test.ssl-api.itranslateapp.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0c:36:32:db:ea:65:ef:a3:88:02:df:05:a9:38:82:d3 was issued on by Amazon.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=test.ssl-api.itranslateapp.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:36:32:db:ea:65:ef:a3:88:02:df:05:a9:38:82:d3
Serial Number (int): 16232151523770369842382616316457026259
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 36:61:fe:f5:02:98:fd:8e:63:16:9d:54:1c:e6:ea:5e:ce:8a:66:3a
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 17:1f:f1:ae:39:95:7b:72:d9:ec:ea:d9:36:fa:6f:ed:af:21:5d:2e
Fingerprint (sha256): 21:b8:c3:86:13:31:0c:d0:12:52:db:04:e2:a3:b4:7a:34:ff:ed:78:02:eb:6a:17:40:c6:81:73:37:b7:49:75

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate test.ssl-api.itranslateapp.com

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for test.ssl-api.itranslateapp.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

test.ssl-api.itranslateapp.com
test.api.speak-translate.com
test.hub.itranslateapp.com
test.accounts.itranslateapp.com
test.hub.grammatica.io
test.asr.speak-translate.com
test.api.grammatica.io
test.accounts.grammatica.io

Other certificates including the domain name itranslateapp.com

(limited to 100 certificates)
medical.itranslateapp.com
pypi.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.itranslateapp.com
asr.itranslateapp.com
pypi.itranslateapp.com
ssl-api.itranslateapp.com
accounts-staging-cx4k6b.itranslateapp.com
medical.itranslateapp.com
data.itranslateapp.com
data.itranslateapp.com
pypi.itranslateapp.com
dev-api.itranslateapp.com
api.staging-3c6e.itranslateapp.com
gandalf.internal.itranslateapp.com
api.staging-3c6e.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
dev-api.itranslateapp.com
asr.itranslateapp.com
han-shot-first.itranslateapp.com
pypi.itranslateapp.com
pypi.itranslateapp.com
pypi.itranslateapp.com
medical.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
pypi.itranslateapp.com
dev-api.itranslateapp.com
pypi.itranslateapp.com
data.itranslateapp.com
lb-setup-test-ssl-api.itranslateapp.com
vpn.itranslateapp.com
dev-api.itranslateapp.com
asr.itranslateapp.com
ocr-staging-cx4k6b.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
test.ssl-api.itranslateapp.com
api.staging-3c6e.itranslateapp.com
accounts-staging-cx4k6b.itranslateapp.com
api.staging-3c6e.itranslateapp.com
pypi.itranslateapp.com
ssl-api.itranslateapp.com
ocr-staging-cx4k6b.itranslateapp.com
data.itranslateapp.com
itranslateapp.com
ocr-staging-cx4k6b.itranslateapp.com
han-shot-first.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.itranslateapp.com
ocr-staging-cx4k6b.itranslateapp.com
asr.itranslateapp.com
test.ssl-api.itranslateapp.com
api.staging-3c6e.itranslateapp.com
ocr-staging-cx4k6b.itranslateapp.com
api.staging-3c6e.itranslateapp.com
han-shot-first.itranslateapp.com
ssl-api.itranslateapp.com
api.staging-3c6e.itranslateapp.com
ssl-api.itranslateapp.com
accounts.itranslateapp.com
accounts-staging-cx4k6b.itranslateapp.com
itranslateapp.com
pypi.itranslateapp.com
ocr-staging-cx4k6b.itranslateapp.com
asr.itranslateapp.com
ssl-api.itranslateapp.com
test.ssl-api.itranslateapp.com
itranslateapp.com
medical.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
han-shot-first.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.itranslateapp.com
pypi.itranslateapp.com
web-api.itranslateapp.com
ssl-api.itranslateapp.com
web-api.itranslateapp.com
medical.itranslateapp.com
api.staging-3c6e.itranslateapp.com
accounts.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
web-api.itranslateapp.com
test.ssl-api.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
dev-api.itranslateapp.com
ssl-test.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.itranslateapp.com
ssl-api.staging-3c6e.itranslateapp.com
web-api.itranslateapp.com
test123.itranslateapp.com
temp-blub.itranslateapp.com
api.staging-3c6e.itranslateapp.com
data.itranslateapp.com
asr-watch-v2.itranslateapp.com
data.itranslateapp.com
ssl-api.itranslateapp.com

Certificate

The complete raw certificate details for test.ssl-api.itranslateapp.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIQDDYy2+pl76OIAt8FqTiC0zANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA3MTUwMDAwMDBaFw0yMzA4MTMy
MzU5NTlaMCkxJzAlBgNVBAMTHnRlc3Quc3NsLWFwaS5pdHJhbnNsYXRlYXBwLmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANKhujYpLm9LcfqsTOTQ
iYJYYp3g6rC2lSwJ5O8vpAVyxLzk896dEuB54GY2leTpA2Nye4AOXqsWzpic21k4
2L1VXxMcBhrlbvbNaTrbLJbCxzrGp4BZNJjNOFLfGR05SAqFUs0b0MDj/AUIuKfL
GRLDaEoXV/oRlZ27DdHnRbBHT9G+yMGkaS77h47YT0jJW7XBIrCLpS8thTbsgnQE
XbfutAUCFEJ2kHgUjBNJvQ5P1at2FVmyOgBt3wpR6o5TWjosQzHCFadm2tvPxteW
sBgAOGXiJxOhEKv96F1vAFrbiCbdfSxvQF9fumXy1uVWI1HJkh3TKPvL8N8m2NvR
i8MCAwEAAaOCAlUwggJRMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3Q
MB0GA1UdDgQWBBQ2Yf71Apj9jmMWnVQc5upezopmOjCB8QYDVR0RBIHpMIHmgh50
ZXN0LnNzbC1hcGkuaXRyYW5zbGF0ZWFwcC5jb22CHHRlc3QuYXBpLnNwZWFrLXRy
YW5zbGF0ZS5jb22CGnRlc3QuaHViLml0cmFuc2xhdGVhcHAuY29tgh90ZXN0LmFj
Y291bnRzLml0cmFuc2xhdGVhcHAuY29tghZ0ZXN0Lmh1Yi5ncmFtbWF0aWNhLmlv
ghx0ZXN0LmFzci5zcGVhay10cmFuc2xhdGUuY29tghZ0ZXN0LmFwaS5ncmFtbWF0
aWNhLmlvght0ZXN0LmFjY291bnRzLmdyYW1tYXRpY2EuaW8wDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA9BgNVHR8ENjA0MDKg
MKAuhixodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi0xLmNy
bDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUH
MAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcw
AoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwG
A1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQAD
ggEBADpBxVJ6j42uusk1ciMSY3FUcYFGrQL6YJV7iuX4hp1cfYdo3xxtAsqz2lpc
qjC2dxRH3d1TnGHCyML+XfLkkineIHpBSflOMLacs3kAHQTcrG9htu5l+2YzwU28
B9STsHOC/XXa1H6b260Kg9mVVKRwL5ECoo7bqFT4bBh6vGzCk8svWlcCN7y16N8X
yLg/nZB4dSKNbd4yemfLtkaghaxfh7lqEgwi1hVp6b24h08V77bA3YpPOY/t4ZlZ
mFna87QpLvBBSrwiORFVKGkppS6HWDCeQ11dgAwN5j1vReIoKxYbVIDNEU50L7W/
OiAXuuBJgJ0rlnxoI20E9nKJak0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qG6Nikub0tx+qxM5NCJ
glhineDqsLaVLAnk7y+kBXLEvOTz3p0S4HngZjaV5OkDY3J7gA5eqxbOmJzbWTjY
vVVfExwGGuVu9s1pOtsslsLHOsangFk0mM04Ut8ZHTlICoVSzRvQwOP8BQi4p8sZ
EsNoShdX+hGVnbsN0edFsEdP0b7IwaRpLvuHjthPSMlbtcEisIulLy2FNuyCdARd
t+60BQIUQnaQeBSME0m9Dk/Vq3YVWbI6AG3fClHqjlNaOixDMcIVp2ba28/G15aw
GAA4ZeInE6EQq/3oXW8AWtuIJt19LG9AX1+6ZfLW5VYjUcmSHdMo+8vw3ybY29GL
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16232151523770369842382616316457026259
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test.ssl-api.itranslateapp.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26589794790704381542865920860439106453614717976999955846966927445633825294307560916440046157369606654849555613197819442697207000816878460549542945485083066601715014932032915205066471856882571582098822125608639755497868382298627302903469589641991472584333344474404731138692936317810119591186976484795751240060177211884661805476632290010271645782012841604371630596799296956919430977718403038917786661689149293242568370211614477899247313149488496003067882919032691531005113534734572513751686633555125223567423070964223980315146961187891244294316497326634551851774941586038314046077667552912900939340153042535350241692611
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3661fef50298fd8e63169d541ce6ea5ece8a663a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (233 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.ssl-api.itranslateapp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.api.speak-translate.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.hub.itranslateapp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.accounts.itranslateapp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.hub.grammatica.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.asr.speak-translate.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.api.grammatica.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.accounts.grammatica.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003a41c5527a8f8daebac935722312637154718146ad02fa60957b8ae5f8869d5c7d8768df1c6d02cab3da5a5caa30b6771447dddd539c61c2c8c2fe5df2e49229de207a4149f94e30b69cb379001d04dcac6f61b6ee65fb6633c14dbc07d493b07382fd75dad47e9bdbad0a83d99554a4702f9102a28edba854f86c187abc6cc293cb2f5a570237bcb5e8df17c8b83f9d907875228d6dde327a67cbb646a085ac5f87b96a120c22d61569e9bdb8874f15efb6c0dd8a4f398fede199599859daf3b4292ef0414abc22391155286929a52e8758309e435d5d800c0de63d6f45e2282b161b5480cd114e742fb5bf3a2017bae049809d2b967c68236d04f672896a4d