lb-test-cert.sandbox.wmdtc.tech
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 03:38:40:e2:4e:21:1a:74:ea:bf:12:3d:e6:63:62:4b was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=lb-test-cert.sandbox.wmdtc.tech
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:38:40:e2:4e:21:1a:74:ea:bf:12:3d:e6:63:62:4bSerial Number (int): 4279768615391910152934881807168660043
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 97:c0:09:09:10:12:10:0e:81:9e:54:0d:38:29:e5:13:77:c5:f6:b2
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 6c:5c:9a:b7:c4:d9:e7:4f:29:1e:de:77:d6:62:38:16:42:b8:f0:9c
Fingerprint (sha256): 1f:b5:aa:a1:3e:80:86:83:68:47:09:d2:8a:7c:6d:ca:43:b4:79:30:5d:9c:48:27:a3:5b:03:0b:11:c5:ef:a9
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate lb-test-cert.sandbox.wmdtc.tech
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lb-test-cert.sandbox.wmdtc.tech
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lb-test-cert.sandbox.wmdtc.tech
*.sandbox.wmdtc.tech
*.sandbox.wmdtc.tech
Other certificates including the domain name wmdtc.tech
(limited to 100 certificates)
test-cert.sandbox.wmdtc.tech
janus-latam-production.production-latam.wmdtc.tech
test-record.sandbox.wmdtc.tech
payment-provider-production-emea.production-eu.wmdtc.tech
jenkins-pi3.mgmt.wmdtc.tech
test-record.sandbox.wmdtc.tech
eks-service-alb-tftest-1.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
cme-slack-bot.production.wmdtc.tech
*.snp.wmdtc.tech
telegraph-1-us-west-2.snp.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
devices-1-us-east-1.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
payment-provider-production-main.production.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
lb-test-cert.sandbox.wmdtc.tech
*.mgmt.wmdtc.tech
*.production-eu.wmdtc.tech
test-record.sandbox.wmdtc.tech
payment-provider-production-latam.production-latam.wmdtc.tech
cme-slack-bot.snp.wmdtc.tech
*.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.nonprod.wmdtc.tech
lb-test-cert.sandbox.wmdtc.tech
eks-service-alb-tftest-2.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.sandbox.wmdtc.tech
test.sandbox.wmdtc.tech
*.hbogo-production.wmdtc.tech
comet-1-us-west-2.snp.wmdtc.tech
janus-emea-production.production-eu.wmdtc.tech
*.sandbox.wmdtc.tech
janus-us-production.hbogo-production.wmdtc.tech
*.mgmt.wmdtc.tech
*.locust.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.production.wmdtc.tech
login-1-us-west-2.snp.wmdtc.tech
*.mgmt.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.detokproduction.wmdtc.tech
test-cert.sandbox.wmdtc.tech
janus-us-snp.hbogo-snp.wmdtc.tech
eks-service-alb-tftest-1.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
eks-service-alb-test.sandbox.wmdtc.tech
eks-service-alb-tftest-2.sandbox.wmdtc.tech
login-1-us-east-1.snp.wmdtc.tech
test-cert.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
devices-1-us-east-1.snp.wmdtc.tech
test-cert.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
eks-service-alb-tftest-1.sandbox.wmdtc.tech
*.mgmt.wmdtc.tech
*.mgmt.wmdtc.tech
*.nonprod.wmdtc.tech
test-record.sandbox.wmdtc.tech
eks-service-alb-tftest-3.sandbox.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
eks-service-alb-tftest-2.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.detokproduction.wmdtc.tech
test.sandbox.wmdtc.tech
*.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.mgmt.wmdtc.tech
test-record.sandbox.wmdtc.tech
oyster.sandbox.wmdtc.tech
devices-1-us-west-2.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
optimizely-webhook.production.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.locust.wmdtc.tech
hurley-cicd-us-west-2-jenkins.mgmt.wmdtc.tech
ingestion-us.production.wmdtc.tech
*.hbogo-production.wmdtc.tech
optimizely-webhook.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.hbogo-production.wmdtc.tech
*.nonprod.wmdtc.tech
*.production-eu.wmdtc.tech
janus-latam-production.production-latam.wmdtc.tech
test-record.sandbox.wmdtc.tech
payment-provider-production-emea.production-eu.wmdtc.tech
jenkins-pi3.mgmt.wmdtc.tech
test-record.sandbox.wmdtc.tech
eks-service-alb-tftest-1.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
cme-slack-bot.production.wmdtc.tech
*.snp.wmdtc.tech
telegraph-1-us-west-2.snp.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
devices-1-us-east-1.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
payment-provider-production-main.production.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
lb-test-cert.sandbox.wmdtc.tech
*.mgmt.wmdtc.tech
*.production-eu.wmdtc.tech
test-record.sandbox.wmdtc.tech
payment-provider-production-latam.production-latam.wmdtc.tech
cme-slack-bot.snp.wmdtc.tech
*.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.nonprod.wmdtc.tech
lb-test-cert.sandbox.wmdtc.tech
eks-service-alb-tftest-2.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.sandbox.wmdtc.tech
test.sandbox.wmdtc.tech
*.hbogo-production.wmdtc.tech
comet-1-us-west-2.snp.wmdtc.tech
janus-emea-production.production-eu.wmdtc.tech
*.sandbox.wmdtc.tech
janus-us-production.hbogo-production.wmdtc.tech
*.mgmt.wmdtc.tech
*.locust.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.production.wmdtc.tech
login-1-us-west-2.snp.wmdtc.tech
*.mgmt.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.detokproduction.wmdtc.tech
test-cert.sandbox.wmdtc.tech
janus-us-snp.hbogo-snp.wmdtc.tech
eks-service-alb-tftest-1.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
eks-service-alb-test.sandbox.wmdtc.tech
eks-service-alb-tftest-2.sandbox.wmdtc.tech
login-1-us-east-1.snp.wmdtc.tech
test-cert.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
devices-1-us-east-1.snp.wmdtc.tech
test-cert.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
eks-service-alb-tftest-1.sandbox.wmdtc.tech
*.mgmt.wmdtc.tech
*.mgmt.wmdtc.tech
*.nonprod.wmdtc.tech
test-record.sandbox.wmdtc.tech
eks-service-alb-tftest-3.sandbox.wmdtc.tech
blackforest-1-us-east-1.snp.wmdtc.tech
eks-service-alb-tftest-2.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
*.detokproduction.wmdtc.tech
test.sandbox.wmdtc.tech
*.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.mgmt.wmdtc.tech
test-record.sandbox.wmdtc.tech
oyster.sandbox.wmdtc.tech
devices-1-us-west-2.snp.wmdtc.tech
test-record.sandbox.wmdtc.tech
optimizely-webhook.production.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.locust.wmdtc.tech
hurley-cicd-us-west-2-jenkins.mgmt.wmdtc.tech
ingestion-us.production.wmdtc.tech
*.hbogo-production.wmdtc.tech
optimizely-webhook.sandbox.wmdtc.tech
test-cert.sandbox.wmdtc.tech
test-record.sandbox.wmdtc.tech
*.hbogo-production.wmdtc.tech
*.nonprod.wmdtc.tech
*.production-eu.wmdtc.tech
Certificate
The complete raw certificate details for lb-test-cert.sandbox.wmdtc.tech in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEkzCCA3ugAwIBAgIQAzhA4k4hGnTqvxI95mNiSzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDUyOTAwMDAwMFoXDTI1MDYyNzIzNTk1OVowKjEo MCYGA1UEAxMfbGItdGVzdC1jZXJ0LnNhbmRib3gud21kdGMudGVjaDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANIT9VSVJ8Avf8M7JLLLfKMo0fYMpq3M VpRAKA3GOUhjakl0fyl+0doyxkfuYXZBXjYHsUSiF5muMK46YTj3pqjODJ7yAK5d hDGyBl0xr9ks26AmCtCMqVgzKpwmDGbfCCntvhEsla8XM2UPoyhizRKyVAF353R2 5XpIVXQDMm8ej2PooDaBXOBtuZ/Q/47WQkuI/WYd8Y0iZuMAZPyVPEm4OoEHsD7Y 1lP5nshVRL8DTDOih2d5nfRfmokb8gFZ/Uf+zuegAS1nNL9/0YrtluaotmAE58Om UZshAtGUYd/DIxRCbAo1v80m9bVpQyWiIrAw0grE3akEY6hjNoIXYuECAwEAAaOC AaEwggGdMB8GA1UdIwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQW BBSXwAkJEBIQDoGeVA04KeUTd8X2sjBABgNVHREEOTA3gh9sYi10ZXN0LWNlcnQu c2FuZGJveC53bWR0Yy50ZWNoghQqLnNhbmRib3gud21kdGMudGVjaDATBgNVHSAE DDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMu YW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYB BQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF BQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2Vy MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQEL BQADggEBABV4Xgcg4FUFB56fMMD4nIdJnyJqufRWosHGJsMYFFrV5m0O9m+EApgU x1/+hFI5RFyXq+LDk15F0uq9LjybDxRDbvsoxY/zk3Tm+BGr9VnszfDJ0KwkcuGy C3jYuzRrALBJ083OQcWOJi4xNHvCCiZoVpd9ZVQMZI9DBBSPELd0eI66SSVM/xME 4Biay8kkxWxmCeE5moF2YzBpQVZD31I81QeOJN5DkQd7EphAs2Lw5JnnhL3BKPNw qAT+T2eBwK4uBHdeIoiPkvKtJiAj5RpGS9d8EWs7ZT3Eku6ojDsD2xd+26kUVmJl P40Mmv733nCRpOGxfkOU/s+5zmuzCF4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hP1VJUnwC9/wzsksst8 oyjR9gymrcxWlEAoDcY5SGNqSXR/KX7R2jLGR+5hdkFeNgexRKIXma4wrjphOPem qM4MnvIArl2EMbIGXTGv2SzboCYK0IypWDMqnCYMZt8IKe2+ESyVrxczZQ+jKGLN ErJUAXfndHblekhVdAMybx6PY+igNoFc4G25n9D/jtZCS4j9Zh3xjSJm4wBk/JU8 Sbg6gQewPtjWU/meyFVEvwNMM6KHZ3md9F+aiRvyAVn9R/7O56ABLWc0v3/Riu2W 5qi2YATnw6ZRmyEC0ZRh38MjFEJsCjW/zSb1tWlDJaIisDDSCsTdqQRjqGM2ghdi 4QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4279768615391910152934881807168660043 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lb-test-cert.sandbox.wmdtc.tech' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26519885858200142964177891562047544120912276963739694405936079397715316912898874592195632701652612691713770996376353312163179405802573586744044021132173057271470970969424482662972340714767578379974649383256760471415159733637855131666611261030423410271358935143722319840811170178665279468087292143078117343058237619848967212656998785721597650315979700148135561035302641073099748121086149440274885708556244563468342342752154719415303618228271678225804031818218840686831890499509328962898892216898073948771853264523904606449918099021273162801106011652767396988992973267739512143600225835874620469997898898083446833767137 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 97c009091012100e819e540d3829e51377c5f6b2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lb-test-cert.sandbox.wmdtc.tech' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sandbox.wmdtc.tech' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0015785e0720e05505079e9f30c0f89c87499f226ab9f456a2c1c626c318145ad5e66d0ef66f84029814c75ffe845239445c97abe2c3935e45d2eabd2e3c9b0f14436efb28c58ff39374e6f811abf559eccdf0c9d0ac2472e1b20b78d8bb346b00b049d3cdce41c58e262e31347bc20a266856977d65540c648f4304148f10b774788eba49254cff1304e0189acbc924c56c6609e1399a8176633069415643df523cd5078e24de4391077b129840b362f0e499e784bdc128f370a804fe4f6781c0ae2e04775e22888f92f2ad262023e51a464bd77c116b3b653dc492eea88c3b03db177edba9145662653f8d0c9afef7de7091a4e1b17e4394fecfb9ce6bb3085e