useast1-ush-web-content-np.use.ucdp.net

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 09:89:43:65:16:4f:63:2b:62:b5:56:b0:17:7f:31:05 was issued on by Amazon.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=useast1-ush-web-content-np.use.ucdp.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 09:89:43:65:16:4f:63:2b:62:b5:56:b0:17:7f:31:05
Serial Number (int): 12675763562076016514283075935345258757
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 68:f1:0e:5d:c8:8c:64:8a:14:58:fd:cd:ba:d0:5e:bf:1b:61:d5:10
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): b3:77:f4:15:73:79:4e:af:9e:e9:b8:75:1a:60:7e:cc:6d:bb:54:18
Fingerprint (sha256): 19:b7:b7:b0:f7:7e:a2:b1:2d:21:20:2a:63:3c:a6:9a:92:82:ee:be:45:d4:c4:73:91:dc:75:8e:cb:20:9e:68

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate useast1-ush-web-content-np.use.ucdp.net

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for useast1-ush-web-content-np.use.ucdp.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

useast1-ush-web-content-np.use.ucdp.net
useast1-ush-web-content-dev.use.ucdp.net
useast1-ush-web-content-stg.use.ucdp.net
useast1-ush-web-content-uat.use.ucdp.net
useast1-ush-web-content-feature3.use.ucdp.net
useast1-ush-web-content-qa.use.ucdp.net
useast1-ush-web-content-feature1.use.ucdp.net
useast1-ush-web-content-feature2.use.ucdp.net

Other certificates including the domain name ucdp.net

(limited to 100 certificates)
www.universalorlando.com
sphere-o.ucdp.net
p406-qa.use.ucdp.net
cred-stg02.use.ucdp.net
secure.universalstudios.com
cred-qa.use.ucdp.net
cred-qa.use.ucdp.net
usoqdtvtendvip.use.ucdp.net
acp.use.ucdp.net
secure.universalstudios.com
mdmae.use.ucdp.net
ushdevservices.use.ucdp.net
cloudant-stg02.use.ucdp.net
secure.universalstudios.com
validfill.use.ucdp.net
loc-prod.use.ucdp.net
useast1-ush-web-microsites-np.use.ucdp.net
www.universalorlando.com
ticketsqa.universalorlando.com
uoconsul.use.ucdp.net
cred-stg.use.ucdp.net
cs-qa.use.ucdp.net
ush-vpn.ucdp.net
utils-uat.use.ucdp.net
www.universalorlando.com
rms.ucdp.net
www.universalorlando.com
usoqdtvtmmvip.use.ucdp.net
hhnweb-stg02.use.ucdp.net
fraud-stg02.use.ucdp.net
hhnweb-uat-o.ucdp.net
hhnweb-dev.use.ucdp.net
inter-stg.use.ucdp.net
guest-dev.use.ucdp.net
apip-qa02.use.ucdp.net
tucppm.ucdp.net
lbqaegalaxy.use.ucdp.net
uniphd1-web.use.ucdp.net
utils-uat.use.ucdp.net
guest-uat.use.ucdp.net
et-dev.use.ucdp.net
tmt.use.ucdp.net
www.universalorlando.com
inter-dev.use.ucdp.net
usopmadmvip01.use.ucdp.net
utils-prod.use.ucdp.net
secure.universalstudios.com
hhnweb-qa.use.ucdp.net
wcs-prod.use.ucdp.net
ticketsqa.universalorlando.com
hhnweb-qa.use.ucdp.net
store.universalstudioshollywood.com
ticketsqa.universalorlando.com
hhnweb-qa-o.ucdp.net
www.universalorlando.com
loc-stg02.use.ucdp.net
utils-dev.use.ucdp.net
sphere-o.ucdp.net
creative.ucdp.net
secure.universalstudios.com
calend-dev.use.ucdp.net
minion.ucdp.net
uniphd1-webnew.use.ucdp.net
hhnweb-uat-o.ucdp.net
utils-qa.use.ucdp.net
spheresvc-o.ucdp.net
hhnweb-qa.use.ucdp.net
minionwcf.ucdp.net
hub-dev.use.ucdp.net
cloudant-uat.use.ucdp.net
www.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
shaggy.ucdp.net
inv-stg02.use.ucdp.net
folio-qa.use.ucdp.net
services-qa.ucdp.net
www.universalorlando.com
hhnweb-qa-o.ucdp.net
ushwebstore.nbcuni.com
usor7psnipe01.use.ucdp.net
geoip-prod.use.ucdp.net
inter-stg02.use.ucdp.net
ticketsqa.universalorlando.com
ticketsqa.universalorlando.com
ticketsqa.universalorlando.com
useast1-ush-web-content-np.use.ucdp.net
mdmae.use.ucdp.net
cp.use.ucdp.net
rest-dev.use.ucdp.net
mdmae-dev.use.ucdp.net
ushwebstore.nbcuni.com
webmail.use.ucdp.net
guest-stg.use.ucdp.net
hhnweb-qa-o.ucdp.net
inter-stg02.use.ucdp.net
ticketsqa.universalorlando.com
p406-dev02.use.ucdp.net
creativeqa.ucdp.net

Certificate

The complete raw certificate details for useast1-ush-web-content-np.use.ucdp.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIQCYlDZRZPYytitVawF38xBTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIwODAwMDAwMFoXDTI1MDEwNTIzNTk1OVowMjEw
MC4GA1UEAxMndXNlYXN0MS11c2gtd2ViLWNvbnRlbnQtbnAudXNlLnVjZHAubmV0
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPhNOz4gYpmGJ/AOREw4
cO1RIMfw9vPg6MTjvB0UiCyODQ/BQchoXurxyrv+jBsEi02JkKr2L2VxntYy/472
Zgjomu+ygUZ3yFTryT0JdVYCGCMNN39iCKbEpjwR4dbdW/HNQe50Rv2BICByrGMw
qDctt/I2qiOvM3zOVFoDoOWfKmDDbh7S3E4kfMUZnXdZHtrL2JR2oV/vXT5LjnrF
XnMX8kUXTRCUpumf5A7weP8rjj3ZWtA8Fg7+reg+tXEAO1Pl3ZL9pMpC9i6IZ9q0
RnkE04iMrdi8/qKsiwqyFf8SZ+lPR83Jry3Qxz6Y6V84POXu5qvDzcM6PRT5tozM
0wIDAQABo4ICzTCCAskwHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIw
HQYDVR0OBBYEFGjxDl3IjGSKFFj9zbrQXr8bYdUQMIIBagYDVR0RBIIBYTCCAV2C
J3VzZWFzdDEtdXNoLXdlYi1jb250ZW50LW5wLnVzZS51Y2RwLm5ldIIodXNlYXN0
MS11c2gtd2ViLWNvbnRlbnQtZGV2LnVzZS51Y2RwLm5ldIIodXNlYXN0MS11c2gt
d2ViLWNvbnRlbnQtc3RnLnVzZS51Y2RwLm5ldIIodXNlYXN0MS11c2gtd2ViLWNv
bnRlbnQtdWF0LnVzZS51Y2RwLm5ldIItdXNlYXN0MS11c2gtd2ViLWNvbnRlbnQt
ZmVhdHVyZTMudXNlLnVjZHAubmV0gid1c2Vhc3QxLXVzaC13ZWItY29udGVudC1x
YS51c2UudWNkcC5uZXSCLXVzZWFzdDEtdXNoLXdlYi1jb250ZW50LWZlYXR1cmUx
LnVzZS51Y2RwLm5ldIItdXNlYXN0MS11c2gtd2ViLWNvbnRlbnQtZmVhdHVyZTIu
dXNlLnVjZHAubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6g
LIYqaHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUG
CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1h
em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpv
bnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQD
AQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAixpNgze5215Ah98OqJ39drffy9+/
tskWjtBTDPjwmFJKXrZu/5Na+q3gUEYjO83SLvOgc/JJQlfFXhTlE18FpVWj/qzf
mMU4otA0ndB3hLXnmXeD4gGBHLuGH867nNShcPFj7TN1QAff5YPrOwiFCXWD4t1q
qE9ErvXilxkwEwV1GmD/0pB62aPRWBJnm6h+nNnryS39bLwi5ZoYY/tePovYok5A
rd5uw97idYl6Wc7TTDAls5L9QHTpmJW7Y5TbTL0BOGGKnTIjA8ViWymLBbBGIWZD
n4yIihVLTmtLvGVCLGcexeA94/C3RpyM1sqk8Phu3rJiwup/FaFgRAUmrw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPhNOz4gYpmGJ/AOREw4
cO1RIMfw9vPg6MTjvB0UiCyODQ/BQchoXurxyrv+jBsEi02JkKr2L2VxntYy/472
Zgjomu+ygUZ3yFTryT0JdVYCGCMNN39iCKbEpjwR4dbdW/HNQe50Rv2BICByrGMw
qDctt/I2qiOvM3zOVFoDoOWfKmDDbh7S3E4kfMUZnXdZHtrL2JR2oV/vXT5LjnrF
XnMX8kUXTRCUpumf5A7weP8rjj3ZWtA8Fg7+reg+tXEAO1Pl3ZL9pMpC9i6IZ9q0
RnkE04iMrdi8/qKsiwqyFf8SZ+lPR83Jry3Qxz6Y6V84POXu5qvDzcM6PRT5tozM
0wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12675763562076016514283075935345258757
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'useast1-ush-web-content-np.use.ucdp.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23855243458082257220674269897232543001035979363214128613043160037163303759355549758301573450609441363970076731444534202859021041300042752773310789889674240350470166581488170807278747159182095354937111740186043583729491205358937609616350054744048562127010344812125908627032999188825246976238694448576586833340482110770111856432189051927948679986486538181581732498659850476879457083733318371072416292324865240183703528019805654205188621590268839117726858385651025237496957468479194860306748367731225980606997018604510762764255538153060776438810341513969508073603378095545827957021993922052631080139259194573135285112019
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							68f10e5dc88c648a1458fdcdbad05ebf1b61d510
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (353 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-np.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-dev.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-stg.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-uat.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-feature3.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-qa.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-feature1.use.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'useast1-ush-web-content-feature2.use.ucdp.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008b1a4d8337b9db5e4087df0ea89dfd76b7dfcbdfbfb6c9168ed0530cf8f098524a5eb66eff935afaade05046233bcdd22ef3a073f2494257c55e14e5135f05a555a3feacdf98c538a2d0349dd07784b5e7997783e201811cbb861fcebb9cd4a170f163ed33754007dfe583eb3b0885097583e2dd6aa84f44aef5e29719301305751a60ffd2907ad9a3d15812679ba87e9cd9ebc92dfd6cbc22e59a1863fb5e3e8bd8a24e40adde6ec3dee275897a59ced34c3025b392fd4074e99895bb6394db4cbd0138618a9d322303c5625b298b05b0462166439f8c888a154b4e6b4bbc65422c671ec5e03de3f0b7469c8cd6caa4f0f86edeb262c2ea7f15a160440526af