cdn.hbomax.com
Issued by Amazon
About this certificate
This digital certificate with serial number 03:43:eb:4a:3a:5b:2d:ba:51:80:a0:62:2d:9d:df:53 was issued on by Amazon.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=cdn.hbomax.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:43:eb:4a:3a:5b:2d:ba:51:80:a0:62:2d:9d:df:53Serial Number (int): 4340340124077824030615516303773785939
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: d8:8e:78:ce:57:99:8d:c9:e9:4d:77:0f:73:5f:2c:44:92:b5:81:f1
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 47:85:21:5a:3d:1e:40:7b:66:f0:b8:31:3b:c8:b9:82:5a:01:a4:3e
Fingerprint (sha256): 1f:cb:64:6c:96:67:11:59:10:69:b1:43:5f:26:f6:ba:b5:9a:4b:21:36:98:17:fa:10:d1:54:09:be:48:21:ce
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate cdn.hbomax.com
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cdn.hbomax.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cdn.hbomax.com
hls3.qapro11.cf.cdn.hbomax.com
smooth.pro17.cf.cdn.hbomax.com
dash.pro42.cf.cdn.hbomax.com
dash.qapro42.cf.cdn.hbomax.com
*.cf.cdn.hbomax.com
smooth.qapro17.cf.cdn.hbomax.com
hls3.pro11.cf.cdn.hbomax.com
hls3.qapro11.cf.cdn.hbomax.com
smooth.pro17.cf.cdn.hbomax.com
dash.pro42.cf.cdn.hbomax.com
dash.qapro42.cf.cdn.hbomax.com
*.cf.cdn.hbomax.com
smooth.qapro17.cf.cdn.hbomax.com
hls3.pro11.cf.cdn.hbomax.com
Other certificates including the domain name hbomax.com
(limited to 100 certificates)
dash.pro42.akm.cdn.hbogo.com
terraform-fix-test.micro.hbomax.com
view.cx.hbomax.com
hbomax.com
dmx-web.play.codex-int.hbo.com
kpn.play.codex-int.hbo.com
hbo.map.fastly.net
listen.hbomax.com
dash.pro42.akm.cdn.hbogo.com
listen.hbomax.com
play.hbomax.com
hbomax.com
vizio.play.codex-int.hbo.com
imagespecs.micro.hbomax.com
press.hbomax.com
press.hbomax.com
admin-test.micro.hbomax.com
test45.micro.hbomax.com
help.hbomax.com
trk.hbomax.com
turner.com
scooby-doo.micro.hbomax.com
vizio.play.codex-int.hbo.com
vf-tivo.play.codex-int.hbo.com
ssl766512.cloudflaressl.com
hbomax.com
hbo.map.fastly.net
hbonow.com
play.hbomax.com
san-3-s6.tlsprovisioning.exacttarget.com
xtv.play.codex-int.hbo.com
kpn.play.codex-int.hbo.com
san-3-s6.tlsprovisioning.exacttarget.com
listen.hbomax.com
cms.orbit.hbomax.com
cms.orbit.hbomax.com
ssl766511.cloudflaressl.com
hbo.map.fastly.net
san-3-s6.tlsprovisioning.exacttarget.com
turner.com
hbo.map.fastly.net
dmx-web.play.codex-int.hbo.com
hbomax.com
hbo.map.fastly.net
hbo.map.fastly.net
hbomax.com
shows.hbomax.com
trk.hbomax.com
hbo.map.fastly.net
shared-ingress-protected-prod-us-1-us-west-2.api.hbo.com
partners.hbomax.com
click.cx.hbomax.com
ablink.mail.hbomax.com
hbo.map.fastly.net
san-3-s6.tlsprovisioning.exacttarget.com
play.hbomax.com
listen.hbomax.com
hbomax.com
play.hbomax.com
raised-by-wolves.micro.hbomax.com
turner.com
ziggo.play.codex-int.hbo.com
ablink.email.hbomax.com
turner.com
xtv.play.codex-int.hbo.com
vf-tivo.play.codex-int.hbo.com
play.hbomax.com
turner.com
test-statushub-three.micro.hbomax.com
hbomaximagespecs.com
cdn.hbomax.com
ssl766511.cloudflaressl.com
cox.play.codex-int.hbo.com
shared-ingress-protected-eu-1-eu-west-1.api.hbo.com
ablink.mail.hbomax.com
san-3-s6.tlsprovisioning.exacttarget.com
hbo.map.fastly.net
hbomax.com
cms.orbit.hbomax.com
qa.partner.hbomax.com
cloud.cx.hbomax.com
listen.hbomax.com
cms.orbit.hbomax.com
unpregnant.micro.hbo.com
hbo.map.fastly.net
hbo.map.fastly.net
vf-tivo.play.codex-int.hbo.com
partners.hbomax.com
ingest.orbit.hbomax.com
cdn.hbomax.com
hbomax.com
poc.cdn.hbomax.com
dmx-web.play.codex-int.hbo.com
atdl-contest.micro.hbomax.com
listen.hbomax.com
activate.hbomax.com
hbo.map.fastly.net
vf-sagemcom.play.codex-int.hbo.com
shared-ingress-protected-eu-1-eu-central-1.api.hbo.com
shared-ingress-protected-eu-1-eu-central-1.api.hbo.com
terraform-fix-test.micro.hbomax.com
view.cx.hbomax.com
hbomax.com
dmx-web.play.codex-int.hbo.com
kpn.play.codex-int.hbo.com
hbo.map.fastly.net
listen.hbomax.com
dash.pro42.akm.cdn.hbogo.com
listen.hbomax.com
play.hbomax.com
hbomax.com
vizio.play.codex-int.hbo.com
imagespecs.micro.hbomax.com
press.hbomax.com
press.hbomax.com
admin-test.micro.hbomax.com
test45.micro.hbomax.com
help.hbomax.com
trk.hbomax.com
turner.com
scooby-doo.micro.hbomax.com
vizio.play.codex-int.hbo.com
vf-tivo.play.codex-int.hbo.com
ssl766512.cloudflaressl.com
hbomax.com
hbo.map.fastly.net
hbonow.com
play.hbomax.com
san-3-s6.tlsprovisioning.exacttarget.com
xtv.play.codex-int.hbo.com
kpn.play.codex-int.hbo.com
san-3-s6.tlsprovisioning.exacttarget.com
listen.hbomax.com
cms.orbit.hbomax.com
cms.orbit.hbomax.com
ssl766511.cloudflaressl.com
hbo.map.fastly.net
san-3-s6.tlsprovisioning.exacttarget.com
turner.com
hbo.map.fastly.net
dmx-web.play.codex-int.hbo.com
hbomax.com
hbo.map.fastly.net
hbo.map.fastly.net
hbomax.com
shows.hbomax.com
trk.hbomax.com
hbo.map.fastly.net
shared-ingress-protected-prod-us-1-us-west-2.api.hbo.com
partners.hbomax.com
click.cx.hbomax.com
ablink.mail.hbomax.com
hbo.map.fastly.net
san-3-s6.tlsprovisioning.exacttarget.com
play.hbomax.com
listen.hbomax.com
hbomax.com
play.hbomax.com
raised-by-wolves.micro.hbomax.com
turner.com
ziggo.play.codex-int.hbo.com
ablink.email.hbomax.com
turner.com
xtv.play.codex-int.hbo.com
vf-tivo.play.codex-int.hbo.com
play.hbomax.com
turner.com
test-statushub-three.micro.hbomax.com
hbomaximagespecs.com
cdn.hbomax.com
ssl766511.cloudflaressl.com
cox.play.codex-int.hbo.com
shared-ingress-protected-eu-1-eu-west-1.api.hbo.com
ablink.mail.hbomax.com
san-3-s6.tlsprovisioning.exacttarget.com
hbo.map.fastly.net
hbomax.com
cms.orbit.hbomax.com
qa.partner.hbomax.com
cloud.cx.hbomax.com
listen.hbomax.com
cms.orbit.hbomax.com
unpregnant.micro.hbo.com
hbo.map.fastly.net
hbo.map.fastly.net
vf-tivo.play.codex-int.hbo.com
partners.hbomax.com
ingest.orbit.hbomax.com
cdn.hbomax.com
hbomax.com
poc.cdn.hbomax.com
dmx-web.play.codex-int.hbo.com
atdl-contest.micro.hbomax.com
listen.hbomax.com
activate.hbomax.com
hbo.map.fastly.net
vf-sagemcom.play.codex-int.hbo.com
shared-ingress-protected-eu-1-eu-central-1.api.hbo.com
shared-ingress-protected-eu-1-eu-central-1.api.hbo.com
Certificate
The complete raw certificate details for cdn.hbomax.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGqjCCBZKgAwIBAgIQA0PrSjpbLbpRgKBiLZ3fUzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTEyMDgwMDAwMDBaFw0yMzAxMDQy MzU5NTlaMBkxFzAVBgNVBAMTDmNkbi5oYm9tYXguY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAilpbd4g2zwP4OmnupQ+A3uqYe7ncewupCKX0wgzs hedHR3/145B/6BY1VUn4ZtRFwSH3FlCeJfV5fxBjQM8zAdotMvcTm5uwnwGW4ShF oE+oBcJptrXA7II/VFElxsphOO0CVV+ZdOhG4c9mn2nRUj6qwzckY8mUtC0/UTMf oFdg/okpTKmnagqbhX8tKbiQe1LCjjZ4MTAfbffQSF4GI/bEnY0/XnjRWlq3MW/M F8d66xjIw+0XR3FCS1S1M9F48o2ulcKZ9FpaFuwb16ONoCl1189rT0maoSB5vkX6 8ihZNBYFnGTbX7P2HdPug0LxaR/ONkjLwi0jZwksfVOMFQIDAQABo4IDvzCCA7sw HwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFNiOeM5X mY3J6U13D3NfLESStYHxMIHuBgNVHREEgeYwgeOCDmNkbi5oYm9tYXguY29tgh5o bHMzLnFhcHJvMTEuY2YuY2RuLmhib21heC5jb22CHnNtb290aC5wcm8xNy5jZi5j ZG4uaGJvbWF4LmNvbYIcZGFzaC5wcm80Mi5jZi5jZG4uaGJvbWF4LmNvbYIeZGFz aC5xYXBybzQyLmNmLmNkbi5oYm9tYXguY29tghMqLmNmLmNkbi5oYm9tYXguY29t giBzbW9vdGgucWFwcm8xNy5jZi5jZG4uaGJvbWF4LmNvbYIcaGxzMy5wcm8xMS5j Zi5jZG4uaGJvbWF4LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwuc2Nh MWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EM AQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2Nh MWIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFi LmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisG AQQB1nkCBAIEggFuBIIBagFoAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3 fW0GvW4AAAF9mXfDxwAABAMARjBEAiBZIk5fvvV2uiFvDc+2WikPqF5b/ZMNxI77 6a3CfxuesQIgS+mD41CUbe9C/DW5/j+rTqddnGUn+wG16DU1GWYxxn4AdwA1zxkb v7FsV78PrUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAX2Zd8OhAAAEAwBIMEYCIQCN 7PZbJ4pASpVzcFiJFu6idvnuis3S5a0rZmrdRRV+jwIhALByTg/+63p0JDSyUoWe m3+9iZQ6Zn27v4PKSaXJ0a8rAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PAD Dnk2pZoAAAF9mXfDxgAABAMARzBFAiEAiGksqwPWCZlH3Fj3evtf4+E6I/6JLO5p 5H4rzz4xrbYCIGJh9Zzf6TSCjXfJbNQN5Ch4SVWdJ/dCzxh4QG/aT1X5MA0GCSqG SIb3DQEBCwUAA4IBAQCUpwV/AEKybTu3bYq+4j91J+WY92KhLSkXYkuPdDQU8brW 9nFBRwa271oom73K8J5EhonvTxDn81lUAoEUrdVlPiI6VMEopzJQqEr+pWOoaOhK DhyGKSYzZ9IxYKEsljM62A3AkjWh5NgeWKHdDsFyWe2hrgEIrI32j4oSxGMk4J3N i9F2rUQAFS6s4jCZcTtjPMLSheK4uONab6jUKcJBL/gKdaTIKolzc+KbV6WsaU58 OZWCiUYyv1k0ITeJMiWxv2MhCVYBZnUnzieunrmDbRIGDWLahFi79olnk5ScPu/X u2JVYl28/QIV4a/hxSqnWhYhSL2JeJY/QPCZYBtO -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilpbd4g2zwP4OmnupQ+A 3uqYe7ncewupCKX0wgzshedHR3/145B/6BY1VUn4ZtRFwSH3FlCeJfV5fxBjQM8z AdotMvcTm5uwnwGW4ShFoE+oBcJptrXA7II/VFElxsphOO0CVV+ZdOhG4c9mn2nR Uj6qwzckY8mUtC0/UTMfoFdg/okpTKmnagqbhX8tKbiQe1LCjjZ4MTAfbffQSF4G I/bEnY0/XnjRWlq3MW/MF8d66xjIw+0XR3FCS1S1M9F48o2ulcKZ9FpaFuwb16ON oCl1189rT0maoSB5vkX68ihZNBYFnGTbX7P2HdPug0LxaR/ONkjLwi0jZwksfVOM FQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4340340124077824030615516303773785939 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cdn.hbomax.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17465442926985378759073512511401195701599663741081004502012813105748788826738084497263315580716650174977409729324833307597022677931277910612303490797142624125707739574328140674746221969101249361876786310544429657464317895431984843732167239958170370814920963229970924449377093311839640728586376424274991040412732733252573235391263426847877559605809918433566424170990489506952915637693543313858568659460831388225235960322032512847043864012507239762827915800948929041527461146379544144113201056319575455980445718343644121754898711572103020171480303118334751051796049822434171212809131742379141190920445954676708131179541 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d88e78ce57998dc9e94d770f735f2c4492b581f1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (230 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hls3.qapro11.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smooth.pro17.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dash.pro42.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dash.qapro42.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smooth.qapro17.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hls3.pro11.cf.cdn.hbomax.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017d9977c3c70000040300463044022059224e5fbef576ba216f0dcfb65a290fa85e5bfd930dc48efbe9adc27f1b9eb102204be983e350946def42fc35b9fe3fab4ea75d9c6527fb01b5e83535196631c67e00770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017d9977c3a100000403004830460221008decf65b278a404a957370588916eea276f9ee8acdd2e5ad2b666add45157e8f022100b0724e0ffeeb7a742434b252859e9b7fbd89943a667dbbbf83ca49a5c9d1af2b007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017d9977c3c6000004030047304502210088692cab03d6099947dc58f77afb5fe3e13a23fe892cee69e47e2bcf3e31adb602206261f59cdfe934828d77c96cd40de4287849559d27f742cf1878406fda4f55f9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0094a7057f0042b26d3bb76d8abee23f7527e598f762a12d2917624b8f743414f1bad6f671414706b6ef5a289bbdcaf09e448689ef4f10e7f35954028114add5653e223a54c128a73250a84afea563a868e84a0e1c8629263367d23160a12c96333ad80dc09235a1e4d81e58a1dd0ec17259eda1ae0108ac8df68f8a12c46324e09dcd8bd176ad4400152eace23099713b633cc2d285e2b8b8e35a6fa8d429c2412ff80a75a4c82a897373e29b57a5ac694e7c399582894632bf59342137893225b1bf6321095601667527ce27ae9eb9836d12060d62da8458bbf6896793949c3eefd7bb6255625dbcfd0215e1afe1c52aa75a162148bd8978963f40f099601b4e