7R+uhC001rjhEMiJ4jbvOExVECG TQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3892879072410996262923601516259407192 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.huffingtonpost.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23035317274623626789839297860838589796705950214448440102433673548738489853188279377522794053251266532256273483730432136110161177450797891948773146628929177034795508422354109992487581759682271051532880260189619793031821889722204280427431304895019658708642464785045953252990875048204961944761334905573691923836959859024762240342131994974144624172261485273389828484503701385147623788924344692175054075086464239550375980331378192202094496117019756572142700438358489518203272726522697722795340165583727100679289876103654008688921843351720947605910377477281232397067415206801937076581168092764640378434807688037639705888333 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7ee5b3423b36a5e66e7a11123fee2cb1f77f9e93 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (277 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.huffingtonpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preview.m.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.use1.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preview.www.huffingtonpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mapi.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.www.huffingtonpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preview.m.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preview.www.huffingtonpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mapi.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.m.huffpost.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000186aabeef690000040300473045022023318cda73c0d80854d1e77f260800a13b985f1a3243fe13a42be5a3a4c12ea5022100e77e16563f050abb6fe01aaa6a834c78cb6dd0a74cb615a46dd9a87dd9f8c3ef00750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000186aabeefd0000004030046304402206cbb54a6e2510d41b3d49fd007e234b555920894064ca63950310783100ba4950220546e6a9f1ac3876840ce2eb52e8796414689c33743fd776e08667c2c2c8f7a5400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000186aabeef940000040300473045022100ea217b5d59b2f9acac7e58d58d127040a5a1f29c7e5cb9c588f90df96bc74fcd02204ac5190ceb0d051788545f1d41b2806a3b4e1c11df7018f2b2a5d07d48727745 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00258ad82947958edba4b994755e8433521ada9439c92385c43f991af6352e376f73cb8e2622937a769318d94a54ea739d3559aa763c8aa146b00c26756a1c07a4391a8935de0dfeff791694604fbcfe0563e302a852c922782761469bf629d6413719e6ce68ac5ba3f4c20ade0aeafd5019212243e6c65b1f0c5cfcb41f1e83700e2ed62691b06c47834f51dcf650f600e001f1ade29ceec37ed916bc9ddfab4a73ef2b18c56cad50180e1e87e11570c4117a24adaa229f1b7ab0531f57cbfda5ca70a765d7b1b8665915cb9db38b8b785efd79cc5abd4d84a2f459750e6fd8eab88edbe91026ab4178ed84192d62b885bc7db1a7ca311243bc35a4e119bf48ac