web-marketing.getpocket.dev
Issued by Amazon
About this certificate
This digital certificate with serial number 07:08:ce:8c:2f:62:d4:ac:07:22:66:fe:b5:03:c7:b9 was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=web-marketing.getpocket.dev
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 07:08:ce:8c:2f:62:d4:ac:07:22:66:fe:b5:03:c7:b9Serial Number (int): 9350323628349068479443377106146543545
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 0e:50:a5:a9:09:70:a4:1a:cb:05:77:49:36:12:4e:13:53:8d:d5:3f
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): ac:53:0e:af:4b:4d:80:8c:80:26:da:e3:6b:b0:cc:76:2b:4c:b4:05
Fingerprint (sha256): 22:d3:2d:30:43:06:52:75:08:e7:2b:08:52:e9:db:35:ce:49:c1:30:a5:6d:85:fb:a3:98:c3:94:8d:41:46:a3
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate web-marketing.getpocket.dev
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for web-marketing.getpocket.dev
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
web-marketing.getpocket.dev
Other certificates including the domain name getpocket.dev
(limited to 100 certificates)
firefox-newtab-proxy.getpocket.dev
blog-staging.getpocket.dev
acme.getpocket.dev
web-client.getpocket.dev
acme.getpocket.dev
mozilla-auth-proxy.getpocket.dev
cdktf-backup.getpocket.dev
blog.getpocket.dev
*.admin.getpocket.dev
dotcom-gateway-dev.getpocket.dev
dotcom-gateway-dev.getpocket.dev
collection-api.getpocket.dev
team.getpocket.dev
*.webapp.getpocket.dev
new-tab-assets.getpocket.dev
*.webapp.getpocket.dev
*.mlflow-private.getpocket.dev
apigtest.getpocket.dev
*.webapp.getpocket.dev
admin.getpocket.dev
*.web-marketing.getpocket.dev
web-discover.getpocket.dev
recommendation-api.getpocket.dev
backstage.getpocket.dev
direct.daniel-client-api.getpocket.dev
cdktf-unleash.getpocket.dev
auth.getpocket.dev
recommendation-api.getpocket.dev
blog-staging.getpocket.dev
team.getpocket.dev
*.mlflow-dev1.getpocket.dev
admin.getpocket.dev
blog.getpocket.dev
spocs.getpocket.dev
cdktf.getpocket.dev
*.getpocket.dev
text.getpocket.dev
direct.client-api.getpocket.dev
cdktf-backup.getpocket.dev
direct.client-api.getpocket.dev
auth.getpocket.dev
web-marketing.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
blog.getpocket.dev
*.feature.getpocket.dev
acme.getpocket.dev
*.web-discover.getpocket.dev
apig-test.getpocket.dev
recit.getpocket.dev
collection-api.getpocket.dev
backstage.getpocket.dev
blog.getpocket.dev
blog-staging.getpocket.dev
cdktf.getpocket.dev
cdktf.getpocket.dev
*.web-client.getpocket.dev
web-client.getpocket.dev
mozilla-auth-proxy.getpocket.dev
image-api.getpocket.dev
curation-admin-tools.getpocket.dev
*.web-discover.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
exampleapi.getpocket.dev
web-discover.getpocket.dev
list-api.getpocket.dev
cdktf-unleash.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.client-api.getpocket.dev
acme.getpocket.dev
*.feature.getpocket.dev
*.mlflow-private.getpocket.dev
*.admin.getpocket.dev
team.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
exampleapi.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
blog.getpocket.dev
acme-good.getpocket.dev
acme.getpocket.dev
text.getpocket.dev
blog.getpocket.dev
web-ui.getpocket.dev
apig-test.getpocket.dev
admin-api.getpocket.dev
companion-proxy.getpocket.dev
blog-staging.getpocket.dev
recit.getpocket.dev
recit.getpocket.dev
*.feature.getpocket.dev
mozilla-auth-proxy.getpocket.dev
firefox-android-home-recommendations.getpocket.dev
*.web-client.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.firefox-android-home-recommendations.getpocket.dev
blog-staging.getpocket.dev
acme.getpocket.dev
web-client.getpocket.dev
acme.getpocket.dev
mozilla-auth-proxy.getpocket.dev
cdktf-backup.getpocket.dev
blog.getpocket.dev
*.admin.getpocket.dev
dotcom-gateway-dev.getpocket.dev
dotcom-gateway-dev.getpocket.dev
collection-api.getpocket.dev
team.getpocket.dev
*.webapp.getpocket.dev
new-tab-assets.getpocket.dev
*.webapp.getpocket.dev
*.mlflow-private.getpocket.dev
apigtest.getpocket.dev
*.webapp.getpocket.dev
admin.getpocket.dev
*.web-marketing.getpocket.dev
web-discover.getpocket.dev
recommendation-api.getpocket.dev
backstage.getpocket.dev
direct.daniel-client-api.getpocket.dev
cdktf-unleash.getpocket.dev
auth.getpocket.dev
recommendation-api.getpocket.dev
blog-staging.getpocket.dev
team.getpocket.dev
*.mlflow-dev1.getpocket.dev
admin.getpocket.dev
blog.getpocket.dev
spocs.getpocket.dev
cdktf.getpocket.dev
*.getpocket.dev
text.getpocket.dev
direct.client-api.getpocket.dev
cdktf-backup.getpocket.dev
direct.client-api.getpocket.dev
auth.getpocket.dev
web-marketing.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
blog.getpocket.dev
*.feature.getpocket.dev
acme.getpocket.dev
*.web-discover.getpocket.dev
apig-test.getpocket.dev
recit.getpocket.dev
collection-api.getpocket.dev
backstage.getpocket.dev
blog.getpocket.dev
blog-staging.getpocket.dev
cdktf.getpocket.dev
cdktf.getpocket.dev
*.web-client.getpocket.dev
web-client.getpocket.dev
mozilla-auth-proxy.getpocket.dev
image-api.getpocket.dev
curation-admin-tools.getpocket.dev
*.web-discover.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
exampleapi.getpocket.dev
web-discover.getpocket.dev
list-api.getpocket.dev
cdktf-unleash.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.client-api.getpocket.dev
acme.getpocket.dev
*.feature.getpocket.dev
*.mlflow-private.getpocket.dev
*.admin.getpocket.dev
team.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
exampleapi.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
blog.getpocket.dev
acme-good.getpocket.dev
acme.getpocket.dev
text.getpocket.dev
blog.getpocket.dev
web-ui.getpocket.dev
apig-test.getpocket.dev
admin-api.getpocket.dev
companion-proxy.getpocket.dev
blog-staging.getpocket.dev
recit.getpocket.dev
recit.getpocket.dev
*.feature.getpocket.dev
mozilla-auth-proxy.getpocket.dev
firefox-android-home-recommendations.getpocket.dev
*.web-client.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.firefox-android-home-recommendations.getpocket.dev
Certificate
The complete raw certificate details for web-marketing.getpocket.dev in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgIQBwjOjC9i1KwHImb+tQPHuTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA4MjgwMDAwMDBaFw0yMjA5MjYy MzU5NTlaMCYxJDAiBgNVBAMTG3dlYi1tYXJrZXRpbmcuZ2V0cG9ja2V0LmRldjCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPo9khxNP45I4wrk+p/hsQHo hZ9pxWRK9Q2auefGaPyDqDB/aMV2FF7/qqJm8JKqJaI3eZB1xpxOn8gmpZZ1vpLx NgmZSnD4l/03AZYjX/hgt/DJFrJToBONsJhouiWUqKLgaf0tFyqJ9zyjWVrAnTYk MeA73NFLOhlHg/H/o8W9HHO3VgXaGeBjQ4jSmME3Q4sf2JEwRIEK3xqjU8a5fwBy eW+HcQokKY9AZ9S/7Qc3RAPKbPEp5BqchswkxLdtxNMQ1PHUSQAtqiLJJQhvdaNg WiSOE9d6iObFq7M/pEVr61QXg4ZCMn3Ud/4msIVRrFKJAlfo2c5uoH5eQ4CdNxsC AwEAAaOCAvIwggLuMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0G A1UdDgQWBBQOUKWpCXCkGssFd0k2Ek4TU43VPzAmBgNVHREEHzAdght3ZWItbWFy a2V0aW5nLmdldHBvY2tldC5kZXYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcmwwEwYDVR0gBAwwCjAIBgZn gQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5z Y2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2Nh MWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBfAYK KwYBBAHWeQIEAgSCAWwEggFoAWYAdQBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiF q/L8cP5tRwAAAXuKjUE/AAAEAwBGMEQCIE9an00XUaYv/tuehaZGIkYfA4UCElPP H2weu5ctyGE1AiA3RpA3ByLVW6Rl0utlt8+VN5bxC8R9fLWmdQaGM8uidgB1AEHI yrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABe4qNQVcAAAQDAEYwRAIg BUURV5OCPOXLx93gwF3xkYfYLnFMijoV01xtR0AIN24CIFFQ7gk+gn5VtZV5+o7r blYvosk8KtTHTMtSsncW6zDjAHYA36Veq2iCTx9sre64X04+WurNohKkal6OOxLA IERcKnMAAAF7io1BUAAABAMARzBFAiAXSYbCEya1DJLvpHSMmCm3+D0cvEr1bL5G HaGVYj7BawIhAKbyz6S6eqQwj7FWMI7EwmvbDT0YwYsn4LkjdAyQ7VYCMA0GCSqG SIb3DQEBCwUAA4IBAQCt4EPVr8sVaDNpvxYOsVwngtfji22cvHJwTsBylesjNhWl HK5IQGoiTSaURhufz4ZKOYv98qEdjCGHYaHu4b0rH8iUG2Qw6sEWtDxJPFYh6ujS /qn1NzXcT0uWCTksB/7JyfMqVpUBxdj6RzEJotn1cvWwvOKKzBYIWggvKLiBUfFH Kk7wg+rv+YANjiys/mYDXCnBeh/RicYNoEgrjzRUrqR9BgLGgfYpUc8wR5cNTFTo CiyQmZRidVd0JQIOo/y0kv0Amuaq6EJAzKCvgj+9ebFchFiWs2Lv/C6jwIIm7r22 D16wTtaMhIw2DRCe+FGTqA3Jd3OdcCl0wbZQqZ0b -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+j2SHE0/jkjjCuT6n+Gx AeiFn2nFZEr1DZq558Zo/IOoMH9oxXYUXv+qombwkqolojd5kHXGnE6fyCallnW+ kvE2CZlKcPiX/TcBliNf+GC38MkWslOgE42wmGi6JZSoouBp/S0XKon3PKNZWsCd NiQx4Dvc0Us6GUeD8f+jxb0cc7dWBdoZ4GNDiNKYwTdDix/YkTBEgQrfGqNTxrl/ AHJ5b4dxCiQpj0Bn1L/tBzdEA8ps8SnkGpyGzCTEt23E0xDU8dRJAC2qIsklCG91 o2BaJI4T13qI5sWrsz+kRWvrVBeDhkIyfdR3/iawhVGsUokCV+jZzm6gfl5DgJ03 GwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9350323628349068479443377106146543545 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-26 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'web-marketing.getpocket.dev' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31589937907148636930216104948121214604282247639777177724959280654250907521050484985912120876219134524540696825514284279868615582321493155091955381324802396903830510873939425911862688656026203321488622839674293909191520600107611233061951890728820380162956154828493593016471892379369318670346738788462065494607898501352223350319421264265404750209913741248326886806003331234033416065873531527248010535152706054475911868322832152004775766170223897618702037375080011733564165833378671708149142712016481204758444692425572449054836052199923312497238079298385421735349252357024139170513804723297117568291513459963644924999451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0e50a5a90970a41acb05774936124e13538dd53f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web-marketing.getpocket.dev' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 016600750046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017b8a8d413f000004030046304402204f5a9f4d1751a62ffedb9e85a64622461f0385021253cf1f6c1ebb972dc861350220374690370722d55ba465d2eb65b7cf953796f10bc47d7cb5a675068633cba27600750041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017b8a8d4157000004030046304402200545115793823ce5cbc7dde0c05df19187d82e714c8a3a15d35c6d474008376e02205150ee093e827e55b59579fa8eeb6e562fa2c93c2ad4c74ccb52b27716eb30e3007600dfa55eab68824f1f6cadeeb85f4e3e5aeacda212a46a5e8e3b12c020445c2a730000017b8a8d415000000403004730450220174986c21326b50c92efa4748c9829b7f83d1cbc4af56cbe461da195623ec16b022100a6f2cfa4ba7aa4308fb156308ec4c26bdb0d3d18c18b27e0b923740c90ed5602 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ade043d5afcb15683369bf160eb15c2782d7e38b6d9cbc72704ec07295eb233615a51cae48406a224d2694461b9fcf864a398bfdf2a11d8c218761a1eee1bd2b1fc8941b6430eac116b43c493c5621eae8d2fea9f53735dc4f4b9609392c07fec9c9f32a569501c5d8fa473109a2d9f572f5b0bce28acc16085a082f28b88151f1472a4ef083eaeff9800d8e2cacfe66035c29c17a1fd189c60da0482b8f3454aea47d0602c681f62951cf3047970d4c54e80a2c9099946275577425020ea3fcb492fd009ae6aae84240cca0af823fbd79b15c845896b362effc2ea3c08226eebdb60f5eb04ed68c848c360d109ef85193a80dc977739d702974c1b650a99d1b