*.ign.com
Issued by Amazon
About this certificate
This digital certificate with serial number 03:59:03:39:ba:84:29:08:73:b7:37:b3:c1:f6:7a:46 was issued on by Amazon.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.ign.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:59:03:39:ba:84:29:08:73:b7:37:b3:c1:f6:7a:46Serial Number (int): 4449863828722405353626408587193907782
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 58:7e:76:c4:e2:14:01:53:13:05:fc:2c:de:6d:ee:40:88:b7:a4:0d
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 99:29:97:74:8d:8c:1e:df:9b:53:b4:50:a3:94:3f:84:bb:40:6f:63
Fingerprint (sha256): 1f:d8:cc:5a:f6:14:a6:61:2a:da:97:bc:ca:82:35:da:a6:30:78:e8:ee:65:32:77:d7:7e:55:31:bf:11:b8:bf
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate *.ign.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.ign.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.ign.com
oy-stg-http.ign.com
stg.oyster-http.ign.com
*.stg.s.ign.com
*.stg.oyster-http.ign.com
stg.oyster-http.ign-inc.com
oy-stg-http.ign.com
stg.oyster-http.ign.com
*.stg.s.ign.com
*.stg.oyster-http.ign.com
stg.oyster-http.ign-inc.com
Other certificates including the domain name ign.com
(limited to 100 certificates)
ign.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
corp.ign.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1j.map.fastly.net
ssl003.insnw.net
dns-vetting1-mims-pawel.map.fastly.net
ziffdavis.com
ziffdavis.com
dns-vetting1-mims-pawel.map.fastly.net
ign.map.fastly.net
k3.shared.global.fastly.net
store.ign.com
playlist.ign.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
ziffdavis.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
store.ign.com
dns-vetting1l.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
*.ign.com
dns-vetting1-mims-pawel.map.fastly.net
ssl003.insnw.net
ssl003.insnw.net
sli.ziffdavis.com
ign.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1l.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ign.map.fastly.net
k3.shared.global.fastly.net
g01.ign.com
ign.com
sslvpn.ign.com
www.ziffdavis.com
prospective2.shared.global.fastly.net
sli.ziffdavis.com
dns-vetting1l.map.fastly.net
secure.statusupdate.askmen.com
ign.map.fastly.net
dns-vetting1j.map.fastly.net
www.ziffdavis.com
k3.shared.global.fastly.net
ziffdavis.com
k3.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ign.map.fastly.net
g02.ign.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
k3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
*.apis.stg.ign.com
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
events.ign.com
dns-vetting1j.map.fastly.net
ziffdavis.com
*.stg.ign.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
k3.shared.global.fastly.net
g01.ign.com
prospective2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
sli.ziffdavis.com
www.playlist.ign.com
k3.shared.global.fastly.net
prospective2.shared.global.fastly.net
events.ign.com
store.ign.com
ziffdavis.com
dns-vetting1-mims-pawel.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ssl003.insnw.net
prospective2.shared.global.fastly.net
ign.map.fastly.net
opt-out.1up.com
dns-vetting1j.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
corp.ign.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1j.map.fastly.net
ssl003.insnw.net
dns-vetting1-mims-pawel.map.fastly.net
ziffdavis.com
ziffdavis.com
dns-vetting1-mims-pawel.map.fastly.net
ign.map.fastly.net
k3.shared.global.fastly.net
store.ign.com
playlist.ign.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
ziffdavis.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
store.ign.com
dns-vetting1l.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
*.ign.com
dns-vetting1-mims-pawel.map.fastly.net
ssl003.insnw.net
ssl003.insnw.net
sli.ziffdavis.com
ign.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1l.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ign.map.fastly.net
k3.shared.global.fastly.net
g01.ign.com
ign.com
sslvpn.ign.com
www.ziffdavis.com
prospective2.shared.global.fastly.net
sli.ziffdavis.com
dns-vetting1l.map.fastly.net
secure.statusupdate.askmen.com
ign.map.fastly.net
dns-vetting1j.map.fastly.net
www.ziffdavis.com
k3.shared.global.fastly.net
ziffdavis.com
k3.shared.global.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
ign.map.fastly.net
g02.ign.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
k3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
*.apis.stg.ign.com
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
events.ign.com
dns-vetting1j.map.fastly.net
ziffdavis.com
*.stg.ign.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
k3.shared.global.fastly.net
g01.ign.com
prospective2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
sli.ziffdavis.com
www.playlist.ign.com
k3.shared.global.fastly.net
prospective2.shared.global.fastly.net
events.ign.com
store.ign.com
ziffdavis.com
dns-vetting1-mims-pawel.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
k3.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ssl003.insnw.net
prospective2.shared.global.fastly.net
ign.map.fastly.net
opt-out.1up.com
dns-vetting1j.map.fastly.net
prospective2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
Certificate
The complete raw certificate details for *.ign.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIQA1kDObqEKQhztzezwfZ6RjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA0MjMwMDAwMDBaFw0yMzA1MjIy MzU5NTlaMBQxEjAQBgNVBAMMCSouaWduLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAL7J7zgqOVevQ9oaaX0FEhnRU3Nib4jiqWz4D/qWQuO/BlQI NQIanypbVTTP+78XDTvDFE0O/0htpwhD2H69sNHHZNX8a+lo78TzH4SZNFyasv9q D0dm3fAgEiIiUC3FXJWHBL5U/Gu+j6bB5zgs6XlQHen3pgjoH3rq4fGTOS6Ju3J2 GOqhdQpCnBS34ypfsO9S0ofRILYeGcC+xm7r9TZAI2bQdmNikUf5XQCjcciaql2I V1NwyT+xXy14dB+Nw3m4jQ13T/D7FjMQsQhLl5cnGsqHq2XJaZrlAhVC1y/ln/Uh U4TyD9Uxo2eyp3ckiVG+9KGe6m2AJW3/0VSDFLcCAwEAAaOCA10wggNZMB8GA1Ud IwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBRYfnbE4hQBUxMF /Czebe5AiLekDTCBjQYDVR0RBIGFMIGCggkqLmlnbi5jb22CE295LXN0Zy1odHRw Lmlnbi5jb22CF3N0Zy5veXN0ZXItaHR0cC5pZ24uY29tgg8qLnN0Zy5zLmlnbi5j b22CGSouc3RnLm95c3Rlci1odHRwLmlnbi5jb22CG3N0Zy5veXN0ZXItaHR0cC5p Z24taW5jLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwuc2NhMWIuYW1h em9udHJ1c3QuY29tL3NjYTFiLTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUG CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1h em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpv bnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkC BAIEggFtBIIBaQFnAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A AAGAVDUjowAABAMARjBEAiAlCi5Ek1b/X1vWBZ8gWVsdL7SBZ3HH5mMbK/qkoTp/ VAIgB7HOB2BU1WzyQVlgk/lSxFrxWagFOf9qgb89aSq8xdoAdgA1zxkbv7FsV78P rUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAYBUNSPtAAAEAwBHMEUCIDY2Q2dpAgt4 1nn1ybLIqhfWKXQlwrueA46VJT/AhPAQAiEAuL3IsX0WbiXuFvfC4P6jBRcTPzE2 YrR07SwLwVse2q0AdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAA AYBUNSQjAAAEAwBHMEUCIGGDXfzEsx2k1dfUawyyxv/XCwWxVp4oVipONKOkpfyV AiEAzSKjFiLIl1ft5+p0t0UfRTVPr8FexOm0yu93iKXLymQwDQYJKoZIhvcNAQEL BQADggEBAF9ELmyYsalD6syg1BbMrsuvQi3/YUTg71JmKAe+Q+cSzyA3xcaE/OKB kZ79IXQr5fqUuvJ2tShpIY5w12E1cR51n2oo1xV9fDFrjOPX1nGks6S1rHQo7t5u uujHct5pG3XwbbgUMusMsRIkQ7WSEXA7m+fkJr4SkidV9mQElmN/r10IAkXmgm0Y chRGyMOd2IkD9id3P8OvVdoccxqWltwBRbMOT7iAex+P5syeDzqI34Y9lQQcr1IK 9hZbB1VY7CBtAjCHURRZaTCRy0bu/DGP3q9SB3a/bL+q35fKP3f6hIC9p7/bSFuR vmvkP+S8ml89xEd8EdU2vUtAppJgoFg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsnvOCo5V69D2hppfQUS GdFTc2JviOKpbPgP+pZC478GVAg1AhqfKltVNM/7vxcNO8MUTQ7/SG2nCEPYfr2w 0cdk1fxr6WjvxPMfhJk0XJqy/2oPR2bd8CASIiJQLcVclYcEvlT8a76PpsHnOCzp eVAd6femCOgfeurh8ZM5Lom7cnYY6qF1CkKcFLfjKl+w71LSh9Egth4ZwL7Gbuv1 NkAjZtB2Y2KRR/ldAKNxyJqqXYhXU3DJP7FfLXh0H43DebiNDXdP8PsWMxCxCEuX lycayoerZclpmuUCFULXL+Wf9SFThPIP1TGjZ7KndySJUb70oZ7qbYAlbf/RVIMU twIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4449863828722405353626408587193907782 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ign.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24084855532527934392680626671419512103280727302080918337490924646134740283936430876707626241948645541384291867252392336574181194726878615123540389077708367228393375779420666008085910964930747457496290484844150736689121261744955191519878279608873518677890060189394082440171678314310056048468871063609179516111013930988871922225642820330618264399929354649776691617581374031665628639046684041404546593012948271242418781747681619898793988177113341624008500997222991814409221495565321260169082190413314493920707594554417200417738335363976281422255361449077328630516696563770886164832812310876119155113279126570346779710647 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 587e76c4e21401531305fc2cde6dee4088b7a40d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oy-stg-http.ign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.oyster-http.ign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg.s.ign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg.oyster-http.ign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.oyster-http.ign-inc.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000180543523a300000403004630440220250a2e449356ff5f5bd6059f20595b1d2fb4816771c7e6631b2bfaa4a13a7f54022007b1ce076054d56cf241596093f952c45af159a80539ff6a81bf3d692abcc5da00760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000180543523ed000004030047304502203636436769020b78d679f5c9b2c8aa17d6297425c2bb9e038e95253fc084f010022100b8bdc8b17d166e25ee16f7c2e0fea30517133f313662b474ed2c0bc15b1edaad007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000180543524230000040300473045022061835dfcc4b31da4d5d7d46b0cb2c6ffd70b05b1569e28562a4e34a3a4a5fc95022100cd22a31622c89757ede7ea74b7451f45354fafc15ec4e9b4caef7788a5cbca64 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005f442e6c98b1a943eacca0d416ccaecbaf422dff6144e0ef52662807be43e712cf2037c5c684fce281919efd21742be5fa94baf276b52869218e70d76135711e759f6a28d7157d7c316b8ce3d7d671a4b3a4b5ac7428eede6ebae8c772de691b75f06db81432eb0cb1122443b59211703b9be7e426be12922755f6640496637faf5d080245e6826d18721446c8c39dd88903f627773fc3af55da1c731a9696dc0145b30e4fb8807b1f8fe6cc9e0f3a88df863d95041caf520af6165b075558ec206d023087511459693091cb46eefc318fdeaf520776bf6cbfaadf97ca3f77fa8480bda7bfdb485b91be6be43fe4bc9a5f3dc4477c11d536bd4b40a69260a058