ult-mfe-mr-mr-389.ult-sandbox.controlant.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 06:0a:4e:81:25:a6:45:84:c1:a7:2e:eb:a8:31:fb:88 was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=ult-mfe-mr-mr-389.ult-sandbox.controlant.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 06:0a:4e:81:25:a6:45:84:c1:a7:2e:eb:a8:31:fb:88
Serial Number (int): 8028883203328848025758270058847665032
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 77:bf:c1:d9:b8:69:74:cf:89:bf:b8:bf:92:b0:8b:2c:e7:6b:c9:91
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): ba:73:67:b9:c8:9e:3c:23:29:64:0f:a2:d1:04:20:1b:91:88:98:b9
Fingerprint (sha256): 26:4a:c0:65:31:a6:24:77:4c:c0:cb:ce:d4:8e:91:4b:e9:4d:1c:dc:7a:01:b8:dd:28:dd:13:ce:eb:51:2d:b9

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate ult-mfe-mr-mr-389.ult-sandbox.controlant.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ult-mfe-mr-mr-389.ult-sandbox.controlant.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ult-mfe-mr-mr-389.ult-sandbox.controlant.com

Other certificates including the domain name controlant.com

(limited to 100 certificates)
ult-mfe-stub-mr-mr-451.ult-sandbox.controlant.com
ult-host-mr-dg.ult-sandbox.controlant.com
private.zacharyhill.dev
ui-api-mr-mr-307.ult-sandbox.controlant.com
ult-host-mr-mr-302.ult-sandbox.controlant.com
ult-host-mr-mr-307.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-303.ult-sandbox.controlant.com
ult-mfe-mr-tz.ult-sandbox.controlant.com
ult-mfe-mr-mr-306.ult-sandbox.controlant.com
private.zacharyhill.dev
controlant.com
www.feriaganaderachile.cl
private.zacharyhill.dev
ult-host-mr-mr-284.ult-sandbox.controlant.com
sharing.controlant.com
private.zacharyhill.dev
status-pre.cardiff.ac.uk
private.zacharyhill.dev
private.zacharyhill.dev
private.zacharyhill.dev
api-mr-mr-303.ult-sandbox.controlant.com
ult-mfe-mr-mr-387.ult-sandbox.controlant.com
bob.controlant.com
sharing.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
www.controlant.com
in.controlant.com
freebirdfindings.com
api-mr-mr-301.ult-sandbox.controlant.com
api-mr-mr-304.ult-sandbox.controlant.com
merck.bi.controlant.com
private.zacharyhill.dev
bi.test.controlant.com
modalforms.controlant.com
private.zacharyhill.dev
bi.live.controlant.com
ult-mfe-mr-dg.ult-sandbox.controlant.com
status-pre.cardiff.ac.uk
*.bi.dev.controlant.com
am-users.sandbox.controlant.com
api-mr-tz.ult-sandbox.controlant.com
private.zacharyhill.dev
testrail.controlant.com
private.zacharyhill.dev
testrail.controlant.com
api-mr-mr-296.ult-sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
ult-mfe-mr-dg.ult-sandbox.controlant.com
ult-mfe-mr-dg.ult-sandbox.controlant.com
private.zacharyhill.dev
ult-host-mr-mr-304.ult-sandbox.controlant.com
private.zacharyhill.dev
ult-mfe-mr-mr-311.ult-sandbox.controlant.com
ui-api-mr-mr-310.ult-sandbox.controlant.com
uat.controlant.com
confluence.controlant.com
ult-mfe-stub-mr-mr-311.ult-sandbox.controlant.com
registry-staging.tools.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
dev.controlant.com
private.zacharyhill.dev
www.controlant.com
ult-mfe-stub-mr-tz.ult-sandbox.controlant.com
in.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
ult-mfe-stub-mr-mr-301.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-310.ult-sandbox.controlant.com
in.controlant.com
flyingpaperclips.com
private.zacharyhill.dev
private.zacharyhill.dev
private.zacharyhill.dev
test.controlant.com
ult-mfe-mr-mr-310.ult-sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
testrail.controlant.com
pamacloud.auxswot.com
audit-trail-mfe.uat.controlant.com
staffmeeting.controlant.com
api-mr-mr-284.ult-sandbox.controlant.com
ult-mfe-mr-mr-385.ult-sandbox.controlant.com
test.controlant.com
private.zacharyhill.dev
search.gitlab.tools.controlant.com
ult-mfe-stub-mr-mr-389.ult-sandbox.controlant.com
confluence.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
ui-api-mr-mr-450.ult-sandbox.controlant.com
ult-mfe-mr-mr-389.ult-sandbox.controlant.com
controlant.com
private.zacharyhill.dev
ult-host-mr-mr-296.ult-sandbox.controlant.com
ult-mfe-mr-mr-450.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-390.ult-sandbox.controlant.com
ui-api-mr-mr-451.ult-sandbox.controlant.com

Certificate

The complete raw certificate details for ult-mfe-mr-mr-389.ult-sandbox.controlant.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgIQBgpOgSWmRYTBpy7rqDH7iDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MDIxMzAwMDAwMFoXDTI1MDMxMzIzNTk1OVowNzE1
MDMGA1UEAxMsdWx0LW1mZS1tci1tci0zODkudWx0LXNhbmRib3guY29udHJvbGFu
dC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtlKfb0tG65KaL
A3nkcyif+RVOGPSPOTqSXvSQadcv6nvdBDChLNCigisGbaF1eWIVrtsDktZUEhp5
6z6fhQhJ5Lr4OzOQYbxOF1XMPnBJXT2GV4ml7vnyC6/ti2G3UBIPWkU6poRV9kAQ
+KHLzVdZE33rvJgIvrED4OJGX7NdCOlzs0XpB7cj6KDfvRHWSAs7a/MG/kF6TiTR
dSnOJqOzEROu3QEWS2Ym/tKricd4jI0g6IKJ/mFV+uLwHvd9miTYK+2jGfLQl8bU
ahycVTgpBzNP+d65b4QeP9PNNjbyUfDRS/IEhIPL4RlJwuWmsH9qvF2iG0dDf79T
ZX0DHdIPAgMBAAGjggMEMIIDADAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5
euuC4jAdBgNVHQ4EFgQUd7/B2bhpdM+Jv7i/krCLLOdryZEwNwYDVR0RBDAwLoIs
dWx0LW1mZS1tci1tci0zODkudWx0LXNhbmRib3guY29udHJvbGFudC5jb20wEwYD
VR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIy
bTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0G
CCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYI
KwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAy
LmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDP
EVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY2jPafmAAAEAwBHMEUC
IQDlb5eb7Ggl91Ypsdz9cJfGPGVB+Fs84SdK9jLLVWfz5AIgUAsC+G/RqbCyb2Co
1FI8hfLV7WsW8BwzaoAYtnG5t1oAdQBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcv
o6odBxPTDAAAAY2jPaglAAAEAwBGMEQCIFdk+1rr525/eS+iyC0wpWt7pGttyJla
pd7XPv2TxkhuAiAx+zro2GG/wPOB6GsO0Vw4UpnM7f5pkKKABhhk9whjAgB2AH1Z
HhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjaM9p6wAAAQDAEcwRQIg
cJxcsQIqidc153MSl+CetJ4vFW/pkVf3exf0pXtuf+wCIQDV7rk25S5oUx+qtR69
S9dGR3YKHRpR4KW3DBb3+iNpdjANBgkqhkiG9w0BAQsFAAOCAQEABJlHzhPVmrmR
PSDcJOlfZUl4KQWX+4QuCsZf+EXHIJ30vifUH+XkDESPJrX5uHFtqdCIdNhddF0e
D7+BkwWfC8B4xyuIbm2PUX25o4wRH01JFEjkM6J8rC0a/HIDKm67Onmay6fP2OZ5
pknXI0zqFAa+QyK+mLyfES8DLDGDhnA7zfCamcpc7JxYODrVkLSoLpGv/BZl2tTZ
pexeRmt+XQGI4ytyjQ5qbK6gcr6UBOmq1/ES3xD6s5hxLnzk+tpB63tITS3QVNFp
ui55ADRDkgTL3uEKwy91R8AZx7v4TAfayL+Ytbm85e3Lp7ZKQZ9zlU5sG3Bqnnse
XyhfGrEzpg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZSn29LRuuSmiwN55HMo
n/kVThj0jzk6kl70kGnXL+p73QQwoSzQooIrBm2hdXliFa7bA5LWVBIaees+n4UI
SeS6+DszkGG8ThdVzD5wSV09hleJpe758guv7Ytht1ASD1pFOqaEVfZAEPihy81X
WRN967yYCL6xA+DiRl+zXQjpc7NF6Qe3I+ig370R1kgLO2vzBv5Bek4k0XUpziaj
sxETrt0BFktmJv7Sq4nHeIyNIOiCif5hVfri8B73fZok2Cvtoxny0JfG1GocnFU4
KQczT/neuW+EHj/TzTY28lHw0UvyBISDy+EZScLlprB/arxdohtHQ3+/U2V9Ax3S
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8028883203328848025758270058847665032
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ult-mfe-mr-mr-389.ult-sandbox.controlant.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29991783133744491697695234129269368893492504023175952183839546843159946386904023683946908310588496391498434471450992948141766999813492265610632954722259357794842144454487374688944428463899808291691004112249188642698286925706678490211974035013192465370774746034564134960893058032836937947636023364553085009944088273472547795403011656038103017631531901278035082047852431377140960384041366147777004477910420633676542778164907328827341159405845479067796542718684139148713612343995671701344590968624264894158755736674629799265746416714207995331751727051867694735748282330636535510315767153851999123236131173087519929389583
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							77bfc1d9b86974cf89bfb8bf92b08b2ce76bc991
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ult-mfe-mr-mr-389.ult-sandbox.controlant.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018da33da7e60000040300473045022100e56f979bec6825f75629b1dcfd7097c63c6541f85b3ce1274af632cb5567f3e40220500b02f86fd1a9b0b26f60a8d4523c85f2d5ed6b16f01c336a8018b671b9b75a0075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018da33da825000004030046304402205764fb5aebe76e7f792fa2c82d30a56b7ba46b6dc8995aa5ded73efd93c6486e022031fb3ae8d861bfc0f381e86b0ed15c385299ccedfe6990a280061864f70863020076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018da33da7ac00000403004730450220709c5cb1022a89d735e7731297e09eb49e2f156fe99157f77b17f4a57b6e7fec022100d5eeb936e52e68531faab51ebd4bd74647760a1d1a51e0a5b70c16f7fa236976
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00049947ce13d59ab9913d20dc24e95f654978290597fb842e0ac65ff845c7209df4be27d41fe5e40c448f26b5f9b8716da9d08874d85d745d1e0fbf8193059f0bc078c72b886e6d8f517db9a38c111f4d491448e433a27cac2d1afc72032a6ebb3a799acba7cfd8e679a649d7234cea1406be4322be98bc9f112f032c318386703bcdf09a99ca5cec9c58383ad590b4a82e91affc1665dad4d9a5ec5e466b7e5d0188e32b728d0e6a6caea072be9404e9aad7f112df10fab398712e7ce4fada41eb7b484d2dd054d169ba2e790034439204cbdee10ac32f7547c019c7bbf84c07dac8bf98b5b9bce5edcba7b64a419f73954e6c1b706a9e7b1e5f285f1ab133a6