nykaa.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0b:a2:26:f0:e6:88:5d:7b:f2:e5:95:af:76:0b:6a:db was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nykaa.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:a2:26:f0:e6:88:5d:7b:f2:e5:95:af:76:0b:6a:dbSerial Number (int): 15463449862387066501592893939931376347
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 75:2f:43:41:40:53:84:fd:4e:80:fd:ff:c7:41:a2:94:2d:96:85:43
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 3f:ed:b5:38:94:a6:be:c6:92:44:07:54:1b:67:43:e0:c8:4b:76:30
Fingerprint (sha256): 1f:95:ff:43:96:54:05:61:4a:76:b4:c6:76:ea:72:25:90:76:2c:98:a8:26:0a:0e:c0:79:a9:04:03:e4:45:31
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate nykaa.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nykaa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nykaa.com
www.nykaa.com
www.nykaa.com
Other certificates including the domain name nykaa.com
(limited to 100 certificates)
d.d8u.com
*.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
infosec.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
explore-feed.nykaa.com
qa-explore-feed.nykaa.com
app1.ftrans01.com
servicedesk.nykaa.com
app.krademylms.com
apps.nykaa.com
pp1.nykaa.com
d.d8u.com
incapsula.com
ithelpdesk.niairport.in
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
smetrics.nykaa.com
apps.nykaa.com
infosec.nykaa.com
nonprod-events.nykaa.com
d.d8u.com
d.d8u.com
sni.cloudflaressl.com
qa-explore-event.nykaa.com
preprod-secure.nykaa.com
*.nykaa.com
survey.nykaa.com
*.nykaa.com
*.nykaa.com
*.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
nonprod-events.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
*.nykaa.com
app.krademylms.com
sherlock.nykaa.com
d.d8u.com
app1.ftrans01.com
apps.nykaa.com
sni.cloudflaressl.com
sni.cloudflaressl.com
preprod-ads.nykaa.com
posreports.nykaa.com
watson.nykaa.com
support.nykaa.com
admin-panel.nykaa.com
smetrics.nykaa.com
watson.nykaa.com
d.d8u.com
www.nykaa.com
preprod-fountain9.nykaa.com
sni.cloudflaressl.com
delivery.thehubpeople.com
ads.nykaa.com
www.nykaa.com
static-visual.nykaa.com
preprod-retina-api.nykaa.com
www.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
ithelpdesk.tatanexarc.com
nonprod-events.nykaa.com
tools.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
www.nykaa.com
delivery.acuralabs.ai
www.nykaa.com
*.nykaa.com
app.krademylms.com
survey.nykaa.com
sni.cloudflaressl.com
nykaa.com
delivery.acuralabs.ai
support.nykaa.com
www.nykaa.com
support.nykaa.com
servicedesk.linkintime.co.in
nykaa.com
*.nykaa.com
hrms.nykaa.com
sni.cloudflaressl.com
preprod-adtech-campaign-manager.nykaa.com
*.ingest.sentry-prod.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
sni.cloudflaressl.com
app.krademylms.com
dev-sellerportal.nykaa.com
qa-explore-feed.nykaa.com
smoke-api.nykaa.com
app.krademylms.com
*.ingest.sentry-prod.nykaa.com
*.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
infosec.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
explore-feed.nykaa.com
qa-explore-feed.nykaa.com
app1.ftrans01.com
servicedesk.nykaa.com
app.krademylms.com
apps.nykaa.com
pp1.nykaa.com
d.d8u.com
incapsula.com
ithelpdesk.niairport.in
sni.cloudflaressl.com
*.nykaa.com
*.nykaa.com
smetrics.nykaa.com
apps.nykaa.com
infosec.nykaa.com
nonprod-events.nykaa.com
d.d8u.com
d.d8u.com
sni.cloudflaressl.com
qa-explore-event.nykaa.com
preprod-secure.nykaa.com
*.nykaa.com
survey.nykaa.com
*.nykaa.com
*.nykaa.com
*.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
nonprod-events.nykaa.com
sni.cloudflaressl.com
sherlock.nykaa.com
*.nykaa.com
app.krademylms.com
sherlock.nykaa.com
d.d8u.com
app1.ftrans01.com
apps.nykaa.com
sni.cloudflaressl.com
sni.cloudflaressl.com
preprod-ads.nykaa.com
posreports.nykaa.com
watson.nykaa.com
support.nykaa.com
admin-panel.nykaa.com
smetrics.nykaa.com
watson.nykaa.com
d.d8u.com
www.nykaa.com
preprod-fountain9.nykaa.com
sni.cloudflaressl.com
delivery.thehubpeople.com
ads.nykaa.com
www.nykaa.com
static-visual.nykaa.com
preprod-retina-api.nykaa.com
www.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
ithelpdesk.tatanexarc.com
nonprod-events.nykaa.com
tools.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
www.nykaa.com
delivery.acuralabs.ai
www.nykaa.com
*.nykaa.com
app.krademylms.com
survey.nykaa.com
sni.cloudflaressl.com
nykaa.com
delivery.acuralabs.ai
support.nykaa.com
www.nykaa.com
support.nykaa.com
servicedesk.linkintime.co.in
nykaa.com
*.nykaa.com
hrms.nykaa.com
sni.cloudflaressl.com
preprod-adtech-campaign-manager.nykaa.com
*.ingest.sentry-prod.nykaa.com
sni.cloudflaressl.com
*.nykaa.com
sni.cloudflaressl.com
app.krademylms.com
dev-sellerportal.nykaa.com
qa-explore-feed.nykaa.com
smoke-api.nykaa.com
app.krademylms.com
*.ingest.sentry-prod.nykaa.com
Certificate
The complete raw certificate details for nykaa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFzTCCBLWgAwIBAgIQC6Im8OaIXXvy5ZWvdgtq2zANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDUxNjAwMDAwMFoXDTI1MDYxMzIzNTk1OVowFDES MBAGA1UEAxMJbnlrYWEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjy/S+xmIczpckizGWlZL3QtjuSmeRh14naEIHAC3DqdjQj/BFprZx0p9P8Fe On1n6D0skYq84c9YGwsrXcAVZFdvfoQAxxTcNXcOMIbGnssFo3RXVpiKjCA+fhNE TgsdIDsp6U4xyBb6AYoBiwf2rBBS2125aLL+yjZwq6/hQm86AbyFkFSTe8PUXjZ5 o8V0we62uNqJ+d+7rTlARIXeaSne1jR0kW29NarXwacBjcHUF1TavIbVY4KL5Rxj 335MvoV0d+owhPEtIPBVmtJua6DwbfoPSeGuFkvjp6/pB1DfZdAmiSP9dmrl0kwJ FZQFlcJREC108uJjfcTvAPaTSwIDAQABo4IC8TCCAu0wHwYDVR0jBBgwFoAUVdkY X9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFHUvQ0FAU4T9ToD9/8dBopQtloVD MCMGA1UdEQQcMBqCCW55a2FhLmNvbYINd3d3Lm55a2FhLmNvbTATBgNVHSAEDDAK MAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1h em9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUH MAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcw AoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwG A1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AM8RVu7VLnyv 84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABj4B2kscAAAQDAEcwRQIgK/TecFlA 8VM6FfVw+qKi/ot8fjaegJ1tptCReGdna8sCIQDEUGla22zDA4CrPpLellmSuaAf YutpeMLmtkytX1j3XgB2AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4 AAABj4B2ksoAAAQDAEcwRQIgGtr5pIjsK5Nq2+gqtK5RST/R9c6nC+y24+72PNAP p88CIQCkvl67GtzbG7RUsg9YnkiXu9rMB+cbpbDuN3X7VdCPeQB2AObSMWNAd4zB EEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABj4B2kuAAAAQDAEcwRQIgX+7iCtPK V1MnlYsnnx9LoFSd+AFI8fXCxpmYE9EKz8ECIQCmJ7uqIKwElTRyQaK2wv330QkF JXkLEJQjcrTM+rSU0TANBgkqhkiG9w0BAQsFAAOCAQEAR91lZiyGUbX3gRNS153b RBmJXDe5Dt2RXCRzj1DDVne/4jwxJPW/X5I/2XAnyCDuzR3O/9yVsTWBbE6qzPAH 3dzLMyFGuPEJ8lRNDGIdNJ72XG7YTnFKkUOgs4Hc2q2eGvXy2A22hHPoeGadBv2s 3tN4qST1p6uaDyVhUJr7znWaKkJnq3rZ6IjNWDn1SfL1M1e3wO0yx6NDBZs3a8OD pDtNXFgHa5PmCeqp43yr7w/Pi1f6yokOp4Yu6KNDP7M5HZ2aSX1HVPjU1UxsYCiU ef5MSopcTlbDgWpHGKybyZARu4jnxSX0YlF7GH5MIAuKVlVaI/6hXd5h5OIGQL7G og== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy/S+xmIczpckizGWlZL 3QtjuSmeRh14naEIHAC3DqdjQj/BFprZx0p9P8FeOn1n6D0skYq84c9YGwsrXcAV ZFdvfoQAxxTcNXcOMIbGnssFo3RXVpiKjCA+fhNETgsdIDsp6U4xyBb6AYoBiwf2 rBBS2125aLL+yjZwq6/hQm86AbyFkFSTe8PUXjZ5o8V0we62uNqJ+d+7rTlARIXe aSne1jR0kW29NarXwacBjcHUF1TavIbVY4KL5Rxj335MvoV0d+owhPEtIPBVmtJu a6DwbfoPSeGuFkvjp6/pB1DfZdAmiSP9dmrl0kwJFZQFlcJREC108uJjfcTvAPaT SwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15463449862387066501592893939931376347 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nykaa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18075660574491023445608009453049513342384908966904319813201596830348036314235591291952193390672936241765064352249412814583867526896598849396635274023398902356615219367431413229546556281730075126939980214989775335404422348776514273870930322534123316444927182318140801067551589124177678329646149949988420968396194878142615020503435756219711274265938861809586523985888944999812543090199667693436157241201932838268161533312234370052267416936976511913472249192588246726928246840421036407771984536486824798487459747027474835472467772976642472823806512913151448182017508172790302342267867491460605064178317749578593534907211 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 752f4341405384fd4e80fdffc741a2942d968543 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nykaa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nykaa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f807692c7000004030047304502202bf4de705940f1533a15f570faa2a2fe8b7c7e369e809d6da6d0917867676bcb022100c450695adb6cc30380ab3e92de965992b9a01f62eb6978c2e6b64cad5f58f75e0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f807692ca000004030047304502201adaf9a488ec2b936adbe82ab4ae51493fd1f5cea70becb6e3eef63cd00fa7cf022100a4be5ebb1adcdb1bb454b20f589e4897bbdacc07e71ba5b0ee3775fb55d08f79007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f807692e0000004030047304502205feee20ad3ca575327958b279f1f4ba0549df80148f1f5c2c6999813d10acfc1022100a627bbaa20ac0495347241a2b6c2fdf7d1090525790b10942372b4ccfab494d1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0047dd65662c8651b5f7811352d79ddb4419895c37b90edd915c24738f50c35677bfe23c3124f5bf5f923fd97027c820eecd1dceffdc95b135816c4eaaccf007dddccb332146b8f109f2544d0c621d349ef65c6ed84e714a9143a0b381dcdaad9e1af5f2d80db68473e878669d06fdacded378a924f5a7ab9a0f2561509afbce759a2a4267ab7ad9e888cd5839f549f2f53357b7c0ed32c7a343059b376bc383a43b4d5c58076b93e609eaa9e37cabef0fcf8b57faca890ea7862ee8a3433fb3391d9d9a497d4754f8d4d54c6c60289479fe4c4a8a5c4e56c3816a4718ac9bc99011bb88e7c525f462517b187e4c200b8a56555a23fea15dde61e4e20640bec6a2