*.ign.com

Issued by Amazon

About this certificate

This digital certificate with serial number 03:59:03:39:ba:84:29:08:73:b7:37:b3:c1:f6:7a:46 was issued on by Amazon.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.ign.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:59:03:39:ba:84:29:08:73:b7:37:b3:c1:f6:7a:46
Serial Number (int): 4449863828722405353626408587193907782
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 58:7e:76:c4:e2:14:01:53:13:05:fc:2c:de:6d:ee:40:88:b7:a4:0d
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 99:29:97:74:8d:8c:1e:df:9b:53:b4:50:a3:94:3f:84:bb:40:6f:63
Fingerprint (sha256): 1f:d8:cc:5a:f6:14:a6:61:2a:da:97:bc:ca:82:35:da:a6:30:78:e8:ee:65:32:77:d7:7e:55:31:bf:11:b8:bf

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate *.ign.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.ign.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.ign.com
oy-stg-http.ign.com
stg.oyster-http.ign.com
*.stg.s.ign.com
*.stg.oyster-http.ign.com
stg.oyster-http.ign-inc.com

Other certificates including the domain name ign.com

(limited to 100 certificates)
ign.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
corp.ign.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1j.map.fastly.net
ssl003.insnw.net
dns-vetting1-mims-pawel.map.fastly.net
ziffdavis.com
ziffdavis.com
dns-vetting1-mims-pawel.map.fastly.net
ign.map.fastly.net
k3.shared.global.fastly.net
store.ign.com
playlist.ign.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
ziffdavis.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
store.ign.com
dns-vetting1l.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
*.ign.com
dns-vetting1-mims-pawel.map.fastly.net
ssl003.insnw.net
ssl003.insnw.net
sli.ziffdavis.com
ign.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1l.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ign.map.fastly.net
k3.shared.global.fastly.net
g01.ign.com
ign.com
sslvpn.ign.com
www.ziffdavis.com
prospective2.shared.global.fastly.net
sli.ziffdavis.com
dns-vetting1l.map.fastly.net
secure.statusupdate.askmen.com
ign.map.fastly.net
dns-vetting1j.map.fastly.net
www.ziffdavis.com
k3.shared.global.fastly.net
ziffdavis.com
k3.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ign.map.fastly.net
g02.ign.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
k3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
*.apis.stg.ign.com
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
events.ign.com
dns-vetting1j.map.fastly.net
ziffdavis.com
*.stg.ign.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
k3.shared.global.fastly.net
g01.ign.com
prospective2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
sli.ziffdavis.com
www.playlist.ign.com
k3.shared.global.fastly.net
prospective2.shared.global.fastly.net
events.ign.com
store.ign.com
ziffdavis.com
dns-vetting1-mims-pawel.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ssl003.insnw.net
prospective2.shared.global.fastly.net
ign.map.fastly.net
opt-out.1up.com
dns-vetting1j.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net

Certificate

The complete raw certificate details for *.ign.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIQA1kDObqEKQhztzezwfZ6RjANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA0MjMwMDAwMDBaFw0yMzA1MjIy
MzU5NTlaMBQxEjAQBgNVBAMMCSouaWduLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7J7zgqOVevQ9oaaX0FEhnRU3Nib4jiqWz4D/qWQuO/BlQI
NQIanypbVTTP+78XDTvDFE0O/0htpwhD2H69sNHHZNX8a+lo78TzH4SZNFyasv9q
D0dm3fAgEiIiUC3FXJWHBL5U/Gu+j6bB5zgs6XlQHen3pgjoH3rq4fGTOS6Ju3J2
GOqhdQpCnBS34ypfsO9S0ofRILYeGcC+xm7r9TZAI2bQdmNikUf5XQCjcciaql2I
V1NwyT+xXy14dB+Nw3m4jQ13T/D7FjMQsQhLl5cnGsqHq2XJaZrlAhVC1y/ln/Uh
U4TyD9Uxo2eyp3ckiVG+9KGe6m2AJW3/0VSDFLcCAwEAAaOCA10wggNZMB8GA1Ud
IwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBRYfnbE4hQBUxMF
/Czebe5AiLekDTCBjQYDVR0RBIGFMIGCggkqLmlnbi5jb22CE295LXN0Zy1odHRw
Lmlnbi5jb22CF3N0Zy5veXN0ZXItaHR0cC5pZ24uY29tgg8qLnN0Zy5zLmlnbi5j
b22CGSouc3RnLm95c3Rlci1odHRwLmlnbi5jb22CG3N0Zy5veXN0ZXItaHR0cC5p
Z24taW5jLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwuc2NhMWIuYW1h
em9udHJ1c3QuY29tL3NjYTFiLTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUG
CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1h
em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpv
bnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkC
BAIEggFtBIIBaQFnAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A
AAGAVDUjowAABAMARjBEAiAlCi5Ek1b/X1vWBZ8gWVsdL7SBZ3HH5mMbK/qkoTp/
VAIgB7HOB2BU1WzyQVlgk/lSxFrxWagFOf9qgb89aSq8xdoAdgA1zxkbv7FsV78P
rUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAYBUNSPtAAAEAwBHMEUCIDY2Q2dpAgt4
1nn1ybLIqhfWKXQlwrueA46VJT/AhPAQAiEAuL3IsX0WbiXuFvfC4P6jBRcTPzE2
YrR07SwLwVse2q0AdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAA
AYBUNSQjAAAEAwBHMEUCIGGDXfzEsx2k1dfUawyyxv/XCwWxVp4oVipONKOkpfyV
AiEAzSKjFiLIl1ft5+p0t0UfRTVPr8FexOm0yu93iKXLymQwDQYJKoZIhvcNAQEL
BQADggEBAF9ELmyYsalD6syg1BbMrsuvQi3/YUTg71JmKAe+Q+cSzyA3xcaE/OKB
kZ79IXQr5fqUuvJ2tShpIY5w12E1cR51n2oo1xV9fDFrjOPX1nGks6S1rHQo7t5u
uujHct5pG3XwbbgUMusMsRIkQ7WSEXA7m+fkJr4SkidV9mQElmN/r10IAkXmgm0Y
chRGyMOd2IkD9id3P8OvVdoccxqWltwBRbMOT7iAex+P5syeDzqI34Y9lQQcr1IK
9hZbB1VY7CBtAjCHURRZaTCRy0bu/DGP3q9SB3a/bL+q35fKP3f6hIC9p7/bSFuR
vmvkP+S8ml89xEd8EdU2vUtAppJgoFg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsnvOCo5V69D2hppfQUS
GdFTc2JviOKpbPgP+pZC478GVAg1AhqfKltVNM/7vxcNO8MUTQ7/SG2nCEPYfr2w
0cdk1fxr6WjvxPMfhJk0XJqy/2oPR2bd8CASIiJQLcVclYcEvlT8a76PpsHnOCzp
eVAd6femCOgfeurh8ZM5Lom7cnYY6qF1CkKcFLfjKl+w71LSh9Egth4ZwL7Gbuv1
NkAjZtB2Y2KRR/ldAKNxyJqqXYhXU3DJP7FfLXh0H43DebiNDXdP8PsWMxCxCEuX
lycayoerZclpmuUCFULXL+Wf9SFThPIP1TGjZ7KndySJUb70oZ7qbYAlbf/RVIMU
twIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4449863828722405353626408587193907782
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ign.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24084855532527934392680626671419512103280727302080918337490924646134740283936430876707626241948645541384291867252392336574181194726878615123540389077708367228393375779420666008085910964930747457496290484844150736689121261744955191519878279608873518677890060189394082440171678314310056048468871063609179516111013930988871922225642820330618264399929354649776691617581374031665628639046684041404546593012948271242418781747681619898793988177113341624008500997222991814409221495565321260169082190413314493920707594554417200417738335363976281422255361449077328630516696563770886164832812310876119155113279126570346779710647
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							587e76c4e21401531305fc2cde6dee4088b7a40d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oy-stg-http.ign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.oyster-http.ign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg.s.ign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg.oyster-http.ign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.oyster-http.ign-inc.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000180543523a300000403004630440220250a2e449356ff5f5bd6059f20595b1d2fb4816771c7e6631b2bfaa4a13a7f54022007b1ce076054d56cf241596093f952c45af159a80539ff6a81bf3d692abcc5da00760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000180543523ed000004030047304502203636436769020b78d679f5c9b2c8aa17d6297425c2bb9e038e95253fc084f010022100b8bdc8b17d166e25ee16f7c2e0fea30517133f313662b474ed2c0bc15b1edaad007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000180543524230000040300473045022061835dfcc4b31da4d5d7d46b0cb2c6ffd70b05b1569e28562a4e34a3a4a5fc95022100cd22a31622c89757ede7ea74b7451f45354fafc15ec4e9b4caef7788a5cbca64
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005f442e6c98b1a943eacca0d416ccaecbaf422dff6144e0ef52662807be43e712cf2037c5c684fce281919efd21742be5fa94baf276b52869218e70d76135711e759f6a28d7157d7c316b8ce3d7d671a4b3a4b5ac7428eede6ebae8c772de691b75f06db81432eb0cb1122443b59211703b9be7e426be12922755f6640496637faf5d080245e6826d18721446c8c39dd88903f627773fc3af55da1c731a9696dc0145b30e4fb8807b1f8fe6cc9e0f3a88df863d95041caf520af6165b075558ec206d023087511459693091cb46eefc318fdeaf520776bf6cbfaadf97ca3f77fa8480bda7bfdb485b91be6be43fe4bc9a5f3dc4477c11d536bd4b40a69260a058