staging.letstalkscience.ca
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 04:2d:93:de:e2:2e:be:57:cf:08:a4:b9:23:26:a1:82 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=staging.letstalkscience.ca
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:2d:93:de:e2:2e:be:57:cf:08:a4:b9:23:26:a1:82Serial Number (int): 5553564514637667373877459588521304450
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 26:4c:79:97:ea:6e:a2:7c:7e:6d:73:38:25:5e:fb:d2:86:7d:56:25
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 32:3b:01:82:32:db:8d:7b:18:be:86:43:34:88:c1:ac:b3:5d:50:7d
Fingerprint (sha256): 1f:cd:6e:58:ff:db:39:f2:b5:80:60:9c:bf:1b:82:d7:a7:0b:15:3f:90:cd:cc:25:cb:61:78:2f:8e:cc:02:9f
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate staging.letstalkscience.ca
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging.letstalkscience.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging.letstalkscience.ca
*.app.staging.letstalkscience.ca
*.staging.letstalkscience.ca
*.app.staging.letstalkscience.ca
*.staging.letstalkscience.ca
Other certificates including the domain name letstalkscience.ca
(limited to 100 certificates)
api.letstalkscience.ca
letstalkscience.ca
portal.simforcanada.com
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
remote.letstalkscience.ca
letstalkscience.ca
pps.explorecuriocity.org
letstalkscience.ca
volunteer.letstalkscience.ca
pre.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
auth.letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
app.letstalkscience.ca
api.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
outreach.letstalkscience.ca
remote.letstalkscience.ca
support.borealdesign.com
staging.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
api.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
outreach.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
brightspace.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
*.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
helpdesk.workcentral.ng
remote.letstalkscience.ca
dct.letstalkscience.ca
letstalkscience.ca
outreach.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
support.corp.io
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
*.staging.letstalkscience.ca
*.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
app.letstalkscience.ca
volunteer.letstalkscience.ca
app.letstalkscience.ca
app.letstalkscience.ca
staging.letstalkscience.ca
volunteer.letstalkscience.ca
*.staging.letstalkscience.ca
pps.explorecuriocity.org
letstalkscience.ca
letstalkscience.ca
pps.explorecuriocity.org
outreach.letstalkscience.ca
volunteer.letstalkscience.ca
support.atlasti.com
auth.letstalkscience.ca
auth.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
help.trkall.com
support.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
outreach.letstalkscience.ca
*.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
letstalkscience.ca
portal.simforcanada.com
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
remote.letstalkscience.ca
letstalkscience.ca
pps.explorecuriocity.org
letstalkscience.ca
volunteer.letstalkscience.ca
pre.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
auth.letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
app.letstalkscience.ca
api.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
outreach.letstalkscience.ca
remote.letstalkscience.ca
support.borealdesign.com
staging.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
api.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
outreach.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
brightspace.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
*.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
helpdesk.workcentral.ng
remote.letstalkscience.ca
dct.letstalkscience.ca
letstalkscience.ca
outreach.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
support.corp.io
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
*.staging.letstalkscience.ca
*.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
app.letstalkscience.ca
volunteer.letstalkscience.ca
app.letstalkscience.ca
app.letstalkscience.ca
staging.letstalkscience.ca
volunteer.letstalkscience.ca
*.staging.letstalkscience.ca
pps.explorecuriocity.org
letstalkscience.ca
letstalkscience.ca
pps.explorecuriocity.org
outreach.letstalkscience.ca
volunteer.letstalkscience.ca
support.atlasti.com
auth.letstalkscience.ca
auth.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
help.trkall.com
support.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
letstalkscience.ca
letstalkscience.ca
outreach.letstalkscience.ca
*.letstalkscience.ca
letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
Certificate
The complete raw certificate details for staging.letstalkscience.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEszCCA5ugAwIBAgIQBC2T3uIuvlfPCKS5IyahgjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDYwMTAwMDAwMFoXDTI0MDYzMDIzNTk1OVowJTEj MCEGA1UEAxMac3RhZ2luZy5sZXRzdGFsa3NjaWVuY2UuY2EwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDD1u0rVd2MQcWZk7jvnACJKgqN7jlIh7XKZwDX 7Osvq7Zxw2lOhgfx51nfakPg0QtQSexbpb4UYZ+qO82pKvcGv6seEjMoTYQ15n2t Z7Kv5w/EmNnnmF3cekKWwkHlPt2TC4IJHvlT7iFrWjk0wX1wzZv6Zl5xYyGwuFDN zfK/US+hd/dcoHCYxWizmh1vNnlhz6a51pGIdbVU2UtEahtPmy3hafS5mjeJTYis AUXXHsZzvTXl4B+7QrTruxcGHIZKGLhjEGSGu07vNwLq936cwfV6NljeDS/DBoEo GuygGL6yonsUB8/m8hwKb08X9GxL3cKtGj+f6Gt5NCuJtpObAgMBAAGjggHGMIIB wjAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUJkx5 l+puonx+bXM4JV770oZ9ViUwZQYDVR0RBF4wXIIac3RhZ2luZy5sZXRzdGFsa3Nj aWVuY2UuY2GCICouYXBwLnN0YWdpbmcubGV0c3RhbGtzY2llbmNlLmNhghwqLnN0 YWdpbmcubGV0c3RhbGtzY2llbmNlLmNhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov L2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMBMGA1UdIAQMMAow CAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29j c3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0 LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADAT BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlyx8cu6d5AU2 90ElMMCmXBIb7kg5b38pTakz/8eiDX1ayKpm/SCeHLFmdOmSLf4ZgGtM7HLyvVnu pRvfl+cubwitbLDB8y4xctTvhMgriR3wxabbJ729DiUqnpdASVJ98WYX2XNVU3CK RgL8AL1Tgap9E4tu7W0mZCIhMIpXFYgvAEQ1P/8YURr+XqAio5fOu8Juvkf6n/jy 5z6hV58z8ZDPZskhefPOvpe/xrveG0oDEZRXp0WowlzgdFzEJhkbyNwN1T+hrgRJ jXe4yP6G65OmCzyksdv05yqc81eICbzYqQpO23cC628Kh++SBIn3wrGz1AtdBHnp ce5t1NACXA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9btK1XdjEHFmZO475wA iSoKje45SIe1ymcA1+zrL6u2ccNpToYH8edZ32pD4NELUEnsW6W+FGGfqjvNqSr3 Br+rHhIzKE2ENeZ9rWeyr+cPxJjZ55hd3HpClsJB5T7dkwuCCR75U+4ha1o5NMF9 cM2b+mZecWMhsLhQzc3yv1EvoXf3XKBwmMVos5odbzZ5Yc+mudaRiHW1VNlLRGob T5st4Wn0uZo3iU2IrAFF1x7Gc7015eAfu0K067sXBhyGShi4YxBkhrtO7zcC6vd+ nMH1ejZY3g0vwwaBKBrsoBi+sqJ7FAfP5vIcCm9PF/RsS93CrRo/n+hreTQribaT mwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5553564514637667373877459588521304450 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging.letstalkscience.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24722453647260604970855384707608864974437321302511245470744607995356524604510134344435882838631236029093307149228253016871145337418916408196402446489860978991377135010908514464157633726012918167351172376335797854184965171775320082449167212902012450295781503763518563783307544884489567687991558439493312116814409096070855302423519842340438709078152024161675751012767531639222431063206608483166085312654704779635345840359744892526234827536646555680251372233756934944411223756749618625430779430980252513993843905123305156117422399686429351947670392691186877875439950211246049507940977847669157190357839869636093784003483 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 264c7997ea6ea27c7e6d7338255efbd2867d5625 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.letstalkscience.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.app.staging.letstalkscience.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.letstalkscience.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00972c7c72ee9de40536f7412530c0a65c121bee48396f7f294da933ffc7a20d7d5ac8aa66fd209e1cb16674e9922dfe19806b4cec72f2bd59eea51bdf97e72e6f08ad6cb0c1f32e3172d4ef84c82b891df0c5a6db27bdbd0e252a9e974049527df16617d9735553708a4602fc00bd5381aa7d138b6eed6d26642221308a5715882f0044353fff18511afe5ea022a397cebbc26ebe47fa9ff8f2e73ea1579f33f190cf66c92179f3cebe97bfc6bbde1b4a03119457a745a8c25ce0745cc426191bc8dc0dd53fa1ae04498d77b8c8fe86eb93a60b3ca4b1dbf4e72a9cf3578809bcd8a90a4edb7702eb6f0a87ef920489f7c2b1b3d40b5d0479e971ee6dd4d0025c