*.staging.bnn.de
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0d:d0:d7:82:ca:de:90:09:71:7d:92:0c:98:53:46:d9 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.staging.bnn.de
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:d0:d7:82:ca:de:90:09:71:7d:92:0c:98:53:46:d9Serial Number (int): 18364332772290096168827105372517123801
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ee:7a:88:e6:1c:aa:31:e2:7b:2d:43:31:3e:a3:0a:c8:73:12:7f:93
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): c7:c4:d3:81:1b:b3:b2:5f:df:db:da:52:86:6d:c9:e8:cf:8a:0f:9b
Fingerprint (sha256): 1c:b7:af:dd:a1:19:a4:aa:c3:ac:bd:12:f1:54:b2:b3:07:3c:36:8c:a0:2e:9e:47:7c:d6:ed:b5:bb:43:8a:a3
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.staging.bnn.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.staging.bnn.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.staging.bnn.de
*.bnn.de
*.bnn.de
Other certificates including the domain name bnn.de
(limited to 100 certificates)
selbsteingabe.jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
bnn.de
appapi-elb.bnn.de
jobs.bnn.de
test.dev.bnn.de
printportal.bnn.de
www.ingedenken.de
*.staging.bnn.de
pageflow.bnn.de
sandbox.service.bnn.de
jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
kino.bnn.de
a.westfalen-blatt.de
pageflow.bnn.de
veranstaltungen.bnn.de
bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
selbsteingabe.jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
printportal.bnn.de
appapi.bnn.de
a.westfalen-blatt.de
selbsteingabe.jobs.bnn.de
api.geo-real.it
leserreisen.bnn.de
sandbox.service.bnn.de
stage.service.bnn.de
a.westfalen-blatt.de
pageflow.bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
api.geo-real.it
jobs.bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
veranstaltungen.bnn.de
bnn.de
dev.bnn.de
jobs.bnn.de
printportal.bnn.de
pageflow.bnn.de
www.bnn.de
www.bnn.de
api.geo-real.it
jobs.bnn.de
jobs.bnn.de
sandbox.service.bnn.de
jobs.bnn.de
api.geo-real.it
appapi-qa-elb.bnn.de
appapi-elb.bnn.de
pageflow.bnn.de
staging.bnn.de
jobs.bnn.de
*.bnn.de
pageflow.bnn.de
api.geo-real.it
veranstaltungen.bnn.de
*.bnn.de
pageflow.bnn.de
kino.bnn.de
pageflow.bnn.de
leserreisen.bnn.de
kino.bnn.de
jobs.bnn.de
stage.service.bnn.de
veranstaltungen.bnn.de
pageflow.bnn.de
jobs.bnn.de
pageflow.bnn.de
appapi-elb.bnn.de
sandbox.service.bnn.de
pageflow.bnn.de
appapi-qa-elb.bnn.de
selbsteingabe.jobs.bnn.de
leserreisen.bnn.de
pageflow.bnn.de
jobs.bnn.de
*.bnn.de
kino.bnn.de
*.bnn.de
api.geo-real.it
*.bnn.de
pageflow.bnn.de
jobs.bnn.de
veranstaltungen.bnn.de
veranstaltungen.bnn.de
www.ingedenken.de
kino.bnn.de
jobs.bnn.de
selbsteingabe.jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
bnn.de
appapi-elb.bnn.de
jobs.bnn.de
test.dev.bnn.de
printportal.bnn.de
www.ingedenken.de
*.staging.bnn.de
pageflow.bnn.de
sandbox.service.bnn.de
jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
kino.bnn.de
a.westfalen-blatt.de
pageflow.bnn.de
veranstaltungen.bnn.de
bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
selbsteingabe.jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
printportal.bnn.de
appapi.bnn.de
a.westfalen-blatt.de
selbsteingabe.jobs.bnn.de
api.geo-real.it
leserreisen.bnn.de
sandbox.service.bnn.de
stage.service.bnn.de
a.westfalen-blatt.de
pageflow.bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
api.geo-real.it
jobs.bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
veranstaltungen.bnn.de
bnn.de
dev.bnn.de
jobs.bnn.de
printportal.bnn.de
pageflow.bnn.de
www.bnn.de
www.bnn.de
api.geo-real.it
jobs.bnn.de
jobs.bnn.de
sandbox.service.bnn.de
jobs.bnn.de
api.geo-real.it
appapi-qa-elb.bnn.de
appapi-elb.bnn.de
pageflow.bnn.de
staging.bnn.de
jobs.bnn.de
*.bnn.de
pageflow.bnn.de
api.geo-real.it
veranstaltungen.bnn.de
*.bnn.de
pageflow.bnn.de
kino.bnn.de
pageflow.bnn.de
leserreisen.bnn.de
kino.bnn.de
jobs.bnn.de
stage.service.bnn.de
veranstaltungen.bnn.de
pageflow.bnn.de
jobs.bnn.de
pageflow.bnn.de
appapi-elb.bnn.de
sandbox.service.bnn.de
pageflow.bnn.de
appapi-qa-elb.bnn.de
selbsteingabe.jobs.bnn.de
leserreisen.bnn.de
pageflow.bnn.de
jobs.bnn.de
*.bnn.de
kino.bnn.de
*.bnn.de
api.geo-real.it
*.bnn.de
pageflow.bnn.de
jobs.bnn.de
veranstaltungen.bnn.de
veranstaltungen.bnn.de
www.ingedenken.de
kino.bnn.de
jobs.bnn.de
selbsteingabe.jobs.bnn.de
Certificate
The complete raw certificate details for *.staging.bnn.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIQDdDXgsrekAlxfZIMmFNG2TANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDQxNjAwMDAwMFoXDTI0MDUxNDIzNTk1OVowGzEZ MBcGA1UEAwwQKi5zdGFnaW5nLmJubi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALWCMTEOLvhOepwAhI4+h9kE66vopRj/1HcZ0NK+4SAHQZsarpi+ 64PMdrZX5d3efJDaD/CEYGMOKMW9T5nZzspLZ8rudtLTlQo+OaBtX4p0DNgTnbrF AfLfR/CXXuIuZyYl+f26AO+Bf7YdnXZv4DJDetQjrZwVTRh/u/EfexFomNdUbTwW orLCRL867Vm8ntIBj8wYavF1CC8AsOPfB2IzyNwo7ArKCI33U7tPQucdGTSe7LS0 s19nj9iite85kMlAHNsY+UYytC8EOQTmfM2cCLSA3ZJcUZUBMp5qZ2GGcshVrsY5 01+hjII9gp7xaocclTH5O4tl9D48z6bjv70CAwEAAaOCAvMwggLvMB8GA1UdIwQY MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTueojmHKox4nstQzE+ owrIcxJ/kzAlBgNVHREEHjAcghAqLnN0YWdpbmcuYm5uLmRlgggqLmJubi5kZTAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29t L3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcw LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2 BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJt MDIuY2VyMAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1 AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABh4d13F8AAAQDAEYw RAIgGc0Ecm4yBKKUoUtsFLkgcbnC4hpAZGV94wSWbeTAFVsCIGPgKGmocJ9tO9Wf jTfUNpGrZGwWQsvyzhBmqn+ttUK1AHYAc9meiRtMlnigIH1HneayxhzQUV5xGSqM a4AQesF3crUAAAGHh3XckQAABAMARzBFAiAd+fvhI08Q0/Tl0U9fSVQ9UTR4pCPb XG4PfEErROyYGwIhAOEOyvghQo8KwcfPSYdWz/6Ot+ZBdipbA+0c7yrlELWyAHcA SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGHh3XcXQAABAMASDBG AiEAyo2y7tlY9gC0M7ud8yQzZMczsA2V3wt++/nWoVqoWzECIQCCFpAZyJMlZK+g Ts0Dtt72mNKL2Sh2AfaJGItgP8WCXDANBgkqhkiG9w0BAQsFAAOCAQEAljID9UAw bk4K7L2qcmTCsUuPm6vcZqc1wxrKz98QSQcsKYUkkkEIrl2dMpgLVZkn34sZvEci EyeYe9ot3dAm9tefQlKXkssd9hzdEQkMKpvUd5rlaTCm/+9JuXj30FCtr3jhKCK2 lpj8rSLnKrNNXyOIQmjGhXYTgT84Ste+yKgln76Fu2mBCvDlH03N9+npNUK7M4nb 07WiY2AwWf8xUpGWJVgfVt9XZSYqAl+rRwctRzxWNegqMUeogkX8ud9DVKSigvVI U5+sZqX0WNrolihI4dd/aoV1mRPR4oFQlXUvEIjtTG+DLDlGyJ462rg+O2uUwEXK W2sjt3zLIZkWSg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYIxMQ4u+E56nACEjj6H 2QTrq+ilGP/UdxnQ0r7hIAdBmxqumL7rg8x2tlfl3d58kNoP8IRgYw4oxb1PmdnO yktnyu520tOVCj45oG1finQM2BOdusUB8t9H8Jde4i5nJiX5/boA74F/th2ddm/g MkN61COtnBVNGH+78R97EWiY11RtPBaissJEvzrtWbye0gGPzBhq8XUILwCw498H YjPI3CjsCsoIjfdTu09C5x0ZNJ7stLSzX2eP2KK17zmQyUAc2xj5RjK0LwQ5BOZ8 zZwItIDdklxRlQEynmpnYYZyyFWuxjnTX6GMgj2CnvFqhxyVMfk7i2X0PjzPpuO/ vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18364332772290096168827105372517123801 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.staging.bnn.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22913333343148834129758414046001757770191319169138424754105873583384986783992147739065837610108977104702322366081522954998934580322198542057450474446605421088366856194296576588222558750051870772928236180498760966923380419241372841459533870805559988884003789780746046106047326377805868204375920691046247010324213378212014440993380045289537254626795648259213876720369982140415230357264561233353558907606191883388452086479660223152403340948022736737762378574145232063694889605898063056230355964284428732924298886687903279285962107687720346882153518753304708729169911379361557675943862930785733028000552897876633825034173 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ee7a88e61caa31e27b2d43313ea30ac873127f93 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.bnn.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bnn.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001878775dc5f0000040300463044022019cd04726e3204a294a14b6c14b92071b9c2e21a4064657de304966de4c0155b022063e02869a8709f6d3bd59f8d37d43691ab646c1642cbf2ce1066aa7fadb542b500760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001878775dc91000004030047304502201df9fbe1234f10d3f4e5d14f5f49543d513478a423db5c6e0f7c412b44ec981b022100e10ecaf821428f0ac1c7cf498756cffe8eb7e641762a5b03ed1cef2ae510b5b200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001878775dc5d0000040300483046022100ca8db2eed958f600b433bb9df3243364c733b00d95df0b7efbf9d6a15aa85b3102210082169019c8932564afa04ecd03b6def698d28bd9287601f689188b603fc5825c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00963203f540306e4e0aecbdaa7264c2b14b8f9babdc66a735c31acacfdf1049072c298524924108ae5d9d32980b559927df8b19bc47221327987bda2dddd026f6d79f42529792cb1df61cdd11090c2a9bd4779ae56930a6ffef49b978f7d050adaf78e12822b69698fcad22e72ab34d5f23884268c6857613813f384ad7bec8a8259fbe85bb69810af0e51f4dcdf7e9e93542bb3389dbd3b5a263603059ff3152919625581f56df5765262a025fab47072d473c5635e82a3147a88245fcb9df4354a4a282f548539fac66a5f458dae8962848e1d77f6a85759913d1e2815095752f1088ed4c6f832c3946c89e3adab83e3b6b94c045ca5b6b23b77ccb2199164a