*.tools.investis.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 03:b5:e8:0a:94:ee:32:9a:97:b9:c2:b2:03:23:54:79 was issued on by Amazon.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.tools.investis.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:b5:e8:0a:94:ee:32:9a:97:b9:c2:b2:03:23:54:79Serial Number (int): 4932196076150968518340239102778233977
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: b6:7a:06:f5:74:b2:36:e9:37:10:47:69:ab:29:b2:4a:57:82:05:7e
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 74:b3:cb:6b:54:cb:7d:e6:c4:b6:66:d8:c2:94:2a:08:26:65:fb:c0
Fingerprint (sha256): 1d:71:50:e7:c7:81:a3:70:79:ad:e9:d9:d0:de:10:56:e3:c6:47:3c:72:e2:5a:fb:5e:ae:c8:6e:35:63:9b:a5
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.tools.investis.com
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.tools.investis.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.tools.investis.com
*.investisdigital.com
*.quartalflife.com
*.flife.de
*.tfprivate.investis.com
*.tf.investis.com
*.ir2.flife.de
*.investisdigital.com
*.quartalflife.com
*.flife.de
*.tfprivate.investis.com
*.tf.investis.com
*.ir2.flife.de
Other certificates including the domain name investis.com
(limited to 100 certificates)
incapsula.com
incapsula.com
*.stage-mid-euw3.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
production.investis.com
phoenix.investis.com
incapsula.com
press.investis.com
dr.production.phoenix.investis.com
incapsula.com
incapsula.com
incapsula.com
investisdigital.com
incapsula.com
incapsula.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.tools.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
investis.com
incapsula.com
incapsula.com
tools.investis.com
prod-mid-euw3.investis.com
incapsula.com
*.dp-staging.investis.com
*.investis.com
incapsula.com
staging.myinvestis.com
incapsula.com
prod-use1.investis.com
*.investis.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
investis.com
prod-use1.investis.com
incapsula.com
deloitte-backoffice.solutions.staging.investis.com
visualisation.investis.com
incapsula.com
incapsula.com
calculator.rollsroyce.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
incapsula.com
incapsula.com
staging.myinvestis.com
incapsula.com
tools.investis.com
*.cm.invdcloud-is.co.uk
incapsula.com
incapsula.com
incapsula.com
*.tf.investis.com
insurance.angloamerican.investis.com
incapsula.com
cvs.tools.investis.com
incapsula.com
*.stage-use1.investis.com
www.futurology.investis.com
incapsula.com
incapsula.com
production.investis.com
incapsula.com
*.prod-euw1.investis.com
investis.com
*.dib1-u1.investis.com
incapsula.com
*.investis.com
incapsula.com
investis.mx
research.investis.com
esi-test.html.investis.com
www.futurology.investis.com
*.tools.investis.com
tools.investis.com
incapsula.com
incapsula.com
prod-mid-euw3.investis.com
incapsula.com
incapsula.com
blog.investis.com
incapsula.com
incapsula.com
*.stage-mid-euw3.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
production.investis.com
phoenix.investis.com
incapsula.com
press.investis.com
dr.production.phoenix.investis.com
incapsula.com
incapsula.com
incapsula.com
investisdigital.com
incapsula.com
incapsula.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.tools.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
investis.com
incapsula.com
incapsula.com
tools.investis.com
prod-mid-euw3.investis.com
incapsula.com
*.dp-staging.investis.com
*.investis.com
incapsula.com
staging.myinvestis.com
incapsula.com
prod-use1.investis.com
*.investis.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
investis.com
prod-use1.investis.com
incapsula.com
deloitte-backoffice.solutions.staging.investis.com
visualisation.investis.com
incapsula.com
incapsula.com
calculator.rollsroyce.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
incapsula.com
incapsula.com
staging.myinvestis.com
incapsula.com
tools.investis.com
*.cm.invdcloud-is.co.uk
incapsula.com
incapsula.com
incapsula.com
*.tf.investis.com
insurance.angloamerican.investis.com
incapsula.com
cvs.tools.investis.com
incapsula.com
*.stage-use1.investis.com
www.futurology.investis.com
incapsula.com
incapsula.com
production.investis.com
incapsula.com
*.prod-euw1.investis.com
investis.com
*.dib1-u1.investis.com
incapsula.com
*.investis.com
incapsula.com
investis.mx
research.investis.com
esi-test.html.investis.com
www.futurology.investis.com
*.tools.investis.com
tools.investis.com
incapsula.com
incapsula.com
prod-mid-euw3.investis.com
incapsula.com
incapsula.com
blog.investis.com
incapsula.com
Certificate
The complete raw certificate details for *.tools.investis.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSTCCBTGgAwIBAgIQA7XoCpTuMpqXucKyAyNUeTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDMyNjAwMDAwMFoXDTI1MDQyMzIzNTk1OVowHzEd MBsGA1UEAwwUKi50b29scy5pbnZlc3Rpcy5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQD9vWHiUU5mM38k+hGisXz5yqmqAnX84VgIUJfKcv8KSaXU 9BIJguPWboN4OEO49ix4du7wGKdGwT0tguaanWqa0Yh8HNB0IkY4lqtJBm8o57Bo UpEZ7g8F1zmedfaZLhcFsVsqSE17ISxrQxTgkhp5idprcbeZxf+Jbo5KEpBzo0sf IA9eIIag+oEXW8VxEYqBp8FzkJWNI0RTjMUV1ersLFBWVZAt4seigOjEy2kxg9PZ JS01tGFAL7KdkhaCZDhy36VOT8oO+jHGzQnGwdxuciDQ0Yrkcy7r5p+zGgdQQoxL B3XhthQyN/2S/Kbvdv2eXm1XeRslbEoQv2qU/qAJAgMBAAGjggNiMIIDXjAfBgNV HSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUtnoG9XSyNuk3 EEdpqymySleCBX4wgZUGA1UdEQSBjTCBioIUKi50b29scy5pbnZlc3Rpcy5jb22C FSouaW52ZXN0aXNkaWdpdGFsLmNvbYISKi5xdWFydGFsZmxpZmUuY29tggoqLmZs aWZlLmRlghgqLnRmcHJpdmF0ZS5pbnZlc3Rpcy5jb22CESoudGYuaW52ZXN0aXMu Y29tgg4qLmlyMi5mbGlmZS5kZTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0 MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAy LmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIy bTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0w Mi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF8Bgor BgEEAdZ5AgQCBIIBbASCAWgBZgB1AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6 ZLFimjnfAAABjnmH4RQAAAQDAEYwRAIgKcz3ynV0mSREklJiq2dknN1zMqV5mfJX IFcDRfYsNDACIGG/IoedWRDQwh8UQvaTsKpdSu2X52ISf0eZwMhpuJ84AHUAfVke EuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGOeYfgwAAABAMARjBEAiBb 3BPRgfGswrE7Vf4VZqwUXfMuC7ATznJ8X05BEwikywIgFHGyxgRvvCrWealRcsID AVS7pnTrwfB2XLj4iVEfmW0AdgCi4wrkRe+9rZt+OO1HZ3dT14JbhJTXK14bLMS5 UKRH5wAAAY55h+F3AAAEAwBHMEUCIQC5VjaYxeGrEl7dXNmULppq1DjZuGOxWc6I YVGZ4xzIigIgIzD+ozHLBJAvZJGEbaZEUNM4pPNwy8x2GmH92nLfAb0wDQYJKoZI hvcNAQELBQADggEBAG8LGBRYhW7JwnNZSXTHDvtVHIiq+Nv8BbZ28JthNaJNtrB/ H/uTDTFeoai/sctwLHW/j4RzLHQtgX8f+7AvQiYm07Qvd3qBxZ+MCGYtC7XTljKf BW39jBtVSSeBFeYQct33DN62liOUp8ItMxopNCdiofoeQlwcpQBv1Oh5IhuvVF/Y SvbwmLd0H5Uw3pDp0nKqxvolcqVGGiIVjMZ5pSCijSpR0KxQdquwAs5McB9HW/mJ GDRfDAIK0MDVSjy11EDrrWOP+nPTBmQ2w4viRIoSmbrE9G71iW3F6w5UhN4av3it NJtHXGVCqUcYX9+AjjrfOz/vJXaqTIIgGGXymJ0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/b1h4lFOZjN/JPoRorF8 +cqpqgJ1/OFYCFCXynL/Ckml1PQSCYLj1m6DeDhDuPYseHbu8BinRsE9LYLmmp1q mtGIfBzQdCJGOJarSQZvKOewaFKRGe4PBdc5nnX2mS4XBbFbKkhNeyEsa0MU4JIa eYnaa3G3mcX/iW6OShKQc6NLHyAPXiCGoPqBF1vFcRGKgafBc5CVjSNEU4zFFdXq 7CxQVlWQLeLHooDoxMtpMYPT2SUtNbRhQC+ynZIWgmQ4ct+lTk/KDvoxxs0JxsHc bnIg0NGK5HMu6+afsxoHUEKMSwd14bYUMjf9kvym73b9nl5tV3kbJWxKEL9qlP6g CQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4932196076150968518340239102778233977 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.tools.investis.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 32031679078538514024048689097400869141774965602027243030172769018315236158062440839210610386357158190806930278192922596640741645574942501246434285135670730937123857251064837639201180540354078568982209908344226466639477674468591603634172277572447202553149207294562926649615942118645863533448639320246215124287367618774010626931296899663864623332468033986880523532747798551883402832550791313996881274323962277653738589617154956709082417476781581861667309730387963692434479163800834749788155178708521655889631236875809804678186053844355438832939140656989807899872213295730589902789608620512694728145180800316848692174857 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b67a06f574b236e937104769ab29b24a5782057e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (141 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tools.investis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.investisdigital.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.quartalflife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flife.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tfprivate.investis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tf.investis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ir2.flife.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 01660075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e7987e1140000040300463044022029ccf7ca7574992444925262ab67649cdd7332a57999f25720570345f62c3430022061bf22879d5910d0c21f1442f693b0aa5d4aed97e762127f4799c0c869b89f380075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e7987e0c0000004030046304402205bdc13d181f1acc2b13b55fe1566ac145df32e0bb013ce727c5f4e411308a4cb02201471b2c6046fbc2ad679a95172c2030154bba674ebc1f0765cb8f889511f996d007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018e7987e1770000040300473045022100b9563698c5e1ab125edd5cd9942e9a6ad438d9b863b159ce88615199e31cc88a02202330fea331cb04902f6491846da64450d338a4f370cbcc761a61fdda72df01bd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006f0b181458856ec9c273594974c70efb551c88aaf8dbfc05b676f09b6135a24db6b07f1ffb930d315ea1a8bfb1cb702c75bf8f84732c742d817f1ffbb02f422626d3b42f777a81c59f8c08662d0bb5d396329f056dfd8c1b5549278115e61072ddf70cdeb6962394a7c22d331a29342762a1fa1e425c1ca5006fd4e879221baf545fd84af6f098b7741f9530de90e9d272aac6fa2572a5461a22158cc679a520a28d2a51d0ac5076abb002ce4c701f475bf98918345f0c020ad0c0d54a3cb5d440ebad638ffa73d3066436c38be2448a1299bac4f46ef5896dc5eb0e5484de1abf78ad349b475c6542a947185fdf808e3adf3b3fef2576aa4c82201865f2989d