*.nykaa.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 07:b9:ce:03:bd:f7:c8:f0:b0:d7:17:38:af:39:4e:89 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.nykaa.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:b9:ce:03:bd:f7:c8:f0:b0:d7:17:38:af:39:4e:89Serial Number (int): 10269349362178414455441999374629555849
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: f5:3c:8c:5f:3b:c8:a2:61:fd:77:36:8f:5f:a4:7c:79:ca:4c:73:62
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 99:bd:71:d8:36:95:cc:dc:ee:7a:e5:fb:d4:46:ae:10:05:ae:34:bf
Fingerprint (sha256): 11:6e:1e:23:89:ca:73:f8:18:63:88:62:3e:63:8d:5b:b9:b3:6d:4f:a6:ce:33:0b:78:0c:88:46:8c:4f:fb:b9
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.nykaa.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.nykaa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.nykaa.com
Other certificates including the domain name nykaa.com
(limited to 100 certificates)
d.d8u.com
*.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
infosec.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
explore-feed.nykaa.com
qa-explore-feed.nykaa.com
app1.ftrans01.com
servicedesk.nykaa.com
app.krademylms.com
apps.nykaa.com
pp1.nykaa.com
d.d8u.com
incapsula.com
ithelpdesk.niairport.in
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
smetrics.nykaa.com
apps.nykaa.com
infosec.nykaa.com
nonprod-events.nykaa.com
d.d8u.com
d.d8u.com
sni.cloudflaressl.com
qa-explore-event.nykaa.com
preprod-secure.nykaa.com
*.nykaa.com
survey.nykaa.com
*.nykaa.com
*.nykaa.com
*.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
nonprod-events.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
*.nykaa.com
app.krademylms.com
sherlock.nykaa.com
d.d8u.com
app1.ftrans01.com
apps.nykaa.com
sni.cloudflaressl.com
sni.cloudflaressl.com
preprod-ads.nykaa.com
posreports.nykaa.com
watson.nykaa.com
support.nykaa.com
admin-panel.nykaa.com
smetrics.nykaa.com
watson.nykaa.com
d.d8u.com
www.nykaa.com
preprod-fountain9.nykaa.com
sni.cloudflaressl.com
delivery.thehubpeople.com
ads.nykaa.com
www.nykaa.com
static-visual.nykaa.com
preprod-retina-api.nykaa.com
www.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
ithelpdesk.tatanexarc.com
nonprod-events.nykaa.com
tools.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
www.nykaa.com
delivery.acuralabs.ai
www.nykaa.com
*.nykaa.com
app.krademylms.com
survey.nykaa.com
sni.cloudflaressl.com
nykaa.com
delivery.acuralabs.ai
support.nykaa.com
www.nykaa.com
support.nykaa.com
servicedesk.linkintime.co.in
nykaa.com
*.nykaa.com
hrms.nykaa.com
sni.cloudflaressl.com
preprod-adtech-campaign-manager.nykaa.com
*.ingest.sentry-prod.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
sni.cloudflaressl.com
app.krademylms.com
dev-sellerportal.nykaa.com
qa-explore-feed.nykaa.com
smoke-api.nykaa.com
app.krademylms.com
*.ingest.sentry-prod.nykaa.com
*.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
infosec.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
explore-feed.nykaa.com
qa-explore-feed.nykaa.com
app1.ftrans01.com
servicedesk.nykaa.com
app.krademylms.com
apps.nykaa.com
pp1.nykaa.com
d.d8u.com
incapsula.com
ithelpdesk.niairport.in
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
smetrics.nykaa.com
apps.nykaa.com
infosec.nykaa.com
nonprod-events.nykaa.com
d.d8u.com
d.d8u.com
sni.cloudflaressl.com
qa-explore-event.nykaa.com
preprod-secure.nykaa.com
*.nykaa.com
survey.nykaa.com
*.nykaa.com
*.nykaa.com
*.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
nonprod-events.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
*.nykaa.com
app.krademylms.com
sherlock.nykaa.com
d.d8u.com
app1.ftrans01.com
apps.nykaa.com
sni.cloudflaressl.com
sni.cloudflaressl.com
preprod-ads.nykaa.com
posreports.nykaa.com
watson.nykaa.com
support.nykaa.com
admin-panel.nykaa.com
smetrics.nykaa.com
watson.nykaa.com
d.d8u.com
www.nykaa.com
preprod-fountain9.nykaa.com
sni.cloudflaressl.com
delivery.thehubpeople.com
ads.nykaa.com
www.nykaa.com
static-visual.nykaa.com
preprod-retina-api.nykaa.com
www.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
ithelpdesk.tatanexarc.com
nonprod-events.nykaa.com
tools.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
www.nykaa.com
delivery.acuralabs.ai
www.nykaa.com
*.nykaa.com
app.krademylms.com
survey.nykaa.com
sni.cloudflaressl.com
nykaa.com
delivery.acuralabs.ai
support.nykaa.com
www.nykaa.com
support.nykaa.com
servicedesk.linkintime.co.in
nykaa.com
*.nykaa.com
hrms.nykaa.com
sni.cloudflaressl.com
preprod-adtech-campaign-manager.nykaa.com
*.ingest.sentry-prod.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
sni.cloudflaressl.com
app.krademylms.com
dev-sellerportal.nykaa.com
qa-explore-feed.nykaa.com
smoke-api.nykaa.com
app.krademylms.com
*.ingest.sentry-prod.nykaa.com
Certificate
The complete raw certificate details for *.nykaa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgIQB7nOA733yPCw1xc4rzlOiTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIxMDAwMDAwMFoXDTI1MDEwNzIzNTk1OVowFjEU MBIGA1UEAwwLKi5ueWthYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCpd+9uu18fi6/4hDnGgpNjEHNHHrfLnH4zVp1sQ4zqOXMqUQoXgj3+r1xr 8w7vxiygFevksGGG0AIhBZwJNZ5L+tLg6zxTjrDRwpFr5My4HOTmT1gneUjrjSzN D1T7UnjdA4pZP8mxWiOGjA8xpC657d0GoP8yNqaI0ZZFRgS2s2obLN++o18KI69D GjRJF9010MqqOy8MV29vs5TaLR4oupmOYOAgKQDVx+rKyiF5uWfzg4ozh266P6jc nKcM4D+ONwRyJ/7MaYG02S1z2EYhQWqnuql1PL1Lh7yT/Kwlsgligfd7dx/V6vSR sSf3wLiWWzfsIVBoBCYCsgxQxezPAgMBAAGjggLkMIIC4DAfBgNVHSMEGDAWgBRV 2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU9TyMXzvIomH9dzaPX6R8ecpM c2IwFgYDVR0RBA8wDYILKi5ueWthYS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7 BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNv bS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v b2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j cnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAA MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgBOdaMnXJoQwzhbbNTfP1LrHfDg jhuNacCx+mSxYpo53wAAAYxR/dTUAAAEAwBHMEUCIQDQqHyYvSGfQX5JcodU+WiY lS9iI3XPhRq+JF+n/ISzGwIgJZeHSbxE0vJcRvXjeaUMw22d5z+2ZESLLySLb+g4 58oAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYxR/dUdAAAE AwBHMEUCIQD5ZGKty7kfLGOvl/WyWu6wFIcHil8ZXgyiSaWy8XDEYgIgJ8cYSepW ZjmAYrqGcfz1Pb7rXzf/8P8k7UBIlLPKRb8AdgB9WR4S4XgqexxhZ3xe/fjQh1wU oE6VnrkDL9kOjC55uAAAAYxR/dUOAAAEAwBHMEUCIQD8k+GB//fWxeZ78ovhrN6Q FuizNUtXNGoYTV4BusAn5wIgfLWvmDZSiXDcIJfaEQ1Nutsva6I5QwUvfOG3Ld0f focwDQYJKoZIhvcNAQELBQADggEBAGha7B0JIIljqFZyjEiGHJy5Ua2O9PP4zpn1 F2NcF7g3U4D1L/MyPh8zE3xvcZ3CEojrUBbv1zKQ/7pXKeEGrTdCFD/5/BD9OwEk IRvy3ZKcqKfgkO8HBPEpMIz+QVYAZ/TAYCDqHLcOKMzl6unubR812YfLEb4sFmNU R+QAgPNE9zAloXCgJhKSakXRqZUnQdTU2IAOknLCcsIITM8Aut02OotG7q91RZjt kslg2z7mK/na3UFSfOZMVtkRQc4QcOjMwxVcZt0/0JdiiBmJ38Vs9MyhAtDMBLGN jQX7dOMsXg9DhJuyJOwr8PkTlJs3O7YYF8I7gLn4LWJDTEIhfHo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXfvbrtfH4uv+IQ5xoKT YxBzRx63y5x+M1adbEOM6jlzKlEKF4I9/q9ca/MO78YsoBXr5LBhhtACIQWcCTWe S/rS4Os8U46w0cKRa+TMuBzk5k9YJ3lI640szQ9U+1J43QOKWT/JsVojhowPMaQu ue3dBqD/MjamiNGWRUYEtrNqGyzfvqNfCiOvQxo0SRfdNdDKqjsvDFdvb7OU2i0e KLqZjmDgICkA1cfqysohebln84OKM4duuj+o3JynDOA/jjcEcif+zGmBtNktc9hG IUFqp7qpdTy9S4e8k/ysJbIJYoH3e3cf1er0kbEn98C4lls37CFQaAQmArIMUMXs zwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10269349362178414455441999374629555849 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.nykaa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21393415831764485058075959730437307419695085280707013524744970632791233275775799683725617146723454812465058151702055071611851456749730960098798980071406211829710338483289326946210010336092966202035264824833454578686822701174998753822461703620021638393933528274348385334071212468898945931888898816109493680807306989025034609805162134320625556378846154166829178039900020581987118721822913175923432032598465421109484713830375494283640225382650947359685465060743983334490393556140998780316427416560559591778050977839299127934831860230700671500888771575580130332140304155783792984023885411138187518097417569275416137821391 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f53c8c5f3bc8a261fd77368f5fa47c79ca4c7362 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nykaa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c51fdd4d40000040300473045022100d0a87c98bd219f417e49728754f96898952f622375cf851abe245fa7fc84b31b022025978749bc44d2f25c46f5e379a50cc36d9de73fb664448b2f248b6fe838e7ca0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c51fdd51d0000040300473045022100f96462adcbb91f2c63af97f5b25aeeb01487078a5f195e0ca249a5b2f170c462022027c71849ea5666398062ba8671fcf53dbeeb5f37fff0ff24ed404894b3ca45bf0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c51fdd50e0000040300473045022100fc93e181fff7d6c5e67bf28be1acde9016e8b3354b57346a184d5e01bac027e702207cb5af9836528970dc2097da110d4dbadb2f6ba23943052f7ce1b72ddd1f7e87 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00685aec1d09208963a856728c48861c9cb951ad8ef4f3f8ce99f517635c17b8375380f52ff3323e1f33137c6f719dc21288eb5016efd73290ffba5729e106ad3742143ff9fc10fd3b0124211bf2dd929ca8a7e090ef0704f129308cfe41560067f4c06020ea1cb70e28cce5eae9ee6d1f35d987cb11be2c16635447e40080f344f73025a170a02612926a45d1a9952741d4d4d8800e9272c272c2084ccf00badd363a8b46eeaf754598ed92c960db3ee62bf9dadd41527ce64c56d91141ce1070e8ccc3155c66dd3fd09762881989dfc56cf4cca102d0cc04b18d8d05fb74e32c5e0f43849bb224ec2bf0f913949b373bb61817c23b80b9f82d62434c42217c7a