*.int.api.discomax.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0e:e5:72:05:4a:a1:aa:a8:c9:8c:69:80:7e:4f:75:dd was issued on by Amazon.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.int.api.discomax.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0e:e5:72:05:4a:a1:aa:a8:c9:8c:69:80:7e:4f:75:ddSerial Number (int): 19800540535526260308952481962293949917
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 4c:7a:8b:c9:3e:28:aa:98:43:93:f0:f5:b8:45:a4:f7:1b:18:d6:80
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 76:7f:d3:25:13:15:f4:0c:54:a2:c1:ff:3e:e1:b2:57:f9:59:5f:29
Fingerprint (sha256): 1f:d3:fb:51:11:bc:b8:62:3b:26:db:c4:79:76:23:f9:89:9a:15:20:86:70:eb:4b:8c:be:11:5e:17:d9:9f:e7
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.int.api.discomax.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.int.api.discomax.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.int.api.discomax.com
int.api.discomax.com
*.us-east-1.bolt.int.disco-api.com
*.use1.int.api.discomax.com
int.api.discomax.com
*.us-east-1.bolt.int.disco-api.com
*.use1.int.api.discomax.com
Other certificates including the domain name discomax.com
(limited to 100 certificates)
x1-experimental.ctv.prd.beam.discomax.com
*.beam-amer.euw1.stg.api.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.int.api.discomax.com
*.prd.api.discomax.com
int.api.discomax.com
webos.ctv.play-hbo.stg.beam.discomax.com
*.stg.api.discomax.com
*.br-amer.usw2.stg.api.discomax.com
*.prd.api.discomax.com
stg.api.discomax.com
*.stg.api.discomax.com
*.int.api.discomax.com
*.dev.api.discomax.com
*.prd.api.discomax.com
*.br-latam.stg.api.discomax.com
*.any-latam.prd.api.discomax.com
auth.stg.beam.discomax.com
*.prd.api.discomax.com
play-rc.stg.beam.discomax.com
*.stg.api.discomax.com
images.cdn.prd.api.discomax.com
*.private.euw1.stg.api.discomax.com
webos.ctv.play-hbo.dev.beam.discomax.com
*.stg.api.discomax.com
*.dev.api.discomax.com
*.stg.api.discomax.com
stg.api.discomax.com
xbox.ctv.dev.beam.discomax.com
*.any-amer.dev.api.discomax.com
*.any-amer.int.api.discomax.com
*.prod.api.discomax.com
*.any-amer.apne1.prd.api.discomax.com
stg.api.discomax.com
telenor.ctv.stg.beam.discomax.com
telia.ctv.prd.beam.discomax.com
stg.api.discomax.com
default.private-vpce.eun1.prd.api.discomax.com
*.prd.api.discomax.com
*.int.api.discomax.com
*.prd.api.discomax.com
prd.api.discomax.com
ps5.ctv.dev.beam.discomax.com
int.api.discomax.com
*.beam-apac.euw1.stg.api.discomax.com
*.any-amer.aps1.stg.api.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.any-amer.int.api.discomax.com
*.dev.api.discomax.com
*.prd.api.discomax.com
int.api.discomax.com
*.prd.api.discomax.com
*.prod.api.discomax.com
*.vodafonestb.sagemcom.ctv.dev.beam.discomax.com
ps4.ctv.prd.beam.discomax.com
*.beam-apac.euw1.stg.api.discomax.com
*.any-amer.dev.api.discomax.com
wbd-beam-typescript.dev.beam.discomax.com
prd.api.discomax.com
webos.ctv.play-hbo.int.beam.discomax.com
*.prod.api.discomax.com
*.prd.api.discomax.com
*.stg.api.discomax.com
*.private.eu.stg.api.discomax.com
webos.ctv.prd.beam.discomax.com
stg.api.discomax.com
cast.ctv.int.beam.discomax.com
*.dev.api.discomax.com
prd.api.discomax.com
int.discomax.discoveryplus.com
ziggo.ctv.prd.beam.discomax.com
memento.int.infra.api.discomax.com
*.stg.api.discomax.com
x1.ctv.stg.beam.discomax.com
*.ci-reports.dev.beam.discomax.com
*.int.api.discomax.com
vizio.ctv.dev.beam.discomax.com
int.api.discomax.com
*.any-amer.euc1.stg.api.discomax.com
*.int.api.discomax.com
webos.ctv.dev.beam.discomax.com
*.int.api.discomax.com
*.stg.api.discomax.com
tizen.ctv.dev.beam.discomax.com
int.api.discomax.com
*.any-amer.euc1.prd.api.discomax.com
*.use.dev.api.discomax.com
*.int.api.discomax.com
x1.ctv.prd.beam.discomax.com
dev.api.discomax.com
tizen.ctv.int.beam.discomax.com
*.dev.api.discomax.com
*.any-latam.prd.api.discomax.com
dev.api.discomax.com
*.prd.api.discomax.com
telenor-rc.ctv.stg.beam.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.beam-amer.euw1.stg.api.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.int.api.discomax.com
*.prd.api.discomax.com
int.api.discomax.com
webos.ctv.play-hbo.stg.beam.discomax.com
*.stg.api.discomax.com
*.br-amer.usw2.stg.api.discomax.com
*.prd.api.discomax.com
stg.api.discomax.com
*.stg.api.discomax.com
*.int.api.discomax.com
*.dev.api.discomax.com
*.prd.api.discomax.com
*.br-latam.stg.api.discomax.com
*.any-latam.prd.api.discomax.com
auth.stg.beam.discomax.com
*.prd.api.discomax.com
play-rc.stg.beam.discomax.com
*.stg.api.discomax.com
images.cdn.prd.api.discomax.com
*.private.euw1.stg.api.discomax.com
webos.ctv.play-hbo.dev.beam.discomax.com
*.stg.api.discomax.com
*.dev.api.discomax.com
*.stg.api.discomax.com
stg.api.discomax.com
xbox.ctv.dev.beam.discomax.com
*.any-amer.dev.api.discomax.com
*.any-amer.int.api.discomax.com
*.prod.api.discomax.com
*.any-amer.apne1.prd.api.discomax.com
stg.api.discomax.com
telenor.ctv.stg.beam.discomax.com
telia.ctv.prd.beam.discomax.com
stg.api.discomax.com
default.private-vpce.eun1.prd.api.discomax.com
*.prd.api.discomax.com
*.int.api.discomax.com
*.prd.api.discomax.com
prd.api.discomax.com
ps5.ctv.dev.beam.discomax.com
int.api.discomax.com
*.beam-apac.euw1.stg.api.discomax.com
*.any-amer.aps1.stg.api.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.any-amer.int.api.discomax.com
*.dev.api.discomax.com
*.prd.api.discomax.com
int.api.discomax.com
*.prd.api.discomax.com
*.prod.api.discomax.com
*.vodafonestb.sagemcom.ctv.dev.beam.discomax.com
ps4.ctv.prd.beam.discomax.com
*.beam-apac.euw1.stg.api.discomax.com
*.any-amer.dev.api.discomax.com
wbd-beam-typescript.dev.beam.discomax.com
prd.api.discomax.com
webos.ctv.play-hbo.int.beam.discomax.com
*.prod.api.discomax.com
*.prd.api.discomax.com
*.stg.api.discomax.com
*.private.eu.stg.api.discomax.com
webos.ctv.prd.beam.discomax.com
stg.api.discomax.com
cast.ctv.int.beam.discomax.com
*.dev.api.discomax.com
prd.api.discomax.com
int.discomax.discoveryplus.com
ziggo.ctv.prd.beam.discomax.com
memento.int.infra.api.discomax.com
*.stg.api.discomax.com
x1.ctv.stg.beam.discomax.com
*.ci-reports.dev.beam.discomax.com
*.int.api.discomax.com
vizio.ctv.dev.beam.discomax.com
int.api.discomax.com
*.any-amer.euc1.stg.api.discomax.com
*.int.api.discomax.com
webos.ctv.dev.beam.discomax.com
*.int.api.discomax.com
*.stg.api.discomax.com
tizen.ctv.dev.beam.discomax.com
int.api.discomax.com
*.any-amer.euc1.prd.api.discomax.com
*.use.dev.api.discomax.com
*.int.api.discomax.com
x1.ctv.prd.beam.discomax.com
dev.api.discomax.com
tizen.ctv.int.beam.discomax.com
*.dev.api.discomax.com
*.any-latam.prd.api.discomax.com
dev.api.discomax.com
*.prd.api.discomax.com
telenor-rc.ctv.stg.beam.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
Certificate
The complete raw certificate details for *.int.api.discomax.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGLjCCBRagAwIBAgIQDuVyBUqhqqjJjGmAfk913TANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTAxMjAwMDAwMFoXDTI0MTEwOTIzNTk1OVowITEf MB0GA1UEAwwWKi5pbnQuYXBpLmRpc2NvbWF4LmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBANBHD2YPZ06ofxgxnYyaWOwQQ0MwljMzjTJlcmdLWNFF MtZ4OuP0veXCoSj3K8zZhcU0zYRuEflPN+1mGCc+esfO5NNPgvFbdAjntI1iFJHc 4NqAhB5HSMW0f2KsD29GFasdKKgmpuaRJ8t2ezwI4Wpow67Yc+PJLOwq9MWxyiki UdtxwHrAPDkAceZdmU0xpSf4hAKywvfk4o5n4xhDbXiHlBfojbHDuhi2Ub3OAbWs 7zRjhmDOfbazMxbDy84+7aCVOM0/AWI14sgXO3fzg2DTTEr7/N8q1L362oM6ImlH GnJ9/QbGaYu6+CdqJ+avxUBK0n+diqCEleaAygDDtUMCAwEAAaOCA0UwggNBMB8G A1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBRMeovJPiiq mEOT8PW4RaT3GxjWgDB4BgNVHREEcTBvghYqLmludC5hcGkuZGlzY29tYXguY29t ghRpbnQuYXBpLmRpc2NvbWF4LmNvbYIiKi51cy1lYXN0LTEuYm9sdC5pbnQuZGlz Y28tYXBpLmNvbYIbKi51c2UxLmludC5hcGkuZGlzY29tYXguY29tMBMGA1UdIAQM MAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5h bWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEF BQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUF BzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIw DAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAdv+IPwq2 +5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGLIxm3KgAABAMARjBEAiAbImE5 bgtKIRDHfTC2Oi4J5mjcKudQ7D/fW0JS0xnb3QIgGWEsHHPsIBE5aEEFUm08OGxs xz3HzUAnOEA9r58lO7EAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE cwAAAYsjGbb7AAAEAwBHMEUCIH0mPMk8/An6RvaJKCZxJiIE9Cq078ExX82cZtrK 786nAiEA282esq/V5YOiLrYSDSS4h8pyre/sJ2D+8qHhFniG1HIAdgDatr9rP7W2 Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYsjGbbeAAAEAwBHMEUCIQDp4x3g DuzsQX1YnlU4bkKbqYPxG2NYkFqLzGQcSny6iAIgL4iRsyrqUtWRySi6vaEMmUc+ 3GP6jRcIEoTRCIqQGz8wDQYJKoZIhvcNAQELBQADggEBAE6izFBgHmUcitgp2lvk /deHfU+cNSamt96/mxO0+egZr/kjEnjabek0juaZPlv7DrkvNFe/vaoLi3qLROZD NANoxl33gRd9KcsUAwYZDCI4PhlykQGpiYdkrXf/LKKjwMXGJyR5PKnXwP01iwpS fUOzw5sOfFlmoV5op/UyTpUIVRFuDBJhNPZRe9uJl7rRR3h11yMuDN8L1iSlV8vp wJ6lKxGs2ZzVPkHz69553+JhQvh2VbCTrhxszPaTTCzM0TgxXBe4QumYlWeuniu5 sh9HatIyGofY95M8R9jMfRYce+6rLXIZyLDfiX5S/3Li+rMKJrdqSQhvKDnDUVSo iyQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EcPZg9nTqh/GDGdjJpY 7BBDQzCWMzONMmVyZ0tY0UUy1ng64/S95cKhKPcrzNmFxTTNhG4R+U837WYYJz56 x87k00+C8Vt0COe0jWIUkdzg2oCEHkdIxbR/YqwPb0YVqx0oqCam5pEny3Z7PAjh amjDrthz48ks7Cr0xbHKKSJR23HAesA8OQBx5l2ZTTGlJ/iEArLC9+TijmfjGENt eIeUF+iNscO6GLZRvc4BtazvNGOGYM59trMzFsPLzj7toJU4zT8BYjXiyBc7d/OD YNNMSvv83yrUvfragzoiaUcacn39BsZpi7r4J2on5q/FQErSf52KoISV5oDKAMO1 QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19800540535526260308952481962293949917 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.int.api.discomax.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26292608499428584336849966230528646977846485858261351149575969510417394059137256453675538824471159544319477917033081466252141504669071666151220465040856010802017383838298180290525402795484936685721277829108568609574337974615248279501276094954388874435137093494060352544904319596507618315306128624946888987673005569140386308775700263872302429021977191393080557031690084876066132231337265782922036655885336946329312848906265075187267068732079373681815531833930024504684990100233953158360395971303062300498127460725553893106854006343758278932152024043745697976167062050266304720282911743620862509884520172564784890492227 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4c7a8bc93e28aa984393f0f5b845a4f71b18d680 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.int.api.discomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'int.api.discomax.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.us-east-1.bolt.int.disco-api.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.use1.int.api.discomax.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b2319b72a000004030046304402201b2261396e0b4a2110c77d30b63a2e09e668dc2ae750ec3fdf5b4252d319dbdd022019612c1c73ec201139684105526d3c386c6cc73dc7cd402738403daf9f253bb100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b2319b6fb000004030047304502207d263cc93cfc09fa46f689282671262204f42ab4efc1315fcd9c66dacaefcea7022100dbcd9eb2afd5e583a22eb6120d24b887ca72adefec2760fef2a1e1167886d472007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b2319b6de0000040300473045022100e9e31de00eecec417d589e55386e429ba983f11b6358905a8bcc641c4a7cba8802202f8891b32aea52d591c928babda10c99473edc63fa8d17081284d1088a901b3f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004ea2cc50601e651c8ad829da5be4fdd7877d4f9c3526a6b7debf9b13b4f9e819aff9231278da6de9348ee6993e5bfb0eb92f3457bfbdaa0b8b7a8b44e643340368c65df781177d29cb140306190c22383e19729101a9898764ad77ff2ca2a3c0c5c62724793ca9d7c0fd358b0a527d43b3c39b0e7c5966a15e68a7f5324e950855116e0c126134f6517bdb8997bad1477875d7232e0cdf0bd624a557cbe9c09ea52b11acd99cd53e41f3ebde79dfe26142f87655b093ae1c6cccf6934c2cccd138315c17b842e9989567ae9e2bb9b21f476ad2321a87d8f7933c47d8cc7d161c7beeab2d7219c8b0df897e52ff72e2fab30a26b76a49086f2839c35154a88b24