prod-vault-helm.pcimon.frdstr.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0e:3c:cd:98:29:a9:54:f0:ad:a8:2a:69:68:79:ba:4c was issued on by Amazon.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=prod-vault-helm.pcimon.frdstr.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0e:3c:cd:98:29:a9:54:f0:ad:a8:2a:69:68:79:ba:4cSerial Number (int): 18924899702043957623687809114465483340
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: c8:ae:06:77:a8:91:11:aa:85:c6:93:53:95:f3:4a:f5:f4:6f:ef:ac
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): eb:62:75:e2:c4:3e:b7:2b:57:77:14:ac:05:75:23:58:9d:72:6c:e6
Fingerprint (sha256): 15:95:83:90:6b:4a:c6:c9:41:15:08:1d:37:d1:a8:13:f3:71:fa:b9:3b:39:e2:bf:fe:48:74:d0:ce:6e:51:c0
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate prod-vault-helm.pcimon.frdstr.com
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prod-vault-helm.pcimon.frdstr.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prod-vault-helm.pcimon.frdstr.com
vault.frdstr.com
prod-vault-helm.pcimon.use.frdstr.com
vault.forter-internal.com
vault.pcimon.use.frdstr.com
vault.pcimon.forter-internal.com
prod-vault-helm.frdstr.com
vault.pcimon.frdstr.com
prod-vault-helm.use.frdstr.com
vault.pcimon.euw.frdstr.com
vault.frdstr.com
prod-vault-helm.pcimon.use.frdstr.com
vault.forter-internal.com
vault.pcimon.use.frdstr.com
vault.pcimon.forter-internal.com
prod-vault-helm.frdstr.com
vault.pcimon.frdstr.com
prod-vault-helm.use.frdstr.com
vault.pcimon.euw.frdstr.com
Other certificates including the domain name frdstr.com
(limited to 100 certificates)
redash.frdstr.com
prod-accounts-es-writer.frdstr.com
orizon.coleta.relatoweb.com.br
monitor.frdstr.com
storm.frdstr.com
rfpxer.frdstr.com
stagingportal.frdstr.com
hq.frdstr.com
artifactory.frdstr.com
cr0n.frdstr.com
three-ds-new.frdstr.com
sites.use.frdstr.com
tableau.frdstr.com
dev.atlas.frdstr.com
prod-enrichment.frdstr.com
squid.frdstr.com
prodreindex.es.frdstr.com
*.es.frdstr.com
toolbox.frdstr.com
docu.frdstr.com
hq.frdstr.com
prod-sessions-es-writer-f.frdstr.com
squid.frdstr.com
spectator.frdstr.com
ptrend.frdstr.com
chuck.usw.frdstr.com
prod-sessions-es-writer-l.frdstr.com
monitor.usw.frdstr.com
geocodio.frdstr.com
estest.frdstr.com
redash.frdstr.com
hq.frdstr.com
sessions-persistence.frdstr.com
prod-enrichment.frdstr.com
sites.usw.frdstr.com
cr0n.frdstr.com
prodintents-euw.es.frdstr.com
artifactory.frdstr.com
cr0n.usw.frdstr.com
cr0n.frdstr.com
rugatkins.use.frdstr.com
stagingportal.frdstr.com
prod-vault-helm.pcimon.frdstr.com
prod-vault-helm.euw.frdstr.com
accounts-storm-realtime.frdstr.com
historun-enrichment-google-proxy.frdstr.com
prodfp.usw.frdstr.com
academy.frdstr.com
portal.frdstr.com
docu.frdstr.com
dev-consul-api-gwsame-vpc.frdstr.com
claims.frdstr.com
prod-consul-api-gwsame-vpc.frdstr.com
dev-vault-k8s.frdstr.com
monitor.frdstr.com
prod-sessions-es-writer-l.frdstr.com
confetti-ui.use.frdstr.com
squid.frdstr.com
tableau.frdstr.com
prod-kafka-rest-proxy.frdstr.com
techradar.frdstr.com
dev-confetti.frdstr.com
artifactory.frdstr.com
cr0n.use.frdstr.com
smart-logic-policy-payload-maintainer.frdstr.com
develop-netservices.frdstr.com
stagingportal.usw.frdstr.com
dali.lightstream.euw.frdstr.com
gozer2.frdstr.com
thanos-querier.use.frdstr.com
gozer.frdstr.com
adaptive-auth.frdstr.com
prodintents-euw.es.frdstr.com
sigmund.frdstr.com
logging-kibana-public.frdstr.com
prod-tasks-md-writer-high.frdstr.com
redactor-staging.frdstr.com
enrichments.frdstr.com
sigmund.use.frdstr.com
batchman.frdstr.com
confetti.frdstr.com
squid.frdstr.com
*.es.frdstr.com
o11y-cert-frdstr.frdstr.com
pushgateway.use.frdstr.com
stagingportal.frdstr.com
dev-cyber-ip-enrichment.frdstr.com
status.use.frdstr.com
portal.frdstr.com
historun-enrichment-google-proxy.frdstr.com
prod-eh-a-tp-es-portal-w.frdstr.com
heimdall-dashboard.frdstr.com
alertmanager.use.frdstr.com
stagingportal.frdstr.com
prod-consul-api-gw-okta.frdstr.com
stagingportal.use.frdstr.com
stagingportal.frdstr.com
dev-consul-api-gw.frdstr.com
redash.frdstr.com
stagingportal.frdstr.com
prod-accounts-es-writer.frdstr.com
orizon.coleta.relatoweb.com.br
monitor.frdstr.com
storm.frdstr.com
rfpxer.frdstr.com
stagingportal.frdstr.com
hq.frdstr.com
artifactory.frdstr.com
cr0n.frdstr.com
three-ds-new.frdstr.com
sites.use.frdstr.com
tableau.frdstr.com
dev.atlas.frdstr.com
prod-enrichment.frdstr.com
squid.frdstr.com
prodreindex.es.frdstr.com
*.es.frdstr.com
toolbox.frdstr.com
docu.frdstr.com
hq.frdstr.com
prod-sessions-es-writer-f.frdstr.com
squid.frdstr.com
spectator.frdstr.com
ptrend.frdstr.com
chuck.usw.frdstr.com
prod-sessions-es-writer-l.frdstr.com
monitor.usw.frdstr.com
geocodio.frdstr.com
estest.frdstr.com
redash.frdstr.com
hq.frdstr.com
sessions-persistence.frdstr.com
prod-enrichment.frdstr.com
sites.usw.frdstr.com
cr0n.frdstr.com
prodintents-euw.es.frdstr.com
artifactory.frdstr.com
cr0n.usw.frdstr.com
cr0n.frdstr.com
rugatkins.use.frdstr.com
stagingportal.frdstr.com
prod-vault-helm.pcimon.frdstr.com
prod-vault-helm.euw.frdstr.com
accounts-storm-realtime.frdstr.com
historun-enrichment-google-proxy.frdstr.com
prodfp.usw.frdstr.com
academy.frdstr.com
portal.frdstr.com
docu.frdstr.com
dev-consul-api-gwsame-vpc.frdstr.com
claims.frdstr.com
prod-consul-api-gwsame-vpc.frdstr.com
dev-vault-k8s.frdstr.com
monitor.frdstr.com
prod-sessions-es-writer-l.frdstr.com
confetti-ui.use.frdstr.com
squid.frdstr.com
tableau.frdstr.com
prod-kafka-rest-proxy.frdstr.com
techradar.frdstr.com
dev-confetti.frdstr.com
artifactory.frdstr.com
cr0n.use.frdstr.com
smart-logic-policy-payload-maintainer.frdstr.com
develop-netservices.frdstr.com
stagingportal.usw.frdstr.com
dali.lightstream.euw.frdstr.com
gozer2.frdstr.com
thanos-querier.use.frdstr.com
gozer.frdstr.com
adaptive-auth.frdstr.com
prodintents-euw.es.frdstr.com
sigmund.frdstr.com
logging-kibana-public.frdstr.com
prod-tasks-md-writer-high.frdstr.com
redactor-staging.frdstr.com
enrichments.frdstr.com
sigmund.use.frdstr.com
batchman.frdstr.com
confetti.frdstr.com
squid.frdstr.com
*.es.frdstr.com
o11y-cert-frdstr.frdstr.com
pushgateway.use.frdstr.com
stagingportal.frdstr.com
dev-cyber-ip-enrichment.frdstr.com
status.use.frdstr.com
portal.frdstr.com
historun-enrichment-google-proxy.frdstr.com
prod-eh-a-tp-es-portal-w.frdstr.com
heimdall-dashboard.frdstr.com
alertmanager.use.frdstr.com
stagingportal.frdstr.com
prod-consul-api-gw-okta.frdstr.com
stagingportal.use.frdstr.com
stagingportal.frdstr.com
dev-consul-api-gw.frdstr.com
redash.frdstr.com
stagingportal.frdstr.com
Certificate
The complete raw certificate details for prod-vault-helm.pcimon.frdstr.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgIQDjzNmCmpVPCtqCppaHm6TDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDUyNzAwMDAwMFoXDTI1MDYyNTIzNTk1OVowLDEq MCgGA1UEAxMhcHJvZC12YXVsdC1oZWxtLnBjaW1vbi5mcmRzdHIuY29tMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxiChJUD9EL2cQU//3waCD2X7tJ4 J5WImqjJNJhTDMlQLDFQQPpLyV8DOLnMN0QyBZVPbQpcyZKSwNDuQUQOLAhGX/oR SlgvbIwRxBsQUdIO31XtPXpdSMOQey8kYn/hfVpdLd0iiBqtSS2j13DmWn1LzU/x exbbZ/Z9BjWhHqjZo3lMu7s6pLshScvFrHLiKQwgdARUGZdCUR5mNR5xrYsAH3hJ qTrMV6/tOK+co6QB9eFRyYpS0IOqYkTEwWUOLs6EOAO5AaQ/RGE7AoKGwY3s86ms v3YtGBrwV4E87EuVZRpBc+n9VCr+LDZjxFbLNOEiOf2WAhnh4+vIBLJjYwIDAQAB o4ICmDCCApQwHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0O BBYEFMiuBneokRGqhcaTU5XzSvX0b++sMIIBNQYDVR0RBIIBLDCCASiCIXByb2Qt dmF1bHQtaGVsbS5wY2ltb24uZnJkc3RyLmNvbYIQdmF1bHQuZnJkc3RyLmNvbYIl cHJvZC12YXVsdC1oZWxtLnBjaW1vbi51c2UuZnJkc3RyLmNvbYIZdmF1bHQuZm9y dGVyLWludGVybmFsLmNvbYIbdmF1bHQucGNpbW9uLnVzZS5mcmRzdHIuY29tgiB2 YXVsdC5wY2ltb24uZm9ydGVyLWludGVybmFsLmNvbYIacHJvZC12YXVsdC1oZWxt LmZyZHN0ci5jb22CF3ZhdWx0LnBjaW1vbi5mcmRzdHIuY29tgh5wcm9kLXZhdWx0 LWhlbG0udXNlLmZyZHN0ci5jb22CG3ZhdWx0LnBjaW1vbi5ldXcuZnJkc3RyLmNv bTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j cmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRp MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNv bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20v cjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ KoZIhvcNAQELBQADggEBAIRaYefli4DZIkIzbzU1t/pGfSbXMDAd9cjGHg3+E3WY mfQSeNg8XtzX4vum6qHvjk2oA9ppDpwAML6Bw+3srDkkmETkBGEdMLtjPtwK9M0R wooo8PG0e0ef2zocJYL51Qronh3a2kMkIxmDj4l5Wb8dSyGZC6JxCnUoO4QfLYVK 0lE7OmpnKh9GKp2bjew9E76LnGrEd8oKRaHrcCY+RYlunB3hoeKRXJ4Lvu02jv0g FtZvDzUrkJ0LcEZsRCQYuliynlfNgVjZ/MPOAFdHA4tJYLgs7JT6OC6oZysh7+8U T0b6Q04Z5pwAQSKO3ImL6vt1+MOasGDPBoHDN1B5UxE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxiChJUD9EL2cQU//3wa CD2X7tJ4J5WImqjJNJhTDMlQLDFQQPpLyV8DOLnMN0QyBZVPbQpcyZKSwNDuQUQO LAhGX/oRSlgvbIwRxBsQUdIO31XtPXpdSMOQey8kYn/hfVpdLd0iiBqtSS2j13Dm Wn1LzU/xexbbZ/Z9BjWhHqjZo3lMu7s6pLshScvFrHLiKQwgdARUGZdCUR5mNR5x rYsAH3hJqTrMV6/tOK+co6QB9eFRyYpS0IOqYkTEwWUOLs6EOAO5AaQ/RGE7AoKG wY3s86msv3YtGBrwV4E87EuVZRpBc+n9VCr+LDZjxFbLNOEiOf2WAhnh4+vIBLJj YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18924899702043957623687809114465483340 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prod-vault-helm.pcimon.frdstr.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22103789619426822447623651028659510818783385794322478124843876495438882870801775532089044396577970544179083210196422373546341656535165343766980402555791790515420401675462863363058740902659687709210827684146737038792108978601399394621532325104819473610137392325515786116017402873857372723859978203210182308933822493084302619303162061506697909188600523743666906328674247116154836964949516603237116362941459795434920679060424658547495252463602111526136639136720270704868573963298120879003393573653804714249629247082947306939163815949819582462474925156672891605232452319230272059938954807108438849500738370756591205114723 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c8ae0677a89111aa85c6935395f34af5f46fefac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (300 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-vault-helm.pcimon.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vault.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-vault-helm.pcimon.use.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vault.forter-internal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vault.pcimon.use.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vault.pcimon.forter-internal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-vault-helm.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vault.pcimon.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-vault-helm.use.frdstr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vault.pcimon.euw.frdstr.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00845a61e7e58b80d92242336f3535b7fa467d26d730301df5c8c61e0dfe13759899f41278d83c5edcd7e2fba6eaa1ef8e4da803da690e9c0030be81c3edecac39249844e404611d30bb633edc0af4cd11c28a28f0f1b47b479fdb3a1c2582f9d50ae89e1ddada43242319838f897959bf1d4b21990ba2710a75283b841f2d854ad2513b3a6a672a1f462a9d9b8dec3d13be8b9c6ac477ca0a45a1eb70263e45896e9c1de1a1e2915c9e0bbeed368efd2016d66f0f352b909d0b70466c442418ba58b29e57cd8158d9fcc3ce005747038b4960b82cec94fa382ea8672b21efef144f46fa434e19e69c0041228edc898beafb75f8c39ab060cf0681c33750795311