*.disco-api.com

Issued by Amazon

About this certificate

This digital certificate with serial number 07:c3:fa:5d:dd:47:07:fb:cd:b0:92:08:da:24:62:11 was issued on by Amazon.

With 27 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.disco-api.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:c3:fa:5d:dd:47:07:fb:cd:b0:92:08:da:24:62:11
Serial Number (int): 10322171897010787847309027607157432849
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 75:cf:0d:d0:72:b3:20:fc:0a:f5:ae:99:b1:59:02:a5:6c:5e:ae:eb
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 03:12:3b:82:78:c1:ea:9d:a4:b8:d5:46:fe:25:5f:2f:06:39:9b:d4
Fingerprint (sha256): 21:b1:9e:b5:53:f4:2a:4a:2c:c6:4c:e4:be:a3:29:78:d0:e5:02:90:bc:8e:79:2c:b6:8f:dc:a7:d3:46:0b:ec

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.disco-api.com

27

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.disco-api.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.disco-api.com
*.dplay.jp
*.discoveryplus.com
*.start.watchown.tv
*.fourwheeler.com
*.animalplanet.com
*.destinationamerica.com
*.watch.hgtv.com
*.investigationdiscovery.com
*.ahctv.com
*.tlc.com
*.go.discovery.com
*.watch.cookingchanneltv.com
*.watch.motortrend.com
*.concert.mercury.dnitv.com
*.mercury.dnitv.com
*.sciencechannel.com
*.globalcyclingnetwork.com
*.watch.travelchannel.com
*.motortrendondemand.com
*.discoverylife.com
*.discoveryplus.in
*.automobilemag.com
*.watch.diynetwork.com
*.watch.foodnetwork.com
*.hotrod.com
*.motortrend.com

Other certificates including the domain name disco-api.com

(limited to 100 certificates)
*.disco-api.com
dev.disco-api.com
*.lambda-edge-poc-dev.dev.buckets.disco-api.com
kibana-beam-us-west-2.o11y.int.disco-api.com
dkids-test.disco-api.com
dksport-staging-vms.disco-api.com
*.disco-api.com
*.disco-api.com
kibana-eu-west-1.o11y.stage.disco-api.com
stage.disco-api.com
*.waas.disco-api.com
*.o11y.dev.disco-api.com
*.int.api.discomax.com
kibana-users.o11y.prod.disco-api.com
kibana-beam-us-east-1.o11y.dev.disco-api.com
testing-certs-tools.disco-api.com
*.eu-west-1-prod-v2.disco-api.com
*.disco-api.com
dplay-south-prod.disco-api.com
test-se.disco-api.com
*.ssp.disco-api.com
kibana-us-west-2.o11y.prod.disco-api.com
dplay-south-test.disco-api.com
*.disco-api.com
kibana-beam-us-west-2.o11y.stage.disco-api.com
*.hwa-hashbuild.disco-api.com
*.disco-api.com
*.workload-eu-west-1-int-v1.tools.disco-api.com
o11y.dev.disco-api.com
httpstest.disco-api.com
*.disco-api.com
*.disco-api.com
ap2-test.disco-api.com
testing-certs-vms.disco-api.com
*.disco-api.com
*.eu-west-1-ci.disco-api.com
*.discoveryplus.in
dplay-south-test.disco-api.com
dplay-south-test-tools.disco-api.com
httpstestelb.disco-api.com
*.disco-api.com
*.atve.hashbuild.disco-api.com
*.disco-api.com
dkids-test.disco-api.com
*.demo.dev.buckets.disco-api.com
*.int.api.discomax.com
kibana-beam-us-east-1.o11y.stage.disco-api.com
test-se.disco-api.com
dkids-test-vms.disco-api.com
*.disco-api.com
*.eu-west-1-prod.disco-api.com
dplay-south-test.disco-api.com
*.disco-api.com
testing-more-certs.disco-api.com
kibana-o11y-eu-west-1.o11y.prod.disco-api.com
*.eurosportplayer.com
stage.disco-api.com
*.us-east-1-prod-v1.disco-api.com
kibanacw-us-east-1.o11y.dev.disco-api.com
*.eurosportplayer.com
dkids-prod.disco-api.com
*.dplus-roku-dcl.buckets.disco-api.com
httpstest.disco-api.com
*.disco-api.com
dev.disco-api.com
*.ap-northeast-1-prod1.disco-api.com
sonic-eu1-test.disco-api.com
test-private-ingress-tf.edge-svcs.disco-api.com
kibana-beam-us-east-1.o11y.int.disco-api.com
disco-test.disco-api.com
*.eu-west-1-test-v2.disco-api.com
sonic-test-private.disco-api.com
httpstestelb.disco-api.com
*.disco-api.com
*.eurosportplayer.com
eu1-prod-private.disco-api.com
*.disco-api.com
*.ssp.disco-api.com
httpstest.disco-api.com
kibana-users.o11y.stage.disco-api.com
*.o11y.stage.disco-api.com
kibana-us-east-2.o11y.stage.disco-api.com
httpstest.disco-api.com
*.o11y.stage.disco-api.com
*.eu-west-1-ci-poc.disco-api.com
dkids-prod.disco-api.com
httpstest.disco-api.com
testing-more-certs-tools.disco-api.com
*.disco-api.com
*.us-east-1-prod.disco-api.com
*.us-east-1-prod.disco-api.com
dplay-south-prod.disco-api.com
kibana-us-east-1.o11y.prod.disco-api.com
dplay-south-test-vms.disco-api.com
dev-dplus-marketing.waas.disco-api.com
*.disco-api.com
*.disco-api.com
*.disco-api.com
*.disco-api.com
*.ap-northeast-1-prod-v1.disco-api.com

Certificate

The complete raw certificate details for *.disco-api.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgIQB8P6Xd1HB/vNsJII2iRiETANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDEwMjcwMDAwMDBaFw0yMTExMjUy
MzU5NTlaMBoxGDAWBgNVBAMMDyouZGlzY28tYXBpLmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKUVndwtEYspbP2bvFxf3+EtlhOKrtjhOuLr2/PW
6+iq6vuA+dPWj4FZUW1W5MmZ9bxzyjT3bYvvBjN748/WZdi68LJ2LX0+hx3m9Tot
MPSx6eU7Ui8KOwOu0wQJt1eyIsAZQ9tJNwEjAesk6DGoKjur9vLp9tLiHbUMCmv3
jlSTXENGZDSqVrUczs3CKhynMObA6Cach3jjMnCwU4YYqE8o9nzLhjSXock6gk6S
CPbYZ9QvMNj1fEufLJIGdvNwrba+B8cZEuoqSPfcthaHSA5uBVVd6oOPnHKa63Wp
4kawIJcsoPorHkIqE5NSVZ05+Hxma1+01xJcMXAQg4eQeOUCAwEAAaOCA78wggO7
MB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBR1zw3Q
crMg/Ar1rpmxWQKlbF6u6zCCAk8GA1UdEQSCAkYwggJCgg8qLmRpc2NvLWFwaS5j
b22CCiouZHBsYXkuanCCEyouZGlzY292ZXJ5cGx1cy5jb22CEyouc3RhcnQud2F0
Y2hvd24udHaCESouZm91cndoZWVsZXIuY29tghIqLmFuaW1hbHBsYW5ldC5jb22C
GCouZGVzdGluYXRpb25hbWVyaWNhLmNvbYIQKi53YXRjaC5oZ3R2LmNvbYIcKi5p
bnZlc3RpZ2F0aW9uZGlzY292ZXJ5LmNvbYILKi5haGN0di5jb22CCSoudGxjLmNv
bYISKi5nby5kaXNjb3ZlcnkuY29tghwqLndhdGNoLmNvb2tpbmdjaGFubmVsdHYu
Y29tghYqLndhdGNoLm1vdG9ydHJlbmQuY29tghsqLmNvbmNlcnQubWVyY3VyeS5k
bml0di5jb22CEyoubWVyY3VyeS5kbml0di5jb22CFCouc2NpZW5jZWNoYW5uZWwu
Y29tghoqLmdsb2JhbGN5Y2xpbmduZXR3b3JrLmNvbYIZKi53YXRjaC50cmF2ZWxj
aGFubmVsLmNvbYIYKi5tb3RvcnRyZW5kb25kZW1hbmQuY29tghMqLmRpc2NvdmVy
eWxpZmUuY29tghIqLmRpc2NvdmVyeXBsdXMuaW6CEyouYXV0b21vYmlsZW1hZy5j
b22CFioud2F0Y2guZGl5bmV0d29yay5jb22CFyoud2F0Y2guZm9vZG5ldHdvcmsu
Y29tggwqLmhvdHJvZC5jb22CECoubW90b3J0cmVuZC5jb20wDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg
LqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcmww
IAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkw
ZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29t
MDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9z
Y2ExYi5jcnQwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAhEp35p+6rz+yah3/uo/L6SnkV8egmmHHPLnrtCJIY4dD
ftiF1x80sHvmM7y7qaNLUXf/msQJJ4AldS0sGnvaW+Qfe4+GXYxspwJ1GgkMRZF5
50ixX7JUHC+xqOeuNJvC1mB3F7gqa0uAAwK0d95ATBINzgTrRWUPsFYM8XzDS3EC
1ZdiArsLUha/8ypHlFFDDQUDSyEQPGvPLye7XQMdiwPGOpIPJyxASby1arfhDQGa
Fl+KGygUpUtqQf2xZzyLZZbMZmKgIJQeCXZIMfbqt0aDH/eP8yGzlfqiSfPSFASF
Lse3FbjiCJze2rVjtmrfrKaLP0BptiNnBIJAI/nWOg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRWd3C0Riyls/Zu8XF/f
4S2WE4qu2OE64uvb89br6Krq+4D509aPgVlRbVbkyZn1vHPKNPdti+8GM3vjz9Zl
2LrwsnYtfT6HHeb1Oi0w9LHp5TtSLwo7A67TBAm3V7IiwBlD20k3ASMB6yToMagq
O6v28un20uIdtQwKa/eOVJNcQ0ZkNKpWtRzOzcIqHKcw5sDoJpyHeOMycLBThhio
Tyj2fMuGNJehyTqCTpII9thn1C8w2PV8S58skgZ283Cttr4HxxkS6ipI99y2FodI
Dm4FVV3qg4+ccprrdaniRrAglyyg+iseQioTk1JVnTn4fGZrX7TXElwxcBCDh5B4
5QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10322171897010787847309027607157432849
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.disco-api.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20839979882299964154779738408259809466329937764355453648679900346459463946882207892899689678013316760924431820191902763935325423786553343057710797786560216558417120832513602838788895524151679700288880066758504384994381778442714151801897652578110598417312777582603297353868067855738799490714531753593073014389792826287356775403214618771272191456606805088667154426585537017380248279843815720077505216726668788572583827912831837862372657644796942120518111440094476985425692298031930247807878043892463897405222504042430904827636587146713664579350136709781536972584468039413400429124343049967184006282229649370799787768037
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							75cf0dd072b320fc0af5ae99b15902a56c5eaeeb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (582 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.disco-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dplay.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.discoveryplus.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.start.watchown.tv'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fourwheeler.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.animalplanet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.destinationamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watch.hgtv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.investigationdiscovery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ahctv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tlc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.go.discovery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watch.cookingchanneltv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watch.motortrend.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.concert.mercury.dnitv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mercury.dnitv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sciencechannel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.globalcyclingnetwork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watch.travelchannel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.motortrendondemand.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.discoverylife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.discoveryplus.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.automobilemag.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watch.diynetwork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watch.foodnetwork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hotrod.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.motortrend.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00844a77e69fbaaf3fb26a1dffba8fcbe929e457c7a09a61c73cb9ebb422486387437ed885d71f34b07be633bcbba9a34b5177ff9ac409278025752d2c1a7bda5be41f7b8f865d8c6ca702751a090c459179e748b15fb2541c2fb1a8e7ae349bc2d6607717b82a6b4b800302b477de404c120dce04eb45650fb0560cf17cc34b7102d5976202bb0b5216bff32a479451430d05034b21103c6bcf2f27bb5d031d8b03c63a920f272c4049bcb56ab7e10d019a165f8a1b2814a54b6a41fdb1673c8b6596cc6662a020941e09764831f6eab746831ff78ff321b395faa249f3d21404852ec7b715b8e2089cdedab563b66adfaca68b3f4069b6236704824023f9d63a