target-builder-api.prod.services.ec2.dmtio.net
Issued by Amazon
About this certificate
This digital certificate with serial number 09:21:24:ac:9c:c7:6f:74:a2:22:a0:b6:b1:82:80:2f was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=target-builder-api.prod.services.ec2.dmtio.net
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:21:24:ac:9c:c7:6f:74:a2:22:a0:b6:b1:82:80:2fSerial Number (int): 12135141600906340185895228209627299887
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 2e:5e:3b:fd:c2:98:96:31:c2:d4:28:ef:f3:96:fc:5c:e0:88:f7:54
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 82:70:33:ac:bd:5c:0e:86:64:78:5d:ab:fb:e5:f5:a6:a3:72:a6:cd
Fingerprint (sha256): 29:ba:20:75:5c:d1:9d:88:41:1c:44:47:b5:d5:10:29:0c:71:eb:aa:1a:85:63:ee:99:46:80:f1:11:1f:90:a1
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate target-builder-api.prod.services.ec2.dmtio.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for target-builder-api.prod.services.ec2.dmtio.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
target-builder-api.prod.services.ec2.dmtio.net
Other certificates including the domain name dmtio.net
(limited to 100 certificates)
customs.services.dmtio.net
tls.backplane.io
staging-jira-p2.services.dmtio.net
coredev-cms3-service-proxy-cnn.train.services.ec2.dmtio.net
mssdoc.turner.com
deployit.services.dmtio.net
argonaut.services.dmtio.net
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
*.morgz.dmtio.net
gp.cso.warnermedia.com
*.planetdraco.net
dev.contrail.cnn.com
argonaut.dev.services.ec2.dmtio.net
mss-vault.turner.com
globalprotect.tbsbest.com
grafana-www.services.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
*.doc.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
*.doc.dmtio.net
cartoon-sayin-moderation.prod.56m.dmtio.net
coredev-capi-ptolemy.prod.services.ec2.dmtio.net
*.doc.dmtio.net
registry.services.dmtio.net
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
tbs.services.dmtio.net
s.livedata.dmtio.net
*.doc.dmtio.net
nba-drupal.int.services.ec2.dmtio.net
target-builder-api.prod.services.ec2.dmtio.net
coredev-capi-ptolemy.preview.services.ec2.dmtio.net
staging-confluence-p2.services.dmtio.net
deployit.services.dmtio.net
turnerdotcom-qa.services.dmtio.net
rancher-mss.services.cop.dmtio.net
staging-confluence-p2.services.dmtio.net
rancher-mss.services.cop.dmtio.net
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
*.doc.warnermediagroup.com
argonaut.services.dmtio.net
coredev-entertainment-dynaimage.prod.services.ec2.dmtio.net
staging-confluence-p2.services.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
coredev-tnt-dynaimage.prod.services.ec2.dmtio.net
argonaut.dev.services.ec2.dmtio.net
*.planetdraco.net
customs.services.dmtio.net
argonaut.services.dmtio.net
rancher-sox.services.56m.dmtio.net
coredev-capi-ptolemy.prod-2.services.ec2.dmtio.net
coredev-tnt-dynaimage.prod.services.ec2.dmtio.net
staging-confluence.services.dmtio.net
gp.cso.warnermedia.com
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
customs.services.dmtio.net
staging-jira-p2.services.dmtio.net
s.livedata.dmtio.net
coredev-tnt-dynaimage.prod.services.ec2.dmtio.net
gitlab.services.dmtio.net
satis.draco.services.dmtio.net
tbs.services.dmtio.net
staging-jira-p2.services.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
target-builder-api.staging.services.ec2.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
nba-teamsite-auth.services.dmtio.net
tbs.services.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
livedataint.56m.dmtio.net
argonaut.dev.services.ec2.dmtio.net
auth.services.dmtio.net
tectonic-prod.services.cop.dmtio.net
rancher-sox.services.56m.dmtio.net
poc.services.dmtio.net
helmit.services.dmtio.net
*.ca.us-east-1.dmtio.net
rancher-mss.services.56m.dmtio.net
tbs-dejavu-www.prod-editorial.services.ec2.dmtio.net
ceph-s3.services.dmtio.net
rancher-sox.services.cop.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
rancher-mss.services.56m.dmtio.net
coredev-tbs-dynaimage.prod.services.ec2.dmtio.net
livedataint.56m.dmtio.net
*.doc.warnermediagroup.com
s.livedata.dmtio.net
staging-jira-p2.services.dmtio.net
auth.services.dmtio.net
nasm1isil1.turner.com
coredev-cms3-service-proxy-cnn.prod.services.ec2.dmtio.net
auth.services.dmtio.net
idb.services.dmtio.net
satis.draco.services.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
tnt.services.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
*.doc.warnermediagroup.com
nba-teamsite-auth.services.dmtio.net
pga.morgz.dmtio.net
idb.services.dmtio.net
tls.backplane.io
staging-jira-p2.services.dmtio.net
coredev-cms3-service-proxy-cnn.train.services.ec2.dmtio.net
mssdoc.turner.com
deployit.services.dmtio.net
argonaut.services.dmtio.net
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
*.morgz.dmtio.net
gp.cso.warnermedia.com
*.planetdraco.net
dev.contrail.cnn.com
argonaut.dev.services.ec2.dmtio.net
mss-vault.turner.com
globalprotect.tbsbest.com
grafana-www.services.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
*.doc.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
*.doc.dmtio.net
cartoon-sayin-moderation.prod.56m.dmtio.net
coredev-capi-ptolemy.prod.services.ec2.dmtio.net
*.doc.dmtio.net
registry.services.dmtio.net
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
tbs.services.dmtio.net
s.livedata.dmtio.net
*.doc.dmtio.net
nba-drupal.int.services.ec2.dmtio.net
target-builder-api.prod.services.ec2.dmtio.net
coredev-capi-ptolemy.preview.services.ec2.dmtio.net
staging-confluence-p2.services.dmtio.net
deployit.services.dmtio.net
turnerdotcom-qa.services.dmtio.net
rancher-mss.services.cop.dmtio.net
staging-confluence-p2.services.dmtio.net
rancher-mss.services.cop.dmtio.net
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
*.doc.warnermediagroup.com
argonaut.services.dmtio.net
coredev-entertainment-dynaimage.prod.services.ec2.dmtio.net
staging-confluence-p2.services.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
coredev-tnt-dynaimage.prod.services.ec2.dmtio.net
argonaut.dev.services.ec2.dmtio.net
*.planetdraco.net
customs.services.dmtio.net
argonaut.services.dmtio.net
rancher-sox.services.56m.dmtio.net
coredev-capi-ptolemy.prod-2.services.ec2.dmtio.net
coredev-tnt-dynaimage.prod.services.ec2.dmtio.net
staging-confluence.services.dmtio.net
gp.cso.warnermedia.com
coredev-cnn-dynaimage.prod.services.ec2.dmtio.net
customs.services.dmtio.net
staging-jira-p2.services.dmtio.net
s.livedata.dmtio.net
coredev-tnt-dynaimage.prod.services.ec2.dmtio.net
gitlab.services.dmtio.net
satis.draco.services.dmtio.net
tbs.services.dmtio.net
staging-jira-p2.services.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
target-builder-api.staging.services.ec2.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
nba-teamsite-auth.services.dmtio.net
tbs.services.dmtio.net
cnnmoney-section-content-service.prod.services.ec2.dmtio.net
livedataint.56m.dmtio.net
argonaut.dev.services.ec2.dmtio.net
auth.services.dmtio.net
tectonic-prod.services.cop.dmtio.net
rancher-sox.services.56m.dmtio.net
poc.services.dmtio.net
helmit.services.dmtio.net
*.ca.us-east-1.dmtio.net
rancher-mss.services.56m.dmtio.net
tbs-dejavu-www.prod-editorial.services.ec2.dmtio.net
ceph-s3.services.dmtio.net
rancher-sox.services.cop.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
rancher-mss.services.56m.dmtio.net
coredev-tbs-dynaimage.prod.services.ec2.dmtio.net
livedataint.56m.dmtio.net
*.doc.warnermediagroup.com
s.livedata.dmtio.net
staging-jira-p2.services.dmtio.net
auth.services.dmtio.net
nasm1isil1.turner.com
coredev-cms3-service-proxy-cnn.prod.services.ec2.dmtio.net
auth.services.dmtio.net
idb.services.dmtio.net
satis.draco.services.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
tnt.services.dmtio.net
coredev-nba-dynaimage.prod.services.ec2.dmtio.net
*.doc.warnermediagroup.com
nba-teamsite-auth.services.dmtio.net
pga.morgz.dmtio.net
idb.services.dmtio.net
Certificate
The complete raw certificate details for target-builder-api.prod.services.ec2.dmtio.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEsjCCA5qgAwIBAgIQCSEkrJzHb3SiIqC2sYKALzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODEwMTkwMDAwMDBaFw0xOTExMTkx MjAwMDBaMDkxNzA1BgNVBAMTLnRhcmdldC1idWlsZGVyLWFwaS5wcm9kLnNlcnZp Y2VzLmVjMi5kbXRpby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTB9e2qZ+bQdi3V7T5+qa15QXu29I5vCGfK3r+PFp6pU4ECYnNxcEjE6bEQTG4 lCXniZslrPQOQS9EJEFrRd3dhQ0j7r3NP0DDD4kJICTYNQgex6KWPmUs0FUb4fKJ bkq+iKLyKBlDX48edNlIddH5rxB/bOTqv4G5pvEM06YnyhY/12Ij/HUkm8Oi7OfH gvTMloqz7YjZDAn1rwgOVCbriY+xJUkLFigKfzkbFzNhmmuVfiq/YDGhcostUwFq K+A0XDgFs11FaVJK+BWNdeWL3IrE0aar4jHcV5nN/QE1ySYJ2QjaefWKmKCulRpa HivQ52RiuqV2dt+dQHJXx+7hAgMBAAGjggGnMIIBozAfBgNVHSMEGDAWgBRZpGYG UqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQULl47/cKYljHC1Cjv85b8XOCI91Qw OQYDVR0RBDIwMIIudGFyZ2V0LWJ1aWxkZXItYXBpLnByb2Quc2VydmljZXMuZWMy LmRtdGlvLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1h em9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAI BgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2Nz cC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQu c2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMBMG CisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA882OqenMyhgaD lfAUWv27de3Zh0FSf4qSZ6lsGHMT94TFH3XwjxpgA5jwGcsX2mMOPzsg1Cvd/2Qy 1ZOWK4DamHqbdQOKCaBVweN1wUAMOc6iSnFqobakhU7xR0P9nNILFxcFFId/B6K+ SGI/E85y9BKHsjpc4S8SefB9zsL54OlS6VMvheT/21aG8pFH9yU2ptvMDjd98cTj aGLrvycBNpBdjIBP5liBWiK0umwsECLSqCWYLTvvUxjMrm86XOG701lMaw+gxQ5M pZufhJ0w1UqLe2AA7yXlmRQ12vReqYFlvYAyT/dVf6Wa8n9fSJ0502l5xmbfsaOp acJWO0yt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wfXtqmfm0HYt1e0+fqm teUF7tvSObwhnyt6/jxaeqVOBAmJzcXBIxOmxEExuJQl54mbJaz0DkEvRCRBa0Xd 3YUNI+69zT9Aww+JCSAk2DUIHseilj5lLNBVG+HyiW5Kvoii8igZQ1+PHnTZSHXR +a8Qf2zk6r+BuabxDNOmJ8oWP9diI/x1JJvDouznx4L0zJaKs+2I2QwJ9a8IDlQm 64mPsSVJCxYoCn85GxczYZprlX4qv2AxoXKLLVMBaivgNFw4BbNdRWlSSvgVjXXl i9yKxNGmq+Ix3FeZzf0BNckmCdkI2nn1ipigrpUaWh4r0OdkYrqldnbfnUByV8fu 4QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12135141600906340185895228209627299887 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-19 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'target-builder-api.prod.services.ec2.dmtio.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26640149693302662777712386699493118644579969120381715501952555235768014369998871665521439757303274020994648523928526497758241713259725123422339174171017246942523399015906106998378626065449953413132412709234998865222691287422789555761117226785304163549587834420289543239616635456493644786142282801523936011469228571851883857787012082452728055878984965798450304877168888533728067796156547574715135429865324551189984401570915750672803649263411506244857318565044331437629491313150227035072486682945118360949965679496953403309103941830904939275296531944832687716550965324211634840305031609371754885770727025763226982280929 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2e5e3bfdc2989631c2d428eff396fc5ce088f754 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'target-builder-api.prod.services.ec2.dmtio.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003cf363aa7a733286068395f0145afdbb75edd98741527f8a9267a96c187313f784c51f75f08f1a600398f019cb17da630e3f3b20d42bddff6432d593962b80da987a9b75038a09a055c1e375c1400c39cea24a716aa1b6a4854ef14743fd9cd20b17170514877f07a2be48623f13ce72f41287b23a5ce12f1279f07dcec2f9e0e952e9532f85e4ffdb5686f29147f72536a6dbcc0e377df1c4e36862ebbf270136905d8c804fe658815a22b4ba6c2c1022d2a825982d3bef5318ccae6f3a5ce1bbd3594c6b0fa0c50e4ca59b9f849d30d54a8b7b6000ef25e5991435daf45ea98165bd80324ff7557fa59af27f5f489d39d36979c666dfb1a3a969c2563b4cad