huffpost.com
Issued by Amazon
About this certificate
This digital certificate with serial number 01:07:2b:72:92:f6:02:66:ac:de:fe:6c:1f:c3:38:01 was issued on by Amazon.
With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=huffpost.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:07:2b:72:92:f6:02:66:ac:de:fe:6c:1f:c3:38:01Serial Number (int): 1366455294900361838565349358557149185
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 05:13:ff:d4:62:6d:9f:25:0e:38:5c:74:50:5d:1e:db:25:3f:38:35
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 57:0a:61:76:b5:93:63:4a:41:1b:fd:96:c2:e7:b5:cc:56:c1:60:f5
Fingerprint (sha256): 15:61:bc:77:9c:af:06:ec:48:35:80:f2:50:f7:f3:4a:75:bf:de:ca:ce:be:f3:8c:7a:99:83:62:7d:81:5e:5c
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate huffpost.com
12
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for huffpost.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
huffpost.com
live.huffpost.com
publishing.huffpost.com
ryotstudio.huffpost.com
sketchy.huffpost.com
support.huffpost.com
help.huffpost.com
qa.search.huffpost.com
staging-support.huffpost.com
search.huffpost.com
ryotstudios.huffpost.com
staging.search.huffpost.com
live.huffpost.com
publishing.huffpost.com
ryotstudio.huffpost.com
sketchy.huffpost.com
support.huffpost.com
help.huffpost.com
qa.search.huffpost.com
staging-support.huffpost.com
search.huffpost.com
ryotstudios.huffpost.com
staging.search.huffpost.com
Other certificates including the domain name huffpost.com
(limited to 100 certificates)
checkout.yahoo.com
qa5.add.my.aol.com
staging-origin-life.huffpo.net
preview.www.huffpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
coupons.huffpost.com
link.huffpost.com
*.aol.com
*.add.my.aol.com
checkout.yahoo.com
img.huffingtonpost.com
www.huffingtonpost.com
*.login.yahoo.com
consent.oath.com
*.dev.buzzfeed.io
cmp.huffpost.com
production.mapi.huffpost.com
img.staging.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
beta-origin-cambria-alb.huffpo.net
staging.mapi.huffpost.com
staging.www.huffingtonpost.com
*.aol.com
stage.consent.oath.com
stage.guce2.oath.com
cmp.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.search.yahoo.com
secure.huffingtonpost.com
checkout.yahoo.com
link.huffpost.com
dev.checkout.yahoo.com
huffpost.com
qa.preview.www.huffpost.com
*.aol.com
stage.consent.oath.com
api.huffpost.com
link.huffpost.com
cmp.huffpost.com
*.dev.buzzfeed.io
*.trunk.login.yahoo.com
stage.consent.oath.com
cmp.huffpost.com
*.search.yahoo.com
stage.guce2.oath.com
modulous.huffpost.com
stage.oidc.oath.com
qa.preview.www.huffpost.com
stage.consent.oath.com
staging.www.huffingtonpost.com
www.huffpost.com
mapi.huffpost.com
*.stage.login.yahoo.com
auth.stage.huffpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
se.emails.huffpost.com
*.search.yahoo.com
assist.aol.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
*.login.yahoo.com
www.huffingtonpost.com
*.login.yahoo.com
beta.www.huffpost.com
modulous.huffpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
cmp.huffpost.com
guce2.oath.com
origin-kraken.huffpo.net
src5.yahoo.com
checkout.yahoo.com
checkout.yahoo.com
stage.guce2.oath.com
*.assets.huffingtonpost.com
*.stage.login.yahoo.com
dev.checkout.yahoo.com
dev.checkout.yahoo.com
auth.stage.huffpost.com
trunk.consent.oath.com
*.stage.login.yahoo.com
dev.search.yahoo.com
se.emails.huffpost.com
*.stage.login.yahoo.com
*.search.yahoo.com
huffpost.com
stage.guce.huffpost.com
www.huffingtonpost.com
auth.huffpost.com
consent.oath.com
qa5.add.my.aol.com
staging-origin-life.huffpo.net
preview.www.huffpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
coupons.huffpost.com
link.huffpost.com
*.aol.com
*.add.my.aol.com
checkout.yahoo.com
img.huffingtonpost.com
www.huffingtonpost.com
*.login.yahoo.com
consent.oath.com
*.dev.buzzfeed.io
cmp.huffpost.com
production.mapi.huffpost.com
img.staging.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
beta-origin-cambria-alb.huffpo.net
staging.mapi.huffpost.com
staging.www.huffingtonpost.com
*.aol.com
stage.consent.oath.com
stage.guce2.oath.com
cmp.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.search.yahoo.com
secure.huffingtonpost.com
checkout.yahoo.com
link.huffpost.com
dev.checkout.yahoo.com
huffpost.com
qa.preview.www.huffpost.com
*.aol.com
stage.consent.oath.com
api.huffpost.com
link.huffpost.com
cmp.huffpost.com
*.dev.buzzfeed.io
*.trunk.login.yahoo.com
stage.consent.oath.com
cmp.huffpost.com
*.search.yahoo.com
stage.guce2.oath.com
modulous.huffpost.com
stage.oidc.oath.com
qa.preview.www.huffpost.com
stage.consent.oath.com
staging.www.huffingtonpost.com
www.huffpost.com
mapi.huffpost.com
*.stage.login.yahoo.com
auth.stage.huffpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
se.emails.huffpost.com
*.search.yahoo.com
assist.aol.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
*.login.yahoo.com
www.huffingtonpost.com
*.login.yahoo.com
beta.www.huffpost.com
modulous.huffpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
cmp.huffpost.com
guce2.oath.com
origin-kraken.huffpo.net
src5.yahoo.com
checkout.yahoo.com
checkout.yahoo.com
stage.guce2.oath.com
*.assets.huffingtonpost.com
*.stage.login.yahoo.com
dev.checkout.yahoo.com
dev.checkout.yahoo.com
auth.stage.huffpost.com
trunk.consent.oath.com
*.stage.login.yahoo.com
dev.search.yahoo.com
se.emails.huffpost.com
*.stage.login.yahoo.com
*.search.yahoo.com
huffpost.com
stage.guce.huffpost.com
www.huffingtonpost.com
auth.huffpost.com
consent.oath.com
Certificate
The complete raw certificate details for huffpost.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIQAQcrcpL2Amas3v5sH8M4ATANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA4MTEwMDAwMDBaFw0yMjA5MDky MzU5NTlaMBcxFTATBgNVBAMTDGh1ZmZwb3N0LmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAJhL5rT8AQgh6m7mBYvVb+imTxQBgbHakokHG3JPp0wt 5pN8qPaI23c+itIx2mO6btsf5wsKb4rEUBBdobSF8Zay/wxEzpFTu/9sdeKlA8gh ooCa3YyMlH1uM2rOroTgeWtdyBPdPadoKuVc7sOQDmAcG/I0W5jhuL7+qXFDuMer 2JCq2opTVsY+LwVIu5pX8DnC/WaqZbg1r23a8QcS38N7QQQGVUY3QHZDE53miQW8 YSP2ION0cQRnixJrU28aEbn2E0KmAYE+rf029cDETv19diDMj7+DK5RSridaSpTB kSlAhU61tHmLkOkOstr5vaMmPPgq/gA5+UziaUENnZkCAwEAAaOCAoQwggKAMB8G A1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBQFE//UYm2f JQ44XHRQXR7bJT84NTCCASEGA1UdEQSCARgwggEUggxodWZmcG9zdC5jb22CEWxp dmUuaHVmZnBvc3QuY29tghdwdWJsaXNoaW5nLmh1ZmZwb3N0LmNvbYIXcnlvdHN0 dWRpby5odWZmcG9zdC5jb22CFHNrZXRjaHkuaHVmZnBvc3QuY29tghRzdXBwb3J0 Lmh1ZmZwb3N0LmNvbYIRaGVscC5odWZmcG9zdC5jb22CFnFhLnNlYXJjaC5odWZm cG9zdC5jb22CHHN0YWdpbmctc3VwcG9ydC5odWZmcG9zdC5jb22CE3NlYXJjaC5o dWZmcG9zdC5jb22CGHJ5b3RzdHVkaW9zLmh1ZmZwb3N0LmNvbYIbc3RhZ2luZy5z ZWFyY2guaHVmZnBvc3QuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5z Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMBMGA1UdIAQMMAowCAYGZ4EM AQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2Nh MWIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFi LmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADATBgorBgEE AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYAshDfpFuOOm3tzYu4A YOgU4RwEJo6uC0lWOjK/W6x7B46TFV2CyhxfpxZQtFv055tQ4KuH/CSwTC7Rm9O4 Bgwx/A7EQYurvYVGcrc2jakGu3oQn2ZknhgZoUyWQ1H2qaWIwmd49IMEiGydgtPA O05BVOx4ol53QQkJWjwTSnY9e5qD0YoN3nJEQl6QRtpFm8zuWIu/YfWW4MhjIpid qvFhNNS/Q9Uk7MJqXaxfqAtYX6al5y0ssYbcIIFcEe8sj7FbvHnEaXsGfiypWRah V4aJ7bu1jAXSKsVnfOhhPPxp53oY+76pSzC9A1D/ZavQ7l0TUaU9pJDpr/zEjt6k Mg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEvmtPwBCCHqbuYFi9Vv 6KZPFAGBsdqSiQcbck+nTC3mk3yo9ojbdz6K0jHaY7pu2x/nCwpvisRQEF2htIXx lrL/DETOkVO7/2x14qUDyCGigJrdjIyUfW4zas6uhOB5a13IE909p2gq5Vzuw5AO YBwb8jRbmOG4vv6pcUO4x6vYkKrailNWxj4vBUi7mlfwOcL9ZqpluDWvbdrxBxLf w3tBBAZVRjdAdkMTneaJBbxhI/Yg43RxBGeLEmtTbxoRufYTQqYBgT6t/Tb1wMRO /X12IMyPv4MrlFKuJ1pKlMGRKUCFTrW0eYuQ6Q6y2vm9oyY8+Cr+ADn5TOJpQQ2d mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1366455294900361838565349358557149185 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-11 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'huffpost.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19225650631089382658414492974680946678835589109603586831653594412387625936346983828534643378150339995401573512119435027899191376775591061371684645767733197280485859367521920967303506476557180979380382614314737711890857653413510057925369029355003569341358768810174487180959824489134599858498274405970910545524536002226037128302184725335983970101110575643509101049201786978758074605669426898969924628236584917634957108362241189042338571121733500665083797537284439435618092442037138782375769245253095033747581502883486338027272591902666379017959632212852836153619130912626256520871045718330580217440679770668676709981593 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0513ffd4626d9f250e385c74505d1edb253f3835 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (280 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'live.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publishing.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ryotstudio.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sketchy.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'support.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.search.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-support.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'search.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ryotstudios.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.search.huffpost.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011802c8437e916e38e9b7b7362ee0060e814e11c04268eae0b49563a32bf5bac7b078e93155d82ca1c5fa71650b45bf4e79b50e0ab87fc24b04c2ed19bd3b8060c31fc0ec4418babbd854672b7368da906bb7a109f66649e1819a14c964351f6a9a588c26778f48304886c9d82d3c03b4e4154ec78a25e774109095a3c134a763d7b9a83d18a0dde7244425e9046da459bccee588bbf61f596e0c86322989daaf16134d4bf43d524ecc26a5dac5fa80b585fa6a5e72d2cb186dc20815c11ef2c8fb15bbc79c4697b067e2ca95916a1578689edbbb58c05d22ac5677ce8613cfc69e77a18fbbea94b30bd0350ff65abd0ee5d1351a53da490e9affcc48edea432