*.verity.k8s.sx.ggops.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 04:d0:d8:d2:e7:6d:9f:da:0c:db:99:40:50:94:f4:b2 was issued on by Amazon.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.verity.k8s.sx.ggops.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:d0:d8:d2:e7:6d:9f:da:0c:db:99:40:50:94:f4:b2Serial Number (int): 6401307439726989456328231175708800178
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 4c:96:51:ed:1a:c3:30:ec:dd:57:1f:23:cc:5d:b1:92:4e:83:5e:7f
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): d6:0f:ef:89:3b:41:51:e5:b4:fd:a6:65:db:75:61:9a:7d:68:8b:bb
Fingerprint (sha256): 23:37:0d:41:81:97:21:b8:d8:02:a2:f4:a1:47:7f:33:5c:b6:e5:81:a8:f2:a9:20:92:e1:7f:39:56:87:04:4c
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.verity.k8s.sx.ggops.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.verity.k8s.sx.ggops.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.verity.k8s.sx.ggops.com
*.internal.verity.k8s.sx.ggops.com
*.restricted.verity.k8s.sx.ggops.com
*.external.verity.k8s.sx.ggops.com
*.public.verity.k8s.sx.ggops.com
*.private.verity.k8s.sx.ggops.com
*.internal.verity.k8s.sx.ggops.com
*.restricted.verity.k8s.sx.ggops.com
*.external.verity.k8s.sx.ggops.com
*.public.verity.k8s.sx.ggops.com
*.private.verity.k8s.sx.ggops.com
Other certificates including the domain name ggops.com
(limited to 100 certificates)
*.ops.k8s.ggops.com
*.ambassador.dev.sandbox.ggops.com
*.sports.ggops.com
*.mle.va.sx.ggops.com
*.dev.sandbox.ggops.com
*.dev.sandbox.ggops.com
sports.drone.vi.ggops.com
pritunl.sandbox.ggops.com
*.dev.k8s.sx.ggops.com
*.k8s.dev.sandbox.ggops.com
*.prod.sandbox.ggops.com
*.sandbox.ggops.com
*.ambassador.dev.sandbox.ggops.com
*.dev.k8s.sx.ggops.com
*.verity-api.dev.va.ggops.com
zip-code-service.ops-8604.ggops.com
*.dev.sandbox.ggops.com
*.web-engineering.k8s.ggops.com
demo-manager.dev.va.ggops.com
pritunl.mongodb.va.ggops.com
*.ggops.com
*.config-dashboard-api.dev.va.ggops.com
*.verity-visualizer.dev.va.ggops.com
data-engineering.drone.va.ggops.com
*.k8s.prod.sandbox.ggops.com
*.dev.sandbox.ggops.com
*.k8s.dev.sandbox.ggops.com
*.mle.va.sx.ggops.com
sports-api--dev.sports.ggops.com
pritunl.sandbox.ggops.com
*.video-converter.dev.va.ggops.com
*.cv.k8s.sx.ggops.com
pritunl.va.ggops.com
*.gumgum.com
pritunl.va.ggops.com
*.verity.k8s.sx.ggops.com
pritunl.va.ggops.com
*.k8s.prod.sandbox.ggops.com
pritunl.sandbox.ggops.com
*.sandbox.ggops.com
publisher-manager-lambdas.ggops.com
*.gumgum.com
*.gumgum.com
pritunl.mongodb.va.ggops.com
*.advertising-api-v2.dev.va.ggops.com
*.nlp.k8s.sx.ggops.com
*.sports.ggops.com
*.vi.ggops.com
*.sandbox.ggops.com
pritunl.va.ggops.com
creative.preview.ggops.com
*.gumgum.com
*.ggops.com
*.verity-api.stage.va.ggops.com
pritunl.ca.ggops.com
*.ggops.com
*.gumgum.com
*.gumgum.com
*.drone.sandbox.ggops.com
*.gumgum.com
*.gumgum.com
preview.ggops.com
*.k8s.dev.sandbox.ggops.com
*.ggops.com
*.ad-server.k8s.ggops.com
publisher-manager-lambdas.ggops.com
*.gumgum.com
verity-api-test.ggops.com
*.verity-testing-tool.dev.va.ggops.com
*.gumgum.com
*.gumgum-jwt-auth.dev.va.ggops.com
*.prod.sandbox.ggops.com
pritunl.va.ggops.com
*.staging.verity.k8s.sx.ggops.com
*.k8s.prod.sandbox.ggops.com
*.mle-inference.va.sx.ggops.com
*.drone.sandbox.ggops.com
*.gumgum.com
*.ggops.com
*.web-engineering.k8s.ggops.com
*.va.sx.ggops.com
*.web-engineering.k8s.ggops.com
*.verity.va.sx.ggops.com
*.verity-testing-tool.dev.va.ggops.com
*.dev.k8s.sx.ggops.com
*.dev.sandbox.ggops.com
ggops.com
*.dev.sandbox.ggops.com
*.dev.sandbox.ggops.com
*.verity-api.gumgum.com
*.sandbox.ggops.com
*.gumgum.com
*.gumgum-jwt.dev.va.ggops.com
*.sandbox.ggops.com
*.gumgum.com
*.demo-manager-api.dev.va.ggops.com
*.columbia-wall.dev.va.ggops.com
*.dev.sandbox.ggops.com
data-science.drone.va.ggops.com
*.drone.va.ggops.com
*.ambassador.dev.sandbox.ggops.com
*.sports.ggops.com
*.mle.va.sx.ggops.com
*.dev.sandbox.ggops.com
*.dev.sandbox.ggops.com
sports.drone.vi.ggops.com
pritunl.sandbox.ggops.com
*.dev.k8s.sx.ggops.com
*.k8s.dev.sandbox.ggops.com
*.prod.sandbox.ggops.com
*.sandbox.ggops.com
*.ambassador.dev.sandbox.ggops.com
*.dev.k8s.sx.ggops.com
*.verity-api.dev.va.ggops.com
zip-code-service.ops-8604.ggops.com
*.dev.sandbox.ggops.com
*.web-engineering.k8s.ggops.com
demo-manager.dev.va.ggops.com
pritunl.mongodb.va.ggops.com
*.ggops.com
*.config-dashboard-api.dev.va.ggops.com
*.verity-visualizer.dev.va.ggops.com
data-engineering.drone.va.ggops.com
*.k8s.prod.sandbox.ggops.com
*.dev.sandbox.ggops.com
*.k8s.dev.sandbox.ggops.com
*.mle.va.sx.ggops.com
sports-api--dev.sports.ggops.com
pritunl.sandbox.ggops.com
*.video-converter.dev.va.ggops.com
*.cv.k8s.sx.ggops.com
pritunl.va.ggops.com
*.gumgum.com
pritunl.va.ggops.com
*.verity.k8s.sx.ggops.com
pritunl.va.ggops.com
*.k8s.prod.sandbox.ggops.com
pritunl.sandbox.ggops.com
*.sandbox.ggops.com
publisher-manager-lambdas.ggops.com
*.gumgum.com
*.gumgum.com
pritunl.mongodb.va.ggops.com
*.advertising-api-v2.dev.va.ggops.com
*.nlp.k8s.sx.ggops.com
*.sports.ggops.com
*.vi.ggops.com
*.sandbox.ggops.com
pritunl.va.ggops.com
creative.preview.ggops.com
*.gumgum.com
*.ggops.com
*.verity-api.stage.va.ggops.com
pritunl.ca.ggops.com
*.ggops.com
*.gumgum.com
*.gumgum.com
*.drone.sandbox.ggops.com
*.gumgum.com
*.gumgum.com
preview.ggops.com
*.k8s.dev.sandbox.ggops.com
*.ggops.com
*.ad-server.k8s.ggops.com
publisher-manager-lambdas.ggops.com
*.gumgum.com
verity-api-test.ggops.com
*.verity-testing-tool.dev.va.ggops.com
*.gumgum.com
*.gumgum-jwt-auth.dev.va.ggops.com
*.prod.sandbox.ggops.com
pritunl.va.ggops.com
*.staging.verity.k8s.sx.ggops.com
*.k8s.prod.sandbox.ggops.com
*.mle-inference.va.sx.ggops.com
*.drone.sandbox.ggops.com
*.gumgum.com
*.ggops.com
*.web-engineering.k8s.ggops.com
*.va.sx.ggops.com
*.web-engineering.k8s.ggops.com
*.verity.va.sx.ggops.com
*.verity-testing-tool.dev.va.ggops.com
*.dev.k8s.sx.ggops.com
*.dev.sandbox.ggops.com
ggops.com
*.dev.sandbox.ggops.com
*.dev.sandbox.ggops.com
*.verity-api.gumgum.com
*.sandbox.ggops.com
*.gumgum.com
*.gumgum-jwt.dev.va.ggops.com
*.sandbox.ggops.com
*.gumgum.com
*.demo-manager-api.dev.va.ggops.com
*.columbia-wall.dev.va.ggops.com
*.dev.sandbox.ggops.com
data-science.drone.va.ggops.com
*.drone.va.ggops.com
Certificate
The complete raw certificate details for *.verity.k8s.sx.ggops.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgIQBNDY0udtn9oM25lAUJT0sjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIwNzAwMDAwMFoXDTI1MDEwNTIzNTk1OVowJDEi MCAGA1UEAwwZKi52ZXJpdHkuazhzLnN4Lmdnb3BzLmNvbTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMOmCAoFejZdcxA3sX3zPr/iJU64N1Gje9GoE9Kr cnFZqMmloZc4ouGNbh5e8BlqiX3Eguq77b+S/Y07nMHvVeOMGjp/Rt5aYG4fM7cQ e1U3x5AMwQIVviUebfBRCYny6oTVQwWxUhDw8dSdUlgyl+0F/Meyq9ZV/4VfejfK zXWZFBJUowrRGJZ596J0MbBnuThU7Fx5gPwrpQyWCsEeOuxalYGgb3aWK5Iw0Okr bW2bHu+O7BhD6jh0u1LSqB5ZhmNzipbEADf0sb5hnnjWDjJkB9nSwcYiUUOff8aY 0ajS3v3LNpOYJIlvmbMbBvwisXpJqDFHJWx+yDOWUzWtJqsCAwEAAaOCAjswggI3 MB8GA1UdIwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBRMllHt GsMw7N1XHyPMXbGSToNefzCB2QYDVR0RBIHRMIHOghkqLnZlcml0eS5rOHMuc3gu Z2dvcHMuY29tgiIqLmludGVybmFsLnZlcml0eS5rOHMuc3guZ2dvcHMuY29tgiQq LnJlc3RyaWN0ZWQudmVyaXR5Lms4cy5zeC5nZ29wcy5jb22CIiouZXh0ZXJuYWwu dmVyaXR5Lms4cy5zeC5nZ29wcy5jb22CICoucHVibGljLnZlcml0eS5rOHMuc3gu Z2dvcHMuY29tgiEqLnByaXZhdGUudmVyaXR5Lms4cy5zeC5nZ29wcy5jb20wEwYD VR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIy bTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0G CCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYI KwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAz LmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3 DQEBCwUAA4IBAQCJyfX+YF2cRFLOmt/CIwxYLu6++/drGiDtDXXlh/IESXKKAfyF 8zeHP/ujZwYbL9Xmu2svea15vKY6S3hiHHW9qs6FFN7zxTl1FIZrRgy9HNlkl1G5 ml0cpF0u6m4KklbAximgo5ZKQooEgId+Wo/THxZWr+MjekI/BTWvS+FYzr4O8LEF luZht0C9pebMs1NF3KSO9MUc0Izwf9Dx9XPtCqLTSUTi1WDgZ/rdp8beG1WuWtVh sbD/4jo6sMmj+iwhRfoSsn0YvnrrwToPrCP05iDkXEqKIeJwiXsut1sRP/a6W0KY aEyNwjWRq90yvCVkwc1NP6aL0FXCUtHmTXgA -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6YICgV6Nl1zEDexffM+ v+IlTrg3UaN70agT0qtycVmoyaWhlzii4Y1uHl7wGWqJfcSC6rvtv5L9jTucwe9V 44waOn9G3lpgbh8ztxB7VTfHkAzBAhW+JR5t8FEJifLqhNVDBbFSEPDx1J1SWDKX 7QX8x7Kr1lX/hV96N8rNdZkUElSjCtEYlnn3onQxsGe5OFTsXHmA/CulDJYKwR46 7FqVgaBvdpYrkjDQ6SttbZse747sGEPqOHS7UtKoHlmGY3OKlsQAN/SxvmGeeNYO MmQH2dLBxiJRQ59/xpjRqNLe/cs2k5gkiW+ZsxsG/CKxekmoMUclbH7IM5ZTNa0m qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6401307439726989456328231175708800178 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.verity.k8s.sx.ggops.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24698342604612082208364254713290873018007302544426570177904647743161670852439807311549025926661154983568425542979176126690562670646526381431629467950420902186918040603655175035947488518287571842958066937807798296321052962806125352154261394010818542782866667002064097889685308673002542613725504621360327086472882520742388101064815144371603771288447978418474251957144064357694821613476774814925833624470801394095845241351702239953255113038868040216472236858774936872420726320738358022822788629348246174003575295917651031425277176393575994294862177529134506146639237782937615329062003033170612144489918455912311865288363 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4c9651ed1ac330ecdd571f23cc5db1924e835e7f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (209 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.verity.k8s.sx.ggops.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.internal.verity.k8s.sx.ggops.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.restricted.verity.k8s.sx.ggops.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.external.verity.k8s.sx.ggops.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.public.verity.k8s.sx.ggops.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.private.verity.k8s.sx.ggops.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0089c9f5fe605d9c4452ce9adfc2230c582eeebefbf76b1a20ed0d75e587f20449728a01fc85f337873ffba367061b2fd5e6bb6b2f79ad79bca63a4b78621c75bdaace8514def3c5397514866b460cbd1cd9649751b99a5d1ca45d2eea6e0a9256c0c629a0a3964a428a0480877e5a8fd31f1656afe3237a423f0535af4be158cebe0ef0b10596e661b740bda5e6ccb35345dca48ef4c51cd08cf07fd0f1f573ed0aa2d34944e2d560e067fadda7c6de1b55ae5ad561b1b0ffe23a3ab0c9a3fa2c2145fa12b27d18be7aebc13a0fac23f4e620e45c4a8a21e270897b2eb75b113ff6ba5b4298684c8dc23591abdd32bc2564c1cd4d3fa68bd055c252d1e64d7800