highbond-combined.aclgrc.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 02:9f:f5:05:e2:d3:40:c0:be:f1:18:ca:de:b7:0c:05 was issued on by Amazon.
With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=highbond-combined.aclgrc.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 02:9f:f5:05:e2:d3:40:c0:be:f1:18:ca:de:b7:0c:05Serial Number (int): 3489000848769577923870761774575193093
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 41:14:74:ce:16:66:7a:31:07:11:01:e9:b9:16:8d:48:67:0c:dc:c1
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 6b:2b:98:ac:b9:d8:83:a2:91:5c:22:af:60:13:16:d6:4e:6b:1c:d9
Fingerprint (sha256): 23:92:d1:2c:68:7c:ca:35:e4:83:72:75:5e:f5:e7:25:7a:fb:46:2b:eb:96:05:fa:f3:14:d9:cd:2e:a2:71:97
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate highbond-combined.aclgrc.com
15
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for highbond-combined.aclgrc.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
highbond-combined.aclgrc.com
*.projects.aclgrc.com
*.accounts.aclgrc.com
*.reports.aclgrc.com
*.highbond.com
*.reports.highbond.com
*.projects.highbond.com
*.accounts.highbond.com
*.results.aclgrc.com
aclgrc.com
highbond.com
*.results.highbond.com
*.risks.highbond.com
*.risks.aclgrc.com
*.aclgrc.com
*.projects.aclgrc.com
*.accounts.aclgrc.com
*.reports.aclgrc.com
*.highbond.com
*.reports.highbond.com
*.projects.highbond.com
*.accounts.highbond.com
*.results.aclgrc.com
aclgrc.com
highbond.com
*.results.highbond.com
*.risks.highbond.com
*.risks.aclgrc.com
*.aclgrc.com
Other certificates including the domain name aclgrc.com
(limited to 100 certificates)
statuspage.io
status.aclgrc.com
statuspage.io
statuspage.io
*.risks-ap.aclgrc.com
statuspage.io
eu.status.grow.clio.com
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
3down.mit.edu
highbond-combined-eu.aclgrc.com
statuspage.io
*.results-eu.aclgrc.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
eu.status.grow.clio.com
new-status.ucsd.edu
highbond-combined-au.aclgrc.com
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
statuspage.io
*.results-au.aclgrc.com
*.risks-eu.aclgrc.com
eu.status.grow.clio.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
*.risks.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
tardis.aclgrc.com
highbond-combined.aclgrc.com
tardis.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
*.hub-au.aclgrc.com
accounts.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
new-status.ucsd.edu
statuspage.io
*.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
downloads.highbond.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
caloes.status.rapiddeploy.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
new-status.ucsd.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
new-status.ucsd.edu
statuspage.io
statuspage.io
*.projects-au.aclgrc.com
statuspage.io
statuspage.io
highbond-combined-eu.aclgrc.com
*.projects-eu.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
*.aclgrc.com
highbond-combined-eu.aclgrc.com
statuspage.io
*.robots-eu.aclgrc.com
statuspage.io
*.results-ap.aclgrc.com
*.aclgrc.com
statuspage.io
*.hub-ap.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
*.projects-eu.aclgrc.com
atlas-alerts.mit.edu
status.aclgrc.com
statuspage.io
statuspage.io
*.risks-ap.aclgrc.com
statuspage.io
eu.status.grow.clio.com
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
3down.mit.edu
highbond-combined-eu.aclgrc.com
statuspage.io
*.results-eu.aclgrc.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
eu.status.grow.clio.com
new-status.ucsd.edu
highbond-combined-au.aclgrc.com
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
statuspage.io
*.results-au.aclgrc.com
*.risks-eu.aclgrc.com
eu.status.grow.clio.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
*.risks.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
tardis.aclgrc.com
highbond-combined.aclgrc.com
tardis.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
*.hub-au.aclgrc.com
accounts.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
new-status.ucsd.edu
statuspage.io
*.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
downloads.highbond.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
caloes.status.rapiddeploy.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
new-status.ucsd.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
new-status.ucsd.edu
statuspage.io
statuspage.io
*.projects-au.aclgrc.com
statuspage.io
statuspage.io
highbond-combined-eu.aclgrc.com
*.projects-eu.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
*.aclgrc.com
highbond-combined-eu.aclgrc.com
statuspage.io
*.robots-eu.aclgrc.com
statuspage.io
*.results-ap.aclgrc.com
*.aclgrc.com
statuspage.io
*.hub-ap.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
*.projects-eu.aclgrc.com
atlas-alerts.mit.edu
Certificate
The complete raw certificate details for highbond-combined.aclgrc.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHBzCCBe+gAwIBAgIQAp/1BeLTQMC+8RjK3rcMBTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTAyNjAwMDAwMFoXDTI0MTEyMTIzNTk1OVowJzEl MCMGA1UEAxMcaGlnaGJvbmQtY29tYmluZWQuYWNsZ3JjLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAMzPHulCGxw3fMEBUrd2Woqoth2Zss0AhtjN 6N7PkeBmOzEeCK5VvaAV8RBwGkvNaLXY7AMN+J9tHpbI5IjCDbaIQXgXvR1JgF9q mQWTvAYGOETLqI341FU53G4y5x+Ha5FQ0s1LjSe0E7JHCi+4YyMkwpIgE6KPTCZi O4fOdzTfz0Mv11PLtjkSWFyceaG7wsrzG4cK4jzSF6u22+Rx6gnWoLvsDycC0rm2 iOAn8waOVf/qxR4LfkqLQydaGFOhXSe07zsqRJAjvCLNmGVvQHWlOQwzGYZ0uUTY IkD+QeF46kzZyEQUGBc3/6/0lsXiSJ+hrMKub/IH9ZiSi/z3gNMCAwEAAaOCBBgw ggQUMB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBRB FHTOFmZ6MQcRAem5Fo1IZwzcwTCCAUkGA1UdEQSCAUAwggE8ghxoaWdoYm9uZC1j b21iaW5lZC5hY2xncmMuY29tghUqLnByb2plY3RzLmFjbGdyYy5jb22CFSouYWNj b3VudHMuYWNsZ3JjLmNvbYIUKi5yZXBvcnRzLmFjbGdyYy5jb22CDiouaGlnaGJv bmQuY29tghYqLnJlcG9ydHMuaGlnaGJvbmQuY29tghcqLnByb2plY3RzLmhpZ2hi b25kLmNvbYIXKi5hY2NvdW50cy5oaWdoYm9uZC5jb22CFCoucmVzdWx0cy5hY2xn cmMuY29tggphY2xncmMuY29tggxoaWdoYm9uZC5jb22CFioucmVzdWx0cy5oaWdo Ym9uZC5jb22CFCoucmlza3MuaGlnaGJvbmQuY29tghIqLnJpc2tzLmFjbGdyYy5j b22CDCouYWNsZ3JjLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIw MKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNy bDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAy LmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5h bWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEE AdZ5AgQCBIIBbQSCAWkBZwB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM Wjp0AAABi2r0J78AAAQDAEYwRAIgdBirq0TwOyIyCol3CGkklgPulPl1EjgcJkoq jVU4yoYCIEwlX1wac+bJtppVH43qD2csHYDInTNS03vbZQsivLI7AHYASLDja9qm RzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGLavQnugAABAMARzBFAiB6RVIl w7ZnQ+EDV67QuQhot3PVt1N45o6/QbJdMmM6NAIhAMf+DSc+k9aUKoWM4rJDzJe6 B4Cb9uUT7UF1f4Mov4+JAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX +6sAAAGLavQnnQAABAMARzBFAiEAiE4/Q7gToPr/C7InOnTdhtgcRfWGgsE6gIBP vXFnqMcCIExMqrlBfwS0ycafZHsItXw1V8dfzrdTGKL2HcEKsQUFMA0GCSqGSIb3 DQEBCwUAA4IBAQBn9+36mKKzHtqZR65TcEoycKY3wRUDeg2URfW2xghrabKykAuF iJBZ//kWYmeqMmbCLOuh3gN8zrJYOTQEgr6TNG+1GT/y7rrZ8C/hbJFfVqykeKjf thXRFlTyTFie6YuE6AaxtfO8HRL845HjUcme+2IrvToxmILOs0u7ktGOj8jlWxwz TWwvvQZIO099FUTlBrptIaqwW/zfhuQ5CYjIkcDvPQ/evaPXM1EFtFmnjG4P9zae ISYk7g6MzTAs9cxAmqy8A9nBsX9RaETIIux2Lhv8X9Z57gezjXeDNvkLxIndDCx2 j2Zk8+S7iNVBTLzm4fMngn4RphjD58RTGv+d -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM8e6UIbHDd8wQFSt3Za iqi2HZmyzQCG2M3o3s+R4GY7MR4IrlW9oBXxEHAaS81otdjsAw34n20elsjkiMIN tohBeBe9HUmAX2qZBZO8BgY4RMuojfjUVTncbjLnH4drkVDSzUuNJ7QTskcKL7hj IyTCkiAToo9MJmI7h853NN/PQy/XU8u2ORJYXJx5obvCyvMbhwriPNIXq7bb5HHq Cdagu+wPJwLSubaI4CfzBo5V/+rFHgt+SotDJ1oYU6FdJ7TvOypEkCO8Is2YZW9A daU5DDMZhnS5RNgiQP5B4XjqTNnIRBQYFzf/r/SWxeJIn6Gswq5v8gf1mJKL/PeA 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3489000848769577923870761774575193093 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'highbond-combined.aclgrc.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25854749259917827296399586579272182402612850689415899673235870158210088247354282928426457173728529741064779534153671641175938587439631751412773866764964389537301749555597243401248612195233816777918969584696314186945832726967902464046972790486120349839065463346041533378512938384966488777716750283930575700414201747061407249558310786100296443682568795190525671745567638112778441715545702046230021817375531507367308100372845346196243967502105768635499035369433253764164573343148761995948183761617763827103851664954051727334467547266415996451212283345338141253083600161902633476883949319552316396574485344665435842773203 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 411474ce16667a31071101e9b9168d48670cdcc1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (320 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highbond-combined.aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.projects.aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accounts.aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reports.aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reports.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.projects.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accounts.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.results.aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.results.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risks.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risks.aclgrc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aclgrc.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b6af427bf000004030046304402207418abab44f03b22320a89770869249603ee94f97512381c264a2a8d5538ca8602204c255f5c1a73e6c9b69a551f8dea0f672c1d80c89d3352d37bdb650b22bcb23b00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b6af427ba000004030047304502207a455225c3b66743e10357aed0b90868b773d5b75378e68ebf41b25d32633a34022100c7fe0d273e93d6942a858ce2b243cc97ba07809bf6e513ed41757f8328bf8f89007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b6af4279d0000040300473045022100884e3f43b813a0faff0bb2273a74dd86d81c45f58682c13a80804fbd7167a8c702204c4caab9417f04b4c9c69f647b08b57c3557c75fceb75318a2f61dc10ab10505 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0067f7edfa98a2b31eda9947ae53704a3270a637c115037a0d9445f5b6c6086b69b2b2900b85889059fff9166267aa3266c22ceba1de037cceb25839340482be93346fb5193ff2eebad9f02fe16c915f56aca478a8dfb615d11654f24c589ee98b84e806b1b5f3bc1d12fce391e351c99efb622bbd3a319882ceb34bbb92d18e8fc8e55b1c334d6c2fbd06483b4f7d1544e506ba6d21aab05bfcdf86e4390988c891c0ef3d0fdebda3d7335105b459a78c6e0ff7369e212624ee0e8ccd302cf5cc409aacbc03d9c1b17f516844c822ec762e1bfc5fd679ee07b38d778336f90bc489dd0c2c768f6664f3e4bb88d5414cbce6e1f327827e11a618c3e7c4531aff9d